RubyGems - devise - Versions diffs - 3.2.1 → 4.4.3 - Mend

devise 3.2.1 → 4.4.3

Potentially problematic release.

This version of devise might be problematic. Click here for more details.

Files changed (254) hide show

checksums.yaml +7 -0
data/.travis.yml +58 -10
data/CHANGELOG.md +199 -979
data/CODE_OF_CONDUCT.md +22 -0
data/CONTRIBUTING.md +73 -8
data/Gemfile +19 -11
data/Gemfile.lock +152 -119
data/ISSUE_TEMPLATE.md +19 -0
data/MIT-LICENSE +1 -1
data/README.md +347 -93
data/Rakefile +4 -2
data/app/controllers/devise/confirmations_controller.rb +11 -5
data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
data/app/controllers/devise/passwords_controller.rb +20 -8
data/app/controllers/devise/registrations_controller.rb +34 -19
data/app/controllers/devise/sessions_controller.rb +47 -17
data/app/controllers/devise/unlocks_controller.rb +9 -4
data/app/controllers/devise_controller.rb +67 -31
data/app/helpers/devise_helper.rb +4 -2
data/app/mailers/devise/mailer.rb +10 -0
data/app/views/devise/confirmations/new.html.erb +8 -4
data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
data/app/views/devise/mailer/email_changed.html.erb +7 -0
data/app/views/devise/mailer/password_change.html.erb +3 -0
data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
data/app/views/devise/passwords/edit.html.erb +15 -6
data/app/views/devise/passwords/new.html.erb +8 -4
data/app/views/devise/registrations/edit.html.erb +28 -14
data/app/views/devise/registrations/new.html.erb +19 -8
data/app/views/devise/sessions/new.html.erb +17 -8
data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
data/app/views/devise/unlocks/new.html.erb +8 -4
data/bin/test +13 -0
data/config/locales/en.yml +22 -17
data/devise.gemspec +7 -6
data/gemfiles/Gemfile.rails-4.1-stable +32 -0
data/gemfiles/Gemfile.rails-4.1-stable.lock +171 -0
data/gemfiles/Gemfile.rails-4.2-stable +32 -0
data/gemfiles/Gemfile.rails-4.2-stable.lock +192 -0
data/gemfiles/Gemfile.rails-5.0-stable +33 -0
data/gemfiles/Gemfile.rails-5.0-stable.lock +192 -0
data/gemfiles/Gemfile.rails-5.2-rc1 +26 -0
data/gemfiles/Gemfile.rails-5.2-rc1.lock +201 -0
data/guides/bug_report_templates/integration_test.rb +106 -0
data/lib/devise.rb +107 -84
data/lib/devise/controllers/helpers.rb +111 -31
data/lib/devise/controllers/rememberable.rb +15 -6
data/lib/devise/controllers/scoped_views.rb +3 -1
data/lib/devise/controllers/sign_in_out.rb +39 -26
data/lib/devise/controllers/store_location.rb +31 -2
data/lib/devise/controllers/url_helpers.rb +9 -7
data/lib/devise/delegator.rb +2 -0
data/lib/devise/encryptor.rb +24 -0
data/lib/devise/failure_app.rb +98 -39
data/lib/devise/hooks/activatable.rb +7 -6
data/lib/devise/hooks/csrf_cleaner.rb +5 -1
data/lib/devise/hooks/forgetable.rb +2 -0
data/lib/devise/hooks/lockable.rb +7 -2
data/lib/devise/hooks/proxy.rb +4 -2
data/lib/devise/hooks/rememberable.rb +4 -2
data/lib/devise/hooks/timeoutable.rb +16 -9
data/lib/devise/hooks/trackable.rb +3 -1
data/lib/devise/mailers/helpers.rb +15 -12
data/lib/devise/mapping.rb +8 -2
data/lib/devise/models.rb +3 -1
data/lib/devise/models/authenticatable.rb +63 -36
data/lib/devise/models/confirmable.rb +121 -41
data/lib/devise/models/database_authenticatable.rb +66 -23
data/lib/devise/models/lockable.rb +30 -17
data/lib/devise/models/omniauthable.rb +3 -1
data/lib/devise/models/recoverable.rb +62 -26
data/lib/devise/models/registerable.rb +2 -0
data/lib/devise/models/rememberable.rb +62 -33
data/lib/devise/models/timeoutable.rb +4 -8
data/lib/devise/models/trackable.rb +12 -3
data/lib/devise/models/validatable.rb +16 -9
data/lib/devise/modules.rb +12 -10
data/lib/devise/omniauth.rb +2 -0
data/lib/devise/omniauth/config.rb +2 -0
data/lib/devise/omniauth/url_helpers.rb +14 -5
data/lib/devise/orm/active_record.rb +5 -1
data/lib/devise/orm/mongoid.rb +6 -2
data/lib/devise/parameter_filter.rb +2 -0
data/lib/devise/parameter_sanitizer.rb +131 -69
data/lib/devise/rails.rb +10 -13
data/lib/devise/rails/routes.rb +147 -116
data/lib/devise/rails/warden_compat.rb +3 -10
data/lib/devise/secret_key_finder.rb +25 -0
