devise 2.1.2 → 3.5.10
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/.travis.yml +39 -10
- data/.yardopts +9 -0
- data/{CHANGELOG.rdoc → CHANGELOG.md} +445 -112
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +16 -0
- data/Gemfile +10 -15
- data/Gemfile.lock +151 -129
- data/MIT-LICENSE +1 -1
- data/README.md +256 -96
- data/Rakefile +4 -2
- data/app/controllers/devise/confirmations_controller.rb +15 -7
- data/app/controllers/devise/omniauth_callbacks_controller.rb +6 -2
- data/app/controllers/devise/passwords_controller.rb +33 -9
- data/app/controllers/devise/registrations_controller.rb +66 -26
- data/app/controllers/devise/sessions_controller.rb +52 -21
- data/app/controllers/devise/unlocks_controller.rb +11 -6
- data/app/controllers/devise_controller.rb +65 -58
- data/app/helpers/devise_helper.rb +2 -2
- data/app/mailers/devise/mailer.rb +19 -10
- data/app/views/devise/confirmations/new.html.erb +8 -4
- data/app/views/devise/mailer/confirmation_instructions.html.erb +2 -2
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +2 -2
- data/app/views/devise/mailer/unlock_instructions.html.erb +2 -2
- data/app/views/devise/passwords/edit.html.erb +15 -6
- data/app/views/devise/passwords/new.html.erb +8 -4
- data/app/views/devise/registrations/edit.html.erb +29 -15
- data/app/views/devise/registrations/new.html.erb +19 -8
- data/app/views/devise/sessions/new.html.erb +17 -8
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +4 -4
- data/app/views/devise/unlocks/new.html.erb +8 -4
- data/config/locales/en.yml +51 -47
- data/devise.gemspec +8 -6
- data/devise.png +0 -0
- data/gemfiles/Gemfile.rails-3.2-stable +29 -0
- data/gemfiles/Gemfile.rails-3.2-stable.lock +172 -0
- data/gemfiles/Gemfile.rails-4.0-stable +30 -0
- data/gemfiles/Gemfile.rails-4.0-stable.lock +166 -0
- data/gemfiles/Gemfile.rails-4.1-stable +30 -0
- data/gemfiles/Gemfile.rails-4.1-stable.lock +171 -0
- data/gemfiles/Gemfile.rails-4.2-stable +30 -0
- data/gemfiles/Gemfile.rails-4.2-stable.lock +193 -0
- data/lib/devise/controllers/helpers.rb +126 -108
- data/lib/devise/controllers/rememberable.rb +19 -17
- data/lib/devise/controllers/scoped_views.rb +1 -1
- data/lib/devise/controllers/sign_in_out.rb +96 -0
- data/lib/devise/controllers/store_location.rb +58 -0
- data/lib/devise/controllers/url_helpers.rb +7 -7
- data/lib/devise/encryptor.rb +22 -0
- data/lib/devise/failure_app.rb +85 -25
- data/lib/devise/hooks/activatable.rb +5 -6
- data/lib/devise/hooks/csrf_cleaner.rb +7 -0
- data/lib/devise/hooks/forgetable.rb +1 -1
- data/lib/devise/hooks/lockable.rb +2 -2
- data/lib/devise/hooks/proxy.rb +21 -0
- data/lib/devise/hooks/rememberable.rb +5 -4
- data/lib/devise/hooks/timeoutable.rb +16 -8
- data/lib/devise/hooks/trackable.rb +1 -1
- data/lib/devise/mailers/helpers.rb +27 -23
- data/lib/devise/mapping.rb +11 -7
- data/lib/devise/models/authenticatable.rb +82 -66
- data/lib/devise/models/confirmable.rb +142 -55
- data/lib/devise/models/database_authenticatable.rb +59 -15
- data/lib/devise/models/lockable.rb +41 -30
- data/lib/devise/models/omniauthable.rb +3 -3
- data/lib/devise/models/recoverable.rb +56 -41
- data/lib/devise/models/rememberable.rb +65 -27
- data/lib/devise/models/timeoutable.rb +2 -8
- data/lib/devise/models/trackable.rb +6 -4
- data/lib/devise/models/validatable.rb +9 -9
- data/lib/devise/models.rb +4 -13
- data/lib/devise/modules.rb +10 -11
- data/lib/devise/omniauth/url_helpers.rb +2 -2
- data/lib/devise/orm/active_record.rb +1 -1
- data/lib/devise/orm/mongoid.rb +1 -1
- data/lib/devise/{param_filter.rb → parameter_filter.rb} +10 -11
- data/lib/devise/parameter_sanitizer.rb +99 -0
- data/lib/devise/rails/routes.rb +173 -115
- data/lib/devise/rails/warden_compat.rb +10 -31
- data/lib/devise/rails.rb +14 -12
- data/lib/devise/strategies/authenticatable.rb +26 -26
- data/lib/devise/strategies/base.rb +1 -1
- data/lib/devise/strategies/database_authenticatable.rb +8 -4
- data/lib/devise/strategies/rememberable.rb +15 -5
- data/lib/devise/test_helpers.rb +7 -5
- data/lib/devise/time_inflector.rb +14 -0
- data/lib/devise/token_generator.rb +70 -0
- data/lib/devise/version.rb +1 -1
- data/lib/devise.rb +110 -52
- data/lib/generators/active_record/devise_generator.rb +34 -18
- data/lib/generators/active_record/templates/migration.rb +5 -6
- data/lib/generators/active_record/templates/migration_existing.rb +5 -6
- data/lib/generators/devise/controllers_generator.rb +44 -0
- data/lib/generators/devise/devise_generator.rb +5 -3
- data/lib/generators/devise/install_generator.rb +5 -0
- data/lib/generators/devise/orm_helpers.rb +25 -6
- data/lib/generators/devise/views_generator.rb +52 -22
- data/lib/generators/mongoid/devise_generator.rb +21 -26
- data/lib/generators/templates/README +9 -5
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +28 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +28 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +32 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +60 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +25 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +28 -0
- data/lib/generators/templates/devise.rb +80 -43
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +2 -2
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +2 -2
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +3 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +11 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +3 -2
- data/script/cached-bundle +49 -0
- data/script/s3-put +71 -0
- data/test/controllers/custom_registrations_controller_test.rb +40 -0
- data/test/controllers/helper_methods_test.rb +21 -0
- data/test/controllers/helpers_test.rb +95 -32
- data/test/controllers/inherited_controller_i18n_messages_test.rb +51 -0
- data/test/controllers/internal_helpers_test.rb +39 -14
- data/test/controllers/load_hooks_controller_test.rb +19 -0
- data/test/controllers/passwords_controller_test.rb +31 -0
- data/test/controllers/sessions_controller_test.rb +66 -6
- data/test/controllers/url_helpers_test.rb +10 -4
