devise 3.2.1 → 4.4.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/.travis.yml +58 -10
- data/CHANGELOG.md +199 -979
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +73 -8
- data/Gemfile +19 -11
- data/Gemfile.lock +152 -119
- data/ISSUE_TEMPLATE.md +19 -0
- data/MIT-LICENSE +1 -1
- data/README.md +347 -93
- data/Rakefile +4 -2
- data/app/controllers/devise/confirmations_controller.rb +11 -5
- data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
- data/app/controllers/devise/passwords_controller.rb +20 -8
- data/app/controllers/devise/registrations_controller.rb +34 -19
- data/app/controllers/devise/sessions_controller.rb +47 -17
- data/app/controllers/devise/unlocks_controller.rb +9 -4
- data/app/controllers/devise_controller.rb +67 -31
- data/app/helpers/devise_helper.rb +4 -2
- data/app/mailers/devise/mailer.rb +10 -0
- data/app/views/devise/confirmations/new.html.erb +8 -4
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +15 -6
- data/app/views/devise/passwords/new.html.erb +8 -4
- data/app/views/devise/registrations/edit.html.erb +28 -14
- data/app/views/devise/registrations/new.html.erb +19 -8
- data/app/views/devise/sessions/new.html.erb +17 -8
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
- data/app/views/devise/unlocks/new.html.erb +8 -4
- data/bin/test +13 -0
- data/config/locales/en.yml +22 -17
- data/devise.gemspec +7 -6
- data/gemfiles/Gemfile.rails-4.1-stable +32 -0
- data/gemfiles/Gemfile.rails-4.1-stable.lock +171 -0
- data/gemfiles/Gemfile.rails-4.2-stable +32 -0
- data/gemfiles/Gemfile.rails-4.2-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.0-stable +33 -0
- data/gemfiles/Gemfile.rails-5.0-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.2-rc1 +26 -0
- data/gemfiles/Gemfile.rails-5.2-rc1.lock +201 -0
- data/guides/bug_report_templates/integration_test.rb +106 -0
- data/lib/devise.rb +107 -84
- data/lib/devise/controllers/helpers.rb +111 -31
- data/lib/devise/controllers/rememberable.rb +15 -6
- data/lib/devise/controllers/scoped_views.rb +3 -1
- data/lib/devise/controllers/sign_in_out.rb +39 -26
- data/lib/devise/controllers/store_location.rb +31 -2
- data/lib/devise/controllers/url_helpers.rb +9 -7
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +24 -0
- data/lib/devise/failure_app.rb +98 -39
- data/lib/devise/hooks/activatable.rb +7 -6
- data/lib/devise/hooks/csrf_cleaner.rb +5 -1
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +7 -2
- data/lib/devise/hooks/proxy.rb +4 -2
- data/lib/devise/hooks/rememberable.rb +4 -2
- data/lib/devise/hooks/timeoutable.rb +16 -9
- data/lib/devise/hooks/trackable.rb +3 -1
- data/lib/devise/mailers/helpers.rb +15 -12
- data/lib/devise/mapping.rb +8 -2
- data/lib/devise/models.rb +3 -1
- data/lib/devise/models/authenticatable.rb +63 -36
- data/lib/devise/models/confirmable.rb +121 -41
- data/lib/devise/models/database_authenticatable.rb +66 -23
- data/lib/devise/models/lockable.rb +30 -17
- data/lib/devise/models/omniauthable.rb +3 -1
- data/lib/devise/models/recoverable.rb +62 -26
- data/lib/devise/models/registerable.rb +2 -0
- data/lib/devise/models/rememberable.rb +62 -33
- data/lib/devise/models/timeoutable.rb +4 -8
- data/lib/devise/models/trackable.rb +12 -3
- data/lib/devise/models/validatable.rb +16 -9
- data/lib/devise/modules.rb +12 -10
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +2 -0
- data/lib/devise/parameter_sanitizer.rb +131 -69
- data/lib/devise/rails.rb +10 -13
- data/lib/devise/rails/routes.rb +147 -116
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/secret_key_finder.rb +25 -0
- data/lib/devise/strategies/authenticatable.rb +20 -9
- data/lib/devise/strategies/base.rb +3 -1
- data/lib/devise/strategies/database_authenticatable.rb +8 -5
- data/lib/devise/strategies/rememberable.rb +15 -3
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +4 -2
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/generators/active_record/devise_generator.rb +47 -10
- data/lib/generators/active_record/templates/migration.rb +9 -7
- data/lib/generators/active_record/templates/migration_existing.rb +9 -7
- data/lib/generators/devise/controllers_generator.rb +46 -0
- data/lib/generators/devise/devise_generator.rb +9 -5
- data/lib/generators/devise/install_generator.rb +22 -0
- data/lib/generators/devise/orm_helpers.rb +8 -19
- data/lib/generators/devise/views_generator.rb +51 -28
- data/lib/generators/mongoid/devise_generator.rb +22 -19
- data/lib/generators/templates/README +5 -12
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/devise.rb +64 -35
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/custom_registrations_controller_test.rb +42 -0
- data/test/controllers/custom_strategy_test.rb +10 -6
- data/test/controllers/helper_methods_test.rb +24 -0
- data/test/controllers/helpers_test.rb +88 -40
- data/test/controllers/inherited_controller_i18n_messages_test.rb +53 -0
- data/test/controllers/internal_helpers_test.rb +31 -22
- data/test/controllers/load_hooks_controller_test.rb +21 -0
- data/test/controllers/passwords_controller_test.rb +8 -5
- data/test/controllers/sessions_controller_test.rb +42 -33
- data/test/controllers/url_helpers_test.rb +13 -5
- data/test/delegator_test.rb +3 -1
- data/test/devise_test.rb +34 -19
- data/test/failure_app_test.rb +150 -42
- data/test/generators/active_record_generator_test.rb +58 -31
- data/test/generators/controllers_generator_test.rb +50 -0
- data/test/generators/devise_generator_test.rb +4 -2
- data/test/generators/install_generator_test.rb +16 -3
- data/test/generators/mongoid_generator_test.rb +5 -3
- data/test/generators/views_generator_test.rb +40 -2
- data/test/helpers/devise_helper_test.rb +20 -20
- data/test/integration/authenticatable_test.rb +134 -141
