devise 3.2.1 → 4.4.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/.travis.yml +58 -10
- data/CHANGELOG.md +199 -979
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +73 -8
- data/Gemfile +19 -11
- data/Gemfile.lock +152 -119
- data/ISSUE_TEMPLATE.md +19 -0
- data/MIT-LICENSE +1 -1
- data/README.md +347 -93
- data/Rakefile +4 -2
- data/app/controllers/devise/confirmations_controller.rb +11 -5
- data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
- data/app/controllers/devise/passwords_controller.rb +20 -8
- data/app/controllers/devise/registrations_controller.rb +34 -19
- data/app/controllers/devise/sessions_controller.rb +47 -17
- data/app/controllers/devise/unlocks_controller.rb +9 -4
- data/app/controllers/devise_controller.rb +67 -31
- data/app/helpers/devise_helper.rb +4 -2
- data/app/mailers/devise/mailer.rb +10 -0
- data/app/views/devise/confirmations/new.html.erb +8 -4
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +15 -6
- data/app/views/devise/passwords/new.html.erb +8 -4
- data/app/views/devise/registrations/edit.html.erb +28 -14
- data/app/views/devise/registrations/new.html.erb +19 -8
- data/app/views/devise/sessions/new.html.erb +17 -8
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
- data/app/views/devise/unlocks/new.html.erb +8 -4
- data/bin/test +13 -0
- data/config/locales/en.yml +22 -17
- data/devise.gemspec +7 -6
- data/gemfiles/Gemfile.rails-4.1-stable +32 -0
- data/gemfiles/Gemfile.rails-4.1-stable.lock +171 -0
- data/gemfiles/Gemfile.rails-4.2-stable +32 -0
- data/gemfiles/Gemfile.rails-4.2-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.0-stable +33 -0
- data/gemfiles/Gemfile.rails-5.0-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.2-rc1 +26 -0
- data/gemfiles/Gemfile.rails-5.2-rc1.lock +201 -0
- data/guides/bug_report_templates/integration_test.rb +106 -0
- data/lib/devise.rb +107 -84
- data/lib/devise/controllers/helpers.rb +111 -31
- data/lib/devise/controllers/rememberable.rb +15 -6
- data/lib/devise/controllers/scoped_views.rb +3 -1
- data/lib/devise/controllers/sign_in_out.rb +39 -26
- data/lib/devise/controllers/store_location.rb +31 -2
- data/lib/devise/controllers/url_helpers.rb +9 -7
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +24 -0
- data/lib/devise/failure_app.rb +98 -39
- data/lib/devise/hooks/activatable.rb +7 -6
- data/lib/devise/hooks/csrf_cleaner.rb +5 -1
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +7 -2
- data/lib/devise/hooks/proxy.rb +4 -2
- data/lib/devise/hooks/rememberable.rb +4 -2
- data/lib/devise/hooks/timeoutable.rb +16 -9
- data/lib/devise/hooks/trackable.rb +3 -1
- data/lib/devise/mailers/helpers.rb +15 -12
- data/lib/devise/mapping.rb +8 -2
- data/lib/devise/models.rb +3 -1
- data/lib/devise/models/authenticatable.rb +63 -36
- data/lib/devise/models/confirmable.rb +121 -41
- data/lib/devise/models/database_authenticatable.rb +66 -23
- data/lib/devise/models/lockable.rb +30 -17
- data/lib/devise/models/omniauthable.rb +3 -1
- data/lib/devise/models/recoverable.rb +62 -26
- data/lib/devise/models/registerable.rb +2 -0
- data/lib/devise/models/rememberable.rb +62 -33
- data/lib/devise/models/timeoutable.rb +4 -8
- data/lib/devise/models/trackable.rb +12 -3
- data/lib/devise/models/validatable.rb +16 -9
- data/lib/devise/modules.rb +12 -10
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +2 -0
- data/lib/devise/parameter_sanitizer.rb +131 -69
- data/lib/devise/rails.rb +10 -13
- data/lib/devise/rails/routes.rb +147 -116
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/secret_key_finder.rb +25 -0
- data/lib/devise/strategies/authenticatable.rb +20 -9
- data/lib/devise/strategies/base.rb +3 -1
- data/lib/devise/strategies/database_authenticatable.rb +8 -5
- data/lib/devise/strategies/rememberable.rb +15 -3
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +4 -2
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/generators/active_record/devise_generator.rb +47 -10
- data/lib/generators/active_record/templates/migration.rb +9 -7
- data/lib/generators/active_record/templates/migration_existing.rb +9 -7
- data/lib/generators/devise/controllers_generator.rb +46 -0
- data/lib/generators/devise/devise_generator.rb +9 -5
- data/lib/generators/devise/install_generator.rb +22 -0
- data/lib/generators/devise/orm_helpers.rb +8 -19
- data/lib/generators/devise/views_generator.rb +51 -28
- data/lib/generators/mongoid/devise_generator.rb +22 -19
- data/lib/generators/templates/README +5 -12