data/lib/devise/strategies/authenticatable.rb +20 -9
data/lib/devise/strategies/base.rb +3 -1
data/lib/devise/strategies/database_authenticatable.rb +8 -5
data/lib/devise/strategies/rememberable.rb +15 -3
data/lib/devise/test/controller_helpers.rb +165 -0
data/lib/devise/test/integration_helpers.rb +63 -0
data/lib/devise/test_helpers.rb +7 -124
data/lib/devise/time_inflector.rb +4 -2
data/lib/devise/token_generator.rb +3 -41
data/lib/devise/version.rb +3 -1
data/lib/generators/active_record/devise_generator.rb +47 -10
data/lib/generators/active_record/templates/migration.rb +9 -7
data/lib/generators/active_record/templates/migration_existing.rb +9 -7
data/lib/generators/devise/controllers_generator.rb +46 -0
data/lib/generators/devise/devise_generator.rb +9 -5
data/lib/generators/devise/install_generator.rb +22 -0
data/lib/generators/devise/orm_helpers.rb +8 -19
data/lib/generators/devise/views_generator.rb +51 -28
data/lib/generators/mongoid/devise_generator.rb +22 -19
data/lib/generators/templates/README +5 -12
data/lib/generators/templates/controllers/README +14 -0
data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
data/lib/generators/templates/devise.rb +64 -35
data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
data/lib/generators/templates/markerb/email_changed.markerb +7 -0
data/lib/generators/templates/markerb/password_change.markerb +3 -0
data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
data/lib/generators/templates/simple_form_for/sessions/new.html.erb +6 -6
data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
data/test/controllers/custom_registrations_controller_test.rb +42 -0
data/test/controllers/custom_strategy_test.rb +10 -6
data/test/controllers/helper_methods_test.rb +24 -0
data/test/controllers/helpers_test.rb +88 -40
data/test/controllers/inherited_controller_i18n_messages_test.rb +53 -0
data/test/controllers/internal_helpers_test.rb +31 -22
data/test/controllers/load_hooks_controller_test.rb +21 -0
data/test/controllers/passwords_controller_test.rb +8 -5
data/test/controllers/sessions_controller_test.rb +42 -33
data/test/controllers/url_helpers_test.rb +13 -5
data/test/delegator_test.rb +3 -1
data/test/devise_test.rb +34 -19
data/test/failure_app_test.rb +150 -42
data/test/generators/active_record_generator_test.rb +58 -31
data/test/generators/controllers_generator_test.rb +50 -0
data/test/generators/devise_generator_test.rb +4 -2
data/test/generators/install_generator_test.rb +16 -3
data/test/generators/mongoid_generator_test.rb +5 -3
data/test/generators/views_generator_test.rb +40 -2
data/test/helpers/devise_helper_test.rb +20 -20
data/test/integration/authenticatable_test.rb +134 -141
data/test/integration/confirmable_test.rb +109 -67
data/test/integration/database_authenticatable_test.rb +36 -23
data/test/integration/http_authenticatable_test.rb +29 -20
data/test/integration/lockable_test.rb +52 -49
data/test/integration/mounted_engine_test.rb +38 -0
data/test/integration/omniauthable_test.rb +30 -15
data/test/integration/recoverable_test.rb +76 -61
data/test/integration/registerable_test.rb +107 -91
data/test/integration/rememberable_test.rb +82 -30
data/test/integration/timeoutable_test.rb +48 -40
data/test/integration/trackable_test.rb +15 -8
data/test/mailers/confirmation_instructions_test.rb +16 -14
data/test/mailers/email_changed_test.rb +132 -0
data/test/mailers/mailer_test.rb +20 -0
data/test/mailers/reset_password_instructions_test.rb +13 -11
data/test/mailers/unlock_instructions_test.rb +12 -10
data/test/mapping_test.rb +15 -6
data/test/models/authenticatable_test.rb +15 -3
data/test/models/confirmable_test.rb +190 -95
data/test/models/database_authenticatable_test.rb +75 -41
data/test/models/lockable_test.rb +115 -61
data/test/models/omniauthable_test.rb +3 -1
data/test/models/recoverable_test.rb +116 -37
data/test/models/registerable_test.rb +3 -1
data/test/models/rememberable_test.rb +95 -94
data/test/models/serializable_test.rb +19 -8
data/test/models/timeoutable_test.rb +10 -8
