devise 3.2.0 → 3.3.0

data/script/s3-put

@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+# Usage: s3-put <FILE> <S3_BUCKET>[:<PATH>] [<CONTENT_TYPE>]
+#
+# Uploads a file to the Amazon S3 service.
+# Outputs the URL for the newly uploaded file.
+#
+# Requirements:
+# - AMAZON_ACCESS_KEY_ID
+# - AMAZON_SECRET_ACCESS_KEY
+# - openssl
+# - curl
+#
+# Author: Mislav Marohnić
+
+set -e
+
+authorization() {
+  local signature="$(string_to_sign | hmac_sha1 | base64)"
+  echo "AWS ${AMAZON_ACCESS_KEY_ID?}:${signature}"
+}
+
+hmac_sha1() {
+  openssl dgst -binary -sha1 -hmac "${AMAZON_SECRET_ACCESS_KEY?}"
+}
+
+base64() {
+  openssl enc -base64
+}
+
+bin_md5() {
+  openssl dgst -binary -md5
+}
+
+string_to_sign() {
+  echo "$http_method"
+  echo "$content_md5"
+  echo "$content_type"
+  echo "$date"
+  echo "x-amz-acl:$acl"
+  printf "/$bucket/$remote_path"
+}
+
+date_string() {
+  LC_TIME=C date "+%a, %d %h %Y %T %z"
+}
+
+file="$1"
+bucket="${2%%:*}"
+remote_path="${2#*:}"
+content_type="$3"
+
+if [ -z "$remote_path" ] || [ "$remote_path" = "$bucket" ]; then
+  remote_path="${file##*/}"
+fi
+
+http_method=PUT
+acl="public-read"
+content_md5="$(bin_md5 < "$file" | base64)"
+date="$(date_string)"
+
+url="https://$bucket.s3.amazonaws.com/$remote_path"
+
+curl -qsSf -T "$file" \
+  -H "Authorization: $(authorization)" \
+  -H "x-amz-acl: $acl" \
+  -H "Date: $date" \
+  -H "Content-MD5: $content_md5" \
+  -H "Content-Type: $content_type" \
+  "$url"
+
+echo "$url"

data/test/controllers/custom_registrations_controller_test.rb

@@ -0,0 +1,35 @@
+require 'test_helper'
+
+class CustomRegistrationsControllerTest < ActionController::TestCase
+  tests Custom::RegistrationsController
+
+  include Devise::TestHelpers
+
+  setup do
+    request.env["devise.mapping"] = Devise.mappings[:user]
+    @password = 'password'
+    @user = create_user(password: @password, password_confirmation: @password).tap(&:confirm!)
+  end
+
+  test "yield resource to block on create success" do
+    post :create, { user: { email: "user@example.org", password: "password", password_confirmation: "password" } }
+    assert @controller.create_block_called?, "create failed to yield resource to provided block"
+  end
+
+  test "yield resource to block on create failure" do
+    post :create, { user: { } }
+    assert @controller.create_block_called?, "create failed to yield resource to provided block"
+  end
+
+  test "yield resource to block on update success" do
+    sign_in @user
+    put :update, { user: { current_password: @password } }
+    assert @controller.update_block_called?, "update failed to yield resource to provided block"
+  end
+
+  test "yield resource to block on update failure" do
+    sign_in @user
+    put :update, { user: { } }
+    assert @controller.update_block_called?, "update failed to yield resource to provided block"
+  end
+end

data/test/controllers/helpers_test.rb

@@ -14,81 +14,110 @@ class ControllerAuthenticatableTest < ActionController::TestCase
   end
 
   test 'proxy signed_in?(scope) to authenticate?' do
-    @mock_warden.expects(:authenticate?).with(:scope => :my_scope)
+    @mock_warden.expects(:authenticate?).with(scope: :my_scope)
     @controller.signed_in?(:my_scope)
   end
 
   test 'proxy signed_in?(nil) to authenticate?' do
     Devise.mappings.keys.each do |scope| # :user, :admin, :manager
-      @mock_warden.expects(:authenticate?).with(:scope => scope)
+      @mock_warden.expects(:authenticate?).with(scope: scope)
     end
     @controller.signed_in?
   end
 