- data/test/integration/confirmable_test.rb +109 -67
- data/test/integration/database_authenticatable_test.rb +36 -23
- data/test/integration/http_authenticatable_test.rb +29 -20
- data/test/integration/lockable_test.rb +52 -49
- data/test/integration/mounted_engine_test.rb +38 -0
- data/test/integration/omniauthable_test.rb +30 -15
- data/test/integration/recoverable_test.rb +76 -61
- data/test/integration/registerable_test.rb +107 -91
- data/test/integration/rememberable_test.rb +82 -30
- data/test/integration/timeoutable_test.rb +48 -40
- data/test/integration/trackable_test.rb +15 -8
- data/test/mailers/confirmation_instructions_test.rb +16 -14
- data/test/mailers/email_changed_test.rb +132 -0
- data/test/mailers/mailer_test.rb +20 -0
- data/test/mailers/reset_password_instructions_test.rb +13 -11
- data/test/mailers/unlock_instructions_test.rb +12 -10
- data/test/mapping_test.rb +15 -6
- data/test/models/authenticatable_test.rb +15 -3
- data/test/models/confirmable_test.rb +190 -95
- data/test/models/database_authenticatable_test.rb +75 -41
- data/test/models/lockable_test.rb +115 -61
- data/test/models/omniauthable_test.rb +3 -1
- data/test/models/recoverable_test.rb +116 -37
- data/test/models/registerable_test.rb +3 -1
- data/test/models/rememberable_test.rb +95 -94
- data/test/models/serializable_test.rb +19 -8
- data/test/models/timeoutable_test.rb +10 -8
- data/test/models/trackable_test.rb +50 -1
- data/test/models/validatable_test.rb +24 -30
- data/test/models_test.rb +19 -8
- data/test/omniauth/config_test.rb +15 -11
- data/test/omniauth/url_helpers_test.rb +8 -9
- data/test/orm/active_record.rb +16 -2
- data/test/orm/mongoid.rb +4 -2
- data/test/parameter_sanitizer_test.rb +53 -57
- data/test/rails_app/app/active_record/admin.rb +2 -0
- data/test/rails_app/app/active_record/shim.rb +3 -1
- data/test/rails_app/app/active_record/user.rb +14 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +9 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +9 -0
- data/test/rails_app/app/active_record/user_with_validations.rb +12 -0
- data/test/rails_app/app/active_record/user_without_email.rb +10 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/admins_controller.rb +3 -6
- data/test/rails_app/app/controllers/application_controller.rb +7 -3
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +32 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +33 -0
- data/test/rails_app/app/controllers/home_controller.rb +7 -1
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +3 -1
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +7 -5
- data/test/rails_app/app/controllers/users_controller.rb +8 -6
- data/test/rails_app/app/helpers/application_helper.rb +2 -0
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +5 -0
- data/test/rails_app/app/mailers/users/mailer.rb +3 -10
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +6 -0
- data/test/rails_app/app/mongoid/admin.rb +13 -11
- data/test/rails_app/app/mongoid/shim.rb +4 -2
- data/test/rails_app/app/mongoid/user.rb +30 -19
- data/test/rails_app/app/mongoid/user_on_engine.rb +41 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +41 -0
- data/test/rails_app/app/mongoid/user_with_validations.rb +37 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +35 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/home/index.html.erb +1 -1
- data/test/rails_app/app/views/home/join.html.erb +1 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +13 -5
- data/test/rails_app/config/boot.rb +17 -4
- data/test/rails_app/config/environment.rb +2 -0
- data/test/rails_app/config/environments/development.rb +2 -0
- data/test/rails_app/config/environments/production.rb +10 -2
- data/test/rails_app/config/environments/test.rb +14 -3
- data/test/rails_app/config/initializers/backtrace_silencers.rb +2 -0
- data/test/rails_app/config/initializers/devise.rb +22 -21
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +3 -6
- data/test/rails_app/config/initializers/session_store.rb +2 -0
- data/test/rails_app/config/routes.rb +67 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +16 -10
- data/test/rails_app/db/schema.rb +2 -0
- data/test/rails_app/lib/shared_admin.rb +10 -4
- data/test/rails_app/lib/shared_user.rb +4 -1
- data/test/rails_app/lib/shared_user_without_email.rb +28 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +15 -0
- data/test/rails_test.rb +11 -0
- data/test/routes_test.rb +92 -61
- data/test/secret_key_finder_test.rb +97 -0
- data/test/support/action_controller/record_identifier.rb +12 -0
- data/test/support/assertions.rb +4 -14
- data/test/support/helpers.rb +23 -10
- data/test/support/http_method_compatibility.rb +53 -0
- data/test/support/integration.rb +19 -16
- data/test/support/mongoid.yml +6 -0
- data/test/support/webrat/integrations/rails.rb +11 -0
- data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +60 -40
- data/test/test/integration_helpers_test.rb +34 -0
- data/test/test_helper.rb +9 -0
- data/test/test_models.rb +8 -6
- metadata +123 -53
- data/gemfiles/Gemfile.rails-3.2.x +0 -31
- data/gemfiles/Gemfile.rails-3.2.x.lock +0 -159
@@ -1,6 +1,8 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
|
-
class PasswordTest <
|
5
|
+
class PasswordTest < Devise::IntegrationTest
|
4
6
|
|
5
7
|
def visit_new_password_path
|
6
8
|
visit new_user_session_path
|
@@ -10,9 +12,9 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
10
12
|
def request_forgot_password(&block)
|
11
13
|
visit_new_password_path
|
12
14
|
assert_response :success
|
13
|
-
|
15
|
+
refute warden.authenticated?(:user)
|
14
16
|
|
15
|
-
fill_in 'email', :
|
17
|
+
fill_in 'email', with: 'user@test.com'
|
16
18
|
yield if block_given?
