devise 3.2.1 → 4.4.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/.travis.yml +58 -10
- data/CHANGELOG.md +199 -979
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +73 -8
- data/Gemfile +19 -11
- data/Gemfile.lock +152 -119
- data/ISSUE_TEMPLATE.md +19 -0
- data/MIT-LICENSE +1 -1
- data/README.md +347 -93
- data/Rakefile +4 -2
- data/app/controllers/devise/confirmations_controller.rb +11 -5
- data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
- data/app/controllers/devise/passwords_controller.rb +20 -8
- data/app/controllers/devise/registrations_controller.rb +34 -19
- data/app/controllers/devise/sessions_controller.rb +47 -17
- data/app/controllers/devise/unlocks_controller.rb +9 -4
- data/app/controllers/devise_controller.rb +67 -31
- data/app/helpers/devise_helper.rb +4 -2
- data/app/mailers/devise/mailer.rb +10 -0
- data/app/views/devise/confirmations/new.html.erb +8 -4
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +15 -6
- data/app/views/devise/passwords/new.html.erb +8 -4
- data/app/views/devise/registrations/edit.html.erb +28 -14
- data/app/views/devise/registrations/new.html.erb +19 -8
- data/app/views/devise/sessions/new.html.erb +17 -8
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
- data/app/views/devise/unlocks/new.html.erb +8 -4
- data/bin/test +13 -0
- data/config/locales/en.yml +22 -17
- data/devise.gemspec +7 -6
- data/gemfiles/Gemfile.rails-4.1-stable +32 -0
- data/gemfiles/Gemfile.rails-4.1-stable.lock +171 -0
- data/gemfiles/Gemfile.rails-4.2-stable +32 -0
- data/gemfiles/Gemfile.rails-4.2-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.0-stable +33 -0
- data/gemfiles/Gemfile.rails-5.0-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.2-rc1 +26 -0
- data/gemfiles/Gemfile.rails-5.2-rc1.lock +201 -0
- data/guides/bug_report_templates/integration_test.rb +106 -0
- data/lib/devise.rb +107 -84
- data/lib/devise/controllers/helpers.rb +111 -31
- data/lib/devise/controllers/rememberable.rb +15 -6
- data/lib/devise/controllers/scoped_views.rb +3 -1
- data/lib/devise/controllers/sign_in_out.rb +39 -26
- data/lib/devise/controllers/store_location.rb +31 -2
- data/lib/devise/controllers/url_helpers.rb +9 -7
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +24 -0
- data/lib/devise/failure_app.rb +98 -39
- data/lib/devise/hooks/activatable.rb +7 -6
- data/lib/devise/hooks/csrf_cleaner.rb +5 -1
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +7 -2
- data/lib/devise/hooks/proxy.rb +4 -2
- data/lib/devise/hooks/rememberable.rb +4 -2
- data/lib/devise/hooks/timeoutable.rb +16 -9
- data/lib/devise/hooks/trackable.rb +3 -1
- data/lib/devise/mailers/helpers.rb +15 -12
- data/lib/devise/mapping.rb +8 -2
- data/lib/devise/models.rb +3 -1
- data/lib/devise/models/authenticatable.rb +63 -36
- data/lib/devise/models/confirmable.rb +121 -41
- data/lib/devise/models/database_authenticatable.rb +66 -23
- data/lib/devise/models/lockable.rb +30 -17
- data/lib/devise/models/omniauthable.rb +3 -1
- data/lib/devise/models/recoverable.rb +62 -26
- data/lib/devise/models/registerable.rb +2 -0
- data/lib/devise/models/rememberable.rb +62 -33
- data/lib/devise/models/timeoutable.rb +4 -8
- data/lib/devise/models/trackable.rb +12 -3
- data/lib/devise/models/validatable.rb +16 -9
- data/lib/devise/modules.rb +12 -10
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +2 -0
- data/lib/devise/parameter_sanitizer.rb +131 -69
- data/lib/devise/rails.rb +10 -13
- data/lib/devise/rails/routes.rb +147 -116
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/secret_key_finder.rb +25 -0
- data/lib/devise/strategies/authenticatable.rb +20 -9
- data/lib/devise/strategies/base.rb +3 -1
- data/lib/devise/strategies/database_authenticatable.rb +8 -5
- data/lib/devise/strategies/rememberable.rb +15 -3
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +4 -2
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/generators/active_record/devise_generator.rb +47 -10
- data/lib/generators/active_record/templates/migration.rb +9 -7
- data/lib/generators/active_record/templates/migration_existing.rb +9 -7
- data/lib/generators/devise/controllers_generator.rb +46 -0
- data/lib/generators/devise/devise_generator.rb +9 -5
- data/lib/generators/devise/install_generator.rb +22 -0
- data/lib/generators/devise/orm_helpers.rb +8 -19