- data/test/delegator_test.rb +1 -1
- data/test/devise_test.rb +45 -10
- data/test/failure_app_test.rb +121 -27
- data/test/generators/active_record_generator_test.rb +48 -8
- data/test/generators/controllers_generator_test.rb +48 -0
- data/test/generators/devise_generator_test.rb +2 -2
- data/test/generators/mongoid_generator_test.rb +3 -3
- data/test/generators/views_generator_test.rb +54 -3
- data/test/helpers/devise_helper_test.rb +18 -20
- data/test/integration/authenticatable_test.rb +161 -65
- data/test/integration/confirmable_test.rb +146 -77
- data/test/integration/database_authenticatable_test.rb +43 -30
- data/test/integration/http_authenticatable_test.rb +30 -22
- data/test/integration/lockable_test.rb +64 -49
- data/test/integration/omniauthable_test.rb +17 -15
- data/test/integration/recoverable_test.rb +111 -70
- data/test/integration/registerable_test.rb +114 -79
- data/test/integration/rememberable_test.rb +87 -31
- data/test/integration/timeoutable_test.rb +77 -33
- data/test/integration/trackable_test.rb +5 -5
- data/test/mailers/confirmation_instructions_test.rb +28 -8
- data/test/mailers/reset_password_instructions_test.rb +21 -8
- data/test/mailers/unlock_instructions_test.rb +20 -6
- data/test/mapping_test.rb +12 -5
- data/test/models/authenticatable_test.rb +17 -1
- data/test/models/confirmable_test.rb +216 -62
- data/test/models/database_authenticatable_test.rb +129 -49
- data/test/models/lockable_test.rb +132 -45
- data/test/models/recoverable_test.rb +100 -54
- data/test/models/rememberable_test.rb +89 -94
- data/test/models/serializable_test.rb +12 -11
- data/test/models/timeoutable_test.rb +6 -1
- data/test/models/trackable_test.rb +28 -0
- data/test/models/validatable_test.rb +31 -21
- data/test/models_test.rb +22 -48
- data/test/omniauth/config_test.rb +4 -4
- data/test/omniauth/url_helpers_test.rb +7 -4
- data/test/orm/active_record.rb +1 -0
- data/test/orm/mongoid.rb +2 -3
- data/test/parameter_sanitizer_test.rb +81 -0
- data/test/rails_app/Rakefile +0 -4
- data/test/rails_app/app/active_record/shim.rb +1 -1
- data/test/rails_app/app/active_record/user_on_engine.rb +7 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +7 -0
- data/test/rails_app/app/active_record/user_without_email.rb +8 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +1 -1
- data/test/rails_app/app/controllers/admins_controller.rb +0 -5
- data/test/rails_app/app/controllers/application_controller.rb +6 -2
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +30 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +31 -0
- data/test/rails_app/app/controllers/home_controller.rb +1 -1
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +1 -1
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +1 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +4 -4
- data/test/rails_app/app/controllers/users_controller.rb +12 -4
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +3 -0
- data/test/rails_app/app/mailers/users/mailer.rb +1 -1
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +4 -0
- data/test/rails_app/app/mongoid/admin.rb +12 -10
- data/test/rails_app/app/mongoid/shim.rb +4 -5
- data/test/rails_app/app/mongoid/user.rb +19 -22
- data/test/rails_app/app/mongoid/user_on_engine.rb +39 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +39 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +33 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/home/index.html.erb +1 -1
- data/test/rails_app/app/views/home/join.html.erb +1 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/app/views/users/edit_form.html.erb +1 -0
- data/test/rails_app/bin/bundle +3 -0
- data/test/rails_app/bin/rails +4 -0
- data/test/rails_app/bin/rake +4 -0
- data/test/rails_app/config/application.rb +4 -5
- data/test/rails_app/config/boot.rb +9 -3
- data/test/rails_app/config/environment.rb +2 -2
- data/test/rails_app/config/environments/development.rb +19 -7
- data/test/rails_app/config/environments/production.rb +68 -17
- data/test/rails_app/config/environments/test.rb +24 -16
- data/test/rails_app/config/initializers/devise.rb +22 -20
- data/test/rails_app/config/initializers/secret_token.rb +8 -2
- data/test/rails_app/config/initializers/session_store.rb +1 -0
- data/test/rails_app/config/routes.rb +71 -46
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +9 -12
- data/test/rails_app/db/schema.rb +21 -18
- data/test/rails_app/lib/shared_admin.rb +7 -4
- data/test/rails_app/lib/shared_user.rb +6 -3
- data/test/rails_app/lib/shared_user_without_email.rb +26 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +13 -0
- data/test/rails_test.rb +9 -0
- data/test/routes_test.rb +94 -78
- data/test/support/action_controller/record_identifier.rb +10 -0
- data/test/support/assertions.rb +2 -3
- data/test/support/helpers.rb +18 -32
- data/test/support/integration.rb +17 -16
- data/test/support/locale/en.yml +4 -0
- data/test/support/mongoid.yml +6 -0
- data/test/test_helper.rb +8 -1
- data/test/test_helpers_test.rb +64 -20
- data/test/test_models.rb +33 -0
- data/test/time_helpers.rb +137 -0
- metadata +172 -51
- data/app/views/devise/_links.erb +0 -3
- data/gemfiles/Gemfile.rails-3.1.x +0 -35
- data/gemfiles/Gemfile.rails-3.1.x.lock +0 -167
- data/lib/devise/models/token_authenticatable.rb +0 -77
- data/lib/devise/strategies/token_authenticatable.rb +0 -56
- data/test/indifferent_hash.rb +0 -33
- data/test/integration/token_authenticatable_test.rb +0 -161
- data/test/models/token_authenticatable_test.rb +0 -55
- data/test/rails_app/script/rails +0 -10
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'test_helper'
|
2
2
|
|
3
|
-
class PasswordTest <
|
3
|
+
class PasswordTest < ActionDispatch::IntegrationTest
|
4
4
|
|
5
5
|
def visit_new_password_path
|
6
6
|
visit new_user_session_path
|
@@ -12,48 +12,55 @@ class PasswordTest < ActionController::IntegrationTest
|
|
12
12
|
assert_response :success
|
13
13
|
assert_not warden.authenticated?(:user)
|
14
14
|
|
15
|
-
fill_in 'email', :
|
15
|
+
fill_in 'email', with: 'user@test.com'
|
16
16
|
yield if block_given?