|
17
19
|
|
18
20
|
Devise.stubs(:friendly_token).returns("abcdef")
|
@@ -21,33 +23,33 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
21
23
|
|
22
24
|
def reset_password(options={}, &block)
|
23
25
|
unless options[:visit] == false
|
24
|
-
visit edit_user_password_path(:
|
26
|
+
visit edit_user_password_path(reset_password_token: options[:reset_password_token] || "abcdef")
|
25
27
|
assert_response :success
|
26
28
|
end
|
27
29
|
|
28
|
-
fill_in 'New password', :
|
29
|
-
fill_in 'Confirm new password', :
|
30
|
+
fill_in 'New password', with: '987654321'
|
31
|
+
fill_in 'Confirm new password', with: '987654321'
|
30
32
|
yield if block_given?
|
31
33
|
click_button 'Change my password'
|
32
34
|
end
|
33
35
|
|
34
36
|
test 'reset password with email of different case should succeed when email is in the list of case insensitive keys' do
|
35
|
-
create_user(:
|
37
|
+
create_user(email: 'Foo@Bar.com')
|
36
38
|
|
37
39
|
request_forgot_password do
|
38
|
-
fill_in 'email', :
|
40
|
+
fill_in 'email', with: 'foo@bar.com'
|
39
41
|
end
|
40
42
|
|
41
43
|
assert_current_url '/users/sign_in'
|
42
|
-
assert_contain 'You will receive an email with instructions
|
44
|
+
assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
|
43
45
|
end
|
44
46
|
|
45
47
|
test 'reset password with email should send an email from a custom mailer' do
|
46
|
-
create_user(:
|
48
|
+
create_user(email: 'Foo@Bar.com')
|
47
49
|
|
48
50
|
User.any_instance.stubs(:devise_mailer).returns(Users::Mailer)
|
49
51
|
request_forgot_password do
|
50
|
-
fill_in 'email', :
|
52
|
+
fill_in 'email', with: 'foo@bar.com'
|
51
53
|
end
|
52
54
|
|
53
55
|
mail = ActionMailer::Base.deliveries.last
|
@@ -56,11 +58,11 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
56
58
|
end
|
57
59
|
|
58
60
|
test 'reset password with email of different case should fail when email is NOT the list of case insensitive keys' do
|
59
|
-
swap Devise, :
|
60
|
-
create_user(:
|
61
|
+
swap Devise, case_insensitive_keys: [] do
|
62
|
+
create_user(email: 'Foo@Bar.com')
|
61
63
|
|
62
64
|
request_forgot_password do
|
63
|
-
fill_in 'email', :
|
65
|
+
fill_in 'email', with: 'foo@bar.com'
|
64
66
|
end
|
65
67
|
|
66
68
|
assert_response :success
|
@@ -71,22 +73,22 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
71
73
|
end
|
72
74
|
|
73
75
|
test 'reset password with email with extra whitespace should succeed when email is in the list of strip whitespace keys' do
|
74
|
-
create_user(:
|
76
|
+
create_user(email: 'foo@bar.com')
|
75
77
|
|
76
78
|
request_forgot_password do
|
77
|
-
fill_in 'email', :
|
79
|
+
fill_in 'email', with: ' foo@bar.com '
|
78
80
|
end
|
79
81
|
|
80
82
|
assert_current_url '/users/sign_in'
|
81
|
-
assert_contain 'You will receive an email with instructions
|
83
|
+
assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
|
82
84
|
end
|
83
85
|
|
84
86
|
test 'reset password with email with extra whitespace should fail when email is NOT the list of strip whitespace keys' do
|
85
|
-
swap Devise, :
|
86
|
-
create_user(:
|
87
|
+
swap Devise, strip_whitespace_keys: [] do
|
88
|
+
create_user(email: 'foo@bar.com')
|
87
89
|
|
88
90
|
request_forgot_password do
|
89
|
-
fill_in 'email', :
|
91
|
+
fill_in 'email', with: ' foo@bar.com '
|
90
92
|
end
|
91
93
|
|
92
94
|
assert_response :success
|
@@ -111,12 +113,12 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
111
113
|
request_forgot_password
|
112
114
|
|
113
115
|
assert_current_url '/users/sign_in'
|
114
|
-
assert_contain 'You will receive an email with instructions
|
116
|
+
assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
|
115
117
|
end
|
116
118
|
|
117
119
|
test 'not authenticated user with invalid email should receive an error message' do
|
118
120
|
request_forgot_password do
|
119
|
-
fill_in 'email', :
|
121
|
+
fill_in 'email', with: 'invalid.test@test.com'
|
120
122
|
end
|
121
123
|
|
122
124
|
assert_response :success
|
@@ -139,53 +141,52 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
139
141
|
assert_redirected_to "/users/sign_in"
|
140
142
|
end
|
141
143
|
|
142
|
-
test 'not authenticated user with invalid reset password token should not be able to change
|
144
|
+
test 'not authenticated user with invalid reset password token should not be able to change their password' do
|
143
145
|
user = create_user
|
144
|
-
reset_password :
|
146
|
+
reset_password reset_password_token: 'invalid_reset_password'
|
145
147
|
|
146
148
|
assert_response :success
|
147
149
|
assert_current_url '/users/password'
|
148
150
|
assert_have_selector '#error_explanation'
|
149
|
-
assert_contain
|
150
|
-
|
151
|
+
assert_contain %r{Reset password token(.*)invalid}
|
152
|
+
refute user.reload.valid_password?('987654321')
|
151
153
|
end
|
152
154
|
|
153
|
-
test 'not authenticated user with valid reset password token but invalid password should not be able to change
|
155
|
+
test 'not authenticated user with valid reset password token but invalid password should not be able to change their password' do
|
154
156
|
user = create_user
|
155
157
|
request_forgot_password
|
156
158
|
reset_password do
|
157
|
-
fill_in 'Confirm new password', :
|
159
|
+
fill_in 'Confirm new password', with: 'other_password'
|
158
160
|
end
|
159
161
|
|
160
162
|
assert_response :success
|
161
163
|
assert_current_url '/users/password'
|
162
164
|
assert_have_selector '#error_explanation'
|
163
|
-
assert_contain
|
164
|
-
|
165
|
-
assert_not user.reload.valid_password?('987654321')
|
165
|
+
assert_contain "Password confirmation doesn't match Password"
|
166
|
+
refute user.reload.valid_password?('987654321')
|
166
167
|
end
|
167
168
|
|
168
|
-
test 'not authenticated user with valid data should be able to change
|
169
|
+
test 'not authenticated user with valid data should be able to change their password' do
|
169
170
|
user = create_user
|
170
171
|
request_forgot_password
|
171
172
|
reset_password
|
172
173
|
|
173
174
|
assert_current_url '/'
|
174
|
-
assert_contain 'Your password
|
175
|
+
assert_contain 'Your password has been changed successfully. You are now signed in.'