- data/lib/generators/devise/views_generator.rb +51 -28
- data/lib/generators/mongoid/devise_generator.rb +22 -19
- data/lib/generators/templates/README +5 -12
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/devise.rb +64 -35
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/custom_registrations_controller_test.rb +42 -0
- data/test/controllers/custom_strategy_test.rb +10 -6
- data/test/controllers/helper_methods_test.rb +24 -0
- data/test/controllers/helpers_test.rb +88 -40
- data/test/controllers/inherited_controller_i18n_messages_test.rb +53 -0
- data/test/controllers/internal_helpers_test.rb +31 -22
- data/test/controllers/load_hooks_controller_test.rb +21 -0
- data/test/controllers/passwords_controller_test.rb +8 -5
- data/test/controllers/sessions_controller_test.rb +42 -33
- data/test/controllers/url_helpers_test.rb +13 -5
- data/test/delegator_test.rb +3 -1
- data/test/devise_test.rb +34 -19
- data/test/failure_app_test.rb +150 -42
- data/test/generators/active_record_generator_test.rb +58 -31
- data/test/generators/controllers_generator_test.rb +50 -0
- data/test/generators/devise_generator_test.rb +4 -2
- data/test/generators/install_generator_test.rb +16 -3
- data/test/generators/mongoid_generator_test.rb +5 -3
- data/test/generators/views_generator_test.rb +40 -2
- data/test/helpers/devise_helper_test.rb +20 -20
- data/test/integration/authenticatable_test.rb +134 -141
- data/test/integration/confirmable_test.rb +109 -67
- data/test/integration/database_authenticatable_test.rb +36 -23
- data/test/integration/http_authenticatable_test.rb +29 -20
- data/test/integration/lockable_test.rb +52 -49
- data/test/integration/mounted_engine_test.rb +38 -0
- data/test/integration/omniauthable_test.rb +30 -15
- data/test/integration/recoverable_test.rb +76 -61
- data/test/integration/registerable_test.rb +107 -91
- data/test/integration/rememberable_test.rb +82 -30
- data/test/integration/timeoutable_test.rb +48 -40
- data/test/integration/trackable_test.rb +15 -8
- data/test/mailers/confirmation_instructions_test.rb +16 -14
- data/test/mailers/email_changed_test.rb +132 -0
- data/test/mailers/mailer_test.rb +20 -0
- data/test/mailers/reset_password_instructions_test.rb +13 -11
- data/test/mailers/unlock_instructions_test.rb +12 -10
- data/test/mapping_test.rb +15 -6
- data/test/models/authenticatable_test.rb +15 -3
- data/test/models/confirmable_test.rb +190 -95
- data/test/models/database_authenticatable_test.rb +75 -41
- data/test/models/lockable_test.rb +115 -61
- data/test/models/omniauthable_test.rb +3 -1
- data/test/models/recoverable_test.rb +116 -37
- data/test/models/registerable_test.rb +3 -1
- data/test/models/rememberable_test.rb +95 -94
- data/test/models/serializable_test.rb +19 -8
- data/test/models/timeoutable_test.rb +10 -8
- data/test/models/trackable_test.rb +50 -1
- data/test/models/validatable_test.rb +24 -30
- data/test/models_test.rb +19 -8
- data/test/omniauth/config_test.rb +15 -11
- data/test/omniauth/url_helpers_test.rb +8 -9
- data/test/orm/active_record.rb +16 -2
- data/test/orm/mongoid.rb +4 -2
- data/test/parameter_sanitizer_test.rb +53 -57
- data/test/rails_app/app/active_record/admin.rb +2 -0
- data/test/rails_app/app/active_record/shim.rb +3 -1
- data/test/rails_app/app/active_record/user.rb +14 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +9 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +9 -0
- data/test/rails_app/app/active_record/user_with_validations.rb +12 -0
- data/test/rails_app/app/active_record/user_without_email.rb +10 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/admins_controller.rb +3 -6
- data/test/rails_app/app/controllers/application_controller.rb +7 -3
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +32 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +33 -0
- data/test/rails_app/app/controllers/home_controller.rb +7 -1
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +3 -1
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +7 -5
- data/test/rails_app/app/controllers/users_controller.rb +8 -6
- data/test/rails_app/app/helpers/application_helper.rb +2 -0
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +5 -0
- data/test/rails_app/app/mailers/users/mailer.rb +3 -10
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +6 -0
- data/test/rails_app/app/mongoid/admin.rb +13 -11
