devise 2.2.3 → 2.2.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +15 -0
- data/.travis.yml +0 -7
- data/.yardopts +9 -0
- data/CHANGELOG.rdoc +18 -0
- data/Gemfile +4 -4
- data/Gemfile.lock +57 -57
- data/README.md +8 -4
- data/Rakefile +1 -0
- data/app/controllers/devise/confirmations_controller.rb +1 -1
- data/app/controllers/devise/passwords_controller.rb +5 -2
- data/app/controllers/devise/sessions_controller.rb +0 -1
- data/app/controllers/devise/unlocks_controller.rb +2 -2
- data/app/controllers/devise_controller.rb +9 -4
- data/app/views/devise/registrations/edit.html.erb +1 -1
- data/devise.gemspec +1 -0
- data/devise.png +0 -0
- data/gemfiles/Gemfile.rails-3.1.x +4 -4
- data/gemfiles/Gemfile.rails-3.1.x.lock +56 -56
- data/lib/devise.rb +18 -2
- data/lib/devise/mailers/helpers.rb +5 -4
- data/lib/devise/models/authenticatable.rb +24 -8
- data/lib/devise/models/confirmable.rb +23 -3
- data/lib/devise/models/database_authenticatable.rb +15 -0
- data/lib/devise/models/omniauthable.rb +2 -2
- data/lib/devise/models/recoverable.rb +1 -1
- data/lib/devise/models/timeoutable.rb +1 -1
- data/lib/devise/param_filter.rb +8 -8
- data/lib/devise/rails/routes.rb +22 -17
- data/lib/devise/rails/warden_compat.rb +0 -29
- data/lib/devise/strategies/authenticatable.rb +8 -5
- data/lib/devise/strategies/token_authenticatable.rb +38 -3
- data/lib/devise/version.rb +1 -1
- data/lib/generators/devise/views_generator.rb +8 -2
- data/lib/generators/templates/devise.rb +10 -4
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +1 -1
- data/test/controllers/passwords_controller_test.rb +32 -0
- data/test/failure_app_test.rb +3 -3
- data/test/generators/views_generator_test.rb +16 -1
- data/test/helpers/devise_helper_test.rb +1 -1
- data/test/integration/authenticatable_test.rb +72 -25
- data/test/integration/confirmable_test.rb +6 -6
- data/test/integration/database_authenticatable_test.rb +1 -1
- data/test/integration/http_authenticatable_test.rb +19 -1
- data/test/integration/lockable_test.rb +1 -1
- data/test/integration/omniauthable_test.rb +2 -2
- data/test/integration/recoverable_test.rb +2 -2
- data/test/integration/registerable_test.rb +4 -4
- data/test/integration/rememberable_test.rb +9 -9
- data/test/integration/timeoutable_test.rb +1 -1
- data/test/integration/token_authenticatable_test.rb +45 -1
- data/test/integration/trackable_test.rb +1 -1
- data/test/mailers/confirmation_instructions_test.rb +11 -2
- data/test/mailers/reset_password_instructions_test.rb +11 -2
- data/test/mailers/unlock_instructions_test.rb +11 -1
- data/test/models/authenticatable_test.rb +3 -3
- data/test/models/confirmable_test.rb +17 -0
- data/test/models/database_authenticatable_test.rb +32 -0
- data/test/models/lockable_test.rb +1 -1
- data/test/models/rememberable_test.rb +4 -3
- data/test/models/serializable_test.rb +6 -6
- data/test/models/validatable_test.rb +3 -3
- data/test/models_test.rb +6 -1
- data/test/rails_app/app/mailers/users/mailer.rb +5 -1
- data/test/rails_app/config/routes.rb +13 -13
- data/test/test_helper.rb +1 -1
- metadata +23 -28
|
@@ -52,6 +52,18 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
52
52
|
assert_equal( { "login" => "foo@bar.com", "bool1" => "true", "bool2" => "false", "fixnum" => "123", "will_be_converted" => "1..10" }, conditions)
|
|
53
53
|
end
|
|
54
54
|
|
|
55
|
+
test 'param filter should filter case_insensitive_keys as insensitive' do
|
|
56
|
+