data/test/models/trackable_test.rb +50 -1
data/test/models/validatable_test.rb +24 -30
data/test/models_test.rb +19 -8
data/test/omniauth/config_test.rb +15 -11
data/test/omniauth/url_helpers_test.rb +8 -9
data/test/orm/active_record.rb +16 -2
data/test/orm/mongoid.rb +4 -2
data/test/parameter_sanitizer_test.rb +53 -57
data/test/rails_app/app/active_record/admin.rb +2 -0
data/test/rails_app/app/active_record/shim.rb +3 -1
data/test/rails_app/app/active_record/user.rb +14 -0
data/test/rails_app/app/active_record/user_on_engine.rb +9 -0
data/test/rails_app/app/active_record/user_on_main_app.rb +9 -0
data/test/rails_app/app/active_record/user_with_validations.rb +12 -0
data/test/rails_app/app/active_record/user_without_email.rb +10 -0
data/test/rails_app/app/controllers/admins/sessions_controller.rb +3 -1
data/test/rails_app/app/controllers/admins_controller.rb +3 -6
data/test/rails_app/app/controllers/application_controller.rb +7 -3
data/test/rails_app/app/controllers/application_with_fake_engine.rb +32 -0
data/test/rails_app/app/controllers/custom/registrations_controller.rb +33 -0
data/test/rails_app/app/controllers/home_controller.rb +7 -1
data/test/rails_app/app/controllers/publisher/registrations_controller.rb +3 -1
data/test/rails_app/app/controllers/publisher/sessions_controller.rb +3 -1
data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +7 -5
data/test/rails_app/app/controllers/users_controller.rb +8 -6
data/test/rails_app/app/helpers/application_helper.rb +2 -0
data/test/rails_app/app/mailers/users/from_proc_mailer.rb +5 -0
data/test/rails_app/app/mailers/users/mailer.rb +3 -10
data/test/rails_app/app/mailers/users/reply_to_mailer.rb +6 -0
data/test/rails_app/app/mongoid/admin.rb +13 -11
data/test/rails_app/app/mongoid/shim.rb +4 -2
data/test/rails_app/app/mongoid/user.rb +30 -19
data/test/rails_app/app/mongoid/user_on_engine.rb +41 -0
data/test/rails_app/app/mongoid/user_on_main_app.rb +41 -0
data/test/rails_app/app/mongoid/user_with_validations.rb +37 -0
data/test/rails_app/app/mongoid/user_without_email.rb +35 -0
data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -1
data/test/rails_app/app/views/home/index.html.erb +1 -1
data/test/rails_app/app/views/home/join.html.erb +1 -1
data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -1
data/test/rails_app/app/views/layouts/application.html.erb +1 -1
data/test/rails_app/config/application.rb +13 -5
data/test/rails_app/config/boot.rb +17 -4
data/test/rails_app/config/environment.rb +2 -0
data/test/rails_app/config/environments/development.rb +2 -0
data/test/rails_app/config/environments/production.rb +10 -2
data/test/rails_app/config/environments/test.rb +14 -3
data/test/rails_app/config/initializers/backtrace_silencers.rb +2 -0
data/test/rails_app/config/initializers/devise.rb +22 -21
data/test/rails_app/config/initializers/inflections.rb +2 -0
data/test/rails_app/config/initializers/secret_token.rb +3 -6
data/test/rails_app/config/initializers/session_store.rb +2 -0
data/test/rails_app/config/routes.rb +67 -43
data/test/rails_app/db/migrate/20100401102949_create_tables.rb +16 -10
data/test/rails_app/db/schema.rb +2 -0
data/test/rails_app/lib/shared_admin.rb +10 -4
data/test/rails_app/lib/shared_user.rb +4 -1
data/test/rails_app/lib/shared_user_without_email.rb +28 -0
data/test/rails_app/lib/shared_user_without_omniauth.rb +15 -0
data/test/rails_test.rb +11 -0
data/test/routes_test.rb +92 -61
data/test/secret_key_finder_test.rb +97 -0
data/test/support/action_controller/record_identifier.rb +12 -0
data/test/support/assertions.rb +4 -14
data/test/support/helpers.rb +23 -10
data/test/support/http_method_compatibility.rb +53 -0
data/test/support/integration.rb +19 -16
data/test/support/mongoid.yml +6 -0
data/test/support/webrat/integrations/rails.rb +11 -0
data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +60 -40
data/test/test/integration_helpers_test.rb +34 -0
data/test/test_helper.rb +9 -0
data/test/test_models.rb +8 -6
metadata +123 -53
data/gemfiles/Gemfile.rails-3.2.x +0 -31
data/gemfiles/Gemfile.rails-3.2.x.lock +0 -159