- data/test/rails_app/app/mongoid/shim.rb +4 -2
- data/test/rails_app/app/mongoid/user.rb +30 -19
- data/test/rails_app/app/mongoid/user_on_engine.rb +41 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +41 -0
- data/test/rails_app/app/mongoid/user_with_validations.rb +37 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +35 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/home/index.html.erb +1 -1
- data/test/rails_app/app/views/home/join.html.erb +1 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +13 -5
- data/test/rails_app/config/boot.rb +17 -4
- data/test/rails_app/config/environment.rb +2 -0
- data/test/rails_app/config/environments/development.rb +2 -0
- data/test/rails_app/config/environments/production.rb +10 -2
- data/test/rails_app/config/environments/test.rb +14 -3
- data/test/rails_app/config/initializers/backtrace_silencers.rb +2 -0
- data/test/rails_app/config/initializers/devise.rb +22 -21
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +3 -6
- data/test/rails_app/config/initializers/session_store.rb +2 -0
- data/test/rails_app/config/routes.rb +67 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +16 -10
- data/test/rails_app/db/schema.rb +2 -0
- data/test/rails_app/lib/shared_admin.rb +10 -4
- data/test/rails_app/lib/shared_user.rb +4 -1
- data/test/rails_app/lib/shared_user_without_email.rb +28 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +15 -0
- data/test/rails_test.rb +11 -0
- data/test/routes_test.rb +92 -61
- data/test/secret_key_finder_test.rb +97 -0
- data/test/support/action_controller/record_identifier.rb +12 -0
- data/test/support/assertions.rb +4 -14
- data/test/support/helpers.rb +23 -10
- data/test/support/http_method_compatibility.rb +53 -0
- data/test/support/integration.rb +19 -16
- data/test/support/mongoid.yml +6 -0
- data/test/support/webrat/integrations/rails.rb +11 -0
- data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +60 -40
- data/test/test/integration_helpers_test.rb +34 -0
- data/test/test_helper.rb +9 -0
- data/test/test_models.rb +8 -6
- metadata +123 -53
- data/gemfiles/Gemfile.rails-3.2.x +0 -31
- data/gemfiles/Gemfile.rails-3.2.x.lock +0 -159
@@ -0,0 +1,7 @@
|
|
1
|
+
Hello <%= @email %>!
|
2
|
+
|
3
|
+
<% if @resource.try(:unconfirmed_email?) %>
|
4
|
+
We're contacting you to notify you that your email is being changed to <%= @resource.unconfirmed_email %>.
|
5
|
+
<% else %>
|
6
|
+
We're contacting you to notify you that your email has been changed to <%= @resource.email %>.
|
7
|
+
<% end %>
|
@@ -2,7 +2,7 @@ Hello <%= @resource.email %>!
|
|
2
2
|
|
3
3
|
Someone has requested a link to change your password, and you can do this through the link below.
|
4
4
|
|
5
|
-
|
5
|
+
[Change my password](<%= edit_password_url(@resource, reset_password_token: @token) %>)
|
6
6
|
|
7
7
|
If you didn't request this, please ignore this email.
|
8
8
|
Your password won't change until you access the link above and create a new one.
|
@@ -4,4 +4,4 @@ Your account has been locked due to an excessive number of unsuccessful sign in
|
|
4
4
|
|
5
5
|
Click the link below to unlock your account:
|
6
6
|
|
7
|
-
|
7
|
+
[Unlock my account](<%= unlock_url(@resource, unlock_token: @token) %>)
|
@@ -1,11 +1,11 @@
|
|
1
1
|
<h2>Resend confirmation instructions</h2>
|
2
2
|
|
3
|
-
<%= simple_form_for(resource, :
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
|
4
4
|
<%= f.error_notification %>
|
5
5
|
<%= f.full_error :confirmation_token %>
|
6
6
|
|
7
7
|
<div class="form-inputs">
|
8
|
-
<%= f.input :email, :
|
8
|
+
<%= f.input :email, required: true, autofocus: true %>
|
9
9
|
</div>
|
10
10
|
|
11
11
|
<div class="form-actions">
|
@@ -1,14 +1,14 @@
|
|
1
1
|
<h2>Change your password</h2>
|
2
2
|
|
3
|
-
<%= simple_form_for(resource, :
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f| %>
|
4
4
|
<%= f.error_notification %>
|
5
5
|
|
6
|
-
<%= f.input :reset_password_token, :
|
6
|
+
<%= f.input :reset_password_token, as: :hidden %>
|
7
7
|
<%= f.full_error :reset_password_token %>
|
8
8
|
|
9
9
|
<div class="form-inputs">
|
10
|
-
<%= f.input :password, :
|
11
|
-
<%= f.input :password_confirmation, :
|
10
|
+
<%= f.input :password, label: "New password", required: true, autofocus: true, hint: ("#{@minimum_password_length} characters minimum" if @minimum_password_length) %>
|
11
|
+