conditions = {'insensitive' => 'insensitive_VAL', 'sensitive' => 'sensitive_VAL'}
|
|
57
|
+
conditions = Devise::ParamFilter.new(['insensitive'], []).filter(conditions)
|
|
58
|
+
assert_equal( {'insensitive' => 'insensitive_val', 'sensitive' => 'sensitive_VAL'}, conditions )
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
test 'param filter should filter strip_whitespace_keys stripping whitespaces' do
|
|
62
|
+
conditions = {'strip_whitespace' => ' strip_whitespace_val ', 'do_not_strip_whitespace' => ' do_not_strip_whitespace_val '}
|
|
63
|
+
conditions = Devise::ParamFilter.new([], ['strip_whitespace']).filter(conditions)
|
|
64
|
+
assert_equal( {'strip_whitespace' => 'strip_whitespace_val', 'do_not_strip_whitespace' => ' do_not_strip_whitespace_val '}, conditions )
|
|
65
|
+
end
|
|
66
|
+
|
|
55
67
|
test 'should respond to password and password confirmation' do
|
|
56
68
|
user = new_user
|
|
57
69
|
assert user.respond_to?(:password)
|
|
@@ -183,6 +195,26 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
183
195
|
assert user.valid_password?('12345678')
|
|
184
196
|
end
|
|
185
197
|
|
|
198
|
+
test 'should destroy user if current password is valid' do
|
|
199
|
+
user = create_user
|
|
200
|
+
assert user.destroy_with_password('12345678')
|
|
201
|
+
assert !user.persisted?
|
|
202
|
+
end
|
|
203
|
+
|
|
204
|
+
test 'should not destroy user with invalid password' do
|
|
205
|
+
user = create_user
|
|
206
|
+
assert_not user.destroy_with_password('other')
|
|
207
|
+
assert user.persisted?
|
|
208
|
+
assert_match "is invalid", user.errors[:current_password].join
|
|
209
|
+
end
|
|
210
|
+
|
|
211
|
+
test 'should not destroy user with blank password' do
|
|
212
|
+
user = create_user
|
|
213
|
+
assert_not user.destroy_with_password(nil)
|
|
214
|
+
assert user.persisted?
|
|
215
|
+
assert_match "can't be blank", user.errors[:current_password].join
|
|
216
|
+
end
|
|
217
|
+
|
|
186
218
|
test 'downcase_keys with validation' do
|
|
187
219
|
user = User.create(:email => "HEllO@example.com", :password => "123456")
|
|
188
220
|
user = User.create(:email => "HEllO@example.com", :password => "123456")
|
|
@@ -59,7 +59,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
59
59
|
assert_not user.active_for_authentication?
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
-
test "should unlock a user by cleaning locked_at,
|
|
62
|
+
test "should unlock a user by cleaning locked_at, failed_attempts and unlock_token" do
|
|
63
63
|
user = create_user
|
|
64
64
|
user.lock_access!
|
|
65
65
|
assert_not_nil user.reload.locked_at
|
|
@@ -57,9 +57,10 @@ class RememberableTest < ActiveSupport::TestCase
|
|
|
57
57
|
|
|
58
58
|
test 'forget_me should not try to update resource if it has been destroyed' do
|
|
59
59
|
resource = create_resource
|
|
60
|
-
resource.destroy
|
|
61
60
|
resource.expects(:remember_created_at).never
|
|
62
61
|
resource.expects(:save).never
|
|
62
|
+
|
|
63
|
+
resource.destroy
|
|
63
64
|
resource.forget_me!
|
|
64
65
|
end
|
|
65
66
|
|
|
@@ -114,7 +115,7 @@ class RememberableTest < ActiveSupport::TestCase
|
|
|
114
115
|
end
|
|
115
116
|
end
|
|
116
117
|
|
|
117
|
-
test 'remember should not be expired if it was created
|
|
118
|
+
test 'remember should not be expired if it was created within the limit time' do
|
|
118
119
|
swap Devise, :remember_for => 30.days do
|
|
119
120
|
resource = create_resource
|
|
120
121
|
resource.remember_me!
