devise 3.2.1 → 4.4.3

data/test/controllers/inherited_controller_i18n_messages_test.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class SessionsInheritedController < Devise::SessionsController
+  def test_i18n_scope
+    set_flash_message(:notice, :signed_in)
+  end
+end
+
+class AnotherInheritedController < SessionsInheritedController
+  protected
+
+  def translation_scope
+    'another'
+  end
+end
+
+class InheritedControllerTest < Devise::ControllerTestCase
+  tests SessionsInheritedController
+
+  def setup
+    @mock_warden = OpenStruct.new
+    @controller.request.env['warden'] = @mock_warden
+    @controller.request.env['devise.mapping'] = Devise.mappings[:user]
+  end
+
+  test 'I18n scope is inherited from Devise::Sessions' do
+    I18n.expects(:t).with do |message, options|
+      message == 'user.signed_in' &&
+        options[:scope] == 'devise.sessions'
+    end
+    @controller.test_i18n_scope
+  end
+end
+
+class AnotherInheritedControllerTest < Devise::ControllerTestCase
+  tests AnotherInheritedController
+
+  def setup
+    @mock_warden = OpenStruct.new
+    @controller.request.env['warden'] = @mock_warden
+    @controller.request.env['devise.mapping'] = Devise.mappings[:user]
+  end
+
+  test 'I18n scope is overridden' do
+    I18n.expects(:t).with do |message, options|
+      message == 'user.signed_in' &&
+        options[:scope] == 'another'
+    end
+    @controller.test_i18n_scope
+  end
+end

data/test/controllers/internal_helpers_test.rb

@@ -1,9 +1,11 @@
+# frozen_string_literal: true
+
 require 'test_helper'
 
 class MyController < DeviseController
 end
 
-class HelpersTest < ActionController::TestCase
+class HelpersTest < Devise::ControllerTestCase
   tests MyController
 
   def setup
@@ -13,16 +15,16 @@ class HelpersTest < ActionController::TestCase
   end
 
   test 'get resource name from env' do
-    assert_equal :user, @controller.resource_name
+    assert_equal :user, @controller.send(:resource_name)
   end
 
   test 'get resource class from env' do
-    assert_equal User, @controller.resource_class
+    assert_equal User, @controller.send(:resource_class)
   end
 
   test 'get resource instance variable from env' do
     @controller.instance_variable_set(:@user, user = User.new)
-    assert_equal user, @controller.resource
+    assert_equal user, @controller.send(:resource)
   end
 
   test 'set resource instance variable from env' do
@@ -36,26 +38,24 @@ class HelpersTest < ActionController::TestCase
   test 'get resource params from request params using resource name as key' do
     user_params = {'email' => 'shirley@templar.com'}
 
-    params = if Devise.rails4?
-      # Stub controller name so strong parameters can filter properly.
-      # DeviseController does not allow any parameters by default.
-      @controller.stubs(:controller_name).returns(:sessions_controller)
+    # Stub controller name so strong parameters can filter properly.
+    # DeviseController does not allow any parameters by default.
+    @controller.stubs(:controller_name).returns(:sessions_controller)
+
+    params = ActionController::Parameters.new({'user' => user_params})
 
-      ActionController::Parameters.new({'user' => user_params})
-    else
-      HashWithIndifferentAccess.new({'user' => user_params})
-    end
     @controller.stubs(:params).returns(params)
 
-    assert_equal user_params, @controller.send(:resource_params)
+    res_params = @controller.send(:resource_params).permit!.to_h
+    assert_equal user_params, res_params
   end
 
   test 'resources methods are not controller actions' do
-    assert @controller.class.action_methods.empty?
+    assert @controller.class.action_methods.delete_if { |m| m.include? 'commenter' }.empty?
   end
 
   test 'require no authentication tests current mapping' do
-    @mock_warden.expects(:authenticate?).with(:rememberable, :scope => :user).returns(true)
+    @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
     @mock_warden.expects(:user).with(:user).returns(User.new)
     @controller.expects(:redirect_to).with(root_path)
     @controller.send :require_no_authentication
@@ -71,7 +71,7 @@ class HelpersTest < ActionController::TestCase
   end
 
   test 'require no authentication sets a flash message' do
-    @mock_warden.expects(:authenticate?).with(:rememberable, :scope => :user).returns(true)
+    @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
     @mock_warden.expects(:user).with(:user).returns(User.new)
     @controller.expects(:redirect_to).with(root_path)
     @controller.send :require_no_authentication
@@ -79,8 +79,8 @@ class HelpersTest < ActionController::TestCase
   end
 
   test 'signed in resource returns signed in resource for current scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :user).returns(User.new)
-    assert_kind_of User, @controller.signed_in_resource
+    @mock_warden.expects(:authenticate).with(scope: :user).returns(User.new)
+    assert_kind_of User, @controller.send(:signed_in_resource)
   end
 
   test 'is a devise controller' do
@@ -99,22 +99,31 @@ class HelpersTest < ActionController::TestCase
     assert_equal 'non-blank', flash[:notice]
   end
 