<%= f.input :password_confirmation, label: "Confirm your new password", required: true %>
|
12
12
|
</div>
|
13
13
|
|
14
14
|
<div class="form-actions">
|
@@ -1,10 +1,10 @@
|
|
1
1
|
<h2>Forgot your password?</h2>
|
2
2
|
|
3
|
-
<%= simple_form_for(resource, :
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
|
4
4
|
<%= f.error_notification %>
|
5
5
|
|
6
6
|
<div class="form-inputs">
|
7
|
-
<%= f.input :email, :
|
7
|
+
<%= f.input :email, required: true, autofocus: true %>
|
8
8
|
</div>
|
9
9
|
|
10
10
|
<div class="form-actions">
|
@@ -1,18 +1,18 @@
|
|
1
1
|
<h2>Edit <%= resource_name.to_s.humanize %></h2>
|
2
2
|
|
3
|
-
<%= simple_form_for(resource, :
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
|
4
4
|
<%= f.error_notification %>
|
5
5
|
|
6
6
|
<div class="form-inputs">
|
7
|
-
<%= f.input :email, :
|
7
|
+
<%= f.input :email, required: true, autofocus: true %>
|
8
8
|
|
9
9
|
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
|
10
10
|
<p>Currently waiting confirmation for: <%= resource.unconfirmed_email %></p>
|
11
11
|
<% end %>
|
12
12
|
|
13
|
-
<%= f.input :password, :
|
14
|
-
<%= f.input :password_confirmation, :
|
15
|
-
<%= f.input :current_password, :
|
13
|
+
<%= f.input :password, autocomplete: "off", hint: "leave it blank if you don't want to change it", required: false %>
|
14
|
+
<%= f.input :password_confirmation, required: false %>
|
15
|
+
<%= f.input :current_password, hint: "we need your current password to confirm your changes", required: true %>
|
16
16
|
</div>
|
17
17
|
|
18
18
|
<div class="form-actions">
|
@@ -22,6 +22,6 @@
|
|
22
22
|
|
23
23
|
<h3>Cancel my account</h3>
|
24
24
|
|
25
|
-
<p>Unhappy? <%= link_to "Cancel my account", registration_path(resource_name), :
|
25
|
+
<p>Unhappy? <%= link_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p>
|
26
26
|
|
27
27
|
<%= link_to "Back", :back %>
|
@@ -1,12 +1,12 @@
|
|
1
1
|
<h2>Sign up</h2>
|
2
2
|
|
3
|
-
<%= simple_form_for(resource, :
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
|
4
4
|
<%= f.error_notification %>
|
5
5
|
|
6
6
|
<div class="form-inputs">
|
7
|
-
<%= f.input :email, :
|
8
|
-
<%= f.input :password, :
|
9
|
-
<%= f.input :password_confirmation, :
|
7
|
+
<%= f.input :email, required: true, autofocus: true %>
|
8
|
+
<%= f.input :password, required: true, hint: ("#{@minimum_password_length} characters minimum" if @minimum_password_length) %>
|
9
|
+
<%= f.input :password_confirmation, required: true %>
|
10
10
|
</div>
|
11
11
|
|
12
12
|
<div class="form-actions">
|
@@ -1,14 +1,14 @@
|
|
1
|
-
<h2>
|
1
|
+
<h2>Log in</h2>
|
2
2
|
|
3
|
-
<%= simple_form_for(resource, :
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
|
4
4
|
<div class="form-inputs">
|
5
|
-
<%= f.input :email, :
|
6
|
-
<%= f.input :password, :
|
7
|
-
<%= f.input :remember_me, :
|
5
|
+
<%= f.input :email, required: false, autofocus: true %>
|
6
|
+
<%= f.input :password, required: false %>
|
7
|
+
<%= f.input :remember_me, as: :boolean if devise_mapping.rememberable? %>
|
8
8
|
</div>
|
9
9
|
|
10
10
|
<div class="form-actions">
|
11
|
-
<%= f.button :submit, "
|
11
|
+
<%= f.button :submit, "Log in" %>
|
12
12
|
</div>
|
13
13
|
<% end %>
|
14
14
|
|
@@ -1,11 +1,11 @@
|
|
1
1
|
<h2>Resend unlock instructions</h2>
|
2
2
|
|
3
|
-
<%= simple_form_for(resource, :
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %>
|
4
4
|
<%= f.error_notification %>
|
5
5
|
<%= f.full_error :unlock_token %>
|
6
6
|
|
7
7
|
<div class="form-inputs">
|
8
|
-
<%= f.input :email, :
|
8
|
+
<%= f.input :email, required: true, autofocus: true %>
|
9
9
|
</div>
|
10
10
|
|
11
11
|
<div class="form-actions">
|
@@ -0,0 +1,42 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class CustomRegistrationsControllerTest < Devise::ControllerTestCase
|
6
|
+
tests Custom::RegistrationsController
|
7
|
+
|
8
|
+
include Devise::Test::ControllerHelpers
|
9
|
+
|
10
|
+
setup do
|
11
|
+
request.env["devise.mapping"] = Devise.mappings[:user]
|
12
|
+
@password = 'password'
|
13
|
+
@user = create_user(password: @password, password_confirmation: @password).tap(&:confirm)
|
14
|
+
end
|
15
|
+
|
16
|
+
test "yield resource to block on create success" do
|
17
|
+
post :create, params: { user: { email: "user@example.org", password: "password", password_confirmation: "password" } }
|
18
|
+