data/test/rails_app/config/environments/production.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 RailsApp::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
@@ -20,7 +22,13 @@ RailsApp::Application.configure do
   # config.action_dispatch.rack_cache = true
   # Disable Rails's static asset server (Apache or nginx will already do this).
-  config.serve_static_assets = false
+  if Rails.version >= "5.0.0"
+    config.public_file_server.enabled = false
+  elsif Rails.version >= "4.2.0"
+    config.serve_static_files = false
+  else
+    config.serve_static_assets = false
+  end
   # Compress JavaScripts and CSS.
   config.assets.js_compressor  = :uglifier
@@ -46,7 +54,7 @@ RailsApp::Application.configure do
   config.log_level = :info
   # Prepend all log lines with the following tags.
-  # config.log_tags = [ :subdomain, :uuid ]
+  # config.log_tags = [:subdomain, :uuid]
   # Use a different logger for distributed setups.
   # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)

data/test/rails_app/config/environments/test.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 RailsApp::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
@@ -12,9 +14,18 @@ RailsApp::Application.configure do
   # preloads Rails for running tests, you may have to set it to true.
   config.eager_load = false
-  # Configure static asset server for tests with Cache-Control for performance.
-  config.serve_static_assets = true
-  config.static_cache_control = "public, max-age=3600"
+  # Disable serving static files from the `/public` folder by default since
+  # Apache or NGINX already handles this.
+  if Rails.version >= "5.0.0"
+    config.public_file_server.enabled = true
+    config.public_file_server.headers = {'Cache-Control' => 'public, max-age=3600'}
+  elsif Rails.version >= "4.2.0"
+    config.serve_static_files = true
+    config.static_cache_control = "public, max-age=3600"
+  else
+    config.serve_static_assets = true
+    config.static_cache_control = "public, max-age=3600"
+  end
   # Show full error reports and disable caching.
   config.consider_all_requests_local       = true

data/test/rails_app/config/initializers/backtrace_silencers.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # Be sure to restart your server when you modify this file.
 # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.