+  test 'proxy [group]_signed_in? to authenticate? with each scope' do
+    [:user, :admin].each do |scope|
+      @mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
+    end
+    @controller.commenter_signed_in?
+  end
+
   test 'proxy current_user to authenticate with user scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :user)
+    @mock_warden.expects(:authenticate).with(scope: :user)
     @controller.current_user
   end
 
   test 'proxy current_admin to authenticate with admin scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :admin)
+    @mock_warden.expects(:authenticate).with(scope: :admin)
     @controller.current_admin
   end
 
+  test 'proxy current_[group] to authenticate with each scope' do
+    [:user, :admin].each do |scope|
+      @mock_warden.expects(:authenticate).with(scope: scope).returns(nil)
+    end
+    @controller.current_commenter
+  end
+
+  test 'proxy current_[plural_group] to authenticate with each scope' do
+    [:user, :admin].each do |scope|
+      @mock_warden.expects(:authenticate).with(scope: scope)
+    end
+    @controller.current_commenters
+  end
+
   test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :publisher_account)
+    @mock_warden.expects(:authenticate).with(scope: :publisher_account)
     @controller.current_publisher_account
   end
 
   test 'proxy authenticate_user! to authenticate with user scope' do
-    @mock_warden.expects(:authenticate!).with(:scope => :user)
+    @mock_warden.expects(:authenticate!).with(scope: :user)
     @controller.authenticate_user!
   end
 
   test 'proxy authenticate_user! options to authenticate with user scope' do
-    @mock_warden.expects(:authenticate!).with(:scope => :user, :recall => "foo")
-    @controller.authenticate_user!(:recall => "foo")
+    @mock_warden.expects(:authenticate!).with(scope: :user, recall: "foo")
+    @controller.authenticate_user!(recall: "foo")
   end
 
   test 'proxy authenticate_admin! to authenticate with admin scope' do
-    @mock_warden.expects(:authenticate!).with(:scope => :admin)
+    @mock_warden.expects(:authenticate!).with(scope: :admin)
     @controller.authenticate_admin!
   end
 
+  test 'proxy authenticate_[group]! to authenticate!? with each scope' do
+    [:user, :admin].each do |scope|
+      @mock_warden.expects(:authenticate!).with(scope: scope)
+      @mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
+    end
+    @controller.authenticate_commenter!
+  end
+
   test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
-    @mock_warden.expects(:authenticate!).with(:scope => :publisher_account)
+    @mock_warden.expects(:authenticate!).with(scope: :publisher_account)
     @controller.authenticate_publisher_account!
   end
 
   test 'proxy user_signed_in? to authenticate with user scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :user).returns("user")
+    @mock_warden.expects(:authenticate).with(scope: :user).returns("user")
     assert @controller.user_signed_in?
   end
 
   test 'proxy admin_signed_in? to authenticatewith admin scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :admin)
+    @mock_warden.expects(:authenticate).with(scope: :admin)
     assert_not @controller.admin_signed_in?
   end
 
   test 'proxy publisher_account_signed_in? to authenticate with namespaced publisher account scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :publisher_account)
+    @mock_warden.expects(:authenticate).with(scope: :publisher_account)
     @controller.publisher_account_signed_in?
   end
 
   test 'proxy user_session to session scope in warden' do
-    @mock_warden.expects(:authenticate).with(:scope => :user).returns(true)
+    @mock_warden.expects(:authenticate).with(scope: :user).returns(true)
     @mock_warden.expects(:session).with(:user).returns({})
     @controller.user_session
   end
 
   test 'proxy admin_session to session scope in warden' do
-    @mock_warden.expects(:authenticate).with(:scope => :admin).returns(true)
+    @mock_warden.expects(:authenticate).with(scope: :admin).returns(true)
     @mock_warden.expects(:session).with(:admin).returns({})
     @controller.admin_session
   end
 
   test 'proxy publisher_account_session from namespaced scope to session scope in warden' do
-    @mock_warden.expects(:authenticate).with(:scope => :publisher_account).returns(true)
+    @mock_warden.expects(:authenticate).with(scope: :publisher_account).returns(true)
     @mock_warden.expects(:session).with(:publisher_account).returns({})
     @controller.publisher_account_session
   end
@@ -96,14 +125,14 @@ class ControllerAuthenticatableTest < ActionController::TestCase
   test 'sign in proxy to set_user on warden' do
     user = User.new
     @mock_warden.expects(:user).returns(nil)
-    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
     @controller.sign_in(:user, user)
   end
 
   test 'sign in accepts a resource as argument' do
     user = User.new
     @mock_warden.expects(:user).returns(nil)
-    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
     @controller.sign_in(user)
   end
 