assert @controller.create_block_called?, "create failed to yield resource to provided block"
|
19
|
+
end
|
20
|
+
|
21
|
+
test "yield resource to block on create failure" do
|
22
|
+
post :create, params: { user: { } }
|
23
|
+
assert @controller.create_block_called?, "create failed to yield resource to provided block"
|
24
|
+
end
|
25
|
+
|
26
|
+
test "yield resource to block on update success" do
|
27
|
+
sign_in @user
|
28
|
+
put :update, params: { user: { current_password: @password } }
|
29
|
+
assert @controller.update_block_called?, "update failed to yield resource to provided block"
|
30
|
+
end
|
31
|
+
|
32
|
+
test "yield resource to block on update failure" do
|
33
|
+
sign_in @user
|
34
|
+
put :update, params: { user: { } }
|
35
|
+
assert @controller.update_block_called?, "update failed to yield resource to provided block"
|
36
|
+
end
|
37
|
+
|
38
|
+
test "yield resource to block on new" do
|
39
|
+
get :new
|
40
|
+
assert @controller.new_block_called?, "new failed to yield resource to provided block"
|
41
|
+
end
|
42
|
+
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
require 'ostruct'
|
3
5
|
require 'warden/strategies/base'
|
@@ -24,10 +26,10 @@ class CustomStrategy < Warden::Strategies::Base
|
|
24
26
|
end
|
25
27
|
end
|
26
28
|
|
27
|
-
class CustomStrategyTest <
|
29
|
+
class CustomStrategyTest < Devise::ControllerTestCase
|
28
30
|
tests CustomStrategyController
|
29
31
|
|
30
|
-
include Devise::
|
32
|
+
include Devise::Test::ControllerHelpers
|
31
33
|
|
32
34
|
setup do
|
33
35
|
Warden::Strategies.add(:custom_strategy, CustomStrategy)
|
@@ -41,8 +43,9 @@ class CustomStrategyTest < ActionController::TestCase
|
|
41
43
|
ret = get :new
|
42
44
|
|
43
45
|
# check the returned rack array
|
44
|
-
assert ret.is_a?(Array)
|
45
|
-
assert_equal 400, ret.first
|
46
|
+
# assert ret.is_a?(Array)
|
47
|
+
# assert_equal 400, ret.first
|
48
|
+
assert ret.is_a?(ActionDispatch::TestResponse)
|
46
49
|
|
47
50
|
# check the saved response as well. This is purely so that the response is available to the testing framework
|
48
51
|
# for verification. In production, the above array would be delivered directly to Rack.
|
@@ -53,8 +56,9 @@ class CustomStrategyTest < ActionController::TestCase
|
|
53
56
|
ret = get :new
|
54
57
|
|
55
58
|
# check the returned rack array
|
56
|
-
assert ret.is_a?(Array)
|
57
|
-
assert_equal ret.third['X-FOO'], 'BAR'
|
59
|
+
# assert ret.is_a?(Array)
|
60
|
+
# assert_equal ret.third['X-FOO'], 'BAR'
|
61
|
+
assert ret.is_a?(ActionDispatch::TestResponse)
|
58
62
|
|
59
63
|
# check the saved response headers as well.
|
60
64
|
assert_equal response.headers['X-FOO'], 'BAR'
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class ApiController < ActionController::Metal
|
6
|
+
include Devise::Controllers::Helpers
|
7
|
+
end
|
8
|
+
|
9
|
+
class HelperMethodsTest < Devise::ControllerTestCase
|
10
|
+
tests ApiController
|
11
|
+
|
12
|
+
test 'includes Devise::Controllers::Helpers' do
|
13
|
+
assert_includes @controller.class.ancestors, Devise::Controllers::Helpers
|
14
|
+
end
|
15
|
+
|
16
|
+
test 'does not respond_to helper or helper_method' do
|
17
|
+
refute_respond_to @controller.class, :helper
|
18
|
+
refute_respond_to @controller.class, :helper_method
|
19
|
+
end
|
20
|
+
|
21
|
+
test 'defines methods like current_user' do
|
22
|
+
assert_respond_to @controller, :current_user
|
23
|
+
end
|
24
|
+
end
|
@@ -1,7 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
require 'ostruct'
|
3
5
|
|
4
|
-
class ControllerAuthenticatableTest <
|
6
|
+
class ControllerAuthenticatableTest < Devise::ControllerTestCase
|
5
7
|
tests ApplicationController
|
6
8
|
|
7
9
|
def setup
|
@@ -14,81 +16,110 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
14
16
|
end
|
15
17
|
|
16
18
|
test 'proxy signed_in?(scope) to authenticate?' do
|
17
|
-
@mock_warden.expects(:authenticate?).with(:
|
19
|
+
@mock_warden.expects(:authenticate?).with(scope: :my_scope)
|
18
20
|
@controller.signed_in?(:my_scope)
|
19
21
|
end
|
20
22
|
|
21
23
|
test 'proxy signed_in?(nil) to authenticate?' do
|
22
24
|
Devise.mappings.keys.each do |scope| # :user, :admin, :manager
|
23
|
-
@mock_warden.expects(:authenticate?).with(:
|
25
|
+
@mock_warden.expects(:authenticate?).with(scope: scope)
|
24
26
|
end
|
25
27
|
@controller.signed_in?