|
175
176
|
assert user.reload.valid_password?('987654321')
|
176
177
|
end
|
177
178
|
|
178
|
-
test 'after entering invalid data user should still be able to change
|
179
|
+
test 'after entering invalid data user should still be able to change their password' do
|
179
180
|
user = create_user
|
180
181
|
request_forgot_password
|
181
182
|
|
182
|
-
reset_password { fill_in 'Confirm new password', :
|
183
|
+
reset_password { fill_in 'Confirm new password', with: 'other_password' }
|
183
184
|
assert_response :success
|
184
185
|
assert_have_selector '#error_explanation'
|
185
|
-
|
186
|
+
refute user.reload.valid_password?('987654321')
|
186
187
|
|
187
|
-
reset_password :
|
188
|
-
assert_contain 'Your password
|
188
|
+
reset_password visit: false
|
189
|
+
assert_contain 'Your password has been changed successfully.'
|
189
190
|
assert user.reload.valid_password?('987654321')
|
190
191
|
end
|
191
192
|
|
@@ -197,14 +198,27 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
197
198
|
assert warden.authenticated?(:user)
|
198
199
|
end
|
199
200
|
|
201
|
+
test 'does not sign in user automatically after changing its password if config.sign_in_after_reset_password is false' do
|
202
|
+
swap Devise, sign_in_after_reset_password: false do
|
203
|
+
create_user
|
204
|
+
request_forgot_password
|
205
|
+
reset_password
|
206
|
+
|
207
|
+
assert_contain 'Your password has been changed successfully.'
|
208
|
+
assert_not_contain 'You are now signed in.'
|
209
|
+
assert_equal new_user_session_path, @request.path
|
210
|
+
assert !warden.authenticated?(:user)
|
211
|
+
end
|
212
|
+
end
|
213
|
+
|
200
214
|
test 'does not sign in user automatically after changing its password if it\'s locked and unlock strategy is :none or :time' do
|
201
215
|
[:none, :time].each do |strategy|
|
202
|
-
swap Devise, :
|
203
|
-
|
216
|
+
swap Devise, unlock_strategy: strategy do
|
217
|
+
create_user(locked: true)
|
204
218
|
request_forgot_password
|
205
219
|
reset_password
|
206
220
|
|
207
|
-
assert_contain 'Your password
|
221
|
+
assert_contain 'Your password has been changed successfully.'
|
208
222
|
assert_not_contain 'You are now signed in.'
|
209
223
|
assert_equal new_user_session_path, @request.path
|
210
224
|
assert !warden.authenticated?(:user)
|
@@ -213,24 +227,24 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
213
227
|
end
|
214
228
|
|
215
229
|
test 'unlocks and signs in locked user automatically after changing it\'s password if unlock strategy is :email' do
|
216
|
-
swap Devise, :
|
217
|
-
user = create_user(:
|
230
|
+
swap Devise, unlock_strategy: :email do
|
231
|
+
user = create_user(locked: true)
|
218
232
|
request_forgot_password
|
219
233
|
reset_password
|
220
234
|
|
221
|
-
assert_contain 'Your password
|
235
|
+
assert_contain 'Your password has been changed successfully.'
|
222
236
|
assert !user.reload.access_locked?
|
223
237
|
assert warden.authenticated?(:user)
|
224
238
|
end
|
225
239
|
end
|
226
240
|
|
227
241
|
test 'unlocks and signs in locked user automatically after changing it\'s password if unlock strategy is :both' do
|
228
|
-
swap Devise, :
|
229
|
-
user = create_user(:
|
242
|
+
swap Devise, unlock_strategy: :both do
|
243
|
+
user = create_user(locked: true)
|
230
244
|
request_forgot_password
|
231
245
|
reset_password
|
232
246
|
|
233
|
-
assert_contain 'Your password
|
247
|
+
assert_contain 'Your password has been changed successfully.'
|
234
248
|
assert !user.reload.access_locked?