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/devise.rb +64 -35
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/custom_registrations_controller_test.rb +42 -0
- data/test/controllers/custom_strategy_test.rb +10 -6
- data/test/controllers/helper_methods_test.rb +24 -0
- data/test/controllers/helpers_test.rb +88 -40
- data/test/controllers/inherited_controller_i18n_messages_test.rb +53 -0
- data/test/controllers/internal_helpers_test.rb +31 -22
- data/test/controllers/load_hooks_controller_test.rb +21 -0
- data/test/controllers/passwords_controller_test.rb +8 -5
- data/test/controllers/sessions_controller_test.rb +42 -33
- data/test/controllers/url_helpers_test.rb +13 -5
- data/test/delegator_test.rb +3 -1
- data/test/devise_test.rb +34 -19
- data/test/failure_app_test.rb +150 -42
- data/test/generators/active_record_generator_test.rb +58 -31
- data/test/generators/controllers_generator_test.rb +50 -0
- data/test/generators/devise_generator_test.rb +4 -2
- data/test/generators/install_generator_test.rb +16 -3
- data/test/generators/mongoid_generator_test.rb +5 -3
- data/test/generators/views_generator_test.rb +40 -2
- data/test/helpers/devise_helper_test.rb +20 -20
- data/test/integration/authenticatable_test.rb +134 -141
- data/test/integration/confirmable_test.rb +109 -67
- data/test/integration/database_authenticatable_test.rb +36 -23
- data/test/integration/http_authenticatable_test.rb +29 -20
- data/test/integration/lockable_test.rb +52 -49
- data/test/integration/mounted_engine_test.rb +38 -0
- data/test/integration/omniauthable_test.rb +30 -15
- data/test/integration/recoverable_test.rb +76 -61
- data/test/integration/registerable_test.rb +107 -91
- data/test/integration/rememberable_test.rb +82 -30
- data/test/integration/timeoutable_test.rb +48 -40
- data/test/integration/trackable_test.rb +15 -8
- data/test/mailers/confirmation_instructions_test.rb +16 -14
- data/test/mailers/email_changed_test.rb +132 -0
- data/test/mailers/mailer_test.rb +20 -0
- data/test/mailers/reset_password_instructions_test.rb +13 -11
- data/test/mailers/unlock_instructions_test.rb +12 -10
- data/test/mapping_test.rb +15 -6
- data/test/models/authenticatable_test.rb +15 -3
- data/test/models/confirmable_test.rb +190 -95
- data/test/models/database_authenticatable_test.rb +75 -41
- data/test/models/lockable_test.rb +115 -61
- data/test/models/omniauthable_test.rb +3 -1
- data/test/models/recoverable_test.rb +116 -37
- data/test/models/registerable_test.rb +3 -1
- data/test/models/rememberable_test.rb +95 -94
- data/test/models/serializable_test.rb +19 -8
- data/test/models/timeoutable_test.rb +10 -8
- data/test/models/trackable_test.rb +50 -1
- data/test/models/validatable_test.rb +24 -30
- data/test/models_test.rb +19 -8
- data/test/omniauth/config_test.rb +15 -11
- data/test/omniauth/url_helpers_test.rb +8 -9
- data/test/orm/active_record.rb +16 -2
- data/test/orm/mongoid.rb +4 -2
- data/test/parameter_sanitizer_test.rb +53 -57
- data/test/rails_app/app/active_record/admin.rb +2 -0
- data/test/rails_app/app/active_record/shim.rb +3 -1
- data/test/rails_app/app/active_record/user.rb +14 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +9 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +9 -0
- data/test/rails_app/app/active_record/user_with_validations.rb +12 -0
- data/test/rails_app/app/active_record/user_without_email.rb +10 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/admins_controller.rb +3 -6
- data/test/rails_app/app/controllers/application_controller.rb +7 -3
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +32 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +33 -0
- data/test/rails_app/app/controllers/home_controller.rb +7 -1
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +3 -1
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +7 -5
- data/test/rails_app/app/controllers/users_controller.rb +8 -6
- data/test/rails_app/app/helpers/application_helper.rb +2 -0
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +5 -0
- data/test/rails_app/app/mailers/users/mailer.rb +3 -10
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +6 -0
- data/test/rails_app/app/mongoid/admin.rb +13 -11
- data/test/rails_app/app/mongoid/shim.rb +4 -2
- data/test/rails_app/app/mongoid/user.rb +30 -19
- data/test/rails_app/app/mongoid/user_on_engine.rb +41 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +41 -0