@@ -117,15 +146,15 @@ class ControllerAuthenticatableTest < ActionController::TestCase
   test 'sign in again when the user is already in only if force is given' do
     user = User.new
     @mock_warden.expects(:user).returns(user)
-    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
-    @controller.sign_in(user, :force => true)
+    @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
+    @controller.sign_in(user, force: true)
   end
 
   test 'sign in accepts bypass as option' do
     user = User.new
     @mock_warden.expects(:session_serializer).returns(serializer = mock())
     serializer.expects(:store).with(user, :user)
-    @controller.sign_in(user, :bypass => true)
+    @controller.sign_in(user, bypass: true)
   end
 
   test 'sign out clears up any signed in user from all scopes' do
@@ -141,18 +170,18 @@ class ControllerAuthenticatableTest < ActionController::TestCase
 
   test 'sign out logs out and clears up any signed in user by scope' do
     user = User.new
-    @mock_warden.expects(:user).with(:scope => :user, :run_callbacks => false).returns(user)
+    @mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(user)
     @mock_warden.expects(:logout).with(:user).returns(true)
-    @mock_warden.expects(:clear_strategies_cache!).with(:scope => :user).returns(true)
+    @mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
     @controller.instance_variable_set(:@current_user, user)
     @controller.sign_out(:user)
     assert_equal nil, @controller.instance_variable_get(:@current_user)
   end
 
   test 'sign out accepts a resource as argument' do
-    @mock_warden.expects(:user).with(:scope => :user, :run_callbacks => false).returns(true)
+    @mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(true)
     @mock_warden.expects(:logout).with(:user).returns(true)
-    @mock_warden.expects(:clear_strategies_cache!).with(:scope => :user).returns(true)
+    @mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
     @controller.sign_out(User.new)
   end
 
@@ -187,6 +216,35 @@ class ControllerAuthenticatableTest < ActionController::TestCase
     assert_nil @controller.session[:"user_return_to"]
   end
 
+  test 'store location for stores a location to redirect back to' do
+    assert_nil @controller.stored_location_for(:user)
+    @controller.store_location_for(:user, "/foo.bar")
+    assert_equal "/foo.bar", @controller.stored_location_for(:user)
+  end
+
+  test 'store bad location for stores a location to redirect back to' do
+    assert_nil @controller.stored_location_for(:user)
+    @controller.store_location_for(:user, "/foo.bar\">Carry")
+    assert_nil @controller.stored_location_for(:user)
+  end
+
+  test 'store location for accepts a resource as argument' do
+    @controller.store_location_for(User.new, "/foo.bar")
+    assert_equal "/foo.bar", @controller.stored_location_for(User.new)
+  end
+
+  test 'store location for stores paths' do
+    @controller.store_location_for(:user, "//host/foo.bar")
+    assert_equal "/foo.bar", @controller.stored_location_for(:user)
+    @controller.store_location_for(:user, "///foo.bar")
+    assert_equal "/foo.bar", @controller.stored_location_for(:user)
+  end
+
+  test 'store location for stores query string' do
+    @controller.store_location_for(:user, "/foo?bar=baz")
+    assert_equal "/foo?bar=baz", @controller.stored_location_for(:user)
+  end
+
   test 'after sign in path defaults to root path if none by was specified for the given scope' do
     assert_equal root_path, @controller.after_sign_in_path_for(:user)
   end
@@ -204,7 +262,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
     user = User.new
     @controller.session[:user_return_to] = "/foo.bar"
     @mock_warden.expects(:user).with(:user).returns(nil)
-    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
     @controller.expects(:redirect_to).with("/foo.bar")
     @controller.sign_in_and_redirect(user)
   end
@@ -212,7 +270,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
   test 'sign in and redirect uses the configured after sign in path' do
     admin = Admin.new
     @mock_warden.expects(:user).with(:admin).returns(nil)
-    @mock_warden.expects(:set_user).with(admin, :scope => :admin).returns(true)
+    @mock_warden.expects(:set_user).with(admin, scope: :admin).returns(true)
     @controller.expects(:redirect_to).with(admin_root_path)
     @controller.sign_in_and_redirect(admin)
   end
@@ -226,10 +284,10 @@ class ControllerAuthenticatableTest < ActionController::TestCase
   end
 
