devise 3.2.1 → 4.4.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/.travis.yml +58 -10
- data/CHANGELOG.md +199 -979
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +73 -8
- data/Gemfile +19 -11
- data/Gemfile.lock +152 -119
- data/ISSUE_TEMPLATE.md +19 -0
- data/MIT-LICENSE +1 -1
- data/README.md +347 -93
- data/Rakefile +4 -2
- data/app/controllers/devise/confirmations_controller.rb +11 -5
- data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
- data/app/controllers/devise/passwords_controller.rb +20 -8
- data/app/controllers/devise/registrations_controller.rb +34 -19
- data/app/controllers/devise/sessions_controller.rb +47 -17
- data/app/controllers/devise/unlocks_controller.rb +9 -4
- data/app/controllers/devise_controller.rb +67 -31
- data/app/helpers/devise_helper.rb +4 -2
- data/app/mailers/devise/mailer.rb +10 -0
- data/app/views/devise/confirmations/new.html.erb +8 -4
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +15 -6
- data/app/views/devise/passwords/new.html.erb +8 -4
- data/app/views/devise/registrations/edit.html.erb +28 -14
- data/app/views/devise/registrations/new.html.erb +19 -8
- data/app/views/devise/sessions/new.html.erb +17 -8
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
- data/app/views/devise/unlocks/new.html.erb +8 -4
- data/bin/test +13 -0
- data/config/locales/en.yml +22 -17
- data/devise.gemspec +7 -6
- data/gemfiles/Gemfile.rails-4.1-stable +32 -0
- data/gemfiles/Gemfile.rails-4.1-stable.lock +171 -0
- data/gemfiles/Gemfile.rails-4.2-stable +32 -0
- data/gemfiles/Gemfile.rails-4.2-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.0-stable +33 -0
- data/gemfiles/Gemfile.rails-5.0-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.2-rc1 +26 -0
- data/gemfiles/Gemfile.rails-5.2-rc1.lock +201 -0
- data/guides/bug_report_templates/integration_test.rb +106 -0
- data/lib/devise.rb +107 -84
- data/lib/devise/controllers/helpers.rb +111 -31
- data/lib/devise/controllers/rememberable.rb +15 -6
- data/lib/devise/controllers/scoped_views.rb +3 -1
- data/lib/devise/controllers/sign_in_out.rb +39 -26
- data/lib/devise/controllers/store_location.rb +31 -2
- data/lib/devise/controllers/url_helpers.rb +9 -7
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +24 -0
- data/lib/devise/failure_app.rb +98 -39
- data/lib/devise/hooks/activatable.rb +7 -6
- data/lib/devise/hooks/csrf_cleaner.rb +5 -1
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +7 -2
- data/lib/devise/hooks/proxy.rb +4 -2
- data/lib/devise/hooks/rememberable.rb +4 -2
- data/lib/devise/hooks/timeoutable.rb +16 -9
- data/lib/devise/hooks/trackable.rb +3 -1
- data/lib/devise/mailers/helpers.rb +15 -12
- data/lib/devise/mapping.rb +8 -2
- data/lib/devise/models.rb +3 -1
- data/lib/devise/models/authenticatable.rb +63 -36
- data/lib/devise/models/confirmable.rb +121 -41
- data/lib/devise/models/database_authenticatable.rb +66 -23
- data/lib/devise/models/lockable.rb +30 -17
- data/lib/devise/models/omniauthable.rb +3 -1
- data/lib/devise/models/recoverable.rb +62 -26
- data/lib/devise/models/registerable.rb +2 -0
- data/lib/devise/models/rememberable.rb +62 -33
- data/lib/devise/models/timeoutable.rb +4 -8
- data/lib/devise/models/trackable.rb +12 -3
- data/lib/devise/models/validatable.rb +16 -9
- data/lib/devise/modules.rb +12 -10
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +2 -0
- data/lib/devise/parameter_sanitizer.rb +131 -69
- data/lib/devise/rails.rb +10 -13
- data/lib/devise/rails/routes.rb +147 -116
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/secret_key_finder.rb +25 -0
- data/lib/devise/strategies/authenticatable.rb +20 -9
- data/lib/devise/strategies/base.rb +3 -1
- data/lib/devise/strategies/database_authenticatable.rb +8 -5
- data/lib/devise/strategies/rememberable.rb +15 -3
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +4 -2
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/generators/active_record/devise_generator.rb +47 -10
- data/lib/generators/active_record/templates/migration.rb +9 -7
- data/lib/generators/active_record/templates/migration_existing.rb +9 -7
- data/lib/generators/devise/controllers_generator.rb +46 -0
- data/lib/generators/devise/devise_generator.rb +9 -5
- data/lib/generators/devise/install_generator.rb +22 -0
- data/lib/generators/devise/orm_helpers.rb +8 -19
- data/lib/generators/devise/views_generator.rb +51 -28
- data/lib/generators/mongoid/devise_generator.rb +22 -19
- data/lib/generators/templates/README +5 -12
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/devise.rb +64 -35
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/custom_registrations_controller_test.rb +42 -0
- data/test/controllers/custom_strategy_test.rb +10 -6
- data/test/controllers/helper_methods_test.rb +24 -0
- data/test/controllers/helpers_test.rb +88 -40
- data/test/controllers/inherited_controller_i18n_messages_test.rb +53 -0
- data/test/controllers/internal_helpers_test.rb +31 -22
- data/test/controllers/load_hooks_controller_test.rb +21 -0
- data/test/controllers/passwords_controller_test.rb +8 -5
- data/test/controllers/sessions_controller_test.rb +42 -33
- data/test/controllers/url_helpers_test.rb +13 -5
- data/test/delegator_test.rb +3 -1
- data/test/devise_test.rb +34 -19
- data/test/failure_app_test.rb +150 -42
- data/test/generators/active_record_generator_test.rb +58 -31
- data/test/generators/controllers_generator_test.rb +50 -0
- data/test/generators/devise_generator_test.rb +4 -2