|
|
@@ -166,7 +167,7 @@ class RememberableTest < ActiveSupport::TestCase
|
|
|
166
167
|
end
|
|
167
168
|
end
|
|
168
169
|
|
|
169
|
-
test 'should have the
|
|
170
|
+
test 'should have the required_fields array' do
|
|
170
171
|
assert_same_content Devise::Models::Rememberable.required_fields(User), [
|
|
171
172
|
:remember_created_at
|
|
172
173
|
]
|
|
@@ -6,18 +6,18 @@ class SerializableTest < ActiveSupport::TestCase
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test 'should not include unsafe keys on XML' do
|
|
9
|
-
assert_match
|
|
10
|
-
assert_no_match
|
|
9
|
+
assert_match(/email/, @user.to_xml)
|
|
10
|
+
assert_no_match(/confirmation-token/, @user.to_xml)
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test 'should not include unsafe keys on XML even if a new except is provided' do
|
|
14
|
-
assert_no_match
|
|
15
|
-
assert_no_match
|
|
14
|
+
assert_no_match(/email/, @user.to_xml(:except => :email))
|
|
15
|
+
assert_no_match(/confirmation-token/, @user.to_xml(:except => :email))
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test 'should include unsafe keys on XML if a force_except is provided' do
|
|
19
|
-
assert_no_match
|
|
20
|
-
assert_match
|
|
19
|
+
assert_no_match(/<email/, @user.to_xml(:force_except => :email))
|
|
20
|
+
assert_match(/confirmation-token/, @user.to_xml(:force_except => :email))
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
test 'should not include unsafe keys on JSON' do
|
|
@@ -59,7 +59,7 @@ class ValidatableTest < ActiveSupport::TestCase
|
|
|
59
59
|
assert_equal 'doesn\'t match confirmation', user.errors[:password].join
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
-
test 'should require password when updating/
|
|
62
|
+
test 'should require password when updating/resetting password' do
|
|
63
63
|
user = create_user
|
|
64
64
|
|
|
65
65
|
user.password = ''
|
|
@@ -69,7 +69,7 @@ class ValidatableTest < ActiveSupport::TestCase
|
|
|
69
69
|
assert_equal 'can\'t be blank', user.errors[:password].join
|
|
70
70
|
end
|
|
71
71
|
|
|
72
|
-
test 'should require confirmation when updating/
|
|
72
|
+
test 'should require confirmation when updating/resetting password' do
|
|
73
73
|
user = create_user
|
|
74
74
|
user.password_confirmation = 'another_password'
|
|
75
75
|
assert user.invalid?
|
|
@@ -98,7 +98,7 @@ class ValidatableTest < ActiveSupport::TestCase
|
|
|
98
98
|
assert_not (user.errors[:password].join =~ /is too long/)
|
|
99
99
|
end
|
|
100
100
|
|
|
101
|
-
test 'should complain about length even if
|
|
101
|
+
test 'should complain about length even if password is not required' do
|
|
102
102
|
user = new_user(:password => 'x'*129, :password_confirmation => 'x'*129)
|
|
103
103
|
user.stubs(:password_required?).returns(false)
|
|
104
104
|
assert user.invalid?
|
data/test/models_test.rb
CHANGED
|
@@ -83,7 +83,12 @@ class ActiveRecordTest < ActiveSupport::TestCase
|
|
|
83
83
|
end
|
|
84
84
|
|
|
85
85
|
test 'set null fields on migrations' do
|
|
86
|
-
|
|
86
|
+
# Ignore email sending since no email exists.
|
|
87
|
+
klass = Class.new(Admin) do
|
|
88
|
+
def send_devise_notification(*); end
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
klass.create!