   test 'sign out and redirect uses the configured after sign out path when signing out only the current scope' do
-    swap Devise, :sign_out_all_scopes => false do
-      @mock_warden.expects(:user).with(:scope => :admin, :run_callbacks => false).returns(true)
+    swap Devise, sign_out_all_scopes: false do
+      @mock_warden.expects(:user).with(scope: :admin, run_callbacks: false).returns(true)
       @mock_warden.expects(:logout).with(:admin).returns(true)
-      @mock_warden.expects(:clear_strategies_cache!).with(:scope => :admin).returns(true)
+      @mock_warden.expects(:clear_strategies_cache!).with(scope: :admin).returns(true)
       @controller.expects(:redirect_to).with(admin_root_path)
       @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
       @controller.sign_out_and_redirect(:admin)
@@ -237,7 +295,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
   end
 
   test 'sign out and redirect uses the configured after sign out path when signing out all scopes' do
-    swap Devise, :sign_out_all_scopes => true do
+    swap Devise, sign_out_all_scopes: true do
       @mock_warden.expects(:user).times(Devise.mappings.size)
       @mock_warden.expects(:logout).with().returns(true)
       @mock_warden.expects(:clear_strategies_cache!).with().returns(true)

data/test/controllers/internal_helpers_test.rb

@@ -51,11 +51,11 @@ class HelpersTest < ActionController::TestCase
   end
 
   test 'resources methods are not controller actions' do
-    assert @controller.class.action_methods.empty?
+    assert @controller.class.action_methods.delete_if { |m| m.include? 'commenter' }.empty?
   end
 
   test 'require no authentication tests current mapping' do
-    @mock_warden.expects(:authenticate?).with(:rememberable, :scope => :user).returns(true)
+    @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
     @mock_warden.expects(:user).with(:user).returns(User.new)
     @controller.expects(:redirect_to).with(root_path)
     @controller.send :require_no_authentication
@@ -71,7 +71,7 @@ class HelpersTest < ActionController::TestCase
   end
 
   test 'require no authentication sets a flash message' do
-    @mock_warden.expects(:authenticate?).with(:rememberable, :scope => :user).returns(true)
+    @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
     @mock_warden.expects(:user).with(:user).returns(User.new)
     @controller.expects(:redirect_to).with(root_path)
     @controller.send :require_no_authentication
@@ -79,7 +79,7 @@ class HelpersTest < ActionController::TestCase
   end
 
   test 'signed in resource returns signed in resource for current scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :user).returns(User.new)
+    @mock_warden.expects(:authenticate).with(scope: :user).returns(User.new)
     assert_kind_of User, @controller.signed_in_resource
   end
 
@@ -100,21 +100,24 @@ class HelpersTest < ActionController::TestCase
   end
 
   test 'uses custom i18n options' do
-    @controller.stubs(:devise_i18n_options).returns(:default => "devise custom options")
+    @controller.stubs(:devise_i18n_options).returns(default: "devise custom options")
     @controller.send :set_flash_message, :notice, :invalid_i18n_messagesend_instructions
     assert_equal 'devise custom options', flash[:notice]
   end
 
   test 'allows custom i18n options to override resource_name' do
     I18n.expects(:t).with("custom_resource_name.confirmed", anything)
-    @controller.stubs(:devise_i18n_options).returns(:resource_name => "custom_resource_name")
+    @controller.stubs(:devise_i18n_options).returns(resource_name: "custom_resource_name")
     @controller.send :set_flash_message, :notice, :confirmed
   end
 