|
17
|
+
|
18
|
+
Devise.stubs(:friendly_token).returns("abcdef")
|
17
19
|
click_button 'Send me reset password instructions'
|
18
20
|
end
|
19
21
|
|
20
22
|
def reset_password(options={}, &block)
|
21
|
-
|
22
|
-
|
23
|
+
unless options[:visit] == false
|
24
|
+
visit edit_user_password_path(reset_password_token: options[:reset_password_token] || "abcdef")
|
25
|
+
assert_response :success
|
26
|
+
end
|
23
27
|
|
24
|
-
fill_in 'New password', :
|
25
|
-
fill_in 'Confirm new password', :
|
28
|
+
fill_in 'New password', with: '987654321'
|
29
|
+
fill_in 'Confirm new password', with: '987654321'
|
26
30
|
yield if block_given?
|
27
31
|
click_button 'Change my password'
|
28
32
|
end
|
29
33
|
|
30
34
|
test 'reset password with email of different case should succeed when email is in the list of case insensitive keys' do
|
31
|
-
create_user(:
|
35
|
+
create_user(email: 'Foo@Bar.com')
|
32
36
|
|
33
37
|
request_forgot_password do
|
34
|
-
fill_in 'email', :
|
38
|
+
fill_in 'email', with: 'foo@bar.com'
|
35
39
|
end
|
36
40
|
|
37
41
|
assert_current_url '/users/sign_in'
|
38
|
-
assert_contain 'You will receive an email with instructions
|
42
|
+
assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
|
39
43
|
end
|
40
44
|
|
41
45
|
test 'reset password with email should send an email from a custom mailer' do
|
42
|
-
create_user(:
|
46
|
+
create_user(email: 'Foo@Bar.com')
|
43
47
|
|
44
48
|
User.any_instance.stubs(:devise_mailer).returns(Users::Mailer)
|
45
49
|
request_forgot_password do
|
46
|
-
fill_in 'email', :
|
50
|
+
fill_in 'email', with: 'foo@bar.com'
|
47
51
|
end
|
48
|
-
|
52
|
+
|
53
|
+
mail = ActionMailer::Base.deliveries.last
|
54
|
+
assert_equal ['custom@example.com'], mail.from
|
55
|
+
assert_match edit_user_password_path(reset_password_token: 'abcdef'), mail.body.encoded
|
49
56
|
end
|
50
57
|
|
51
58
|
test 'reset password with email of different case should fail when email is NOT the list of case insensitive keys' do
|
52
|
-
swap Devise, :
|
53
|
-
create_user(:
|
59
|
+
swap Devise, case_insensitive_keys: [] do
|
60
|
+
create_user(email: 'Foo@Bar.com')
|
54
61
|
|
55
62
|
request_forgot_password do
|
56
|
-
fill_in 'email', :
|
63
|
+
fill_in 'email', with: 'foo@bar.com'
|
57
64
|
end
|
58
65
|
|
59
66
|
assert_response :success
|
@@ -64,22 +71,22 @@ class PasswordTest < ActionController::IntegrationTest
|
|
64
71
|
end
|
65
72
|
|
66
73
|
test 'reset password with email with extra whitespace should succeed when email is in the list of strip whitespace keys' do
|
67
|
-
create_user(:
|
74
|
+
create_user(email: 'foo@bar.com')
|
68
75
|
|
69
76
|
request_forgot_password do
|
70
|
-
fill_in 'email', :
|
77
|
+
fill_in 'email', with: ' foo@bar.com '
|
71
78
|
end
|
72
79
|
|
73
80
|
assert_current_url '/users/sign_in'
|
74
|
-
assert_contain 'You will receive an email with instructions
|
81
|
+
assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
|
75
82
|
end
|
76
83
|
|
77
84
|
test 'reset password with email with extra whitespace should fail when email is NOT the list of strip whitespace keys' do
|
78
|
-
swap Devise, :
|
79
|
-
create_user(:
|
85
|
+
swap Devise, strip_whitespace_keys: [] do
|
86
|
+
create_user(email: 'foo@bar.com')
|
80
87
|
|
81
88
|
request_forgot_password do
|
82
|
-
fill_in 'email', :
|
89
|
+
fill_in 'email', with: ' foo@bar.com '
|
83
90
|
end
|
84
91
|
|
85
92
|
assert_response :success
|
@@ -104,12 +111,12 @@ class PasswordTest < ActionController::IntegrationTest
|
|
104
111
|
request_forgot_password
|
105
112
|
|
106
113
|
assert_current_url '/users/sign_in'
|
107
|
-
assert_contain 'You will receive an email with instructions
|
114
|
+
assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
|
108
115
|
end
|
109
116
|
|
110
117
|
test 'not authenticated user with invalid email should receive an error message' do
|
111
118
|
request_forgot_password do
|
112
|
-
fill_in 'email', :
|
119
|
+
fill_in 'email', with: 'invalid.test@test.com'
|
113
120
|
end
|
114
121
|
|
115
122
|
assert_response :success
|
@@ -132,9 +139,9 @@ class PasswordTest < ActionController::IntegrationTest
|
|
132
139
|
assert_redirected_to "/users/sign_in"
|
133
140
|
end
|
134
141
|
|
135
|
-
test 'not authenticated user with invalid reset password token should not be able to change
|
142
|
+
test 'not authenticated user with invalid reset password token should not be able to change their password' do
|
136
143
|
user = create_user
|
137
|
-
reset_password :
|
144
|
+
reset_password reset_password_token: 'invalid_reset_password'
|
138
145
|
|
139
146
|
assert_response :success
|
140
147
|
assert_current_url '/users/password'
|
@@ -143,108 +150,142 @@ class PasswordTest < ActionController::IntegrationTest
|
|
143
150
|
assert_not user.reload.valid_password?('987654321')
|
144
151
|
end
|
145
152
|
|
146
|
-
test 'not authenticated user with valid reset password token but invalid password should not be able to change
|
153
|
+
test 'not authenticated user with valid reset password token but invalid password should not be able to change their password' do
|
147
154
|
user = create_user
|
148
155
|
request_forgot_password
|
149
|
-
reset_password
|
150
|
-
fill_in 'Confirm new password', :
|
156
|
+
reset_password do
|
157
|
+
fill_in 'Confirm new password', with: 'other_password'
|
151
158
|
end
|
152
159
|
|
153
160
|
assert_response :success
|
154
161
|
assert_current_url '/users/password'
|
155
162
|
assert_have_selector '#error_explanation'
|
156
|
-
assert_contain
|
163
|
+
assert_contain Devise.rails4? ?