data/test/rails_app/config/initializers/devise.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require "omniauth-facebook"
 require "omniauth-openid"
@@ -12,6 +14,8 @@ Devise.setup do |config|
   # note that it will be overwritten if you use your own mailer class with default "from" parameter.
   config.mailer_sender = "please-change-me@config-initializers-devise.com"
+  config.parent_controller = "ApplicationWithFakeEngine"
   # Configure the class responsible to send e-mails.
   # config.mailer = "Devise::Mailer"
@@ -29,7 +33,7 @@ Devise.setup do |config|
   # session. If you need permissions, you should implement that in a before filter.
   # You can also supply hash where the value is a boolean expliciting if authentication
   # should be aborted or not if the value is not present. By default is empty.
-  # config.authentication_keys = [ :email ]
+  # config.authentication_keys = [:email]
   # Configure parameters from the request object used for authentication. Each entry
   # given should be a request method and it will automatically be passed to
@@ -41,12 +45,12 @@ Devise.setup do |config|
   # Configure which authentication keys should be case-insensitive.
   # These keys will be downcased upon creating or modifying a user and when used
   # to authenticate or find a user. Default is :email.
-  config.case_insensitive_keys = [ :email ]
+  config.case_insensitive_keys = [:email]
   # Configure which authentication keys should have whitespace stripped.
   # These keys will have whitespace before and after removed upon creating or
   # modifying a user and when used to authenticate or find a user. Default is :email.
-  config.strip_whitespace_keys = [ :email ]
+  config.strip_whitespace_keys = [:email]
   # Tell if authentication through request.params is enabled. True by default.
   # config.params_authenticatable = true
@@ -66,8 +70,8 @@ Devise.setup do |config|
   config.stretches = Rails.env.test? ? 1 : 10
   # ==> Configuration for :confirmable
-  # The time you want to give your user to confirm his account. During this time
-  # he will be able to access your application without confirming. Default is nil.
+  # The time you want to give your user to confirm their account. During this time
+  # they will be able to access your application without confirming. Default is nil.
   # When allow_unconfirmed_access_for is zero, the user won't be able to sign in without confirming.
   # You can use this to let your user access some features of your application
   # without confirming the account, but blocking it after a certain period
@@ -75,21 +79,18 @@ Devise.setup do |config|
   # config.allow_unconfirmed_access_for = 2.days
   # Defines which key will be used when confirming an account
-  # config.confirmation_keys = [ :email ]
+  # config.confirmation_keys = [:email]
   # ==> Configuration for :rememberable
   # The time the user will be remembered without asking for credentials again.
   # config.remember_for = 2.weeks
-  # If true, a valid remember token can be re-used between multiple browsers.
-  # config.remember_across_browsers = true
   # If true, extends the user's remember period when remembered via cookie.
   # config.extend_remember_period = false
   # ==> Configuration for :validatable
-  # Range for password length. Default is 8..128.
-  # config.password_length = 8..128
+  # Range for password length. Default is 8..72.
+  # config.password_length = 8..72
   # Regex to use to validate the email address
   # config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
@@ -106,7 +107,7 @@ Devise.setup do |config|
   # config.lock_strategy = :failed_attempts
   # Defines which key will be used when locking and unlocking an account
-  # config.unlock_keys = [ :email ]
+  # config.unlock_keys = [:email]
   # Defines which strategy will be used to unlock an account.
   # :email = Sends an unlock link to the user email
@@ -125,19 +126,19 @@ Devise.setup do |config|
   # ==> Configuration for :recoverable
   #
   # Defines which key will be used when recovering the password for an account
-  # config.reset_password_keys = [ :email ]
+  # config.reset_password_keys = [:email]
   # Time interval you can reset your password with a reset password key.
   # Don't put a too small interval or your users won't have the time to
   # change their passwords.
   config.reset_password_within = 2.hours
-  # Setup a pepper to generate the encrypted password.
-  config.pepper = "d142367154e5beacca404b1a6a4f8bc52c6fdcfa3ccc3cf8eb49f3458a688ee6ac3b9fae488432a3bfca863b8a90008368a9f3a3dfbe5a962e64b6ab8f3a3a1a"
+  # When set to false, does not sign a user in automatically after their password is
+  # reset. Defaults to true, so a user is signed in automatically after a reset.
+  # config.sign_in_after_reset_password = true
-  # ==> Configuration for :token_authenticatable
-  # Defines name of the authentication token params key
-  # config.token_authentication_key = :auth_token
+  # Set up a pepper to generate the encrypted password.
+  config.pepper = "d142367154e5beacca404b1a6a4f8bc52c6fdcfa3ccc3cf8eb49f3458a688ee6ac3b9fae488432a3bfca863b8a90008368a9f3a3dfbe5a962e64b6ab8f3a3a1a"
   # ==> Scopes configuration
   # Turn scoped views on. Before rendering "sessions/new", it will first check for
@@ -166,9 +167,9 @@ Devise.setup do |config|
   # config.sign_out_via = :get
   # ==> OmniAuth
-  config.omniauth :facebook, 'APP_ID', 'APP_SECRET', :scope => 'email,offline_access'
+  config.omniauth :facebook, 'APP_ID', 'APP_SECRET', scope: 'email,offline_access'
   config.omniauth :openid
-  config.omniauth :openid, :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id'
+  config.omniauth :openid, name: 'google', identifier: 'https://www.google.com/accounts/o8/id'
   # ==> Warden configuration
   # If you want to use other strategies, that are not supported by Devise, or
@@ -176,6 +177,6 @@ Devise.setup do |config|
   #
   # config.warden do |manager|
   #   manager.failure_app = AnotherApp
-  #   manager.default_strategies(:scope => :user).unshift :some_external_strategy
+  #   manager.default_strategies(scope: :user).unshift :some_external_strategy
   # end
 end