- data/test/rails_app/app/mongoid/user_with_validations.rb +37 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +35 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/home/index.html.erb +1 -1
- data/test/rails_app/app/views/home/join.html.erb +1 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +13 -5
- data/test/rails_app/config/boot.rb +17 -4
- data/test/rails_app/config/environment.rb +2 -0
- data/test/rails_app/config/environments/development.rb +2 -0
- data/test/rails_app/config/environments/production.rb +10 -2
- data/test/rails_app/config/environments/test.rb +14 -3
- data/test/rails_app/config/initializers/backtrace_silencers.rb +2 -0
- data/test/rails_app/config/initializers/devise.rb +22 -21
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +3 -6
- data/test/rails_app/config/initializers/session_store.rb +2 -0
- data/test/rails_app/config/routes.rb +67 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +16 -10
- data/test/rails_app/db/schema.rb +2 -0
- data/test/rails_app/lib/shared_admin.rb +10 -4
- data/test/rails_app/lib/shared_user.rb +4 -1
- data/test/rails_app/lib/shared_user_without_email.rb +28 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +15 -0
- data/test/rails_test.rb +11 -0
- data/test/routes_test.rb +92 -61
- data/test/secret_key_finder_test.rb +97 -0
- data/test/support/action_controller/record_identifier.rb +12 -0
- data/test/support/assertions.rb +4 -14
- data/test/support/helpers.rb +23 -10
- data/test/support/http_method_compatibility.rb +53 -0
- data/test/support/integration.rb +19 -16
- data/test/support/mongoid.yml +6 -0
- data/test/support/webrat/integrations/rails.rb +11 -0
- data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +60 -40
- data/test/test/integration_helpers_test.rb +34 -0
- data/test/test_helper.rb +9 -0
- data/test/test_models.rb +8 -6
- metadata +123 -53
- data/gemfiles/Gemfile.rails-3.2.x +0 -31
- data/gemfiles/Gemfile.rails-3.2.x.lock +0 -159
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
class ConfirmableTest < ActiveSupport::TestCase
|
@@ -6,6 +8,17 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
6
8
|
setup_mailer
|
7
9
|
end
|
8
10
|
|
11
|
+
test 'should set callbacks to send the mail' do
|
12
|
+
if DEVISE_ORM == :active_record
|
13
|
+
defined_callbacks = User._commit_callbacks.map(&:filter)
|
14
|
+
assert_includes defined_callbacks, :send_on_create_confirmation_instructions
|
15
|
+
assert_includes defined_callbacks, :send_reconfirmation_instructions
|
16
|
+
elsif DEVISE_ORM == :mongoid
|
17
|
+
assert_includes User._create_callbacks.map(&:filter), :send_on_create_confirmation_instructions
|
18
|
+
assert_includes User._update_callbacks.map(&:filter), :send_reconfirmation_instructions
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
9
22
|
test 'should generate confirmation token after creating a record' do
|
10
23
|
assert_nil new_user.confirmation_token
|
11
24
|
assert_not_nil create_user.confirmation_token
|
@@ -23,31 +36,24 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
23
36
|
test 'should confirm a user by updating confirmed at' do
|
24
37
|
user = create_user
|
25
38
|
assert_nil user.confirmed_at
|
26
|
-
assert user.confirm
|
39
|
+
assert user.confirm
|
27
40
|
assert_not_nil user.confirmed_at
|
28
41
|
end
|
29
42
|
|
30
|
-
test 'should clear confirmation token while confirming a user' do
|
31
|
-
user = create_user
|
32
|
-
assert_present user.confirmation_token
|
33
|
-
user.confirm!
|
34
|
-
assert_nil user.confirmation_token
|
35
|
-
end
|
36
|
-
|
37
43
|
test 'should verify whether a user is confirmed or not' do
|
38
|
-
|
44
|
+
refute new_user.confirmed?
|
39
45
|
user = create_user
|
40
|
-
|
41
|
-
user.confirm
|
46
|
+
refute user.confirmed?
|
47
|
+
user.confirm
|
42
48
|
assert user.confirmed?
|
43
49
|
end
|
44
50
|
|
45
51
|
test 'should not confirm a user already confirmed' do
|
46
52
|
user = create_user
|
47
|
-
assert user.confirm
|
53
|
+
assert user.confirm
|
48
54
|
assert_blank user.errors[:email]
|
49
55
|
|
50
|
-
|
56
|
+
refute user.confirm
|
51
57
|
assert_equal "was already confirmed, please try signing in", user.errors[:email].join
|
52
58
|
end
|
53
59
|
|
@@ -61,13 +67,13 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
61
67
|
|
62
68
|
test 'should return a new record with errors when a invalid token is given' do
|
63
69
|
confirmed_user = User.confirm_by_token('invalid_confirmation_token')
|
64
|
-
|
70
|
+
refute confirmed_user.persisted?