|
164
|
+
"Password confirmation doesn't match Password" : "Password doesn't match confirmation"
|
157
165
|
assert_not user.reload.valid_password?('987654321')
|
158
166
|
end
|
159
167
|
|
160
|
-
test 'not authenticated user with valid data should be able to change
|
168
|
+
test 'not authenticated user with valid data should be able to change their password' do
|
161
169
|
user = create_user
|
162
170
|
request_forgot_password
|
163
|
-
reset_password
|
171
|
+
reset_password
|
164
172
|
|
165
173
|
assert_current_url '/'
|
166
|
-
assert_contain 'Your password
|
174
|
+
assert_contain 'Your password has been changed successfully. You are now signed in.'
|
167
175
|
assert user.reload.valid_password?('987654321')
|
168
176
|
end
|
169
177
|
|
170
|
-
test 'after entering invalid data user should still be able to change
|
178
|
+
test 'after entering invalid data user should still be able to change their password' do
|
171
179
|
user = create_user
|
172
180
|
request_forgot_password
|
173
|
-
|
174
|
-
|
175
|
-
end
|
181
|
+
|
182
|
+
reset_password { fill_in 'Confirm new password', with: 'other_password' }
|
176
183
|
assert_response :success
|
177
184
|
assert_have_selector '#error_explanation'
|
178
185
|
assert_not user.reload.valid_password?('987654321')
|
179
186
|
|
180
|
-
reset_password :
|
181
|
-
assert_contain 'Your password
|
187
|
+
reset_password visit: false
|
188
|
+
assert_contain 'Your password has been changed successfully.'
|
182
189
|
assert user.reload.valid_password?('987654321')
|
183
190
|
end
|
184
191
|
|
185
192
|
test 'sign in user automatically after changing its password' do
|
186
|
-
|
193
|
+
create_user
|
187
194
|
request_forgot_password
|
188
|
-
reset_password
|
195
|
+
reset_password
|
189
196
|
|
190
197
|
assert warden.authenticated?(:user)
|
191
198
|
end
|
192
199
|
|
193
|
-
test 'does not sign in user automatically after changing its password if
|
194
|
-
|
195
|
-
|
196
|
-
|
200
|
+
test 'does not sign in user automatically after changing its password if config.sign_in_after_reset_password is false' do
|
201
|
+
swap Devise, sign_in_after_reset_password: false do
|
202
|
+
create_user
|
203
|
+
request_forgot_password
|
204
|
+
reset_password
|
197
205
|
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
206
|
+
assert_contain 'Your password has been changed successfully.'
|
207
|
+
assert_not_contain 'You are now signed in.'
|
208
|
+
assert_equal new_user_session_path, @request.path
|
209
|
+
assert !warden.authenticated?(:user)
|
210
|
+
end
|
202
211
|
end
|
203
212
|
|
204
|
-
test 'sign in user automatically
|
205
|
-
|
206
|
-
|
207
|
-
|
213
|
+
test 'does not sign in user automatically after changing its password if it\'s locked and unlock strategy is :none or :time' do
|
214
|
+
[:none, :time].each do |strategy|
|
215
|
+
swap Devise, unlock_strategy: strategy do
|
216
|
+
user = create_user(locked: true)
|
217
|
+
request_forgot_password
|
218
|
+
reset_password
|
219
|
+
|
220
|
+
assert_contain 'Your password has been changed successfully.'
|
221
|
+
assert_not_contain 'You are now signed in.'
|
222
|
+
assert_equal new_user_session_path, @request.path
|
223
|
+
assert !warden.authenticated?(:user)
|
224
|
+
end
|
225
|
+
end
|
226
|
+
end
|
208
227
|
|
209
|
-
|
210
|
-
|
228
|
+
test 'unlocks and signs in locked user automatically after changing it\'s password if unlock strategy is :email' do
|
229
|
+
swap Devise, unlock_strategy: :email do
|
230
|
+
user = create_user(locked: true)
|
231
|
+
request_forgot_password
|
232
|
+
reset_password
|
233
|
+
|
234
|
+
assert_contain 'Your password has been changed successfully.'
|
235
|
+
assert !user.reload.access_locked?
|
236
|
+
assert warden.authenticated?(:user)
|
237
|
+
end
|
238
|
+
end
|
239
|
+
|
240
|
+
test 'unlocks and signs in locked user automatically after changing it\'s password if unlock strategy is :both' do
|
241
|
+
swap Devise, unlock_strategy: :both do
|
242
|
+
user = create_user(locked: true)
|
243
|
+
request_forgot_password
|
244
|
+
reset_password
|
245
|
+
|
246
|
+
assert_contain 'Your password has been changed successfully.'