- data/test/generators/install_generator_test.rb +16 -3
- data/test/generators/mongoid_generator_test.rb +5 -3
- data/test/generators/views_generator_test.rb +40 -2
- data/test/helpers/devise_helper_test.rb +20 -20
- data/test/integration/authenticatable_test.rb +134 -141
- data/test/integration/confirmable_test.rb +109 -67
- data/test/integration/database_authenticatable_test.rb +36 -23
- data/test/integration/http_authenticatable_test.rb +29 -20
- data/test/integration/lockable_test.rb +52 -49
- data/test/integration/mounted_engine_test.rb +38 -0
- data/test/integration/omniauthable_test.rb +30 -15
- data/test/integration/recoverable_test.rb +76 -61
- data/test/integration/registerable_test.rb +107 -91
- data/test/integration/rememberable_test.rb +82 -30
- data/test/integration/timeoutable_test.rb +48 -40
- data/test/integration/trackable_test.rb +15 -8
- data/test/mailers/confirmation_instructions_test.rb +16 -14
- data/test/mailers/email_changed_test.rb +132 -0
- data/test/mailers/mailer_test.rb +20 -0
- data/test/mailers/reset_password_instructions_test.rb +13 -11
- data/test/mailers/unlock_instructions_test.rb +12 -10
- data/test/mapping_test.rb +15 -6
- data/test/models/authenticatable_test.rb +15 -3
- data/test/models/confirmable_test.rb +190 -95
- data/test/models/database_authenticatable_test.rb +75 -41
- data/test/models/lockable_test.rb +115 -61
- data/test/models/omniauthable_test.rb +3 -1
- data/test/models/recoverable_test.rb +116 -37
- data/test/models/registerable_test.rb +3 -1
- data/test/models/rememberable_test.rb +95 -94
- data/test/models/serializable_test.rb +19 -8
- data/test/models/timeoutable_test.rb +10 -8
- data/test/models/trackable_test.rb +50 -1
- data/test/models/validatable_test.rb +24 -30
- data/test/models_test.rb +19 -8
- data/test/omniauth/config_test.rb +15 -11
- data/test/omniauth/url_helpers_test.rb +8 -9
- data/test/orm/active_record.rb +16 -2
- data/test/orm/mongoid.rb +4 -2
- data/test/parameter_sanitizer_test.rb +53 -57
- data/test/rails_app/app/active_record/admin.rb +2 -0
- data/test/rails_app/app/active_record/shim.rb +3 -1
- data/test/rails_app/app/active_record/user.rb +14 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +9 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +9 -0
- data/test/rails_app/app/active_record/user_with_validations.rb +12 -0
- data/test/rails_app/app/active_record/user_without_email.rb +10 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/admins_controller.rb +3 -6
- data/test/rails_app/app/controllers/application_controller.rb +7 -3
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +32 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +33 -0
- data/test/rails_app/app/controllers/home_controller.rb +7 -1
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +3 -1
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +7 -5
- data/test/rails_app/app/controllers/users_controller.rb +8 -6
- data/test/rails_app/app/helpers/application_helper.rb +2 -0
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +5 -0
- data/test/rails_app/app/mailers/users/mailer.rb +3 -10
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +6 -0
- data/test/rails_app/app/mongoid/admin.rb +13 -11
- data/test/rails_app/app/mongoid/shim.rb +4 -2
- data/test/rails_app/app/mongoid/user.rb +30 -19
- data/test/rails_app/app/mongoid/user_on_engine.rb +41 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +41 -0
- data/test/rails_app/app/mongoid/user_with_validations.rb +37 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +35 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/home/index.html.erb +1 -1
- data/test/rails_app/app/views/home/join.html.erb +1 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +13 -5
- data/test/rails_app/config/boot.rb +17 -4
- data/test/rails_app/config/environment.rb +2 -0
- data/test/rails_app/config/environments/development.rb +2 -0
- data/test/rails_app/config/environments/production.rb +10 -2
- data/test/rails_app/config/environments/test.rb +14 -3
- data/test/rails_app/config/initializers/backtrace_silencers.rb +2 -0
- data/test/rails_app/config/initializers/devise.rb +22 -21
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +3 -6
- data/test/rails_app/config/initializers/session_store.rb +2 -0
- data/test/rails_app/config/routes.rb +67 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +16 -10
- data/test/rails_app/db/schema.rb +2 -0
- data/test/rails_app/lib/shared_admin.rb +10 -4
- data/test/rails_app/lib/shared_user.rb +4 -1
- data/test/rails_app/lib/shared_user_without_email.rb +28 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +15 -0
- data/test/rails_test.rb +11 -0
- data/test/routes_test.rb +92 -61
- data/test/secret_key_finder_test.rb +97 -0
- data/test/support/action_controller/record_identifier.rb +12 -0
- data/test/support/assertions.rb +4 -14
- data/test/support/helpers.rb +23 -10
- data/test/support/http_method_compatibility.rb +53 -0
- data/test/support/integration.rb +19 -16
- data/test/support/mongoid.yml +6 -0
- data/test/support/webrat/integrations/rails.rb +11 -0
- data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +60 -40
- data/test/test/integration_helpers_test.rb +34 -0
- data/test/test_helper.rb +9 -0
- data/test/test_models.rb +8 -6
- metadata +123 -53
- data/gemfiles/Gemfile.rails-3.2.x +0 -31
- data/gemfiles/Gemfile.rails-3.2.x.lock +0 -159
@@ -1,12 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
require 'test_models'
|
3
5
|
require 'digest/sha1'