|
26
28
|
end
|
27
29
|
|
30
|
+
test 'proxy [group]_signed_in? to authenticate? with each scope' do
|
31
|
+
[:user, :admin].each do |scope|
|
32
|
+
@mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
|
33
|
+
end
|
34
|
+
@controller.commenter_signed_in?
|
35
|
+
end
|
36
|
+
|
28
37
|
test 'proxy current_user to authenticate with user scope' do
|
29
|
-
@mock_warden.expects(:authenticate).with(:
|
38
|
+
@mock_warden.expects(:authenticate).with(scope: :user)
|
30
39
|
@controller.current_user
|
31
40
|
end
|
32
41
|
|
33
42
|
test 'proxy current_admin to authenticate with admin scope' do
|
34
|
-
@mock_warden.expects(:authenticate).with(:
|
43
|
+
@mock_warden.expects(:authenticate).with(scope: :admin)
|
35
44
|
@controller.current_admin
|
36
45
|
end
|
37
46
|
|
47
|
+
test 'proxy current_[group] to authenticate with each scope' do
|
48
|
+
[:user, :admin].each do |scope|
|
49
|
+
@mock_warden.expects(:authenticate).with(scope: scope).returns(nil)
|
50
|
+
end
|
51
|
+
@controller.current_commenter
|
52
|
+
end
|
53
|
+
|
54
|
+
test 'proxy current_[plural_group] to authenticate with each scope' do
|
55
|
+
[:user, :admin].each do |scope|
|
56
|
+
@mock_warden.expects(:authenticate).with(scope: scope)
|
57
|
+
end
|
58
|
+
@controller.current_commenters
|
59
|
+
end
|
60
|
+
|
38
61
|
test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
|
39
|
-
@mock_warden.expects(:authenticate).with(:
|
62
|
+
@mock_warden.expects(:authenticate).with(scope: :publisher_account)
|
40
63
|
@controller.current_publisher_account
|
41
64
|
end
|
42
65
|
|
43
66
|
test 'proxy authenticate_user! to authenticate with user scope' do
|
44
|
-
@mock_warden.expects(:authenticate!).with(:
|
67
|
+
@mock_warden.expects(:authenticate!).with(scope: :user)
|
45
68
|
@controller.authenticate_user!
|
46
69
|
end
|
47
70
|
|
48
71
|
test 'proxy authenticate_user! options to authenticate with user scope' do
|
49
|
-
@mock_warden.expects(:authenticate!).with(:
|
50
|
-
@controller.authenticate_user!(:
|
72
|
+
@mock_warden.expects(:authenticate!).with(scope: :user, recall: "foo")
|
73
|
+
@controller.authenticate_user!(recall: "foo")
|
51
74
|
end
|
52
75
|
|
53
76
|
test 'proxy authenticate_admin! to authenticate with admin scope' do
|
54
|
-
@mock_warden.expects(:authenticate!).with(:
|
77
|
+
@mock_warden.expects(:authenticate!).with(scope: :admin)
|
55
78
|
@controller.authenticate_admin!
|
56
79
|
end
|
57
80
|
|
81
|
+
test 'proxy authenticate_[group]! to authenticate!? with each scope' do
|
82
|
+
[:user, :admin].each do |scope|
|
83
|
+
@mock_warden.expects(:authenticate!).with(scope: scope)
|
84
|
+
@mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
|
85
|
+
end
|
86
|
+
@controller.authenticate_commenter!
|
87
|
+
end
|
88
|
+
|
58
89
|
test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
|
59
|
-
@mock_warden.expects(:authenticate!).with(:
|
90
|
+
@mock_warden.expects(:authenticate!).with(scope: :publisher_account)
|
60
91
|
@controller.authenticate_publisher_account!
|
61
92
|
end
|
62
93
|
|
63
94
|
test 'proxy user_signed_in? to authenticate with user scope' do
|
64
|
-
@mock_warden.expects(:authenticate).with(:
|
95
|
+
@mock_warden.expects(:authenticate).with(scope: :user).returns("user")
|
65
96
|
assert @controller.user_signed_in?
|
66
97
|
end
|
67
98
|
|
68
99
|
test 'proxy admin_signed_in? to authenticatewith admin scope' do
|
69
|
-
@mock_warden.expects(:authenticate).with(:
|
70
|
-
|
100
|
+
@mock_warden.expects(:authenticate).with(scope: :admin)
|
101
|
+
refute @controller.admin_signed_in?