|
|
87
92
|
end
|
|
88
93
|
end
|
|
89
94
|
|
|
@@ -17,39 +17,39 @@ Rails.application.routes.draw do
|
|
|
17
17
|
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
|
|
18
18
|
|
|
19
19
|
as :user do
|
|
20
|
-
|
|
20
|
+
get "/as/sign_in", :to => "devise/sessions#new"
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
|
|
23
|
+
get "/sign_in", :to => "devise/sessions#new"
|
|
24
24
|
|
|
25
25
|
# Admin scope
|
|
26
26
|
devise_for :admin, :path => "admin_area", :controllers => { :sessions => :"admins/sessions" }, :skip => :passwords
|
|
27
27
|
|
|
28
|
-
|
|
29
|
-
|
|
28
|
+
get "/admin_area/home", :to => "admins#index", :as => :admin_root
|
|
29
|
+
get "/anywhere", :to => "foo#bar", :as => :new_admin_password
|
|
30
30
|
|
|
31
31
|
authenticate(:admin) do
|
|
32
|
-
|
|
32
|
+
get "/private", :to => "home#private", :as => :private
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
authenticate(:admin, lambda { |admin| admin.active? }) do
|
|
36
|
-
|
|
36
|
+
get "/private/active", :to => "home#private", :as => :private_active
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
authenticated :admin do
|
|
40
|
-
|
|
40
|
+
get "/dashboard", :to => "home#admin_dashboard"
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
authenticated :admin, lambda { |admin| admin.active? } do
|
|
44
|
-
|
|
44
|
+
get "/dashboard/active", :to => "home#admin_dashboard"
|
|
45
45
|
end
|
|
46
46
|
|
|
47
47
|
authenticated do
|
|
48
|
-
|
|
48
|
+
get "/dashboard", :to => "home#user_dashboard"
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
unauthenticated do
|
|
52
|
-
|
|
52
|
+
get "/join", :to => "home#join"
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
# Routes for constraints testing
|
|
@@ -92,9 +92,9 @@ Rails.application.routes.draw do
|
|
|
92
92
|
devise_for :delete_or_posts, :sign_out_via => [:delete, :post], :class_name => "Admin"
|
|
93
93
|
end
|
|
94
94
|
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
95
|
+
get "/set", :to => "home#set"
|
|
96
|
+
get "/unauthenticated", :to => "home#unauthenticated"
|
|
97
|
+
get "/custom_strategy/new"
|
|
98
98
|
|
|
99
99
|
root :to => "home#index"
|
|
100
100
|
end
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
5
|
-
version: 2.2.3
|
|
4
|
+
version: 2.2.4
|
|
6
5
|
platform: ruby
|
|
7
6
|
authors:
|
|
8
7
|
- José Valim
|
|
@@ -10,72 +9,64 @@ authors:
|
|
|
10
9
|
autorequire:
|
|
11
10
|
bindir: bin
|
|
12
11
|
cert_chain: []
|
|
13
|
-
date: 2013-
|
|
12
|
+
date: 2013-05-07 00:00:00.000000000 Z
|
|
14
13
|
dependencies:
|
|
15
14
|
- !ruby/object:Gem::Dependency
|
|
16
|
-
|
|
15
|
+
name: warden
|
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
18
|
- - ~>
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
20
|
version: 1.2.1
|
|
21
|
-
none: false
|
|
22
|
-
name: warden
|
|
23
21
|
type: :runtime
|
|
24
22
|
prerelease: false
|
|
25
|
-
|
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
26
24
|
requirements:
|
|
27
25
|
- - ~>
|
|
28
26
|
- !ruby/object:Gem::Version
|
|
29
27
|
version: 1.2.1
|
|
30
|
-
none: false
|
|
31
28
|
- !ruby/object:Gem::Dependency
|
|
32
|
-
|
|
29
|
+
name: orm_adapter
|
|
30
|
+
requirement: !ruby/object:Gem::Requirement
|
|
33
31
|
requirements:
|
|
34
32
|
- - ~>
|
|
35
33
|
- !ruby/object:Gem::Version
|
|
36
34
|
version: '0.1'
|
|
37
|
-
none: false
|
|
38
|
-
name: orm_adapter
|
|
39
35
|
type: :runtime
|
|
40
36
|
prerelease: false
|
|
41
|
-
|
|
37
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
42
38
|
requirements:
|
|
43
39
|
- - ~>
|
|
44
40
|
- !ruby/object:Gem::Version
|
|
45
41
|
version: '0.1'
|
|
46
|
-
none: false
|
|
47
42
|
