devise 3.2.2 → 3.2.3

data/test/generators/mongoid_generator_test.rb

@@ -7,12 +7,12 @@ if DEVISE_ORM == :mongoid
     tests Mongoid::Generators::DeviseGenerator
     destination File.expand_path("../../tmp", __FILE__)
     setup :prepare_destination
-  
+
     test "all files are properly created" do
       run_generator %w(monster)
       assert_file "app/models/monster.rb", /devise/
     end
-  
+
     test "all files are properly deleted" do
       run_generator %w(monster)
       run_generator %w(monster), :behavior => :revoke

data/test/integration/recoverable_test.rb

@@ -39,7 +39,7 @@ class PasswordTest < ActionDispatch::IntegrationTest
     end
 
     assert_current_url '/users/sign_in'
-    assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
+    assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
   end
 
   test 'reset password with email should send an email from a custom mailer' do
@@ -78,7 +78,7 @@ class PasswordTest < ActionDispatch::IntegrationTest
     end
 
     assert_current_url '/users/sign_in'
-    assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
+    assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
   end
 
   test 'reset password with email with extra whitespace should fail when email is NOT the list of strip whitespace keys' do
@@ -111,7 +111,7 @@ class PasswordTest < ActionDispatch::IntegrationTest
     request_forgot_password
 
     assert_current_url '/users/sign_in'
-    assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
+    assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
   end
 
   test 'not authenticated user with invalid email should receive an error message' do
@@ -139,7 +139,7 @@ class PasswordTest < ActionDispatch::IntegrationTest
     assert_redirected_to "/users/sign_in"
   end
 
-  test 'not authenticated user with invalid reset password token should not be able to change his password' do
+  test 'not authenticated user with invalid reset password token should not be able to change their password' do
     user = create_user
     reset_password :reset_password_token => 'invalid_reset_password'
 
@@ -150,7 +150,7 @@ class PasswordTest < ActionDispatch::IntegrationTest
     assert_not user.reload.valid_password?('987654321')
   end
 
-  test 'not authenticated user with valid reset password token but invalid password should not be able to change his password' do
+  test 'not authenticated user with valid reset password token but invalid password should not be able to change their password' do
     user = create_user
     request_forgot_password
     reset_password do
@@ -165,7 +165,7 @@ class PasswordTest < ActionDispatch::IntegrationTest
     assert_not user.reload.valid_password?('987654321')
   end
 
-  test 'not authenticated user with valid data should be able to change his password' do
+  test 'not authenticated user with valid data should be able to change their password' do
     user = create_user
     request_forgot_password
     reset_password
@@ -175,7 +175,7 @@ class PasswordTest < ActionDispatch::IntegrationTest
     assert user.reload.valid_password?('987654321')
   end
 
-  test 'after entering invalid data user should still be able to change his password' do
+  test 'after entering invalid data user should still be able to change their password' do
     user = create_user
     request_forgot_password
 

data/test/integration/registerable_test.rb

@@ -140,7 +140,7 @@ class RegistrationTest < ActionDispatch::IntegrationTest
     assert_redirected_to root_path
   end
 
-  test 'a signed in user should be able to edit his account' do
+  test 'a signed in user should be able to edit their account' do
     sign_in_as_user
     get edit_user_registration_path
 
@@ -154,7 +154,7 @@ class RegistrationTest < ActionDispatch::IntegrationTest
     assert_equal "user.new@example.com", User.first.email
   end
 
-  test 'a signed in user should still be able to use the website after changing his password' do
+  test 'a signed in user should still be able to use the website after changing their password' do
     sign_in_as_user
     get edit_user_registration_path
 
@@ -168,7 +168,7 @@ class RegistrationTest < ActionDispatch::IntegrationTest
     assert warden.authenticated?(:user)
   end
 
-  test 'a signed in user should not change his current user with invalid password' do
+  test 'a signed in user should not change their current user with invalid password' do
     sign_in_as_user
     get edit_user_registration_path
 
@@ -183,7 +183,7 @@ class RegistrationTest < ActionDispatch::IntegrationTest
     assert_equal "user@test.com", User.first.email
   end
 