|
4
6
|
|
5
7
|
class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
8
|
+
def setup
|
9
|
+
setup_mailer
|
10
|
+
end
|
11
|
+
|
6
12
|
test 'should downcase case insensitive keys when saving' do
|
7
13
|
# case_insensitive_keys is set to :email by default.
|
8
14
|
email = 'Foo@Bar.com'
|
9
|
-
user = new_user(:
|
15
|
+
user = new_user(email: email)
|
10
16
|
|
11
17
|
assert_equal email, user.email
|
12
18
|
user.save!
|
@@ -16,7 +22,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
16
22
|
test 'should downcase case insensitive keys that refer to virtual attributes when saving' do
|
17
23
|
email = 'Foo@Bar1.com'
|
18
24
|
confirmation = 'Foo@Bar1.com'
|
19
|
-
attributes = valid_attributes(:
|
25
|
+
attributes = valid_attributes(email: email, email_confirmation: confirmation)
|
20
26
|
user = UserWithVirtualAttributes.new(attributes)
|
21
27
|
|
22
28
|
assert_equal confirmation, user.email_confirmation
|
@@ -27,7 +33,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
27
33
|
test 'should not mutate value assigned to case insensitive key' do
|
28
34
|
email = 'Foo@Bar.com'
|
29
35
|
original_email = email.dup
|
30
|
-
user = new_user(:
|
36
|
+
user = new_user(email: email)
|
31
37
|
|
32
38
|
user.save!
|
33
39
|
assert_equal original_email, email
|
@@ -36,7 +42,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
36
42
|
test 'should remove whitespace from strip whitespace keys when saving' do
|
37
43
|
# strip_whitespace_keys is set to :email by default.
|
38
44
|
email = ' foo@bar.com '
|
39
|
-
user = new_user(:
|
45
|
+
user = new_user(email: email)
|
40
46
|
|
41
47
|
assert_equal email, user.email
|
42
48
|
user.save!
|
@@ -46,20 +52,20 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
46
52
|
test 'should not mutate value assigned to string whitespace key' do
|
47
53
|
email = ' foo@bar.com '
|
48
54
|
original_email = email.dup
|
49
|
-
user = new_user(:
|
55
|
+
user = new_user(email: email)
|
50
56
|
|
51
57
|
user.save!
|
52
58
|
assert_equal original_email, email
|
53
59
|
end
|
54
60
|
|
55
61
|
test "doesn't throw exception when globally configured strip_whitespace_keys are not present on a model" do
|
56
|
-
swap Devise, :
|
62
|
+
swap Devise, strip_whitespace_keys: [:fake_key] do
|
57
63
|
assert_nothing_raised { create_user }
|
58
64
|
end
|
59
65
|
end
|
60
66
|
|
61
67
|
test "doesn't throw exception when globally configured case_insensitive_keys are not present on a model" do
|
62
|
-
swap Devise, :
|
68
|
+
swap Devise, case_insensitive_keys: [:fake_key] do
|
63
69
|
assert_nothing_raised { create_user }
|
64
70
|
end
|
65
71
|
end
|
@@ -88,28 +94,28 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
88
94
|
assert user.respond_to?(:password_confirmation)
|
89
95
|
end
|
90
96
|
|
91
|
-
test 'should generate
|
97
|
+
test 'should generate a hashed password while setting password' do
|
92
98
|
user = new_user
|
93
99
|
assert_present user.encrypted_password
|
94
100
|
end
|
95
101
|
|
96
|
-
test 'should support custom
|
97
|
-
user =
|
102
|
+
test 'should support custom hashing methods' do
|
103
|
+
user = UserWithCustomHashing.new(password: '654321')
|
98
104
|
assert_equal user.encrypted_password, '123456'
|
99
105
|
end
|
100
106
|
|
101
|
-
test 'allow authenticatable_salt to work even with nil
|
107
|
+
test 'allow authenticatable_salt to work even with nil hashed password' do
|
102
108
|
user = User.new
|
103
109
|
user.encrypted_password = nil
|
104
110
|
assert_nil user.authenticatable_salt
|
105
111
|
end
|
106
112
|
|
107
|
-
test 'should not generate
|
108
|
-
assert_blank new_user(:
|
109
|
-
assert_blank new_user(:
|
113
|
+
test 'should not generate a hashed password if password is blank' do
|
114
|
+
assert_blank new_user(password: nil).encrypted_password
|
115
|
+
assert_blank new_user(password: '').encrypted_password
|
110
116
|
end
|
111
117
|
|
112
|
-
test 'should
|
118
|
+
test 'should hash password again if password has changed' do
|
113
119
|
user = create_user
|
114
120
|
encrypted_password = user.encrypted_password
|
115
121
|
user.password = user.password_confirmation = 'new_password'
|
@@ -120,7 +126,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
120
126
|
test 'should test for a valid password' do
|
121
127
|
user = create_user