data/test/rails_app/config/initializers/inflections.rb CHANGED

@@ -1,2 +1,4 @@
+# frozen_string_literal: true
 ActiveSupport::Inflector.inflections do |inflect|
 end

data/test/rails_app/config/initializers/secret_token.rb CHANGED

@@ -1,8 +1,5 @@
+# frozen_string_literal: true
 config = Rails.application.config
-if Devise.rails4?
-  config.secret_key_base = 'd588e99efff13a86461fd6ab82327823ad2f8feb5dc217ce652cdd9f0dfc5eb4b5a62a92d24d2574d7d51dfb1ea8dd453ea54e00cf672159a13104a135422a10'
-else
-  config.secret_token = 'ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571'
-  config.session_store :cookie_store, :key => "_my_app"
-end
+config.secret_key_base = 'd588e99efff13a86461fd6ab82327823ad2f8feb5dc217ce652cdd9f0dfc5eb4b5a62a92d24d2574d7d51dfb1ea8dd453ea54e00cf672159a13104a135422a10'

data/test/rails_app/config/initializers/session_store.rb CHANGED

@@ -1 +1,3 @@
+# frozen_string_literal: true
 RailsApp::Application.config.session_store :cookie_store, key: '_rails_app_session'

data/test/rails_app/config/routes.rb CHANGED

@@ -1,6 +1,8 @@
+# frozen_string_literal: true
 Rails.application.routes.draw do
   # Resources for testing
-  resources :users, :only => [:index] do
+  resources :users, only: [:index] do
     member do
       get :expire
       get :accept
@@ -9,96 +11,118 @@ Rails.application.routes.draw do
     end
     authenticate do
-      post :exhibit, :on => :member
+      post :exhibit, on: :member
     end
   end
-  resources :admins, :only => [:index] do
-    get :expire, :on => :member
-  end
+  resources :admins, only: [:index]
   # Users scope
-  devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
+  devise_for :users, controllers: { omniauth_callbacks: "users/omniauth_callbacks" }
+  devise_for :user_on_main_apps,
+    class_name: 'UserOnMainApp',
+    router_name: :main_app,
+    module: :devise
+  devise_for :user_on_engines,
+    class_name: 'UserOnEngine',
+    router_name: :fake_engine,
+    module: :devise
+  devise_for :user_without_email,
+    class_name: 'UserWithoutEmail',
+    router_name: :main_app,
+    module: :devise
   as :user do
-    get "/as/sign_in", :to => "devise/sessions#new"
+    get "/as/sign_in", to: "devise/sessions#new"
   end
-  get "/sign_in", :to => "devise/sessions#new"
+  get "/sign_in", to: "devise/sessions#new"
+  # Routes for custom controller testing
+  devise_for :user, only: [:registrations], controllers: { registrations: "custom/registrations" }, as: :custom, path: :custom
   # Admin scope
-  devise_for :admin, :path => "admin_area", :controllers => { :sessions => :"admins/sessions" }, :skip => :passwords
+  devise_for :admin, path: "admin_area", controllers: { sessions: :"admins/sessions" }, skip: :passwords
-  get "/admin_area/home", :to => "admins#index", :as => :admin_root
-  get "/anywhere", :to => "foo#bar", :as => :new_admin_password
+  get "/admin_area/home", to: "admins#index", as: :admin_root
+  get "/anywhere", to: "foo#bar", as: :new_admin_password
   authenticate(:admin) do
-    get "/private", :to => "home#private", :as => :private
+    get "/private", to: "home#private", as: :private
   end
   authenticate(:admin, lambda { |admin| admin.active? }) do
-    get "/private/active", :to => "home#private", :as => :private_active
+    get "/private/active", to: "home#private", as: :private_active
   end
   authenticated :admin do
-    get "/dashboard", :to => "home#admin_dashboard"
+    get "/dashboard", to: "home#admin_dashboard"
   end
   authenticated :admin, lambda { |admin| admin.active? } do
-    get "/dashboard/active", :to => "home#admin_dashboard"
+    get "/dashboard/active", to: "home#admin_dashboard"
   end
   authenticated do
-    get "/dashboard", :to => "home#user_dashboard"
+    get "/dashboard", to: "home#user_dashboard"
   end
   unauthenticated do
-    get "/join", :to => "home#join"
+    get "/join", to: "home#join"
   end
   # Routes for constraints testing
-  devise_for :headquarters_admin, :class_name => "Admin", :path => "headquarters", :constraints => {:host => /192\.168\.1\.\d\d\d/}