-  test 'a signed in user should be able to edit his password' do
+  test 'a signed in user should be able to edit their password' do
     sign_in_as_user
     get edit_user_registration_path
 
@@ -198,7 +198,7 @@ class RegistrationTest < ActionDispatch::IntegrationTest
     assert User.first.valid_password?('pass1234')
   end
 
-  test 'a signed in user should not be able to edit his password with invalid confirmation' do
+  test 'a signed in user should not be able to edit their password with invalid confirmation' do
     sign_in_as_user
     get edit_user_registration_path
 
@@ -212,7 +212,7 @@ class RegistrationTest < ActionDispatch::IntegrationTest
     assert_not User.first.valid_password?('pas123')
   end
 
-  test 'a signed in user should be able to cancel his account' do
+  test 'a signed in user should be able to cancel their account' do
     sign_in_as_user
     get edit_user_registration_path
 
@@ -286,7 +286,7 @@ class RegistrationTest < ActionDispatch::IntegrationTest
     assert_equal user.reload.email, 'user@test.com'
   end
 
-  test 'a user cancel his account in XML format should return valid response' do
+  test 'a user cancel their account in XML format should return valid response' do
     sign_in_as_user
     delete user_registration_path(:format => 'xml')
     assert_response :success
@@ -295,7 +295,7 @@ class RegistrationTest < ActionDispatch::IntegrationTest
 end
 
 class ReconfirmableRegistrationTest < ActionDispatch::IntegrationTest
-  test 'a signed in admin should see a more appropriate flash message when editing his account if reconfirmable is enabled' do
+  test 'a signed in admin should see a more appropriate flash message when editing their account if reconfirmable is enabled' do
     sign_in_as_admin
     get edit_admin_registration_path
 
@@ -326,7 +326,7 @@ class ReconfirmableRegistrationTest < ActionDispatch::IntegrationTest
     assert Admin.first.valid_password?('pas123')
   end
 
-  test 'a signed in admin should not see a reconfirmation message if he did not change his email, despite having an unconfirmed email' do
+  test 'a signed in admin should not see a reconfirmation message if they did not change their email, despite having an unconfirmed email' do
     sign_in_as_admin
 
     get edit_admin_registration_path

data/test/integration/rememberable_test.rb

@@ -25,7 +25,7 @@ class RememberMeTest < ActionDispatch::IntegrationTest
     Time.parse(expires).utc
   end
 
-  test 'do not remember the user if he has not checked remember me option' do
+  test 'do not remember the user if they have not checked remember me option' do
     sign_in_as_user
     assert_nil request.cookies["remember_user_cookie"]
   end
@@ -95,7 +95,7 @@ class RememberMeTest < ActionDispatch::IntegrationTest
     assert_match /remember_user_token[^\n]*HttpOnly/, response.headers["Set-Cookie"], "Expected Set-Cookie header in response to set HttpOnly flag on remember_user_token cookie."
   end
 
-  test 'remember the user before sign up and redirect him to his home' do
+  test 'remember the user before sign up and redirect them to their home' do
     create_user_and_remember
     get new_user_registration_path
     assert warden.authenticated?(:user)

data/test/integration/trackable_test.rb

@@ -63,7 +63,7 @@ class TrackableHooksTest < ActionDispatch::IntegrationTest
   end
 
   test "does not update anything if user has signed out along the way" do
-    swap Devise, :allow_unconfirmed_access_for => 0 do
+    swap Devise, :allow_unconfirmed_access_for => 0.days do
       user = create_user(:confirm => false)
       sign_in_as_user
 

data/test/mapping_test.rb

@@ -110,12 +110,12 @@ class MappingTest < ActiveSupport::TestCase
     assert mapping.lockable?
     assert_not mapping.omniauthable?
   end
-  
+
   test 'find mapping by path' do
     assert_raise RuntimeError do
       Devise::Mapping.find_by_path!('/accounts/facebook/callback')
     end
-    
+
     assert_nothing_raised do
       Devise::Mapping.find_by_path!('/:locale/accounts/login')
     end
@@ -123,5 +123,5 @@ class MappingTest < ActiveSupport::TestCase
     assert_nothing_raised do
       Devise::Mapping.find_by_path!('/accounts/facebook/callback', :path)
     end
-  end  
+  end
 end

data/test/models/confirmable_test.rb

@@ -155,7 +155,7 @@ class ConfirmableTest < ActiveSupport::TestCase
     assert_not_nil user.reload.confirmation_token
   end
 