|
122
128
|
assert user.valid_password?('12345678')
|
123
|
-
|
129
|
+
refute user.valid_password?('654321')
|
124
130
|
end
|
125
131
|
|
126
132
|
test 'should not raise error with an empty password' do
|
@@ -132,7 +138,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
132
138
|
test 'should be an invalid password if the user has an empty password' do
|
133
139
|
user = create_user
|
134
140
|
user.encrypted_password = ''
|
135
|
-
|
141
|
+
refute user.valid_password?('654321')
|
136
142
|
end
|
137
143
|
|
138
144
|
test 'should respond to current password' do
|
@@ -141,23 +147,23 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
141
147
|
|
142
148
|
test 'should update password with valid current password' do
|
143
149
|
user = create_user
|
144
|
-
assert user.update_with_password(:
|
145
|
-
:
|
150
|
+
assert user.update_with_password(current_password: '12345678',
|
151
|
+
password: 'pass4321', password_confirmation: 'pass4321')
|
146
152
|
assert user.reload.valid_password?('pass4321')
|
147
153
|
end
|
148
154
|
|
149
155
|
test 'should add an error to current password when it is invalid' do
|
150
156
|
user = create_user
|
151
|
-
|
152
|
-
:
|
157
|
+
refute user.update_with_password(current_password: 'other',
|
158
|
+
password: 'pass4321', password_confirmation: 'pass4321')
|
153
159
|
assert user.reload.valid_password?('12345678')
|
154
160
|
assert_match "is invalid", user.errors[:current_password].join
|
155
161
|
end
|
156
162
|
|
157
163
|
test 'should add an error to current password when it is blank' do
|
158
164
|
user = create_user
|
159
|
-
|
160
|
-
:
|
165
|
+
refute user.update_with_password(password: 'pass4321',
|
166
|
+
password_confirmation: 'pass4321')
|
161
167
|
assert user.reload.valid_password?('12345678')
|
162
168
|
assert_match "can't be blank", user.errors[:current_password].join
|
163
169
|
end
|
@@ -166,41 +172,41 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
166
172
|
user = UserWithValidation.create!(valid_attributes)
|
167
173
|
user.save
|
168
174
|
assert user.persisted?
|
169
|
-
|
175
|
+
refute user.update_with_password(username: "")
|
170
176
|
assert_match "usertest", user.reload.username
|
171
177
|
assert_match "can't be blank", user.errors[:username].join
|
172
178
|
end
|
173
179
|
|
174
180
|
test 'should ignore password and its confirmation if they are blank' do
|
175
181
|
user = create_user
|
176
|
-
assert user.update_with_password(:
|
182
|
+
assert user.update_with_password(current_password: '12345678', email: "new@example.com")
|
177
183
|
assert_equal "new@example.com", user.email
|
178
184
|
end
|
179
185
|
|
180
186
|
test 'should not update password with invalid confirmation' do
|
181
187
|
user = create_user
|
182
|
-
|
183
|
-
:
|
188
|
+
refute user.update_with_password(current_password: '12345678',
|
189
|
+
password: 'pass4321', password_confirmation: 'other')
|
184
190
|
assert user.reload.valid_password?('12345678')
|
185
191
|
end
|
186
192
|
|
187
193
|
test 'should clean up password fields on failure' do
|
188
194
|
user = create_user
|
189
|
-
|
190
|
-
:
|
195
|
+
refute user.update_with_password(current_password: '12345678',
|
196
|
+
password: 'pass4321', password_confirmation: 'other')
|
191
197
|
assert user.password.blank?
|
192
198
|
assert user.password_confirmation.blank?
|
193
199
|
end
|
194
200
|
|
195
201
|
test 'should update the user without password' do
|
196
202
|
user = create_user
|
197
|
-
user.update_without_password(:
|
203
|
+
user.update_without_password(email: 'new@example.com')
|
198
204
|
assert_equal 'new@example.com', user.email
|
199
205
|
end
|
200
206
|
|
201
207
|
test 'should not update password without password' do
|
202
208
|
user = create_user
|
203
|
-
user.update_without_password(:
|
209
|
+
user.update_without_password(password: 'pass4321', password_confirmation: 'pass4321')
|
204
210
|
assert !user.reload.valid_password?('pass4321')
|
205
211
|
assert user.valid_password?('12345678')
|
206
212
|
end
|
@@ -213,34 +219,62 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
213
219
|
|
214
220
|
test 'should not destroy user with invalid password' do
|
215
221
|
user = create_user
|
216
|
-
|
222
|
+
refute user.destroy_with_password('other')
|
217
223
|
assert user.persisted?