+  test 'issues non-blank flash.now messages normally' do
+    I18n.stubs(:t).returns('non-blank')
+    @controller.send :set_flash_message, :notice, :send_instructions, { now: true }
+    assert_equal 'non-blank', flash.now[:notice]
+  end
+
   test 'uses custom i18n options' do
-    @controller.stubs(:devise_i18n_options).returns(:default => "devise custom options")
+    @controller.stubs(:devise_i18n_options).returns(default: "devise custom options")
     @controller.send :set_flash_message, :notice, :invalid_i18n_messagesend_instructions
     assert_equal 'devise custom options', flash[:notice]
   end
 
   test 'allows custom i18n options to override resource_name' do
     I18n.expects(:t).with("custom_resource_name.confirmed", anything)
-    @controller.stubs(:devise_i18n_options).returns(:resource_name => "custom_resource_name")
+    @controller.stubs(:devise_i18n_options).returns(resource_name: "custom_resource_name")
     @controller.send :set_flash_message, :notice, :confirmed
   end
 
   test 'navigational_formats not returning a wild card' do
     MyController.send(:public, :navigational_formats)
-    Devise.navigational_formats = [:"*/*", :html]
-    assert_not @controller.navigational_formats.include?(:"*/*")
+
+    swap Devise, navigational_formats: ['*/*', :html] do
+      refute @controller.navigational_formats.include?("*/*")
+    end
+
     MyController.send(:protected, :navigational_formats)
   end
 end

data/test/controllers/load_hooks_controller_test.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class LoadHooksControllerTest < Devise::ControllerTestCase
+  setup do
+    ActiveSupport.on_load(:devise_controller) do
+      define_method :defined_by_load_hook do
+        puts 'I am defined dynamically by activesupport load hook'
+      end
+    end
+  end
+
+  teardown do
+    DeviseController.class_eval { undef :defined_by_load_hook }
+  end
+
+  test 'load hook called when controller is loaded' do
+    assert DeviseController.instance_methods.include? :defined_by_load_hook
+  end
+end

data/test/controllers/passwords_controller_test.rb

@@ -1,18 +1,21 @@
+# frozen_string_literal: true
+
 require 'test_helper'
 
-class PasswordsControllerTest < ActionController::TestCase
+class PasswordsControllerTest < Devise::ControllerTestCase
   tests Devise::PasswordsController
-  include Devise::TestHelpers
+  include Devise::Test::ControllerHelpers
 
   setup do
     request.env["devise.mapping"] = Devise.mappings[:user]
-    @user = create_user.tap(&:confirm!)
+    @user = create_user.tap(&:confirm)
     @raw  = @user.send_reset_password_instructions
   end
 
   def put_update_with_params
-    put :update, "user" => {
-      "reset_password_token" => @raw, "password" => "123456", "password_confirmation" => "123456"
+    put :update, params: { "user" => {
+        "reset_password_token" => @raw, "password" => "1234567", "password_confirmation" => "1234567"
+      }
     }
   end
 

data/test/controllers/sessions_controller_test.rb

@@ -1,25 +1,32 @@
+# frozen_string_literal: true
+
 require 'test_helper'
 
-class SessionsControllerTest < ActionController::TestCase
+class SessionsControllerTest < Devise::ControllerTestCase
   tests Devise::SessionsController
-  include Devise::TestHelpers
+  include Devise::Test::ControllerHelpers
 
   test "#create doesn't raise unpermitted params when sign in fails" do
-    ActiveSupport::Notifications.subscribe /unpermitted_parameters/ do |name, start, finish, id, payload|
-      flunk "Unpermitted params: #{payload}"
+    begin
+      subscriber = ActiveSupport::Notifications.subscribe %r{unpermitted_parameters} do |name, start, finish, id, payload|
+        flunk "Unpermitted params: #{payload}"
+      end
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      request.session["user_return_to"] = 'foo.bar'
+      create_user
+      post :create, params: { user: {
+          email: "wrong@email.com",
+          password: "wrongpassword"
+        }
+      }
+      assert_equal 200, @response.status
+    ensure
+      ActiveSupport::Notifications.unsubscribe(subscriber)
     end
-    request.env["devise.mapping"] = Devise.mappings[:user]
-    request.session["user_return_to"] = 'foo.bar'
-    create_user
-    post :create, :user => {
-      :email => "wrong@email.com",
-      :password => "wrongpassword"
-    }
-    assert_equal 200, @response.status
   end
 
   test "#create works even with scoped views" do
-    swap Devise, :scoped_views => true do
+    swap Devise, scoped_views: true do
       request.env["devise.mapping"] = Devise.mappings[:user]
       post :create
       assert_equal 200, @response.status
@@ -32,12 +39,12 @@ class SessionsControllerTest < ActionController::TestCase
     request.session["user_return_to"] = 'foo.bar'
 
     user = create_user
-    user.confirm!
-    post :create, :user => {
-      :email => user.email,
-      :password => user.password
+    user.confirm
+    post :create, params: { user: {
+        email: user.email,
+        password: user.password
+      }
     }
-
     assert_nil request.session["user_return_to"]
   end
 