|
65
71
|
assert_equal "is invalid", confirmed_user.errors[:confirmation_token].join
|
66
72
|
end
|
67
73
|
|
68
74
|
test 'should return a new record with errors when a blank token is given' do
|
69
75
|
confirmed_user = User.confirm_by_token('')
|
70
|
-
|
76
|
+
refute confirmed_user.persisted?
|
71
77
|
assert_equal "can't be blank", confirmed_user.errors[:confirmation_token].join
|
72
78
|
end
|
73
79
|
|
@@ -80,9 +86,19 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
80
86
|
assert_equal "was already confirmed, please try signing in", confirmed_user.errors[:email].join
|
81
87
|
end
|
82
88
|
|
89
|
+
test 'should show error when a token has already been used' do
|
90
|
+
user = create_user
|
91
|
+
raw = user.raw_confirmation_token
|
92
|
+
User.confirm_by_token(raw)
|
93
|
+
assert user.reload.confirmed?
|
94
|
+
|
95
|
+
confirmed_user = User.confirm_by_token(raw)
|
96
|
+
assert_equal "was already confirmed, please try signing in", confirmed_user.errors[:email].join
|
97
|
+
end
|
98
|
+
|
83
99
|
test 'should send confirmation instructions by email' do
|
84
100
|
assert_email_sent "mynewuser@example.com" do
|
85
|
-
create_user :
|
101
|
+
create_user email: "mynewuser@example.com"
|
86
102
|
end
|
87
103
|
end
|
88
104
|
|
@@ -111,7 +127,7 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
111
127
|
|
112
128
|
assert_email_not_sent do
|
113
129
|
user.save!
|
114
|
-
|
130
|
+
refute user.confirmed?
|
115
131
|
end
|
116
132
|
end
|
117
133
|
|
@@ -119,23 +135,23 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
119
135
|
assert_email_not_sent do
|
120
136
|
user = new_user
|
121
137
|
user.email = ''
|
122
|
-
user.save(:
|
138
|
+
user.save(validate: false)
|
123
139
|
end
|
124
140
|
end
|
125
141
|
|
126
142
|
test 'should find a user to send confirmation instructions' do
|
127
143
|
user = create_user
|
128
|
-
confirmation_user = User.send_confirmation_instructions(:
|
144
|
+
confirmation_user = User.send_confirmation_instructions(email: user.email)
|
129
145
|
assert_equal confirmation_user, user
|
130
146
|
end
|
131
147
|
|
132
148
|
test 'should return a new user if no email was found' do
|
133
|
-
confirmation_user = User.send_confirmation_instructions(:
|
134
|
-
|
149
|
+
confirmation_user = User.send_confirmation_instructions(email: "invalid@example.com")
|
150
|
+
refute confirmation_user.persisted?
|
135
151
|
end
|
136
152
|
|
137
153
|
test 'should add error to new user email if no email was found' do
|
138
|
-
confirmation_user = User.send_confirmation_instructions(:
|
154
|
+
confirmation_user = User.send_confirmation_instructions(email: "invalid@example.com")
|
139
155
|
assert confirmation_user.errors[:email]
|
140
156
|
assert_equal "not found", confirmation_user.errors[:email].join
|
141
157
|
end
|
@@ -143,7 +159,7 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
143
159
|
test 'should send email instructions for the user confirm its email' do
|
144
160
|
user = create_user
|
145
161
|
assert_email_sent user.email do
|
146
|
-
User.send_confirmation_instructions(:
|
162
|
+
User.send_confirmation_instructions(email: user.email)
|
147
163
|
end
|
148
164
|
end
|
149
165
|
|
@@ -155,7 +171,7 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
155
171
|
assert_not_nil user.reload.confirmation_token
|
156
172
|
end
|
157
173
|
|
158
|
-
test 'should not resend email instructions if the user change
|
174
|
+
test 'should not resend email instructions if the user change their email' do
|
159
175
|
user = create_user
|
160
176
|
user.email = 'new_test@example.com'
|
161
177
|
assert_email_not_sent do
|
@@ -165,28 +181,29 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
165
181
|
|
166
182
|
test 'should not reset confirmation status or token when updating email' do
|
167
183
|
user = create_user
|
168
|
-
user.
|
184
|
+
original_token = user.confirmation_token
|
185
|
+
user.confirm
|
169
186
|
user.email = 'new_test@example.com'
|
170
187
|
user.save!
|
171
188
|
|
172
189
|
user.reload
|
173
190
|
assert user.confirmed?
|
174
|
-
|
191
|
+
assert_equal original_token, user.confirmation_token
|
175
192
|
end
|
176
193
|
|
177
194
|
test 'should not be able to send instructions if the user is already confirmed' do
|
178
195
|
user = create_user
|
179
|
-
user.confirm
|
180
|
-
|
196
|
+
user.confirm
|
197
|
+
refute user.resend_confirmation_instructions
|
181
198
|
assert user.confirmed?