|
218
224
|
assert_match "is invalid", user.errors[:current_password].join
|
219
225
|
end
|
220
226
|
|
221
227
|
test 'should not destroy user with blank password' do
|
222
228
|
user = create_user
|
223
|
-
|
229
|
+
refute user.destroy_with_password(nil)
|
224
230
|
assert user.persisted?
|
225
231
|
assert_match "can't be blank", user.errors[:current_password].join
|
226
232
|
end
|
227
233
|
|
234
|
+
test 'should not email on password change' do
|
235
|
+
user = create_user
|
236
|
+
assert_email_not_sent do
|
237
|
+
assert user.update_attributes(password: 'newpass', password_confirmation: 'newpass')
|
238
|
+
end
|
239
|
+
end
|
240
|
+
|
241
|
+
test 'should notify previous email on email change when configured' do
|
242
|
+
swap Devise, send_email_changed_notification: true do
|
243
|
+
user = create_user
|
244
|
+
original_email = user.email
|
245
|
+
assert_email_sent original_email do
|
246
|
+
assert user.update_attributes(email: 'new-email@example.com')
|
247
|
+
end
|
248
|
+
assert_match original_email, ActionMailer::Base.deliveries.last.body.encoded
|
249
|
+
end
|
250
|
+
end
|
251
|
+
|
252
|
+
test 'should notify email on password change when configured' do
|
253
|
+
swap Devise, send_password_change_notification: true do
|
254
|
+
user = create_user
|
255
|
+
assert_email_sent user.email do
|
256
|
+
assert user.update_attributes(password: 'newpass', password_confirmation: 'newpass')
|
257
|
+
end
|
258
|
+
assert_match user.email, ActionMailer::Base.deliveries.last.body.encoded
|
259
|
+
end
|
260
|
+
end
|
261
|
+
|
228
262
|
test 'downcase_keys with validation' do
|
229
|
-
User.create(:
|
230
|
-
user = User.create(:
|
263
|
+
User.create(email: "HEllO@example.com", password: "123456")
|
264
|
+
user = User.create(email: "HEllO@example.com", password: "123456")
|
231
265
|
assert !user.valid?
|
232
266
|
end
|
233
267
|
|
234
|
-
test '
|
235
|
-
|
236
|
-
:
|
237
|
-
:
|
268
|
+
test 'required_fields should be encryptable_password and the email field by default' do
|
269
|
+
assert_equal Devise::Models::DatabaseAuthenticatable.required_fields(User), [
|
270
|
+
:encrypted_password,
|
271
|
+
:email
|
238
272
|
]
|
239
273
|
end
|
240
274
|
|
241
275
|
test 'required_fields should be encryptable_password and the login when the login is on authentication_keys' do
|
242
|
-
swap Devise, :
|
243
|
-
|
276
|
+
swap Devise, authentication_keys: [:login] do
|
277
|
+
assert_equal Devise::Models::DatabaseAuthenticatable.required_fields(User), [
|
244
278
|
:encrypted_password,
|
245
279
|
:login
|
246
280
|
]
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
class LockableTest < ActiveSupport::TestCase
|
@@ -7,30 +9,30 @@ class LockableTest < ActiveSupport::TestCase
|
|
7
9
|
|
8
10
|
test "should respect maximum attempts configuration" do
|
9
11
|
user = create_user
|
10
|
-
user.confirm
|
11
|
-
swap Devise, :
|
12
|
-
|
12
|
+
user.confirm
|
13
|
+
swap Devise, maximum_attempts: 2 do
|
14
|
+
2.times { user.valid_for_authentication?{ false } }
|
13
15
|
assert user.reload.access_locked?
|
14
16
|
end
|
15
17
|
end
|
16
18
|
|
17
|
-
test "should increment failed_attempts on
|
19
|
+
test "should increment failed_attempts on successful validation if the user is already locked" do
|
18
20
|
user = create_user
|
19
|
-
user.confirm
|
21
|
+
user.confirm
|
20
22
|
|
21
|
-
swap Devise, :
|
22
|
-
|
23
|
+
swap Devise, maximum_attempts: 2 do
|
24
|
+
2.times { user.valid_for_authentication?{ false } }
|
23
25
|
assert user.reload.access_locked?
|
24
26
|
end
|
25
27
|
|
26
28
|
user.valid_for_authentication?{ true }
|
27
|
-
assert_equal
|
29
|
+
assert_equal 3, user.reload.failed_attempts
|
28
30
|
end
|
29
31
|
|
30
32
|
test "should not touch failed_attempts if lock_strategy is none" do
|
31
33
|
user = create_user
|
32
|
-
user.confirm
|
33
|
-
swap Devise, :
|
34
|
+
user.confirm
|
35
|
+
swap Devise, lock_strategy: :none, maximum_attempts: 2 do
|
34
36
|
3.times { user.valid_for_authentication?{ false } }
|
35
37
|
assert !user.access_locked?