|
247
|
+
assert !user.reload.access_locked?
|
248
|
+
assert warden.authenticated?(:user)
|
249
|
+
end
|
211
250
|
end
|
212
251
|
|
213
252
|
test 'reset password request with valid E-Mail in XML format should return valid response' do
|
214
253
|
create_user
|
215
|
-
post user_password_path(:
|
254
|
+
post user_password_path(format: 'xml'), user: {email: "user@test.com"}
|
216
255
|
assert_response :success
|
217
256
|
assert_equal response.body, { }.to_xml
|
218
257
|
end
|
219
258
|
|
220
259
|
test 'reset password request with invalid E-Mail in XML format should return valid response' do
|
221
260
|
create_user
|
222
|
-
post user_password_path(:
|
261
|
+
post user_password_path(format: 'xml'), user: {email: "invalid.test@test.com"}
|
223
262
|
assert_response :unprocessable_entity
|
224
263
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
225
264
|
end
|
226
265
|
|
227
266
|
test 'reset password request with invalid E-Mail in XML format should return empty and valid response' do
|
228
|
-
swap Devise, :
|
267
|
+
swap Devise, paranoid: true do
|
229
268
|
create_user
|
230
|
-
post user_password_path(:
|
269
|
+
post user_password_path(format: 'xml'), user: {email: "invalid@test.com"}
|
231
270
|
assert_response :success
|
232
271
|
assert_equal response.body, { }.to_xml
|
233
272
|
end
|
234
273
|
end
|
235
274
|
|
236
275
|
test 'change password with valid parameters in XML format should return valid response' do
|
237
|
-
|
276
|
+
create_user
|
238
277
|
request_forgot_password
|
239
|
-
put user_password_path(:
|
278
|
+
put user_password_path(format: 'xml'), user: {
|
279
|
+
reset_password_token: 'abcdef', password: '987654321', password_confirmation: '987654321'
|
280
|
+
}
|
240
281
|
assert_response :success
|
241
282
|
assert warden.authenticated?(:user)
|
242
283
|
end
|
243
284
|
|
244
285
|
test 'change password with invalid token in XML format should return invalid response' do
|
245
|
-
|
286
|
+
create_user
|
246
287
|
request_forgot_password
|
247
|
-
put user_password_path(:
|
288
|
+
put user_password_path(format: 'xml'), user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'}
|
248
289
|
assert_response :unprocessable_entity
|
249
290
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
250
291
|
end
|
@@ -252,24 +293,24 @@ class PasswordTest < ActionController::IntegrationTest
|
|
252
293
|
test 'change password with invalid new password in XML format should return invalid response' do
|
253
294
|
user = create_user
|
254
295
|
request_forgot_password
|
255
|
-
put user_password_path(:
|
296
|
+
put user_password_path(format: 'xml'), user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'}
|
256
297
|
assert_response :unprocessable_entity
|
257
298
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
258
299
|
end
|
259
300
|
|
260
301
|
test "when using json requests to ask a confirmable request, should not return the object" do
|
261
|
-
user = create_user(:
|
302
|
+
user = create_user(confirm: false)
|
262
303
|
|
263
|
-
post user_password_path(:
|
304
|
+
post user_password_path(format: :json), user: { email: user.email }
|
264
305
|
|
265
306
|
assert_response :success
|
266
307
|
assert_equal response.body, "{}"
|
267
308
|
end
|
268
309
|
|
269
310
|
test "when in paranoid mode and with an invalid e-mail, asking to reset a password should display a message that does not indicates that the e-mail does not exists in the database" do
|
270
|
-
swap Devise, :
|
311
|
+
swap Devise, paranoid: true do
|
271
312
|
visit_new_password_path
|
272
|
-
fill_in "email", :
|
313
|
+
fill_in "email", with: "arandomemail@test.com"
|
273
314
|
click_button 'Send me reset password instructions'
|
274
315
|
|
275
316
|
assert_not_contain "1 error prohibited this user from being saved:"
|
@@ -280,10 +321,10 @@ class PasswordTest < ActionController::IntegrationTest
|
|
280
321
|
end
|
281
322
|
|
282
323
|
test "when in paranoid mode and with a valid e-mail, asking to reset password should display a message that does not indicates that the email exists in the database and redirect to the failure route" do
|
283
|
-
swap Devise, :
|
324
|
+
swap Devise, paranoid: true do
|
284
325
|
user = create_user
|
285
326
|
visit_new_password_path
|
286
|
-
fill_in 'email', :
|
327
|
+
fill_in 'email', with: user.email
|
287
328
|
click_button 'Send me reset password instructions'
|
288
329
|
|
289
330
|
assert_contain "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
|
@@ -297,7 +338,7 @@ class PasswordTest < ActionController::IntegrationTest
|
|
297
338
|
|
298
339
|
assert_equal 10, user.failed_attempts
|
299
340
|
request_forgot_password
|
300
|
-
reset_password
|
341
|
+
reset_password
|
301
342
|
|
302
343
|
assert warden.authenticated?(:user)
|
303
344
|
user.reload
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'test_helper'
|
2
2
|
|
3
|
-
class RegistrationTest <
|
3
|
+
class RegistrationTest < ActionDispatch::IntegrationTest
|
4
4
|
|
5
5
|
test 'a guest admin should be able to sign in successfully' do
|
6
6
|
get new_admin_session_path
|
@@ -8,16 +8,16 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
8
8
|
|
9
9
|
assert_template 'registrations/new'
|
10
10
|
|
11
|
-
fill_in 'email', :
|
12
|
-
fill_in 'password', :
|
13
|
-
fill_in 'password confirmation', :
|
11
|
+
fill_in 'email', with: 'new_user@test.com'
|
12
|
+
fill_in 'password', with: 'new_user123'
|
13
|
+
fill_in 'password confirmation', with: 'new_user123'
|
14
14
|
click_button 'Sign up'
|
15
15
|
|
16
16
|
assert_contain 'You have signed up successfully'
|
17
17
|
assert warden.authenticated?(:admin)
|
18
18
|
assert_current_url "/admin_area/home"
|
19
19
|
|
20
|
-
admin = Admin.