|
182
199
|
assert_equal 'was already confirmed, please try signing in', user.errors[:email].join
|
183
200
|
end
|
184
201
|
|
185
202
|
test 'confirm time should fallback to devise confirm in default configuration' do
|
186
|
-
swap Devise, :
|
187
|
-
user =
|
203
|
+
swap Devise, allow_unconfirmed_access_for: 1.day do
|
204
|
+
user = create_user
|
188
205
|
user.confirmation_sent_at = 2.days.ago
|
189
|
-
|
206
|
+
refute user.active_for_authentication?
|
190
207
|
|
191
208
|
Devise.allow_unconfirmed_access_for = 3.days
|
192
209
|
assert user.active_for_authentication?
|
@@ -194,7 +211,7 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
194
211
|
end
|
195
212
|
|
196
213
|
test 'should be active when confirmation sent at is not overpast' do
|
197
|
-
swap Devise, :
|
214
|
+
swap Devise, allow_unconfirmed_access_for: 5.days do
|
198
215
|
Devise.allow_unconfirmed_access_for = 5.days
|
199
216
|
user = create_user
|
200
217
|
|
@@ -202,16 +219,16 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
202
219
|
assert user.active_for_authentication?
|
203
220
|
|
204
221
|
user.confirmation_sent_at = 5.days.ago
|
205
|
-
|
222
|
+
refute user.active_for_authentication?
|
206
223
|
end
|
207
224
|
end
|
208
225
|
|
209
226
|
test 'should be active when already confirmed' do
|
210
227
|
user = create_user
|
211
|
-
|
212
|
-
|
228
|
+
refute user.confirmed?
|
229
|
+
refute user.active_for_authentication?
|
213
230
|
|
214
|
-
user.confirm
|
231
|
+
user.confirm
|
215
232
|
assert user.confirmed?
|
216
233
|
assert user.active_for_authentication?
|
217
234
|
end
|
@@ -219,22 +236,23 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
219
236
|
test 'should not be active when confirm in is zero' do
|
220
237
|
Devise.allow_unconfirmed_access_for = 0.days
|
221
238
|
user = create_user
|
222
|
-
user.confirmation_sent_at =
|
223
|
-
|
239
|
+
user.confirmation_sent_at = Time.zone.today
|
240
|
+
refute user.active_for_authentication?
|
224
241
|
end
|
225
242
|
|
226
243
|
test 'should be active when we set allow_unconfirmed_access_for to nil' do
|
227
|
-
Devise
|
228
|
-
|
229
|
-
|
230
|
-
|
244
|
+
swap Devise, allow_unconfirmed_access_for: nil do
|
245
|
+
user = create_user
|
246
|
+
user.confirmation_sent_at = Time.zone.today
|
247
|
+
assert user.active_for_authentication?
|
248
|
+
end
|
231
249
|
end
|
232
250
|
|
233
251
|
test 'should not be active without confirmation' do
|
234
252
|
user = create_user
|
235
253
|
user.confirmation_sent_at = nil
|
236
254
|
user.save
|
237
|
-
|
255
|
+
refute user.reload.active_for_authentication?
|
238
256
|
end
|
239
257
|
|
240
258
|
test 'should be active without confirmation when confirmation is not required' do
|
@@ -245,19 +263,29 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
245
263
|
assert user.reload.active_for_authentication?
|
246
264
|
end
|
247
265
|
|
266
|
+
test 'should not break when a user tries to reset their password in the case where confirmation is not required and confirm_within is set' do
|
267
|
+
swap Devise, confirm_within: 3.days do
|
268
|
+
user = create_user
|
269
|
+
user.instance_eval { def confirmation_required?; false end }
|
270
|
+
user.confirmation_sent_at = nil
|
271
|
+
user.save
|
272
|
+
assert user.reload.confirm
|
273
|
+
end
|
274
|
+
end
|
275
|
+
|
248
276
|
test 'should find a user to send email instructions for the user confirm its email by authentication_keys' do
|
249
|
-
swap Devise, :
|
277
|
+
swap Devise, authentication_keys: [:username, :email] do
|
250
278
|
user = create_user
|
251
|
-
confirm_user = User.send_confirmation_instructions(:
|
279
|
+
confirm_user = User.send_confirmation_instructions(email: user.email, username: user.username)
|
252
280
|
assert_equal confirm_user, user
|
253
281
|
end
|
254
282
|
end
|
255
283
|
|
256
284
|
test 'should require all confirmation_keys' do
|
257
|
-
swap Devise, :
|
285
|
+
swap Devise, confirmation_keys: [:username, :email] do
|
258
286
|
user = create_user
|
259
|
-
confirm_user = User.send_confirmation_instructions(:
|
260
|
-
|
287
|
+
confirm_user = User.send_confirmation_instructions(email: user.email)
|
288
|
+
refute confirm_user.persisted?