|
36
38
|
assert_equal 0, user.failed_attempts
|
@@ -46,17 +48,17 @@ class LockableTest < ActiveSupport::TestCase
|
|
46
48
|
|
47
49
|
test "should verify whether a user is locked or not" do
|
48
50
|
user = create_user
|
49
|
-
|
51
|
+
refute user.access_locked?
|
50
52
|
user.lock_access!
|
51
53
|
assert user.access_locked?
|
52
54
|
end
|
53
55
|
|
54
56
|
test "active_for_authentication? should be the opposite of locked?" do
|
55
57
|
user = create_user
|
56
|
-
user.confirm
|
58
|
+
user.confirm
|
57
59
|
assert user.active_for_authentication?
|
58
60
|
user.lock_access!
|
59
|
-
|
61
|
+
refute user.active_for_authentication?
|
60
62
|
end
|
61
63
|
|
62
64
|
test "should unlock a user by cleaning locked_at, failed_attempts and unlock_token" do
|
@@ -72,23 +74,23 @@ class LockableTest < ActiveSupport::TestCase
|
|
72
74
|
end
|
73
75
|
|
74
76
|
test "new user should not be locked and should have zero failed_attempts" do
|
75
|
-
|
77
|
+
refute new_user.access_locked?
|
76
78
|
assert_equal 0, create_user.failed_attempts
|
77
79
|
end
|
78
80
|
|
79
81
|
test "should unlock user after unlock_in period" do
|
80
|
-
swap Devise, :
|
82
|
+
swap Devise, unlock_in: 3.hours do
|
81
83
|
user = new_user
|
82
84
|
user.locked_at = 2.hours.ago
|
83
85
|
assert user.access_locked?
|
84
86
|
|
85
87
|
Devise.unlock_in = 1.hour
|
86
|
-
|
88
|
+
refute user.access_locked?
|
87
89
|
end
|
88
90
|
end
|
89
91
|
|
90
92
|
test "should not unlock in 'unlock_in' if :time unlock strategy is not set" do
|
91
|
-
swap Devise, :
|
93
|
+
swap Devise, unlock_strategy: :email do
|
92
94
|
user = new_user
|
93
95
|
user.locked_at = 2.hours.ago
|
94
96
|
assert user.access_locked?
|
@@ -114,7 +116,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
114
116
|
end
|
115
117
|
|
116
118
|
test "should not generate unlock_token when :email is not an unlock strategy" do
|
117
|
-
swap Devise, :
|
119
|
+
swap Devise, unlock_strategy: :time do
|
118
120
|
user = create_user
|
119
121
|
user.lock_access!
|
120
122
|
assert_nil user.unlock_token
|
@@ -122,7 +124,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
122
124
|
end
|
123
125
|
|
124
126
|
test "should send email with unlock instructions when :email is an unlock strategy" do
|
125
|
-
swap Devise, :
|
127
|
+
swap Devise, unlock_strategy: :email do
|
126
128
|
user = create_user
|
127
129
|
assert_email_sent do
|
128
130
|
user.lock_access!
|
@@ -130,8 +132,26 @@ class LockableTest < ActiveSupport::TestCase
|
|
130
132
|
end
|
131
133
|
end
|
132
134
|
|
135
|
+
test "doesn't send email when you pass option send_instructions to false" do
|
136
|
+
swap Devise, unlock_strategy: :email do
|
137
|
+
user = create_user
|
138
|
+
assert_email_not_sent do
|
139
|
+
user.lock_access! send_instructions: false
|
140
|
+
end
|
141
|
+
end
|
142
|
+
end
|
143
|
+
|
144
|
+
test "sends email when you pass options other than send_instructions" do
|
145
|
+
swap Devise, unlock_strategy: :email do
|
146
|
+
user = create_user
|
147
|
+
assert_email_sent do
|
148
|
+
user.lock_access! foo: :bar, bar: :foo
|
149
|
+
end
|
150
|
+
end
|
151
|
+
end
|
152
|
+
|
133
153
|
test "should not send email with unlock instructions when :email is not an unlock strategy" do
|
134
|
-
swap Devise, :
|
154
|
+
swap Devise, unlock_strategy: :time do
|
135
155
|
user = create_user
|
136
156
|
assert_email_not_sent do
|
137
157
|
user.lock_access!
|
@@ -144,75 +164,75 @@ class LockableTest < ActiveSupport::TestCase
|
|
144
164
|
raw = user.send_unlock_instructions
|
145
165
|
locked_user = User.unlock_access_by_token(raw)
|
146
166
|
assert_equal locked_user, user
|
147
|
-
|
167
|
+
refute user.reload.access_locked?
|
148
168
|
end
|
149
169
|
|
150
170
|
test 'should return a new record with errors when a invalid token is given' do
|
151
171
|
locked_user = User.unlock_access_by_token('invalid_token')
|
152
|
-
|
172
|
+
refute locked_user.persisted?