|
20
|
+
admin = Admin.to_adapter.find_first(order: [:id, :desc])
|
21
21
|
assert_equal admin.email, 'new_user@test.com'
|
22
22
|
end
|
23
23
|
|
@@ -26,9 +26,9 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
26
26
|
get new_admin_session_path
|
27
27
|
click_link 'Sign up'
|
28
28
|
|
29
|
-
fill_in 'email', :
|
30
|
-
fill_in 'password', :
|
31
|
-
fill_in 'password confirmation', :
|
29
|
+
fill_in 'email', with: 'new_user@test.com'
|
30
|
+
fill_in 'password', with: 'new_user123'
|
31
|
+
fill_in 'password confirmation', with: 'new_user123'
|
32
32
|
click_button 'Sign up'
|
33
33
|
|
34
34
|
assert_contain 'Welcome! You have signed up successfully.'
|
@@ -36,27 +36,37 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
36
36
|
assert_current_url "/?custom=1"
|
37
37
|
end
|
38
38
|
|
39
|
+
test 'a guest admin should not see a warning about minimum password length' do
|
40
|
+
get new_admin_session_path
|
41
|
+
assert_not_contain 'characters minimum'
|
42
|
+
end
|
43
|
+
|
39
44
|
def user_sign_up
|
40
45
|
ActionMailer::Base.deliveries.clear
|
41
46
|
|
42
47
|
get new_user_registration_path
|
43
48
|
|
44
|
-
fill_in 'email', :
|
45
|
-
fill_in 'password', :
|
46
|
-
fill_in 'password confirmation', :
|
49
|
+
fill_in 'email', with: 'new_user@test.com'
|
50
|
+
fill_in 'password', with: 'new_user123'
|
51
|
+
fill_in 'password confirmation', with: 'new_user123'
|
47
52
|
click_button 'Sign up'
|
48
53
|
end
|
49
54
|
|
55
|
+
test 'a guest user should see a warning about minimum password length' do
|
56
|
+
get new_user_registration_path
|
57
|
+
assert_contain '7 characters minimum'
|
58
|
+
end
|
59
|
+
|
50
60
|
test 'a guest user should be able to sign up successfully and be blocked by confirmation' do
|
51
61
|
user_sign_up
|
52
62
|
|
53
|
-
assert_contain 'A message with a confirmation link has been sent to your email address. Please
|
63
|
+
assert_contain 'A message with a confirmation link has been sent to your email address. Please follow the link to activate your account.'
|
54
64
|
assert_not_contain 'You have to confirm your account before continuing'
|
55
65
|
assert_current_url "/"
|
56
66
|
|
57
67
|
assert_not warden.authenticated?(:user)
|
58
68
|
|
59
|
-
user = User.
|
69
|
+
user = User.to_adapter.find_first(order: [:id, :desc])
|
60
70
|
assert_equal user.email, 'new_user@test.com'
|
61
71
|
assert_not user.confirmed?
|
62
72
|
end
|
@@ -76,9 +86,9 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
76
86
|
Devise::RegistrationsController.any_instance.stubs(:after_inactive_sign_up_path_for).returns("/?custom=1")
|
77
87
|
get new_user_registration_path
|
78
88
|
|
79
|
-
fill_in 'email', :
|
80
|
-
fill_in 'password', :
|
81
|
-
fill_in 'password confirmation', :
|
89
|
+
fill_in 'email', with: 'new_user@test.com'
|
90
|
+
fill_in 'password', with: 'new_user123'
|
91
|
+
fill_in 'password confirmation', with: 'new_user123'
|
82
92
|
click_button 'Sign up'
|
83
93
|
|
84
94
|
assert_current_url "/?custom=1"
|
@@ -92,17 +102,18 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
92
102
|
|
93
103
|
get new_user_registration_path
|
94
104
|
|
95
|
-
fill_in 'email', :
|
96
|
-
fill_in 'password', :
|
97
|
-
fill_in 'password confirmation', :
|
105
|
+
fill_in 'email', with: 'invalid_email'
|
106
|
+
fill_in 'password', with: 'new_user123'
|
107
|
+
fill_in 'password confirmation', with: 'new_user321'
|
98
108
|
click_button 'Sign up'
|
99
109
|
|
100
110
|
assert_template 'registrations/new'
|
101
111
|
assert_have_selector '#error_explanation'
|
102
112
|
assert_contain "Email is invalid"
|
103
|
-
assert_contain
|
113
|
+
assert_contain Devise.rails4? ?
|
114
|
+
"Password confirmation doesn't match Password" : "Password doesn't match confirmation"
|
104
115
|
assert_contain "2 errors prohibited"
|
105
|
-
assert_nil User.
|
116
|
+
assert_nil User.to_adapter.find_first
|
106
117
|
|
107
118
|
assert_not warden.authenticated?(:user)
|
108
119
|
end
|
@@ -112,12 +123,12 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
112
123
|
# https://github.com/mongoid/mongoid/issues/756
|
113
124
|
(pending "Fails on Mongoid < 2.1"; break) if defined?(Mongoid) && Mongoid::VERSION.to_f < 2.1
|
114
125
|
|
115
|
-
|
126
|
+
create_user
|
116
127
|
get new_user_registration_path
|
117
128
|
|
118
|
-
fill_in 'email', :
|
119
|
-
fill_in 'password', :
|
120
|
-
fill_in 'password confirmation', :
|
129
|
+
fill_in 'email', with: 'user@test.com'
|
130
|
+
fill_in 'password', with: '123456'
|
131
|
+
fill_in 'password confirmation', with: '123456'
|
121
132
|
click_button 'Sign up'
|
122
133
|
|
123
134
|
assert_current_url '/users'
|
@@ -139,85 +150,86 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
139
150
|
assert_redirected_to root_path
|
140
151
|
end
|
141
152
|
|
142
|
-
test 'a signed in user should be able to edit
|
153
|
+
test 'a signed in user should be able to edit their account' do
|
143
154
|
sign_in_as_user
|
144
155
|
get edit_user_registration_path
|
145
156
|
|
146
|
-
fill_in 'email', :
|
147
|
-
fill_in 'current password', :
|
157
|
+
fill_in 'email', with: 'user.new@example.com'
|
158
|
+
fill_in 'current password', with: '12345678'
|
148
159
|
click_button 'Update'
|
149
160
|
|
150
161
|
assert_current_url '/'
|
151
|
-
assert_contain '
|
162
|
+
assert_contain 'Your account has been updated successfully.'