|
261
289
|
assert_equal "can't be blank", confirm_user.errors[:username].join
|
262
290
|
end
|
263
291
|
end
|
@@ -275,23 +303,34 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
275
303
|
end
|
276
304
|
|
277
305
|
test 'should accept confirmation email token after 2 days when expiration is set to 3 days' do
|
278
|
-
swap Devise, :
|
306
|
+
swap Devise, confirm_within: 3.days do
|
279
307
|
assert confirm_user_by_token_with_confirmation_sent_at(2.days.ago)
|
280
308
|
end
|
281
309
|
end
|
282
310
|
|
283
311
|
test 'should not accept confirmation email token after 4 days when expiration is set to 3 days' do
|
284
|
-
swap Devise, :
|
285
|
-
|
312
|
+
swap Devise, confirm_within: 3.days do
|
313
|
+
refute confirm_user_by_token_with_confirmation_sent_at(4.days.ago)
|
286
314
|
end
|
287
315
|
end
|
288
316
|
|
289
|
-
test '
|
317
|
+
test 'do not generate a new token on resend' do
|
290
318
|
user = create_user
|
291
319
|
old = user.confirmation_token
|
292
320
|
user = User.find(user.id)
|
293
321
|
user.resend_confirmation_instructions
|
294
|
-
|
322
|
+
assert_equal user.confirmation_token, old
|
323
|
+
end
|
324
|
+
|
325
|
+
test 'generate a new token after first has expired' do
|
326
|
+
swap Devise, confirm_within: 3.days do
|
327
|
+
user = create_user
|
328
|
+
old = user.confirmation_token
|
329
|
+
user.update_attribute(:confirmation_sent_at, 4.days.ago)
|
330
|
+
user = User.find(user.id)
|
331
|
+
user.resend_confirmation_instructions
|
332
|
+
assert_not_equal user.confirmation_token, old
|
333
|
+
end
|
295
334
|
end
|
296
335
|
|
297
336
|
test 'should call after_confirmation if confirmed' do
|
@@ -300,43 +339,52 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
300
339
|
self.username = self.username.to_s + 'updated'
|
301
340
|
end
|
302
341
|
old = user.username
|
303
|
-
assert user.confirm
|
342
|
+
assert user.confirm
|
304
343
|
assert_not_equal user.username, old
|
305
344
|
end
|
306
345
|
|
307
346
|
test 'should not call after_confirmation if not confirmed' do
|
308
347
|
user = create_user
|
309
|
-
assert user.confirm
|
348
|
+
assert user.confirm
|
310
349
|
user.define_singleton_method :after_confirmation do
|
311
350
|
self.username = self.username.to_s + 'updated'
|
312
351
|
end
|
313
352
|
old = user.username
|
314
|
-
|
353
|
+
refute user.confirm
|
315
354
|
assert_equal user.username, old
|
316
355
|
end
|
356
|
+
|
357
|
+
test 'should always perform validations upon confirm when ensure valid true' do
|
358
|
+
admin = create_admin
|
359
|
+
admin.stubs(:valid?).returns(false)
|
360
|
+
refute admin.confirm(ensure_valid: true)
|
361
|
+
end
|
317
362
|
end
|
318
363
|
|
319
364
|
class ReconfirmableTest < ActiveSupport::TestCase
|
320
365
|
test 'should not worry about validations on confirm even with reconfirmable' do
|
321
366
|
admin = create_admin
|
322
367
|
admin.reset_password_token = "a"
|
323
|
-
assert admin.confirm
|
368
|
+
assert admin.confirm
|
324
369
|
end
|
325
370
|
|
326
371
|
test 'should generate confirmation token after changing email' do
|
327
372
|
admin = create_admin
|
328
|
-
assert admin.confirm
|
329
|
-
|
330
|
-
assert admin.update_attributes(:
|
331
|
-
|
373
|
+
assert admin.confirm
|
374
|
+
residual_token = admin.confirmation_token
|
375
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
376
|
+
assert_not_equal residual_token, admin.confirmation_token
|
332
377
|
end
|
333
378
|
|
334
|
-
test 'should not
|
379
|
+
test 'should not regenerate confirmation token or require reconfirmation if skipping reconfirmation after changing email' do
|
335
380
|
admin = create_admin
|
336
|
-
|
381
|
+
original_token = admin.confirmation_token
|
382
|
+
assert admin.confirm
|
337
383
|
admin.skip_reconfirmation!
|
338
|
-
assert admin.update_attributes(:
|
339
|
-
|
384
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
385
|
+
assert admin.confirmed?