- !ruby/object:Gem::Dependency
|
|
48
|
-
|
|
43
|
+
name: bcrypt-ruby
|
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
|
49
45
|
requirements:
|
|
50
46
|
- - ~>
|
|
51
47
|
- !ruby/object:Gem::Version
|
|
52
48
|
version: '3.0'
|
|
53
|
-
none: false
|
|
54
|
-
name: bcrypt-ruby
|
|
55
49
|
type: :runtime
|
|
56
50
|
prerelease: false
|
|
57
|
-
|
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
58
52
|
requirements:
|
|
59
53
|
- - ~>
|
|
60
54
|
- !ruby/object:Gem::Version
|
|
61
55
|
version: '3.0'
|
|
62
|
-
none: false
|
|
63
56
|
- !ruby/object:Gem::Dependency
|
|
64
|
-
|
|
57
|
+
name: railties
|
|
58
|
+
requirement: !ruby/object:Gem::Requirement
|
|
65
59
|
requirements:
|
|
66
60
|
- - ~>
|
|
67
61
|
- !ruby/object:Gem::Version
|
|
68
62
|
version: '3.1'
|
|
69
|
-
none: false
|
|
70
|
-
name: railties
|
|
71
63
|
type: :runtime
|
|
72
64
|
prerelease: false
|
|
73
|
-
|
|
65
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
74
66
|
requirements:
|
|
75
67
|
- - ~>
|
|
76
68
|
- !ruby/object:Gem::Version
|
|
77
69
|
version: '3.1'
|
|
78
|
-
none: false
|
|
79
70
|
description: Flexible authentication solution for Rails with Warden
|
|
80
71
|
email: contact@plataformatec.com.br
|
|
81
72
|
executables: []
|
|
@@ -84,6 +75,7 @@ extra_rdoc_files: []
|
|
|
84
75
|
files:
|
|
85
76
|
- .gitignore
|
|
86
77
|
- .travis.yml
|
|
78
|
+
- .yardopts
|
|
87
79
|
- CHANGELOG.rdoc
|
|
88
80
|
- CONTRIBUTING.md
|
|
89
81
|
- Gemfile
|
|
@@ -114,6 +106,7 @@ files:
|
|
|
114
106
|
- app/views/devise/unlocks/new.html.erb
|
|
115
107
|
- config/locales/en.yml
|
|
116
108
|
- devise.gemspec
|
|
109
|
+
- devise.png
|
|
117
110
|
- gemfiles/Gemfile.rails-3.1.x
|
|
118
111
|
- gemfiles/Gemfile.rails-3.1.x.lock
|
|
119
112
|
- lib/devise.rb
|
|
@@ -185,6 +178,7 @@ files:
|
|
|
185
178
|
- test/controllers/custom_strategy_test.rb
|
|
186
179
|
- test/controllers/helpers_test.rb
|
|
187
180
|
- test/controllers/internal_helpers_test.rb
|
|
181
|
+
- test/controllers/passwords_controller_test.rb
|
|
188
182
|
- test/controllers/sessions_controller_test.rb
|
|
189
183
|
- test/controllers/url_helpers_test.rb
|
|
190
184
|
- test/delegator_test.rb
|
|
@@ -290,7 +284,9 @@ files:
|
|
|
290
284
|
- test/test_helpers_test.rb
|
|
291
285
|
- test/test_models.rb
|
|
292
286
|
homepage: http://github.com/plataformatec/devise
|
|
293
|
-
licenses:
|
|
287
|
+
licenses:
|
|
288
|
+
- MIT
|
|
289
|
+
metadata: {}
|
|
294
290
|
post_install_message:
|
|
295
291
|
rdoc_options: []
|
|
296
292
|
require_paths:
|
|
@@ -300,23 +296,22 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
300
296
|
- - ! '>='
|
|
301
297
|
- !ruby/object:Gem::Version
|
|
302
298
|
version: '0'
|
|
303
|
-
none: false
|
|
304
299
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
305
300
|
requirements:
|
|
306
301
|
- - ! '>='
|
|
307
302
|
- !ruby/object:Gem::Version
|
|
308
303
|
version: '0'
|
|
309
|
-
none: false
|
|
310
304
|
requirements: []
|
|
311
305
|
rubyforge_project: devise
|
|
312
|
-
rubygems_version:
|
|
306
|
+
rubygems_version: 2.0.3
|
|
313
307
|
signing_key:
|
|
314
|
-
specification_version:
|
|
308
|
+
specification_version: 4
|
|
315
309
|
summary: Flexible authentication solution for Rails with Warden
|
|
316
310
|
test_files:
|
|
317
311
|
- test/controllers/custom_strategy_test.rb
|
|
318
312
|
- test/controllers/helpers_test.rb
|
|
319
313
|
- test/controllers/internal_helpers_test.rb
|
|
314
|
+
- test/controllers/passwords_controller_test.rb
|
|
320
315
|
- test/controllers/sessions_controller_test.rb
|
|
321
316
|
- test/controllers/url_helpers_test.rb
|
|
322
317
|
- test/delegator_test.rb
|