   test 'navigational_formats not returning a wild card' do
     MyController.send(:public, :navigational_formats)
-    Devise.navigational_formats = [:"*/*", :html]
-    assert_not @controller.navigational_formats.include?(:"*/*")
+
+    swap Devise, navigational_formats: ['*/*', :html] do
+      assert_not @controller.navigational_formats.include?("*/*")
+    end
+
     MyController.send(:protected, :navigational_formats)
   end
 end

data/test/controllers/passwords_controller_test.rb

@@ -12,7 +12,7 @@ class PasswordsControllerTest < ActionController::TestCase
 
   def put_update_with_params
     put :update, "user" => {
-      "reset_password_token" => @raw, "password" => "123456", "password_confirmation" => "123456"
+      "reset_password_token" => @raw, "password" => "1234567", "password_confirmation" => "1234567"
     }
   end
 

data/test/controllers/sessions_controller_test.rb

@@ -5,21 +5,25 @@ class SessionsControllerTest < ActionController::TestCase
   include Devise::TestHelpers
 
   test "#create doesn't raise unpermitted params when sign in fails" do
-    ActiveSupport::Notifications.subscribe /unpermitted_parameters/ do |name, start, finish, id, payload|
-      flunk "Unpermitted params: #{payload}"
+    begin
+      subscriber = ActiveSupport::Notifications.subscribe /unpermitted_parameters/ do |name, start, finish, id, payload|
+        flunk "Unpermitted params: #{payload}"
+      end
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      request.session["user_return_to"] = 'foo.bar'
+      create_user
+      post :create, user: {
+        email: "wrong@email.com",
+        password: "wrongpassword"
+      }
+      assert_equal 200, @response.status
+    ensure
+      ActiveSupport::Notifications.unsubscribe(subscriber)
     end
-    request.env["devise.mapping"] = Devise.mappings[:user]
-    request.session["user_return_to"] = 'foo.bar'
-    create_user
-    post :create, :user => {
-      :email => "wrong@email.com",
-      :password => "wrongpassword"
-    }
-    assert_equal 200, @response.status
   end
 
   test "#create works even with scoped views" do
-    swap Devise, :scoped_views => true do
+    swap Devise, scoped_views: true do
       request.env["devise.mapping"] = Devise.mappings[:user]
       post :create
       assert_equal 200, @response.status
@@ -33,9 +37,9 @@ class SessionsControllerTest < ActionController::TestCase
 
     user = create_user
     user.confirm!
-    post :create, :user => {
-      :email => user.email,
-      :password => user.password
+    post :create, user: {
+      email: user.email,
+      password: user.password
     }
 
     assert_nil request.session["user_return_to"]
@@ -47,9 +51,9 @@ class SessionsControllerTest < ActionController::TestCase
 
     user = create_user
     user.confirm!
-    post :create, :format => 'json', :user => {
-      :email => user.email,
-      :password => user.password
+    post :create, format: 'json', user: {
+      email: user.email,
+      password: user.password
     }
 
     assert_equal 'foo.bar', request.session["user_return_to"]
@@ -57,9 +61,9 @@ class SessionsControllerTest < ActionController::TestCase
 
   test "#create doesn't raise exception after Warden authentication fails when TestHelpers included" do
     request.env["devise.mapping"] = Devise.mappings[:user]
-    post :create, :user => {
-      :email => "nosuchuser@example.com",
-      :password => "wevdude"
+    post :create, user: {
+      email: "nosuchuser@example.com",
+      password: "wevdude"
     }
     assert_equal 200, @response.status
     assert_template "devise/sessions/new"
@@ -69,12 +73,12 @@ class SessionsControllerTest < ActionController::TestCase
     request.env["devise.mapping"] = Devise.mappings[:user]
     user = create_user
     user.confirm!
-    post :create, :format => 'json', :user => {
-      :email => user.email,
-      :password => user.password
+    post :create, format: 'json', user: {
+      email: user.email,
+      password: user.password
     }
 