+  devise_for :headquarters_admin, class_name: "Admin", path: "headquarters", constraints: {host: /192\.168\.1\.\d\d\d/}
+  constraints(host: /192\.168\.1\.\d\d\d/) do
+    devise_for :homebase_admin, class_name: "Admin", path: "homebase"
+  end
-  constraints(:host => /192\.168\.1\.\d\d\d/) do
-    devise_for :homebase_admin, :class_name => "Admin", :path => "homebase"
+  scope(subdomain: 'sub') do
+    devise_for :subdomain_users, class_name: "User", only: [:sessions]
   end
-  devise_for :skip_admin, :class_name => "Admin", :skip => :all
+  devise_for :skip_admin, class_name: "Admin", skip: :all
   # Routes for format=false testing
-  devise_for :htmlonly_admin, :class_name => "Admin", :skip => [:confirmations, :unlocks], :path => "htmlonly_admin", :format => false, :skip_helpers => [:confirmations, :unlocks]
-  devise_for :htmlonly_users, :class_name => "User", :only => [:confirmations, :unlocks], :path => "htmlonly_users", :format => false, :skip_helpers => true
+  devise_for :htmlonly_admin, class_name: "Admin", skip: [:confirmations, :unlocks], path: "htmlonly_admin", format: false, skip_helpers: [:confirmations, :unlocks]
+  devise_for :htmlonly_users, class_name: "User", only: [:confirmations, :unlocks], path: "htmlonly_users", format: false, skip_helpers: true
   # Other routes for routing_test.rb
-  devise_for :reader, :class_name => "User", :only => :passwords
+  devise_for :reader, class_name: "User", only: :passwords
-  scope :host => "sub.example.com" do
-    devise_for :sub_admin, :class_name => "Admin"
+  scope host: "sub.example.com" do
+    devise_for :sub_admin, class_name: "Admin"
   end
-  namespace :publisher, :path_names => { :sign_in => "i_dont_care", :sign_out => "get_out" } do
-    devise_for :accounts, :class_name => "Admin", :path_names => { :sign_in => "get_in" }
+  namespace :publisher, path_names: { sign_in: "i_dont_care", sign_out: "get_out" } do
+    devise_for :accounts, class_name: "Admin", path_names: { sign_in: "get_in" }
   end
-  scope ":locale", :module => :invalid do
-    devise_for :accounts, :singular => "manager", :class_name => "Admin",
-      :path_names => {
-        :sign_in => "login", :sign_out => "logout",
-        :password => "secret", :confirmation => "verification",
-        :unlock => "unblock", :sign_up => "register",
-        :registration => "management", :cancel => "giveup"
-      }, :failure_app => lambda { |env| [404, {"Content-Type" => "text/plain"}, ["Oops, not found"]] }, :module => :devise
+  scope ":locale", module: :invalid do
+    devise_for :accounts, singular: "manager", class_name: "Admin",
+      path_names: {
+        sign_in: "login", sign_out: "logout",
+        password: "secret", confirmation: "verification",
+        unlock: "unblock", sign_up: "register",
+        registration: "management",
+        cancel: "giveup", edit: "edit/profile"
+      }, failure_app: lambda { |env| [404, {"Content-Type" => "text/plain"}, ["Oops, not found"]] }, module: :devise
   end
-  namespace :sign_out_via, :module => "devise" do
-    devise_for :deletes, :sign_out_via => :delete, :class_name => "Admin"
-    devise_for :posts, :sign_out_via => :post, :class_name => "Admin"
-    devise_for :delete_or_posts, :sign_out_via => [:delete, :post], :class_name => "Admin"
+  namespace :sign_out_via, module: "devise" do
+    devise_for :deletes, sign_out_via: :delete, class_name: "Admin"
+    devise_for :posts, sign_out_via: :post, class_name: "Admin"
+    devise_for :gets, sign_out_via: :get, class_name: "Admin"
+    devise_for :delete_or_posts, sign_out_via: [:delete, :post], class_name: "Admin"
   end
-  get "/set", :to => "home#set"
-  get "/unauthenticated", :to => "home#unauthenticated"
+  get "/set", to: "home#set"
+  get "/unauthenticated", to: "home#unauthenticated"
   get "/custom_strategy/new"
-  root :to => "home#index", :via => [:get, :post]
+  root to: "home#index", via: [:get, :post]
 end