|
235
249
|
assert warden.authenticated?(:user)
|
236
250
|
end
|
@@ -238,22 +252,22 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
238
252
|
|
239
253
|
test 'reset password request with valid E-Mail in XML format should return valid response' do
|
240
254
|
create_user
|
241
|
-
post user_password_path(:
|
255
|
+
post user_password_path(format: 'xml'), params: { user: {email: "user@test.com"} }
|
242
256
|
assert_response :success
|
243
257
|
assert_equal response.body, { }.to_xml
|
244
258
|
end
|
245
259
|
|
246
260
|
test 'reset password request with invalid E-Mail in XML format should return valid response' do
|
247
261
|
create_user
|
248
|
-
post user_password_path(:
|
262
|
+
post user_password_path(format: 'xml'), params: { user: {email: "invalid.test@test.com"} }
|
249
263
|
assert_response :unprocessable_entity
|
250
264
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
251
265
|
end
|
252
266
|
|
253
267
|
test 'reset password request with invalid E-Mail in XML format should return empty and valid response' do
|
254
|
-
swap Devise, :
|
268
|
+
swap Devise, paranoid: true do
|
255
269
|
create_user
|
256
|
-
post user_password_path(:
|
270
|
+
post user_password_path(format: 'xml'), params: { user: {email: "invalid@test.com"} }
|
257
271
|
assert_response :success
|
258
272
|
assert_equal response.body, { }.to_xml
|
259
273
|
end
|
@@ -262,8 +276,9 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
262
276
|
test 'change password with valid parameters in XML format should return valid response' do
|
263
277
|
create_user
|
264
278
|
request_forgot_password
|
265
|
-
put user_password_path(:
|
266
|
-
:
|
279
|
+
put user_password_path(format: 'xml'), params: { user: {
|
280
|
+
reset_password_token: 'abcdef', password: '987654321', password_confirmation: '987654321'
|
281
|
+
}
|
267
282
|
}
|
268
283
|
assert_response :success
|
269
284
|
assert warden.authenticated?(:user)
|
@@ -272,7 +287,7 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
272
287
|
test 'change password with invalid token in XML format should return invalid response' do
|
273
288
|
create_user
|
274
289
|
request_forgot_password
|
275
|
-
put user_password_path(:
|
290
|
+
put user_password_path(format: 'xml'), params: { user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'} }
|
276
291
|
assert_response :unprocessable_entity
|
277
292
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
278
293
|
end
|
@@ -280,24 +295,24 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
280
295
|
test 'change password with invalid new password in XML format should return invalid response' do
|
281
296
|
user = create_user
|
282
297
|
request_forgot_password
|
283
|
-
put user_password_path(:
|
298
|
+
put user_password_path(format: 'xml'), params: { user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'} }
|
284
299
|
assert_response :unprocessable_entity
|
285
300
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
286
301
|
end
|
287
302
|
|
288
303
|
test "when using json requests to ask a confirmable request, should not return the object" do
|
289
|
-
user = create_user(:
|
304
|
+
user = create_user(confirm: false)
|
290
305
|
|
291
|
-
post user_password_path(:
|
306
|
+
post user_password_path(format: :json), params: { user: { email: user.email } }
|
292
307
|
|
293
308
|
assert_response :success
|
294
309
|
assert_equal response.body, "{}"
|
295
310
|
end
|
296
311
|
|
297
312
|
test "when in paranoid mode and with an invalid e-mail, asking to reset a password should display a message that does not indicates that the e-mail does not exists in the database" do
|
298
|
-
swap Devise, :
|
313
|
+
swap Devise, paranoid: true do
|
299
314
|
visit_new_password_path
|
300
|
-
fill_in "email", :
|
315
|
+
fill_in "email", with: "arandomemail@test.com"
|
301
316
|
click_button 'Send me reset password instructions'
|
302
317
|
|
303
318
|
assert_not_contain "1 error prohibited this user from being saved:"
|
@@ -308,10 +323,10 @@ class PasswordTest < ActionDispatch::IntegrationTest
|
|
308
323
|
end
|
309
324
|
|
310
325
|
test "when in paranoid mode and with a valid e-mail, asking to reset password should display a message that does not indicates that the email exists in the database and redirect to the failure route" do
|
311
|
-
swap Devise, :
|
326
|
+
swap Devise, paranoid: true do
|
312
327
|
user = create_user
|
313
328
|
visit_new_password_path
|
314
|
-
fill_in 'email', :
|
329
|
+
fill_in 'email', with: user.email
|
315
330
|
click_button 'Send me reset password instructions'
|
316
331
|
|
317
332
|
assert_contain "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
|
@@ -1,6 +1,8 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
|
-
class RegistrationTest <
|
5
|
+
class RegistrationTest < Devise::IntegrationTest
|
4
6
|
|
5
7
|
test 'a guest admin should be able to sign in successfully' do
|
6
8
|
get new_admin_session_path
|
@@ -8,16 +10,16 @@ class RegistrationTest < ActionDispatch::IntegrationTest
|
|
8
10
|
|
9
11
|
assert_template 'registrations/new'
|
10
12
|
|
11
|
-
fill_in 'email', :
|
12
|
-
fill_in 'password', :
|
13
|
-
fill_in 'password confirmation', :
|
13
|
+
fill_in 'email', with: 'new_user@test.com'
|
14
|
+
fill_in 'password', with: 'new_user123'
|
15
|
+
fill_in 'password confirmation', with: 'new_user123'
|
14
16
|
click_button 'Sign up'
|
15
17
|
|
16
18
|
assert_contain 'You have signed up successfully'
|
17
19
|
assert warden.authenticated?(:admin)
|
18
20
|
assert_current_url "/admin_area/home"
|
19
21
|
|
20
|
-
admin = Admin.order
|
22
|
+
admin = Admin.to_adapter.find_first(order: [:id, :desc])
|
21
23
|
assert_equal admin.email, 'new_user@test.com'
|
22
24
|
end
|
23
25
|
|
@@ -26,9 +28,9 @@ class RegistrationTest < ActionDispatch::IntegrationTest
|
|
26
28
|
get new_admin_session_path
|
27
29
|
click_link 'Sign up'
|
28
30
|
|
29
|
-
fill_in 'email', :
|
30
|
-
fill_in 'password', :
|
31
|
-
fill_in 'password confirmation', :
|
31
|
+
fill_in 'email', with: 'new_user@test.com'
|
32
|
+
fill_in 'password', with: 'new_user123'
|
33
|
+
fill_in 'password confirmation', with: 'new_user123'
|
32
34
|
click_button 'Sign up'
|
33
35
|
|
34
36
|
assert_contain 'Welcome! You have signed up successfully.'