-  test 'should not resend email instructions if the user change his email' do
+  test 'should not resend email instructions if the user change their email' do
     user = create_user
     user.email = 'new_test@example.com'
     assert_email_not_sent do

data/test/models/database_authenticatable_test.rb

@@ -231,7 +231,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
     assert !user.valid?
   end
 
-  test 'required_fiels should be encryptable_password and the email field by default' do
+  test 'required_fields should be encryptable_password and the email field by default' do
     assert_same_content Devise::Models::DatabaseAuthenticatable.required_fields(User), [
       :email,
       :encrypted_password

data/test/models/lockable_test.rb

@@ -9,7 +9,7 @@ class LockableTest < ActiveSupport::TestCase
     user = create_user
     user.confirm!
     swap Devise, :maximum_attempts => 2 do
-      3.times { user.valid_for_authentication?{ false } }
+      2.times { user.valid_for_authentication?{ false } }
       assert user.reload.access_locked?
     end
   end
@@ -19,12 +19,12 @@ class LockableTest < ActiveSupport::TestCase
     user.confirm!
 
     swap Devise, :maximum_attempts => 2 do
-      3.times { user.valid_for_authentication?{ false } }
+      2.times { user.valid_for_authentication?{ false } }
       assert user.reload.access_locked?
     end
 
     user.valid_for_authentication?{ true }
-    assert_equal 4, user.reload.failed_attempts
+    assert_equal 3, user.reload.failed_attempts
   end
 
   test "should not touch failed_attempts if lock_strategy is none" do
@@ -130,6 +130,24 @@ class LockableTest < ActiveSupport::TestCase
     end
   end
 
+  test "doesn't send email when you pass option send_instructions to false" do
+    swap Devise, :unlock_strategy => :email do
+      user = create_user
+      assert_email_not_sent do
+        user.lock_access! send_instructions: false
+      end
+    end
+  end
+
+  test "sends email when you pass options other than send_instructions" do
+    swap Devise, :unlock_strategy => :email do
+      user = create_user
+      assert_email_sent do
+        user.lock_access! foo: :bar, bar: :foo
+      end
+    end
+  end
+
   test "should not send email with unlock instructions when :email is not an unlock strategy" do
     swap Devise, :unlock_strategy => :time do
       user = create_user
@@ -284,13 +302,13 @@ class LockableTest < ActiveSupport::TestCase
     swap Devise, :last_attempt_warning => :true do
       swap Devise, :lock_strategy => :failed_attempts do
         user = create_user
-        user.failed_attempts = Devise.maximum_attempts - 1
+        user.failed_attempts = Devise.maximum_attempts - 2
         assert_equal :invalid, user.unauthenticated_message
 
-        user.failed_attempts = Devise.maximum_attempts
+        user.failed_attempts = Devise.maximum_attempts - 1
         assert_equal :last_attempt, user.unauthenticated_message
 
-        user.failed_attempts = Devise.maximum_attempts + 1
+        user.failed_attempts = Devise.maximum_attempts
         assert_equal :locked, user.unauthenticated_message
       end
     end

data/test/models/recoverable_test.rb

@@ -101,14 +101,14 @@ class RecoverableTest < ActiveSupport::TestCase
     assert_not_equal token, user.reload.reset_password_token
   end
 
-  test 'should send email instructions to the user reset his password' do
+  test 'should send email instructions to the user reset their password' do
     user = create_user
     assert_email_sent do
       User.send_reset_password_instructions(:email => user.email)
     end
   end
 
-  test 'should find a user to reset his password based on the raw token' do
+  test 'should find a user to reset their password based on the raw token' do
     user = create_user
     raw  = user.send_reset_password_instructions
 