-    delete :destroy, :format => 'json'
+    delete :destroy, format: 'json'
     assert flash[:notice].blank?, "flash[:notice] should be blank, not #{flash[:notice].inspect}"
     assert_equal 204, @response.status
   end
@@ -88,7 +92,7 @@ class SessionsControllerTest < ActionController::TestCase
 
       begin
         assert_nothing_raised ActiveModel::MassAssignmentSecurity::Error do
-          get :new, :user => { :email => "allez viens!" }
+          get :new, user: { email: "allez viens!" }
         end
       ensure
         ActiveRecord::Base.mass_assignment_sanitizer = :logger

data/test/controllers/url_helpers_test.rb

@@ -14,10 +14,10 @@ class RoutesTest < ActionController::TestCase
                  send(:"#{prepend_path}user_#{name}_url")
 
     # Default url params
-    assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, :param => 123),
-                 send(:"#{prepend_path}user_#{name}_path", :param => 123)
-    assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user, :param => 123),
-                 send(:"#{prepend_path}user_#{name}_url", :param => 123)
+    assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, param: 123),
+                 send(:"#{prepend_path}user_#{name}_path", param: 123)
+    assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user, param: 123),
+                 send(:"#{prepend_path}user_#{name}_url", param: 123)
 
     @request.path = nil
     # With an object

data/test/delegator_test.rb

@@ -14,6 +14,6 @@ class DelegatorTest < ActiveSupport::TestCase
   end
 
   test 'failure_app returns associated failure app by scope in the given environment' do
-    assert_kind_of Proc, delegator.failure_app({"warden.options" => {:scope => "manager"}})
+    assert_kind_of Proc, delegator.failure_app({"warden.options" => {scope: "manager"}})
   end
 end

data/test/devise_test.rb

@@ -3,10 +3,10 @@ require 'test_helper'
 module Devise
   def self.yield_and_restore
     @@warden_configured = nil
-    c, b = @@warden_config, @@warden_config_block
+    c, b = @@warden_config, @@warden_config_blocks
     yield
   ensure
-    @@warden_config, @@warden_config_block = c, b
+    @@warden_config, @@warden_config_blocks = c, b
   end
 end
 
@@ -23,7 +23,7 @@ class DeviseTest < ActiveSupport::TestCase
   end
 
   test 'model options can be configured through Devise' do
-    swap Devise, :allow_unconfirmed_access_for => 113, :pepper => "foo" do
+    swap Devise, allow_unconfirmed_access_for: 113, pepper: "foo" do
       assert_equal 113, Devise.allow_unconfirmed_access_for
       assert_equal "foo", Devise.pepper
     end
@@ -42,14 +42,27 @@ class DeviseTest < ActiveSupport::TestCase
 
   test 'warden manager user configuration through a block' do
     Devise.yield_and_restore do
-      @executed = false
+      executed = false
       Devise.warden do |config|
-        @executed = true
+        executed = true
         assert_kind_of Warden::Config, config
       end
 
       Devise.configure_warden!
-      assert @executed
+      assert executed
+    end
+  end
+
+  test 'warden manager user configuration through multiple blocks' do
+    Devise.yield_and_restore do
+      executed = 0
+
+      3.times do
+        Devise.warden { |config| executed += 1 }
+      end
+
+      Devise.configure_warden!
+      assert_equal 3, executed
     end
   end
 
@@ -60,12 +73,12 @@ class DeviseTest < ActiveSupport::TestCase
     assert_not defined?(Devise::Models::Coconut)
     Devise::ALL.delete(:coconut)
 
-    assert_nothing_raised(Exception) { Devise.add_module(:banana, :strategy => :fruits) }
+    assert_nothing_raised(Exception) { Devise.add_module(:banana, strategy: :fruits) }
     assert_equal :fruits, Devise::STRATEGIES[:banana]
     Devise::ALL.delete(:banana)
     Devise::STRATEGIES.delete(:banana)
 
-    assert_nothing_raised(Exception) { Devise.add_module(:kivi, :controller => :fruits) }
+    assert_nothing_raised(Exception) { Devise.add_module(:kivi, controller: :fruits) }
     assert_equal :fruits, Devise::CONTROLLERS[:kivi]
     Devise::ALL.delete(:kivi)
     Devise::CONTROLLERS.delete(:kivi)