|
71
102
|
end
|
72
103
|
|
73
104
|
test 'proxy publisher_account_signed_in? to authenticate with namespaced publisher account scope' do
|
74
|
-
@mock_warden.expects(:authenticate).with(:
|
105
|
+
@mock_warden.expects(:authenticate).with(scope: :publisher_account)
|
75
106
|
@controller.publisher_account_signed_in?
|
76
107
|
end
|
77
108
|
|
78
109
|
test 'proxy user_session to session scope in warden' do
|
79
|
-
@mock_warden.expects(:authenticate).with(:
|
110
|
+
@mock_warden.expects(:authenticate).with(scope: :user).returns(true)
|
80
111
|
@mock_warden.expects(:session).with(:user).returns({})
|
81
112
|
@controller.user_session
|
82
113
|
end
|
83
114
|
|
84
115
|
test 'proxy admin_session to session scope in warden' do
|
85
|
-
@mock_warden.expects(:authenticate).with(:
|
116
|
+
@mock_warden.expects(:authenticate).with(scope: :admin).returns(true)
|
86
117
|
@mock_warden.expects(:session).with(:admin).returns({})
|
87
118
|
@controller.admin_session
|
88
119
|
end
|
89
120
|
|
90
121
|
test 'proxy publisher_account_session from namespaced scope to session scope in warden' do
|
91
|
-
@mock_warden.expects(:authenticate).with(:
|
122
|
+
@mock_warden.expects(:authenticate).with(scope: :publisher_account).returns(true)
|
92
123
|
@mock_warden.expects(:session).with(:publisher_account).returns({})
|
93
124
|
@controller.publisher_account_session
|
94
125
|
end
|
@@ -96,14 +127,14 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
96
127
|
test 'sign in proxy to set_user on warden' do
|
97
128
|
user = User.new
|
98
129
|
@mock_warden.expects(:user).returns(nil)
|
99
|
-
@mock_warden.expects(:set_user).with(user, :
|
130
|
+
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
100
131
|
@controller.sign_in(:user, user)
|
101
132
|
end
|
102
133
|
|
103
134
|
test 'sign in accepts a resource as argument' do
|
104
135
|
user = User.new
|
105
136
|
@mock_warden.expects(:user).returns(nil)
|
106
|
-
@mock_warden.expects(:set_user).with(user, :
|
137
|
+
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
107
138
|
@controller.sign_in(user)
|
108
139
|
end
|
109
140
|
|
@@ -117,15 +148,15 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
117
148
|
test 'sign in again when the user is already in only if force is given' do
|
118
149
|
user = User.new
|
119
150
|
@mock_warden.expects(:user).returns(user)
|
120
|
-
@mock_warden.expects(:set_user).with(user, :
|
121
|
-
@controller.sign_in(user, :
|
151
|
+
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
152
|
+
@controller.sign_in(user, force: true)
|
122
153
|
end
|
123
154
|
|
124
|
-
test 'sign in
|
155
|
+
test 'bypass the sign in' do
|
125
156
|
user = User.new
|
126
157
|
@mock_warden.expects(:session_serializer).returns(serializer = mock())
|
127
158
|
serializer.expects(:store).with(user, :user)
|
128
|
-
@controller.
|
159
|
+
@controller.bypass_sign_in(user)
|
129
160
|
end
|
130
161
|
|
131
162
|
test 'sign out clears up any signed in user from all scopes' do
|
@@ -135,24 +166,24 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
135
166
|
@controller.instance_variable_set(:@current_user, user)
|
136
167
|
@controller.instance_variable_set(:@current_admin, user)
|
137
168
|
@controller.sign_out
|
138
|
-
|
139
|
-
|
169
|
+
assert_nil @controller.instance_variable_get(:@current_user)
|
170
|
+
assert_nil @controller.instance_variable_get(:@current_admin)
|
140
171
|
end
|
141
172
|
|
142
173
|
test 'sign out logs out and clears up any signed in user by scope' do
|
143
174
|
user = User.new
|
144
|
-
@mock_warden.expects(:user).with(:
|
175
|
+
@mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(user)
|
145
176
|
@mock_warden.expects(:logout).with(:user).returns(true)
|
146
|
-
@mock_warden.expects(:clear_strategies_cache!).with(:
|
177
|
+
@mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
|
147
178
|
@controller.instance_variable_set(:@current_user, user)
|
148
179
|
@controller.sign_out(:user)
|
149
|
-
|
180
|
+
assert_nil @controller.instance_variable_get(:@current_user)
|
150
181
|
end
|
151
182
|
|
152
183
|
test 'sign out accepts a resource as argument' do
|
153
|
-
@mock_warden.expects(:user).with(:
|
184
|
+
@mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(true)
|
154
185
|
@mock_warden.expects(:logout).with(:user).returns(true)
|
155
|
-
@mock_warden.expects(:clear_strategies_cache!).with(:
|
186
|
+
@mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
|
156
187
|
@controller.sign_out(User.new)
|
157
188
|
end
|
158
189
|
|
@@ -193,15 +224,32 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
193
224
|
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
194
225
|
end
|
195
226
|
|
227
|
+
test 'store bad location for stores a location to redirect back to' do
|
228
|
+
assert_nil @controller.stored_location_for(:user)
|
229
|
+
@controller.store_location_for(:user, "/foo.bar\">Carry")
|
230
|
+
assert_nil @controller.stored_location_for(:user)
|
231
|
+
end
|
232
|
+
|
196
233
|
test 'store location for accepts a resource as argument' do
|
197
234
|
@controller.store_location_for(User.new, "/foo.bar")
|
198
235
|
assert_equal "/foo.bar", @controller.stored_location_for(User.new)
|
199
236
|
end
|
200
237
|
|
201
|
-
test 'store location for stores
|
202
|
-
assert_nil @controller.stored_location_for(:user)
|
238
|
+
test 'store location for stores paths' do
|
203
239
|
@controller.store_location_for(:user, "//host/foo.bar")
|
204
240
|
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
241
|
+
@controller.store_location_for(:user, "///foo.bar")
|
242
|
+
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
243
|
+
end
|
244
|
+
|
245
|
+
test 'store location for stores query string' do
|
246
|
+
@controller.store_location_for(:user, "/foo?bar=baz")
|
247
|
+
assert_equal "/foo?bar=baz", @controller.stored_location_for(:user)
|
248
|
+
end
|
249
|
+
|
250
|
+
test 'store location for stores fragments' do
|
251
|
+
@controller.store_location_for(:user, "/foo#bar")
|
252
|
+
assert_equal "/foo#bar", @controller.stored_location_for(:user)
|
205
253
|
end
|
206
254
|
|
207
255
|
test 'after sign in path defaults to root path if none by was specified for the given scope' do
|
@@ -221,7 +269,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
221
269
|
user = User.new
|
222
270
|
@controller.session[:user_return_to] = "/foo.bar"
|
223
271
|
@mock_warden.expects(:user).with(:user).returns(nil)
|
224
|
-
@mock_warden.expects(:set_user).with(user, :
|
272
|
+
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
225
273
|
@controller.expects(:redirect_to).with("/foo.bar")
|
226
274
|
@controller.sign_in_and_redirect(user)
|
227
275
|
end
|
@@ -229,7 +277,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
229
277
|
test 'sign in and redirect uses the configured after sign in path' do
|
230
278
|
admin = Admin.new
|
231
279
|
@mock_warden.expects(:user).with(:admin).returns(nil)
|
232
|
-
@mock_warden.expects(:set_user).with(admin, :
|
280
|
+
@mock_warden.expects(:set_user).with(admin, scope: :admin).returns(true)
|
233
281
|
@controller.expects(:redirect_to).with(admin_root_path)
|
234
282
|
@controller.sign_in_and_redirect(admin)
|
235
283
|
end
|
@@ -243,10 +291,10 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
243
291
|
end
|
244
292
|
|
245
293
|
test 'sign out and redirect uses the configured after sign out path when signing out only the current scope' do
|
246
|
-
swap Devise, :
|
247
|
-
@mock_warden.expects(:user).with(:
|
294
|
+
swap Devise, sign_out_all_scopes: false do
|
295
|
+
@mock_warden.expects(:user).with(scope: :admin, run_callbacks: false).returns(true)
|
248
296
|
@mock_warden.expects(:logout).with(:admin).returns(true)
|
249
|
-
@mock_warden.expects(:clear_strategies_cache!).with(:
|
297
|
+
@mock_warden.expects(:clear_strategies_cache!).with(scope: :admin).returns(true)
|
250
298
|
@controller.expects(:redirect_to).with(admin_root_path)
|
251
299
|
@controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
|
252
300
|
@controller.sign_out_and_redirect(:admin)
|
@@ -254,7 +302,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
254
302
|
end
|
255
303
|
|
256
304
|
test 'sign out and redirect uses the configured after sign out path when signing out all scopes' do
|
257
|
-
swap Devise, :
|
305
|
+
swap Devise, sign_out_all_scopes: true do
|
258
306
|
@mock_warden.expects(:user).times(Devise.mappings.size)
|
259
307
|
@mock_warden.expects(:logout).with().returns(true)
|
260
308
|
@mock_warden.expects(:clear_strategies_cache!).with().returns(true)
|
@@ -265,6 +313,6 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
265
313
|
end
|
266
314
|
|
267
315
|
test 'is not a devise controller' do
|
268
|
-
|
316
|
+
refute @controller.devise_controller?
|
269
317
|
end
|
270
318
|
end
|