|
@@ -36,29 +38,39 @@ class RegistrationTest < ActionDispatch::IntegrationTest
|
|
36
38
|
assert_current_url "/?custom=1"
|
37
39
|
end
|
38
40
|
|
41
|
+
test 'a guest admin should not see a warning about minimum password length' do
|
42
|
+
get new_admin_session_path
|
43
|
+
assert_not_contain 'characters minimum'
|
44
|
+
end
|
45
|
+
|
39
46
|
def user_sign_up
|
40
47
|
ActionMailer::Base.deliveries.clear
|
41
48
|
|
42
49
|
get new_user_registration_path
|
43
50
|
|
44
|
-
fill_in 'email', :
|
45
|
-
fill_in 'password', :
|
46
|
-
fill_in 'password confirmation', :
|
51
|
+
fill_in 'email', with: 'new_user@test.com'
|
52
|
+
fill_in 'password', with: 'new_user123'
|
53
|
+
fill_in 'password confirmation', with: 'new_user123'
|
47
54
|
click_button 'Sign up'
|
48
55
|
end
|
49
56
|
|
57
|
+
test 'a guest user should see a warning about minimum password length' do
|
58
|
+
get new_user_registration_path
|
59
|
+
assert_contain '7 characters minimum'
|
60
|
+
end
|
61
|
+
|
50
62
|
test 'a guest user should be able to sign up successfully and be blocked by confirmation' do
|
51
63
|
user_sign_up
|
52
64
|
|
53
|
-
assert_contain 'A message with a confirmation link has been sent to your email address. Please
|
65
|
+
assert_contain 'A message with a confirmation link has been sent to your email address. Please follow the link to activate your account.'
|
54
66
|
assert_not_contain 'You have to confirm your account before continuing'
|
55
67
|
assert_current_url "/"
|
56
68
|
|
57
|
-
|
69
|
+
refute warden.authenticated?(:user)
|
58
70
|
|
59
|
-
user = User.order
|
71
|
+
user = User.to_adapter.find_first(order: [:id, :desc])
|
60
72
|
assert_equal user.email, 'new_user@test.com'
|
61
|
-
|
73
|
+
refute user.confirmed?
|
62
74
|
end
|
63
75
|
|
64
76
|
test 'a guest user should receive the confirmation instructions from the default mailer' do
|
@@ -76,13 +88,13 @@ class RegistrationTest < ActionDispatch::IntegrationTest
|
|
76
88
|
Devise::RegistrationsController.any_instance.stubs(:after_inactive_sign_up_path_for).returns("/?custom=1")
|
77
89
|
get new_user_registration_path
|
78
90
|
|
79
|
-
fill_in 'email', :
|
80
|
-
fill_in 'password', :
|
81
|
-
fill_in 'password confirmation', :
|
91
|
+
fill_in 'email', with: 'new_user@test.com'
|
92
|
+
fill_in 'password', with: 'new_user123'
|
93
|
+
fill_in 'password confirmation', with: 'new_user123'
|
82
94
|
click_button 'Sign up'
|
83
95
|
|
84
96
|
assert_current_url "/?custom=1"
|
85
|
-
|
97
|
+
refute warden.authenticated?(:user)
|
86
98
|
end
|
87
99
|
|
88
100
|
test 'a guest user cannot sign up with invalid information' do
|
@@ -92,20 +104,19 @@ class RegistrationTest < ActionDispatch::IntegrationTest
|
|
92
104
|
|
93
105
|
get new_user_registration_path
|
94
106
|
|
95
|
-
fill_in 'email', :
|
96
|
-
fill_in 'password', :
|
97
|
-
fill_in 'password confirmation', :
|
107
|
+
fill_in 'email', with: 'invalid_email'
|
108
|
+
fill_in 'password', with: 'new_user123'
|
109
|
+
fill_in 'password confirmation', with: 'new_user321'
|
98
110
|
click_button 'Sign up'
|
99
111
|
|
100
112
|
assert_template 'registrations/new'
|
101
113
|
assert_have_selector '#error_explanation'
|
102
114
|
assert_contain "Email is invalid"
|
103
|
-
assert_contain
|
104
|
-
"Password confirmation doesn't match Password" : "Password doesn't match confirmation"
|
115
|
+
assert_contain "Password confirmation doesn't match Password"
|
105
116
|
assert_contain "2 errors prohibited"
|
106
|
-
assert_nil User.
|
117
|
+
assert_nil User.to_adapter.find_first
|
107
118
|
|
108
|
-
|
119
|
+
refute warden.authenticated?(:user)
|
109
120
|
end
|
110
121
|
|
111
122
|
test 'a guest should not sign up with email/password that already exists' do
|
@@ -116,15 +127,15 @@ class RegistrationTest < ActionDispatch::IntegrationTest
|
|
116
127
|
create_user
|
117
128
|
get new_user_registration_path
|
118
129
|
|
119
|
-
fill_in 'email', :
|
120
|
-
fill_in 'password', :
|
121
|
-
fill_in 'password confirmation', :
|
130
|
+
fill_in 'email', with: 'user@test.com'
|
131
|
+
fill_in 'password', with: '123456'
|
132
|
+
fill_in 'password confirmation', with: '123456'
|
122
133
|
click_button 'Sign up'
|
123
134
|
|
124
135
|
assert_current_url '/users'
|
125
136
|
assert_contain(/Email.*already.*taken/)
|
126
137
|
|
127
|
-
|
138
|
+
refute warden.authenticated?(:user)
|
128
139
|
end
|
129
140
|
|
130
141
|
test 'a guest should not be able to change account' do
|
@@ -140,86 +151,91 @@ class RegistrationTest < ActionDispatch::IntegrationTest
|
|
140
151
|
assert_redirected_to root_path
|
141
152
|
end
|
142
153
|
|
143
|
-
test 'a signed in user should be able to edit
|
154
|
+
test 'a signed in user should be able to edit their account' do
|
144
155
|
sign_in_as_user
|
145
156
|
get edit_user_registration_path
|
146
157
|
|
147
|
-
fill_in 'email', :
|
148
|
-
fill_in 'current password', :
|
158
|
+
fill_in 'email', with: 'user.new@example.com'
|
159
|
+
fill_in 'current password', with: '12345678'
|
149
160
|
click_button 'Update'
|
150
161
|
|
151
162
|
assert_current_url '/'
|
152
|
-
assert_contain '
|
163
|
+
assert_contain 'Your account has been updated successfully.'
|
153
164
|
|
154
|
-
assert_equal "user.new@example.com", User.