|
386
|
+
refute admin.pending_reconfirmation?
|
387
|
+
assert_equal original_token, admin.confirmation_token
|
340
388
|
end
|
341
389
|
|
342
390
|
test 'should skip sending reconfirmation email when email is changed and skip_confirmation_notification! is invoked' do
|
@@ -344,85 +392,93 @@ class ReconfirmableTest < ActiveSupport::TestCase
|
|
344
392
|
admin.skip_confirmation_notification!
|
345
393
|
|
346
394
|
assert_email_not_sent do
|
347
|
-
admin.update_attributes(:
|
395
|
+
admin.update_attributes(email: 'new_test@example.com')
|
348
396
|
end
|
349
397
|
end
|
350
398
|
|
351
399
|
test 'should regenerate confirmation token after changing email' do
|
352
400
|
admin = create_admin
|
353
|
-
assert admin.confirm
|
354
|
-
assert admin.update_attributes(:
|
401
|
+
assert admin.confirm
|
402
|
+
assert admin.update_attributes(email: 'old_test@example.com')
|
355
403
|
token = admin.confirmation_token
|
356
|
-
assert admin.update_attributes(:
|
404
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
357
405
|
assert_not_equal token, admin.confirmation_token
|
358
406
|
end
|
359
407
|
|
360
408
|
test 'should send confirmation instructions by email after changing email' do
|
361
409
|
admin = create_admin
|
362
|
-
assert admin.confirm
|
410
|
+
assert admin.confirm
|
363
411
|
assert_email_sent "new_test@example.com" do
|
364
|
-
assert admin.update_attributes(:
|
412
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
413
|
+
end
|
414
|
+
assert_match "new_test@example.com", ActionMailer::Base.deliveries.last.body.encoded
|
415
|
+
end
|
416
|
+
|
417
|
+
test 'should send confirmation instructions by email after changing email from nil' do
|
418
|
+
admin = create_admin(email: nil)
|
419
|
+
assert_email_sent "new_test@example.com" do
|
420
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
365
421
|
end
|
366
422
|
assert_match "new_test@example.com", ActionMailer::Base.deliveries.last.body.encoded
|
367
423
|
end
|
368
424
|
|
369
425
|
test 'should not send confirmation by email after changing password' do
|
370
426
|
admin = create_admin
|
371
|
-
assert admin.confirm
|
427
|
+
assert admin.confirm
|
372
428
|
assert_email_not_sent do
|
373
|
-
assert admin.update_attributes(:
|
429
|
+
assert admin.update_attributes(password: 'newpass', password_confirmation: 'newpass')
|
374
430
|
end
|
375
431
|
end
|
376
432
|
|
377
433
|
test 'should not send confirmation by email after changing to a blank email' do
|
378
434
|
admin = create_admin
|
379
|
-
assert admin.confirm
|
435
|
+
assert admin.confirm
|
380
436
|
assert_email_not_sent do
|
381
437
|
admin.email = ''
|
382
|
-
admin.save(:
|
438
|
+
admin.save(validate: false)
|
383
439
|
end
|
384
440
|
end
|
385
441
|
|
386
442
|
test 'should stay confirmed when email is changed' do
|
387
443
|
admin = create_admin
|
388
|
-
assert admin.confirm
|
389
|
-
assert admin.update_attributes(:
|
444
|
+
assert admin.confirm
|
445
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
390
446
|
assert admin.confirmed?
|
391
447
|
end
|
392
448
|
|
393
449
|
test 'should update email only when it is confirmed' do
|
394
450
|
admin = create_admin
|
395
|
-
assert admin.confirm
|
396
|
-
assert admin.update_attributes(:
|
451
|
+
assert admin.confirm
|
452
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
397
453
|
assert_not_equal 'new_test@example.com', admin.email
|
398
|
-
assert admin.confirm
|
454
|
+
assert admin.confirm
|
399
455
|
assert_equal 'new_test@example.com', admin.email
|
400
456
|
end
|
401
457
|
|
402
458
|
test 'should not allow admin to get past confirmation email by resubmitting their new address' do
|
403
459
|
admin = create_admin
|
404
|
-
assert admin.confirm
|
405
|
-
assert admin.update_attributes(:
|
460
|
+
assert admin.confirm
|
461
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
406
462
|
assert_not_equal 'new_test@example.com', admin.email
|
407
|
-
assert admin.update_attributes(:
|
463
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
408
464
|
assert_not_equal 'new_test@example.com', admin.email
|
409
465
|
end
|
410
466
|
|
411
467
|
test 'should find a admin by send confirmation instructions with unconfirmed_email' do
|
412
468
|
admin = create_admin
|
413
|
-
assert admin.confirm
|
414
|
-
assert admin.update_attributes(:
|
415
|
-
confirmation_admin = Admin.send_confirmation_instructions(:
|
469
|
+
assert admin.confirm
|
470
|
+
assert admin.update_attributes(email: 'new_test@example.com')
|
471
|
+
confirmation_admin = Admin.send_confirmation_instructions(email: admin.unconfirmed_email)
|
416
472
|
assert_equal confirmation_admin, admin
|
417
473
|
end
|
418
474
|
|
419
475
|
test 'should return a new admin if no email or unconfirmed_email was found' do
|
420
|
-
confirmation_admin = Admin.send_confirmation_instructions(:
|
421
|
-
|
476
|
+
confirmation_admin = Admin.send_confirmation_instructions(email: "invalid@email.com")
|
477
|
+
refute confirmation_admin.persisted?