|
152
163
|
|
153
|
-
assert_equal "user.new@example.com", User.
|
164
|
+
assert_equal "user.new@example.com", User.to_adapter.find_first.email
|
154
165
|
end
|
155
166
|
|
156
|
-
test 'a signed in user should still be able to use the website after changing
|
167
|
+
test 'a signed in user should still be able to use the website after changing their password' do
|
157
168
|
sign_in_as_user
|
158
169
|
get edit_user_registration_path
|
159
170
|
|
160
|
-
fill_in 'password', :
|
161
|
-
fill_in 'password confirmation', :
|
162
|
-
fill_in 'current password', :
|
171
|
+
fill_in 'password', with: '1234567890'
|
172
|
+
fill_in 'password confirmation', with: '1234567890'
|
173
|
+
fill_in 'current password', with: '12345678'
|
163
174
|
click_button 'Update'
|
164
175
|
|
165
|
-
assert_contain '
|
176
|
+
assert_contain 'Your account has been updated successfully.'
|
166
177
|
get users_path
|
167
178
|
assert warden.authenticated?(:user)
|
168
179
|
end
|
169
180
|
|
170
|
-
test 'a signed in user should not change
|
181
|
+
test 'a signed in user should not change their current user with invalid password' do
|
171
182
|
sign_in_as_user
|
172
183
|
get edit_user_registration_path
|
173
184
|
|
174
|
-
fill_in 'email', :
|
175
|
-
fill_in 'current password', :
|
185
|
+
fill_in 'email', with: 'user.new@example.com'
|
186
|
+
fill_in 'current password', with: 'invalid'
|
176
187
|
click_button 'Update'
|
177
188
|
|
178
189
|
assert_template 'registrations/edit'
|
179
190
|
assert_contain 'user@test.com'
|
180
191
|
assert_have_selector 'form input[value="user.new@example.com"]'
|
181
192
|
|
182
|
-
assert_equal "user@test.com", User.
|
193
|
+
assert_equal "user@test.com", User.to_adapter.find_first.email
|
183
194
|
end
|
184
195
|
|
185
|
-
test 'a signed in user should be able to edit
|
196
|
+
test 'a signed in user should be able to edit their password' do
|
186
197
|
sign_in_as_user
|
187
198
|
get edit_user_registration_path
|
188
199
|
|
189
|
-
fill_in 'password', :
|
190
|
-
fill_in 'password confirmation', :
|
191
|
-
fill_in 'current password', :
|
200
|
+
fill_in 'password', with: 'pass1234'
|
201
|
+
fill_in 'password confirmation', with: 'pass1234'
|
202
|
+
fill_in 'current password', with: '12345678'
|
192
203
|
click_button 'Update'
|
193
204
|
|
194
205
|
assert_current_url '/'
|
195
|
-
assert_contain '
|
206
|
+
assert_contain 'Your account has been updated successfully.'
|
196
207
|
|
197
|
-
assert User.
|
208
|
+
assert User.to_adapter.find_first.valid_password?('pass1234')
|
198
209
|
end
|
199
210
|
|
200
|
-
test 'a signed in user should not be able to edit
|
211
|
+
test 'a signed in user should not be able to edit their password with invalid confirmation' do
|
201
212
|
sign_in_as_user
|
202
213
|
get edit_user_registration_path
|
203
214
|
|
204
|
-
fill_in 'password', :
|
205
|
-
fill_in 'password confirmation', :
|
206
|
-
fill_in 'current password', :
|
215
|
+
fill_in 'password', with: 'pas123'
|
216
|
+
fill_in 'password confirmation', with: ''
|
217
|
+
fill_in 'current password', with: '12345678'
|
207
218
|
click_button 'Update'
|
208
219
|
|
209
|
-
assert_contain
|
210
|
-
|
220
|
+
assert_contain Devise.rails4? ?
|
221
|
+
"Password confirmation doesn't match Password" : "Password doesn't match confirmation"
|
222
|
+
assert_not User.to_adapter.find_first.valid_password?('pas123')
|
211
223
|
end
|
212
224
|
|
213
|
-
test 'a signed in user should be able to cancel
|
225
|
+
test 'a signed in user should be able to cancel their account' do
|
214
226
|
sign_in_as_user
|
215
227
|
get edit_user_registration_path
|
216
228
|
|
217
|
-
|
218
|
-
assert_contain "Bye! Your account
|
229
|
+
click_button "Cancel my account"
|
230
|
+
assert_contain "Bye! Your account has been successfully cancelled. We hope to see you again soon."
|
219
231
|
|
220
|
-
assert User.
|
232
|
+
assert User.to_adapter.find_all.empty?
|
221
233
|
end
|
222
234
|
|
223
235
|
test 'a user should be able to cancel sign up by deleting data in the session' do
|
@@ -233,92 +245,115 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
233
245
|
end
|
234
246
|
|
235
247
|
test 'a user with XML sign up stub' do
|
236
|
-
get new_user_registration_path(:
|
248
|
+
get new_user_registration_path(format: 'xml')
|
237
249
|
assert_response :success
|
238
250
|
assert_match %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>), response.body
|
239
251
|
assert_no_match(/<confirmation-token/, response.body)
|
240
252
|
end
|
241
253
|
|
242
254
|
test 'a user with JSON sign up stub' do
|
243
|
-
get new_user_registration_path(:
|
255
|
+
get new_user_registration_path(format: 'json')
|
244
256
|
assert_response :success
|
245
257
|
assert_match %({"user":), response.body
|
246
258
|
assert_no_match(/"confirmation_token"/, response.body)
|
247
259
|
end
|
248
260
|
|
249
261
|
test 'an admin sign up with valid information in XML format should return valid response' do
|
250
|
-
post admin_registration_path(:
|
262
|
+
post admin_registration_path(format: 'xml'), admin: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' }
|
251
263
|
assert_response :success
|
252
264
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<admin>)
|
253
265
|
|
254
|
-
admin = Admin.