|
153
173
|
assert_equal "is invalid", locked_user.errors[:unlock_token].join
|
154
174
|
end
|
155
175
|
|
156
176
|
test 'should return a new record with errors when a blank token is given' do
|
157
177
|
locked_user = User.unlock_access_by_token('')
|
158
|
-
|
178
|
+
refute locked_user.persisted?
|
159
179
|
assert_equal "can't be blank", locked_user.errors[:unlock_token].join
|
160
180
|
end
|
161
181
|
|
162
182
|
test 'should find a user to send unlock instructions' do
|
163
183
|
user = create_user
|
164
184
|
user.lock_access!
|
165
|
-
unlock_user = User.send_unlock_instructions(:
|
185
|
+
unlock_user = User.send_unlock_instructions(email: user.email)
|
166
186
|
assert_equal unlock_user, user
|
167
187
|
end
|
168
188
|
|
169
189
|
test 'should return a new user if no email was found' do
|
170
|
-
unlock_user = User.send_unlock_instructions(:
|
171
|
-
|
190
|
+
unlock_user = User.send_unlock_instructions(email: "invalid@example.com")
|
191
|
+
refute unlock_user.persisted?
|
172
192
|
end
|
173
193
|
|
174
194
|
test 'should add error to new user email if no email was found' do
|
175
|
-
unlock_user = User.send_unlock_instructions(:
|
195
|
+
unlock_user = User.send_unlock_instructions(email: "invalid@example.com")
|
176
196
|
assert_equal 'not found', unlock_user.errors[:email].join
|
177
197
|
end
|
178
198
|
|
179
199
|
test 'should find a user to send unlock instructions by authentication_keys' do
|
180
|
-
swap Devise, :
|
200
|
+
swap Devise, authentication_keys: [:username, :email] do
|
181
201
|
user = create_user
|
182
|
-
unlock_user = User.send_unlock_instructions(:
|
202
|
+
unlock_user = User.send_unlock_instructions(email: user.email, username: user.username)
|
183
203
|
assert_equal unlock_user, user
|
184
204
|
end
|
185
205
|
end
|
186
206
|
|
187
207
|
test 'should require all unlock_keys' do
|
188
|
-
swap Devise, :
|
208
|
+
swap Devise, unlock_keys: [:username, :email] do
|
189
209
|
user = create_user
|
190
|
-
unlock_user = User.send_unlock_instructions(:
|
191
|
-
|
210
|
+
unlock_user = User.send_unlock_instructions(email: user.email)
|
211
|
+
refute unlock_user.persisted?
|
192
212
|
assert_equal "can't be blank", unlock_user.errors[:username].join
|
193
213
|
end
|
194
214
|
end
|
195
215
|
|
196
216
|
test 'should not be able to send instructions if the user is not locked' do
|
197
217
|
user = create_user
|
198
|
-
|
199
|
-
|
218
|
+
refute user.resend_unlock_instructions
|
219
|
+
refute user.access_locked?
|
200
220
|
assert_equal 'was not locked', user.errors[:email].join
|
201
221
|
end
|
202
222
|
|
203
223
|
test 'should not be able to send instructions if the user if not locked and have username as unlock key' do
|
204
|
-
swap Devise, :
|
224
|
+
swap Devise, unlock_keys: [:username] do
|
205
225
|
user = create_user
|
206
|
-
|
207
|
-
|
226
|
+
refute user.resend_unlock_instructions
|
227
|
+
refute user.access_locked?
|
208
228
|
assert_equal 'was not locked', user.errors[:username].join
|
209
229
|
end
|
210
230
|
end
|
211
231
|
|
212
232
|
test 'should unlock account if lock has expired and increase attempts on failure' do
|
213
|
-
swap Devise, :
|
233
|
+
swap Devise, unlock_in: 1.minute do
|
214
234
|
user = create_user
|
215
|
-
user.confirm
|
235
|
+
user.confirm
|
216
236
|
|
217
237
|
user.failed_attempts = 2
|
218
238
|
user.locked_at = 2.minutes.ago
|
@@ -223,9 +243,9 @@ class LockableTest < ActiveSupport::TestCase
|
|
223
243
|
end
|
224
244
|
|
225
245
|
test 'should unlock account if lock has expired on success' do
|
226
|
-
swap Devise, :
|
246
|
+
swap Devise, unlock_in: 1.minute do
|
227
247
|
user = create_user
|
228
|
-
user.confirm
|
248
|
+
user.confirm
|
229
249
|
|
230
250
|
user.failed_attempts = 2
|
231
251
|
user.locked_at = 2.minutes.ago
|
@@ -237,9 +257,9 @@ class LockableTest < ActiveSupport::TestCase
|
|
237
257
|
end
|
238
258
|
|
239
259
|
test 'required_fields should contain the all the fields when all the strategies are enabled' do
|
240
|
-
swap Devise, :
|
241
|
-
swap Devise, :
|
242
|
-
|
260
|
+
swap Devise, unlock_strategy: :both do
|
261
|
+
swap Devise, lock_strategy: :failed_attempts do
|
262
|
+
assert_equal Devise::Models::Lockable.required_fields(User), [
|
243
263
|