|
422
478
|
end
|
423
479
|
|
424
480
|
test 'should add error to new admin email if no email or unconfirmed_email was found' do
|
425
|
-
confirmation_admin = Admin.send_confirmation_instructions(:
|
481
|
+
confirmation_admin = Admin.send_confirmation_instructions(email: "invalid@email.com")
|
426
482
|
assert confirmation_admin.errors[:email]
|
427
483
|
assert_equal "not found", confirmation_admin.errors[:email].join
|
428
484
|
end
|
@@ -431,24 +487,63 @@ class ReconfirmableTest < ActiveSupport::TestCase
|
|
431
487
|
admin = create_admin
|
432
488
|
admin.unconfirmed_email = "new_test@email.com"
|
433
489
|
assert admin.save
|
434
|
-
admin = Admin.find_by_unconfirmed_email_with_errors(:
|
490
|
+
admin = Admin.find_by_unconfirmed_email_with_errors(email: "new_test@email.com")
|
435
491
|
assert admin.persisted?
|
436
492
|
end
|
437
493
|
|
438
494
|
test 'required_fields should contain the fields that Devise uses' do
|
439
|
-
|
440
|
-
:confirmation_sent_at,
|
495
|
+
assert_equal Devise::Models::Confirmable.required_fields(User), [
|
441
496
|
:confirmation_token,
|
442
|
-
:confirmed_at
|
497
|
+
:confirmed_at,
|
498
|
+
:confirmation_sent_at
|
443
499
|
]
|
444
500
|
end
|
445
501
|
|
446
502
|
test 'required_fields should also contain unconfirmable when reconfirmable_email is true' do
|
447
|
-
|
448
|
-
:confirmation_sent_at,
|
503
|
+
assert_equal Devise::Models::Confirmable.required_fields(Admin), [
|
449
504
|
:confirmation_token,
|
450
505
|
:confirmed_at,
|
506
|
+
:confirmation_sent_at,
|
451
507
|
:unconfirmed_email
|
452
508
|
]
|
453
509
|
end
|
510
|
+
|
511
|
+
test 'should not require reconfirmation after creating a record' do
|
512
|
+
admin = create_admin
|
513
|
+
assert !admin.pending_reconfirmation?
|
514
|
+
end
|
515
|
+
|
516
|
+
test 'should not require reconfirmation after creating a record with #save called in callback' do
|
517
|
+
class Admin::WithSaveInCallback < Admin
|
518
|
+
after_create :save
|
519
|
+
end
|
520
|
+
|
521
|
+
admin = Admin::WithSaveInCallback.create(valid_attributes.except(:username))
|
522
|
+
assert !admin.pending_reconfirmation?
|
523
|
+
end
|
524
|
+
|
525
|
+
test 'should require reconfirmation after creating a record and updating the email' do
|
526
|
+
admin = create_admin
|
527
|
+
assert !admin.instance_variable_get(:@bypass_confirmation_postpone)
|
528
|
+
admin.email = "new_test@email.com"
|
529
|
+
admin.save
|
530
|
+
assert admin.pending_reconfirmation?
|
531
|
+
end
|
532
|
+
|
533
|
+
test 'should notify previous email on email change when configured' do
|
534
|
+
swap Devise, send_email_changed_notification: true do
|
535
|
+
admin = create_admin
|
536
|
+
original_email = admin.email
|
537
|
+
|
538
|
+
assert_difference 'ActionMailer::Base.deliveries.size', 2 do
|
539
|
+
assert admin.update_attributes(email: 'new-email@example.com')
|
540
|
+
end
|
541
|
+
assert_equal original_email, ActionMailer::Base.deliveries[-2]['to'].to_s
|
542
|
+
assert_equal 'new-email@example.com', ActionMailer::Base.deliveries[-1]['to'].to_s
|
543
|
+
|
544
|
+
assert_email_not_sent do
|
545
|
+
assert admin.confirm
|
546
|
+
end
|
547
|
+
end
|
548
|
+
end
|
454
549
|
end
|