@@ -46,10 +53,11 @@ class SessionsControllerTest < ActionController::TestCase
     request.session["user_return_to"] = 'foo.bar'
 
     user = create_user
-    user.confirm!
-    post :create, :format => 'json', :user => {
-      :email => user.email,
-      :password => user.password
+    user.confirm
+    post :create, params: { format: 'json', user: {
+        email: user.email,
+        password: user.password
+      }
     }
 
     assert_equal 'foo.bar', request.session["user_return_to"]
@@ -57,9 +65,10 @@ class SessionsControllerTest < ActionController::TestCase
 
   test "#create doesn't raise exception after Warden authentication fails when TestHelpers included" do
     request.env["devise.mapping"] = Devise.mappings[:user]
-    post :create, :user => {
-      :email => "nosuchuser@example.com",
-      :password => "wevdude"
+    post :create, params: { user: {
+        email: "nosuchuser@example.com",
+        password: "wevdude"
+      }
     }
     assert_equal 200, @response.status
     assert_template "devise/sessions/new"
@@ -68,13 +77,13 @@ class SessionsControllerTest < ActionController::TestCase
   test "#destroy doesn't set the flash if the requested format is not navigational" do
     request.env["devise.mapping"] = Devise.mappings[:user]
     user = create_user
-    user.confirm!
-    post :create, :format => 'json', :user => {
-      :email => user.email,
-      :password => user.password
+    user.confirm
+    post :create, params: { format: 'json', user: {
+        email: user.email,
+        password: user.password
+      }
     }
-
-    delete :destroy, :format => 'json'
+    delete :destroy, format: 'json'
     assert flash[:notice].blank?, "flash[:notice] should be blank, not #{flash[:notice].inspect}"
     assert_equal 204, @response.status
   end
@@ -87,8 +96,8 @@ class SessionsControllerTest < ActionController::TestCase
       User.class_eval { attr_protected :email }
 
       begin
-        assert_nothing_raised ActiveModel::MassAssignmentSecurity::Error do
-          get :new, :user => { :email => "allez viens!" }
+        assert_nothing_raised do
+          get :new, user: { email: "allez viens!" }
         end
       ensure
         ActiveRecord::Base.mass_assignment_sanitizer = :logger

data/test/controllers/url_helpers_test.rb

@@ -1,6 +1,8 @@
+# frozen_string_literal: true
+
 require 'test_helper'
 
-class RoutesTest < ActionController::TestCase
+class RoutesTest < Devise::ControllerTestCase
   tests ApplicationController
 
   def assert_path_and_url(name, prepend_path=nil)
@@ -13,11 +15,17 @@ class RoutesTest < ActionController::TestCase
     assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user),
                  send(:"#{prepend_path}user_#{name}_url")
 
+    # With string
+    assert_equal @controller.send(:"#{prepend_path}#{name}_path", "user"),
+                 send(:"#{prepend_path}user_#{name}_path")
+    assert_equal @controller.send(:"#{prepend_path}#{name}_url", "user"),
+                 send(:"#{prepend_path}user_#{name}_url")
+
     # Default url params
-    assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, :param => 123),
-                 send(:"#{prepend_path}user_#{name}_path", :param => 123)
-    assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user, :param => 123),
-                 send(:"#{prepend_path}user_#{name}_url", :param => 123)
+    assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, param: 123),
+                 send(:"#{prepend_path}user_#{name}_path", param: 123)
+    assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user, param: 123),
+                 send(:"#{prepend_path}user_#{name}_url", param: 123)
 
     @request.path = nil
     # With an object

data/test/delegator_test.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'test_helper'
 
 class DelegatorTest < ActiveSupport::TestCase
@@ -14,6 +16,6 @@ class DelegatorTest < ActiveSupport::TestCase
   end
 
   test 'failure_app returns associated failure app by scope in the given environment' do
-    assert_kind_of Proc, delegator.failure_app({"warden.options" => {:scope => "manager"}})
+    assert_kind_of Proc, delegator.failure_app({"warden.options" => {scope: "manager"}})
   end
 end

data/test/devise_test.rb

@@ -1,12 +1,14 @@
+# frozen_string_literal: true
+
 require 'test_helper'
 
 module Devise
   def self.yield_and_restore
     @@warden_configured = nil
-    c, b = @@warden_config, @@warden_config_block
+    c, b = @@warden_config, @@warden_config_blocks
     yield
   ensure
-    @@warden_config, @@warden_config_block = c, b
+    @@warden_config, @@warden_config_blocks = c, b
   end
 end
 