:failed_attempts,
|
244
264
|
:locked_at,
|
245
265
|
:unlock_token
|
@@ -249,9 +269,9 @@ class LockableTest < ActiveSupport::TestCase
|
|
249
269
|
end
|
250
270
|
|
251
271
|
test 'required_fields should contain only failed_attempts and locked_at when the strategies are time and failed_attempts are enabled' do
|
252
|
-
swap Devise, :
|
253
|
-
swap Devise, :
|
254
|
-
|
272
|
+
swap Devise, unlock_strategy: :time do
|
273
|
+
swap Devise, lock_strategy: :failed_attempts do
|
274
|
+
assert_equal Devise::Models::Lockable.required_fields(User), [
|
255
275
|
:failed_attempts,
|
256
276
|
:locked_at
|
257
277
|
]
|
@@ -260,9 +280,9 @@ class LockableTest < ActiveSupport::TestCase
|
|
260
280
|
end
|
261
281
|
|
262
282
|
test 'required_fields should contain only failed_attempts and unlock_token when the strategies are token and failed_attempts are enabled' do
|
263
|
-
swap Devise, :
|
264
|
-
swap Devise, :
|
265
|
-
|
283
|
+
swap Devise, unlock_strategy: :email do
|
284
|
+
swap Devise, lock_strategy: :failed_attempts do
|
285
|
+
assert_equal Devise::Models::Lockable.required_fields(User), [
|
266
286
|
:failed_attempts,
|
267
287
|
:unlock_token
|
268
288
|
]
|
@@ -271,7 +291,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
271
291
|
end
|
272
292
|
|
273
293
|
test 'should not return a locked unauthenticated message if in paranoid mode' do
|
274
|
-
swap Devise, :
|
294
|
+
swap Devise, paranoid: :true do
|
275
295
|
user = create_user
|
276
296
|
user.failed_attempts = Devise.maximum_attempts + 1
|
277
297
|
user.lock_access!
|
@@ -281,18 +301,52 @@ class LockableTest < ActiveSupport::TestCase
|
|
281
301
|
end
|
282
302
|
|
283
303
|
test 'should return last attempt message if user made next-to-last attempt of password entering' do
|
284
|
-
swap Devise, :
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
assert_equal :invalid, user.unauthenticated_message
|
304
|
+
swap Devise, last_attempt_warning: true, lock_strategy: :failed_attempts do
|
305
|
+
user = create_user
|
306
|
+
user.failed_attempts = Devise.maximum_attempts - 2
|
307
|
+
assert_equal :invalid, user.unauthenticated_message
|
289
308
|
|
290
|
-
|
291
|
-
|
309
|
+
user.failed_attempts = Devise.maximum_attempts - 1
|
310
|
+
assert_equal :last_attempt, user.unauthenticated_message
|
292
311
|
|
293
|
-
|
294
|
-
|
295
|
-
|
312
|
+
user.failed_attempts = Devise.maximum_attempts
|
313
|
+
assert_equal :locked, user.unauthenticated_message
|
314
|
+
end
|
315
|
+
end
|
316
|
+
|
317
|
+
test 'should not return last attempt message if last_attempt_warning is disabled' do
|
318
|
+
swap Devise, last_attempt_warning: false, lock_strategy: :failed_attempts do
|
319
|
+
user = create_user
|
320
|
+
user.failed_attempts = Devise.maximum_attempts - 1
|
321
|
+
assert_equal :invalid, user.unauthenticated_message
|
322
|
+
end
|
323
|
+
end
|
324
|
+
|
325
|
+
test 'should return locked message if user was programatically locked' do
|
326
|
+
user = create_user
|
327
|
+
user.lock_access!
|
328
|
+
assert_equal :locked, user.unauthenticated_message
|
329
|
+
end
|
330
|
+
|
331
|
+
test 'unlock_strategy_enabled? should return true for both, email, and time strategies if :both is used' do
|
332
|
+
swap Devise, unlock_strategy: :both do
|
333
|
+
user = create_user
|
334
|
+
assert_equal true, user.unlock_strategy_enabled?(:both)
|
335
|
+
assert_equal true, user.unlock_strategy_enabled?(:time)
|
336
|
+
assert_equal true, user.unlock_strategy_enabled?(:email)
|
337
|
+
assert_equal false, user.unlock_strategy_enabled?(:none)
|
338
|
+
assert_equal false, user.unlock_strategy_enabled?(:an_undefined_strategy)
|
339
|
+
end
|
340
|
+
end
|
341
|
+
|
342
|
+
test 'unlock_strategy_enabled? should return true only for the configured strategy' do
|
343
|
+
swap Devise, unlock_strategy: :email do
|
344
|
+
user = create_user
|
345
|
+
assert_equal false, user.unlock_strategy_enabled?(:both)
|
346
|
+
assert_equal false, user.unlock_strategy_enabled?(:time)
|
347
|
+
assert_equal true, user.unlock_strategy_enabled?(:email)
|
348
|
+
assert_equal false, user.unlock_strategy_enabled?(:none)
|
349
|
+
assert_equal false, user.unlock_strategy_enabled?(:an_undefined_strategy)
|
296
350
|
end
|
297
351
|
end
|
298
352
|
end
|