|
165
|
+
assert_equal "user.new@example.com", User.to_adapter.find_first.email
|
155
166
|
end
|
156
167
|
|
157
|
-
test 'a signed in user should still be able to use the website after changing
|
168
|
+
test 'a signed in user should still be able to use the website after changing their password' do
|
158
169
|
sign_in_as_user
|
159
170
|
get edit_user_registration_path
|
160
171
|
|
161
|
-
fill_in 'password', :
|
162
|
-
fill_in 'password confirmation', :
|
163
|
-
fill_in 'current password', :
|
172
|
+
fill_in 'password', with: '1234567890'
|
173
|
+
fill_in 'password confirmation', with: '1234567890'
|
174
|
+
fill_in 'current password', with: '12345678'
|
164
175
|
click_button 'Update'
|
165
176
|
|
166
|
-
assert_contain '
|
177
|
+
assert_contain 'Your account has been updated successfully.'
|
167
178
|
get users_path
|
168
179
|
assert warden.authenticated?(:user)
|
169
180
|
end
|
170
181
|
|
171
|
-
test 'a signed in user should not change
|
182
|
+
test 'a signed in user should not change their current user with invalid password' do
|
172
183
|
sign_in_as_user
|
173
184
|
get edit_user_registration_path
|
174
185
|
|
175
|
-
fill_in 'email', :
|
176
|
-
fill_in 'current password', :
|
186
|
+
fill_in 'email', with: 'user.new@example.com'
|
187
|
+
fill_in 'current password', with: 'invalid'
|
177
188
|
click_button 'Update'
|
178
189
|
|
179
190
|
assert_template 'registrations/edit'
|
180
191
|
assert_contain 'user@test.com'
|
181
192
|
assert_have_selector 'form input[value="user.new@example.com"]'
|
182
193
|
|
183
|
-
assert_equal "user@test.com", User.
|
194
|
+
assert_equal "user@test.com", User.to_adapter.find_first.email
|
184
195
|
end
|
185
196
|
|
186
|
-
test 'a signed in user should be able to edit
|
197
|
+
test 'a signed in user should be able to edit their password' do
|
187
198
|
sign_in_as_user
|
188
199
|
get edit_user_registration_path
|
189
200
|
|
190
|
-
fill_in 'password', :
|
191
|
-
fill_in 'password confirmation', :
|
192
|
-
fill_in 'current password', :
|
201
|
+
fill_in 'password', with: 'pass1234'
|
202
|
+
fill_in 'password confirmation', with: 'pass1234'
|
203
|
+
fill_in 'current password', with: '12345678'
|
193
204
|
click_button 'Update'
|
194
205
|
|
195
206
|
assert_current_url '/'
|
196
|
-
assert_contain '
|
207
|
+
assert_contain 'Your account has been updated successfully.'
|
197
208
|
|
198
|
-
assert User.
|
209
|
+
assert User.to_adapter.find_first.valid_password?('pass1234')
|
199
210
|
end
|
200
211
|
|
201
|
-
test 'a signed in user should not be able to edit
|
212
|
+
test 'a signed in user should not be able to edit their password with invalid confirmation' do
|
202
213
|
sign_in_as_user
|
203
214
|
get edit_user_registration_path
|
204
215
|
|
205
|
-
fill_in 'password', :
|
206
|
-
fill_in 'password confirmation', :
|
207
|
-
fill_in 'current password', :
|
216
|
+
fill_in 'password', with: 'pas123'
|
217
|
+
fill_in 'password confirmation', with: ''
|
218
|
+
fill_in 'current password', with: '12345678'
|
208
219
|
click_button 'Update'
|
209
220
|
|
210
|
-
assert_contain
|
211
|
-
|
212
|
-
|
221
|
+
assert_contain "Password confirmation doesn't match Password"
|
222
|
+
refute User.to_adapter.find_first.valid_password?('pas123')
|
223
|
+
end
|
224
|
+
|
225
|
+
test 'a signed in user should see a warning about minimum password length' do
|
226
|
+
sign_in_as_user
|
227
|
+
get edit_user_registration_path
|
228
|
+
assert_contain 'characters minimum'
|
213
229
|
end
|
214
230
|
|
215
|
-
test 'a signed in user should be able to cancel
|
231
|
+
test 'a signed in user should be able to cancel their account' do
|
216
232
|
sign_in_as_user
|
217
233
|
get edit_user_registration_path
|
218
234
|
|
219
235
|
click_button "Cancel my account"
|
220
|
-
assert_contain "Bye! Your account
|
236
|
+
assert_contain "Bye! Your account has been successfully cancelled. We hope to see you again soon."
|
221
237
|
|
222
|
-
assert User.
|
238
|
+
assert User.to_adapter.find_all.empty?