data/test/rails_app/db/migrate/20100401102949_create_tables.rb CHANGED

@@ -1,12 +1,18 @@
-class CreateTables < ActiveRecord::Migration
+# frozen_string_literal: true
+superclass = ActiveRecord::Migration
+# TODO: Inherit from the 5.0 Migration class directly when we drop support for Rails 4.
+superclass = ActiveRecord::Migration[5.0] if superclass.respond_to?(:[])
+class CreateTables < superclass
   def self.up
     create_table :users do |t|
       t.string :username
       t.string :facebook_token
       ## Database authenticatable
-      t.string :email,              :null => false, :default => ""
-      t.string :encrypted_password, :null => false, :default => ""
+      t.string :email,              null: false, default: ""
+      t.string :encrypted_password, null: false, default: ""
       ## Recoverable
       t.string   :reset_password_token
@@ -16,7 +22,7 @@ class CreateTables < ActiveRecord::Migration
       t.datetime :remember_created_at
       ## Trackable
-      t.integer  :sign_in_count, :default => 0
+      t.integer  :sign_in_count, default: 0
       t.datetime :current_sign_in_at
       t.datetime :last_sign_in_at
       t.string   :current_sign_in_ip
@@ -29,17 +35,17 @@ class CreateTables < ActiveRecord::Migration
       # t.string   :unconfirmed_email # Only if using reconfirmable
       ## Lockable
-      t.integer  :failed_attempts, :default => 0 # Only if lock strategy is :failed_attempts
+      t.integer  :failed_attempts, default: 0 # Only if lock strategy is :failed_attempts
       t.string   :unlock_token # Only if unlock strategy is :email or :both
       t.datetime :locked_at
-      t.timestamps
+      t.timestamps null: false
     end
     create_table :admins do |t|
       ## Database authenticatable
-      t.string :email,              :null => true
-      t.string :encrypted_password, :null => true
+      t.string :email,              null: true
+      t.string :encrypted_password, null: true
       ## Recoverable
       t.string   :reset_password_token
@@ -58,9 +64,9 @@ class CreateTables < ActiveRecord::Migration
       t.datetime :locked_at
       ## Attribute for testing route blocks
-      t.boolean :active, :default => false
+      t.boolean :active, default: false
-      t.timestamps
+      t.timestamps null: false
     end
   end

data/test/rails_app/db/schema.rb CHANGED

@@ -1,4 +1,6 @@
 # encoding: UTF-8
+# frozen_string_literal: true
 # This file is auto-generated from the current state of the database. Instead
 # of editing this file, please use the migrations feature of Active Record to
 # incrementally modify your database, and then regenerate this schema definition.