@@ -14,16 +16,16 @@ class DeviseTest < ActiveSupport::TestCase
   test 'bcrypt on the class' do
     password = "super secret"
     klass    = Struct.new(:pepper, :stretches).new("blahblah", 2)
-    hash     = Devise.bcrypt(klass, password)
+    hash     = Devise::Encryptor.digest(klass, password)
     assert_equal ::BCrypt::Password.create(hash), hash
 
     klass    = Struct.new(:pepper, :stretches).new("bla", 2)
-    hash     = Devise.bcrypt(klass, password)
+    hash     = Devise::Encryptor.digest(klass, password)
     assert_not_equal ::BCrypt::Password.new(hash), hash
   end
 
   test 'model options can be configured through Devise' do
-    swap Devise, :allow_unconfirmed_access_for => 113, :pepper => "foo" do
+    swap Devise, allow_unconfirmed_access_for: 113, pepper: "foo" do
       assert_equal 113, Devise.allow_unconfirmed_access_for
       assert_equal "foo", Devise.pepper
     end
@@ -42,30 +44,43 @@ class DeviseTest < ActiveSupport::TestCase
 
   test 'warden manager user configuration through a block' do
     Devise.yield_and_restore do
-      @executed = false
+      executed = false
       Devise.warden do |config|
-        @executed = true
+        executed = true
         assert_kind_of Warden::Config, config
       end
 
       Devise.configure_warden!
-      assert @executed
+      assert executed
+    end
+  end
+
+  test 'warden manager user configuration through multiple blocks' do
+    Devise.yield_and_restore do
+      executed = 0
+
+      3.times do
+        Devise.warden { |config| executed += 1 }
+      end
+
+      Devise.configure_warden!
+      assert_equal 3, executed
     end
   end
 
   test 'add new module using the helper method' do
-    assert_nothing_raised(Exception) { Devise.add_module(:coconut) }
+    Devise.add_module(:coconut)
     assert_equal 1, Devise::ALL.select { |v| v == :coconut }.size
-    assert_not Devise::STRATEGIES.include?(:coconut)
-    assert_not defined?(Devise::Models::Coconut)
+    refute Devise::STRATEGIES.include?(:coconut)
+    refute defined?(Devise::Models::Coconut)
     Devise::ALL.delete(:coconut)
 
-    assert_nothing_raised(Exception) { Devise.add_module(:banana, :strategy => :fruits) }
+    Devise.add_module(:banana, strategy: :fruits)
     assert_equal :fruits, Devise::STRATEGIES[:banana]
     Devise::ALL.delete(:banana)
     Devise::STRATEGIES.delete(:banana)
 
-    assert_nothing_raised(Exception) { Devise.add_module(:kivi, :controller => :fruits) }
+    Devise.add_module(:kivi, controller: :fruits)
     assert_equal :fruits, Devise::CONTROLLERS[:kivi]
     Devise::ALL.delete(:kivi)
     Devise::CONTROLLERS.delete(:kivi)
@@ -73,16 +88,16 @@ class DeviseTest < ActiveSupport::TestCase
 
   test 'should complain when comparing empty or different sized passes' do
     [nil, ""].each do |empty|
-      assert_not Devise.secure_compare(empty, "something")
-      assert_not Devise.secure_compare("something", empty)
-      assert_not Devise.secure_compare(empty, empty)
+      refute Devise.secure_compare(empty, "something")
+      refute Devise.secure_compare("something", empty)
+      refute Devise.secure_compare(empty, empty)
     end
-    assert_not Devise.secure_compare("size_1", "size_four")
+    refute Devise.secure_compare("size_1", "size_four")
   end
 
   test 'Devise.email_regexp should match valid email addresses' do
-    valid_emails = ["test@example.com", "jo@jo.co", "f4$_m@you.com", "testing.example@example.com.ua"]
-    non_valid_emails = ["rex", "test@go,com", "test user@example.com", "test_user@example server.com"]
+    valid_emails = ["test@example.com", "jo@jo.co", "f4$_m@you.com", "testing.example@example.com.ua", "test@tt", "test@valid---domain.com"]
+    non_valid_emails = ["rex", "test user@example.com", "test_user@example server.com"]
 
     valid_emails.each do |email|
       assert_match Devise.email_regexp, email