|
223
239
|
end
|
224
240
|
|
225
241
|
test 'a user should be able to cancel sign up by deleting data in the session' do
|
@@ -235,77 +251,77 @@ class RegistrationTest < ActionDispatch::IntegrationTest
|
|
235
251
|
end
|
236
252
|
|
237
253
|
test 'a user with XML sign up stub' do
|
238
|
-
get new_user_registration_path(:
|
254
|
+
get new_user_registration_path(format: 'xml')
|
239
255
|
assert_response :success
|
240
256
|
assert_match %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>), response.body
|
241
257
|
assert_no_match(/<confirmation-token/, response.body)
|
242
258
|
end
|
243
259
|
|
244
260
|
test 'a user with JSON sign up stub' do
|
245
|
-
get new_user_registration_path(:
|
261
|
+
get new_user_registration_path(format: 'json')
|
246
262
|
assert_response :success
|
247
263
|
assert_match %({"user":), response.body
|
248
264
|
assert_no_match(/"confirmation_token"/, response.body)
|
249
265
|
end
|
250
266
|
|
251
267
|
test 'an admin sign up with valid information in XML format should return valid response' do
|
252
|
-
post admin_registration_path(:
|
268
|
+
post admin_registration_path(format: 'xml'), params: { admin: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
|
253
269
|
assert_response :success
|
254
270
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<admin>)
|
255
271
|
|
256
|
-
admin = Admin.order
|
272
|
+
admin = Admin.to_adapter.find_first(order: [:id, :desc])
|
257
273
|
assert_equal admin.email, 'new_user@test.com'
|
258
274
|
end
|
259
275
|
|
260
276
|
test 'a user sign up with valid information in XML format should return valid response' do
|
261
|
-
post user_registration_path(:
|
277
|
+
post user_registration_path(format: 'xml'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
|
262
278
|
assert_response :success
|
263
279
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
|
264
280
|
|
265
|
-
user = User.order
|
281
|
+
user = User.to_adapter.find_first(order: [:id, :desc])
|
266
282
|
assert_equal user.email, 'new_user@test.com'
|
267
283
|
end
|
268
284
|
|
269
285
|
test 'a user sign up with invalid information in XML format should return invalid response' do
|
270
|
-
post user_registration_path(:
|
286
|
+
post user_registration_path(format: 'xml'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'invalid' } }
|
271
287
|
assert_response :unprocessable_entity
|
272
288
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
273
289
|
end
|
274
290
|
|
275
291
|
test 'a user update information with valid data in XML format should return valid response' do
|
276
292
|
user = sign_in_as_user
|
277
|
-
put user_registration_path(:
|
293
|
+
put user_registration_path(format: 'xml'), params: { user: { current_password: '12345678', email: 'user.new@test.com' } }
|
278
294
|
assert_response :success
|
279
295
|
assert_equal user.reload.email, 'user.new@test.com'
|
280
296
|
end
|
281
297
|
|
282
298
|
test 'a user update information with invalid data in XML format should return invalid response' do
|
283
299
|
user = sign_in_as_user
|
284
|
-
put user_registration_path(:
|
300
|
+
put user_registration_path(format: 'xml'), params: { user: { current_password: 'invalid', email: 'user.new@test.com' } }
|
285
301
|
assert_response :unprocessable_entity
|
286
302
|
assert_equal user.reload.email, 'user@test.com'
|
287
303
|
end
|
288
304
|
|
289
|
-
test 'a user cancel
|
305
|
+
test 'a user cancel their account in XML format should return valid response' do
|
290
306
|
sign_in_as_user
|
291
|
-
delete user_registration_path(:
|
307
|
+
delete user_registration_path(format: 'xml')
|
292
308
|
assert_response :success
|
293
|
-
assert_equal User.
|
309
|
+
assert_equal User.to_adapter.find_all.size, 0
|
294
310
|
end
|
295
311
|
end
|
296
312
|
|
297
|
-
class ReconfirmableRegistrationTest <
|
298
|
-
test 'a signed in admin should see a more appropriate flash message when editing
|
313
|
+
class ReconfirmableRegistrationTest < Devise::IntegrationTest
|
314
|
+
test 'a signed in admin should see a more appropriate flash message when editing their account if reconfirmable is enabled' do
|
299
315
|
sign_in_as_admin
|
300
316
|
get edit_admin_registration_path
|
301
317
|
|
302
|
-
fill_in 'email', :
|
303
|
-
fill_in 'current password', :
|
318
|
+
fill_in 'email', with: 'admin.new@example.com'
|
319
|
+
fill_in 'current password', with: '123456'
|
304
320
|
click_button 'Update'
|
305
321
|
|
306
322
|
assert_current_url '/admin_area/home'
|
307
323
|
assert_contain 'but we need to verify your new email address'
|
308
|
-
assert_equal 'admin.new@example.com', Admin.
|
324
|
+
assert_equal 'admin.new@example.com', Admin.to_adapter.find_first.unconfirmed_email
|
309
325
|
|
310
326
|
get edit_admin_registration_path
|
311
327
|
assert_contain 'Currently waiting confirmation for: admin.new@example.com'
|
@@ -315,35 +331,35 @@ class ReconfirmableRegistrationTest < ActionDispatch::IntegrationTest
|
|
315
331
|
sign_in_as_admin
|
316
332
|
get edit_admin_registration_path
|
317
333
|
|
318
|
-
fill_in 'password', :
|
319
|
-
fill_in 'password confirmation', :
|
320
|
-
fill_in 'current password', :
|
334
|
+
fill_in 'password', with: 'pas123'
|
335
|
+
fill_in 'password confirmation', with: 'pas123'
|
336
|
+
fill_in 'current password', with: '123456'
|
321
337
|
click_button 'Update'
|
322
338
|
|
323
339
|
assert_current_url '/admin_area/home'
|
324
|
-
assert_contain '
|
340
|
+
assert_contain 'Your account has been updated successfully.'
|
325
341
|
|
326
|
-
assert Admin.
|
342
|
+
assert Admin.to_adapter.find_first.valid_password?('pas123')
|
327
343
|
end
|
328
344
|
|
329
|
-
test 'a signed in admin should not see a reconfirmation message if
|
345
|
+
test 'a signed in admin should not see a reconfirmation message if they did not change their email, despite having an unconfirmed email' do
|
330
346
|
sign_in_as_admin
|
331
347
|
|
332
348
|
get edit_admin_registration_path
|
333
|
-
fill_in 'email', :
|
334
|
-
fill_in 'current password', :
|
349
|
+
fill_in 'email', with: 'admin.new@example.com'
|
350
|
+
fill_in 'current password', with: '123456'
|
335
351
|
click_button 'Update'
|
336
352
|
|
337
353
|
get edit_admin_registration_path
|
338
|
-
fill_in 'password', :
|
339
|
-
fill_in 'password confirmation', :
|
340
|
-
fill_in 'current password', :
|
354
|
+
fill_in 'password', with: 'pas123'
|
355
|
+
fill_in 'password confirmation', with: 'pas123'
|
356
|
+
fill_in 'current password', with: '123456'
|
341
357
|
click_button 'Update'
|
342
358
|
|
343
359
|
assert_current_url '/admin_area/home'
|
344
|
-
assert_contain '
|
360
|
+
assert_contain 'Your account has been updated successfully.'
|
345
361
|
|
346
|
-
assert_equal "admin.new@example.com", Admin.
|
347
|
-
assert Admin.
|
362
|
+
assert_equal "admin.new@example.com", Admin.to_adapter.find_first.unconfirmed_email
|
363
|
+
assert Admin.to_adapter.find_first.valid_password?('pas123')
|
348
364
|
end
|
349
365
|
end
|