|
266
|
+
admin = Admin.to_adapter.find_first(order: [:id, :desc])
|
255
267
|
assert_equal admin.email, 'new_user@test.com'
|
256
268
|
end
|
257
269
|
|
258
270
|
test 'a user sign up with valid information in XML format should return valid response' do
|
259
|
-
post user_registration_path(:
|
271
|
+
post user_registration_path(format: 'xml'), user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' }
|
260
272
|
assert_response :success
|
261
273
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
|
262
274
|
|
263
|
-
user = User.
|
275
|
+
user = User.to_adapter.find_first(order: [:id, :desc])
|
264
276
|
assert_equal user.email, 'new_user@test.com'
|
265
277
|
end
|
266
278
|
|
267
279
|
test 'a user sign up with invalid information in XML format should return invalid response' do
|
268
|
-
post user_registration_path(:
|
280
|
+
post user_registration_path(format: 'xml'), user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'invalid' }
|
269
281
|
assert_response :unprocessable_entity
|
270
282
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
271
283
|
end
|
272
284
|
|
273
285
|
test 'a user update information with valid data in XML format should return valid response' do
|
274
286
|
user = sign_in_as_user
|
275
|
-
put user_registration_path(:
|
287
|
+
put user_registration_path(format: 'xml'), user: { current_password: '12345678', email: 'user.new@test.com' }
|
276
288
|
assert_response :success
|
277
289
|
assert_equal user.reload.email, 'user.new@test.com'
|
278
290
|
end
|
279
291
|
|
280
292
|
test 'a user update information with invalid data in XML format should return invalid response' do
|
281
293
|
user = sign_in_as_user
|
282
|
-
put user_registration_path(:
|
294
|
+
put user_registration_path(format: 'xml'), user: { current_password: 'invalid', email: 'user.new@test.com' }
|
283
295
|
assert_response :unprocessable_entity
|
284
296
|
assert_equal user.reload.email, 'user@test.com'
|
285
297
|
end
|
286
298
|
|
287
|
-
test 'a user cancel
|
288
|
-
|
289
|
-
delete user_registration_path(:
|
299
|
+
test 'a user cancel their account in XML format should return valid response' do
|
300
|
+
sign_in_as_user
|
301
|
+
delete user_registration_path(format: 'xml')
|
290
302
|
assert_response :success
|
291
|
-
assert_equal User.
|
303
|
+
assert_equal User.to_adapter.find_all.size, 0
|
292
304
|
end
|
293
305
|
end
|
294
306
|
|
295
|
-
class ReconfirmableRegistrationTest <
|
296
|
-
test 'a signed in admin should see a more appropriate flash message when editing
|
307
|
+
class ReconfirmableRegistrationTest < ActionDispatch::IntegrationTest
|
308
|
+
test 'a signed in admin should see a more appropriate flash message when editing their account if reconfirmable is enabled' do
|
297
309
|
sign_in_as_admin
|
298
310
|
get edit_admin_registration_path
|
299
311
|
|
300
|
-
fill_in 'email', :
|
301
|
-
fill_in 'current password', :
|
312
|
+
fill_in 'email', with: 'admin.new@example.com'
|
313
|
+
fill_in 'current password', with: '123456'
|
302
314
|
click_button 'Update'
|
303
315
|
|
304
316
|
assert_current_url '/admin_area/home'
|
305
317
|
assert_contain 'but we need to verify your new email address'
|
318
|
+
assert_equal 'admin.new@example.com', Admin.to_adapter.find_first.unconfirmed_email
|
306
319
|
|
307
|
-
|
320
|
+
get edit_admin_registration_path
|
321
|
+
assert_contain 'Currently waiting confirmation for: admin.new@example.com'
|
308
322
|
end
|
309
323
|
|
310
324
|
test 'a signed in admin should not see a reconfirmation message if they did not change their password' do
|
311
325
|
sign_in_as_admin
|
312
326
|
get edit_admin_registration_path
|
313
327
|
|
314
|
-
fill_in 'password', :
|
315
|
-
fill_in 'password confirmation', :
|
316
|
-
fill_in 'current password', :
|
328
|
+
fill_in 'password', with: 'pas123'
|
329
|
+
fill_in 'password confirmation', with: 'pas123'
|
330
|
+
fill_in 'current password', with: '123456'
|
331
|
+
click_button 'Update'
|
332
|
+
|
333
|
+
assert_current_url '/admin_area/home'
|
334
|
+
assert_contain 'Your account has been updated successfully.'
|
335
|
+
|
336
|
+
assert Admin.to_adapter.find_first.valid_password?('pas123')
|
337
|
+
end
|
338
|
+
|
339
|
+
test 'a signed in admin should not see a reconfirmation message if they did not change their email, despite having an unconfirmed email' do
|
340
|
+
sign_in_as_admin
|
341
|
+
|
342
|
+
get edit_admin_registration_path
|
343
|
+
fill_in 'email', with: 'admin.new@example.com'
|
344
|
+
fill_in 'current password', with: '123456'
|
345
|
+
click_button 'Update'
|
346
|
+
|
347
|
+
get edit_admin_registration_path
|
348
|
+
fill_in 'password', with: 'pas123'
|
349
|
+
fill_in 'password confirmation', with: 'pas123'
|
350
|
+
fill_in 'current password', with: '123456'
|
317
351
|
click_button 'Update'
|
318
352
|
|
319
353
|
assert_current_url '/admin_area/home'
|
320
|
-
assert_contain '
|
354
|
+
assert_contain 'Your account has been updated successfully.'
|
321
355
|
|
322
|
-
|
356
|
+
assert_equal "admin.new@example.com", Admin.to_adapter.find_first.unconfirmed_email
|
357
|
+
assert Admin.to_adapter.find_first.valid_password?('pas123')
|
323
358
|
end
|
324
|
-
end
|
359
|
+
end
|