@@ -180,5 +180,5 @@ class RecoverableTest < ActiveSupport::TestCase
       :reset_password_sent_at,
       :reset_password_token
     ]
-  end  
+  end
 end

data/test/omniauth/config_test.rb

@@ -54,4 +54,4 @@ class OmniAuthConfigTest < ActiveSupport::TestCase
     config_class = config.strategy_class
     assert_equal MyStrategy, config_class
   end
-end
+end

data/test/orm/mongoid.rb

@@ -1,7 +1,7 @@
 require 'mongoid/version'
 
 Mongoid.configure do |config|
-  config.connect_to("devise-test-suite")
+  config.load!('test/support/mongoid.yml')
   config.use_utc = true
   config.include_root_in_json = true
 end

data/test/rails_app/app/active_record/shim.rb

@@ -1,2 +1,2 @@
 module Shim
-end
+end

data/test/rails_app/app/controllers/admins/sessions_controller.rb

@@ -3,4 +3,4 @@ class Admins::SessionsController < Devise::SessionsController
     flash[:special] = "Welcome to #{controller_path.inspect} controller!"
     super
   end
-end
+end

data/test/rails_app/app/controllers/publisher/registrations_controller.rb

@@ -1,2 +1,2 @@
 class Publisher::RegistrationsController < ApplicationController
-end
+end

data/test/rails_app/app/controllers/publisher/sessions_controller.rb

@@ -1,2 +1,2 @@
 class Publisher::SessionsController < ApplicationController
-end
+end

data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb

@@ -11,4 +11,4 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
     sign_in user
     render :text => ""
   end
-end
+end

data/test/rails_app/app/views/admins/sessions/new.html.erb

@@ -1,2 +1,2 @@
 Welcome to "sessions/new" view!
-<%= render :file => "devise/sessions/new" %>
+<%= render :file => "devise/sessions/new" %>

data/test/rails_app/app/views/home/admin_dashboard.html.erb

@@ -1 +1 @@
-Admin dashboard
+Admin dashboard

data/test/rails_app/app/views/home/index.html.erb

@@ -1 +1 @@
-Home!
+Home!

data/test/rails_app/app/views/home/join.html.erb

@@ -1 +1 @@
-Join
+Join

data/test/rails_app/app/views/home/user_dashboard.html.erb

@@ -1 +1 @@
-User dashboard
+User dashboard

data/test/rails_app/config/initializers/devise.rb

@@ -66,8 +66,8 @@ Devise.setup do |config|
   config.stretches = Rails.env.test? ? 1 : 10
 
   # ==> Configuration for :confirmable
-  # The time you want to give your user to confirm his account. During this time
-  # he will be able to access your application without confirming. Default is nil.
+  # The time you want to give your user to confirm their account. During this time
+  # they will be able to access your application without confirming. Default is nil.
   # When allow_unconfirmed_access_for is zero, the user won't be able to sign in without confirming.
   # You can use this to let your user access some features of your application
   # without confirming the account, but blocking it after a certain period

data/test/rails_app/config/routes.rb

@@ -86,7 +86,8 @@ Rails.application.routes.draw do
         :sign_in => "login", :sign_out => "logout",
         :password => "secret", :confirmation => "verification",
         :unlock => "unblock", :sign_up => "register",
-        :registration => "management", :cancel => "giveup"
+        :registration => "management",
+        :cancel => "giveup", :edit => "edit/profile"
       }, :failure_app => lambda { |env| [404, {"Content-Type" => "text/plain"}, ["Oops, not found"]] }, :module => :devise
   end
 

data/test/routes_test.rb

@@ -157,6 +157,10 @@ class CustomizedRoutingTest < ActionController::TestCase
     assert_recognizes({:controller => 'devise/registrations', :action => 'new', :locale => 'en'}, '/en/accounts/management/register')
   end
 
+  test 'map account with custom path name for edit registration' do
+    assert_recognizes({:controller => 'devise/registrations', :action => 'edit', :locale => 'en'}, '/en/accounts/management/edit/profile')
+  end
+
   test 'map account with custom path name for cancel registration' do
     assert_recognizes({:controller => 'devise/registrations', :action => 'cancel', :locale => 'en'}, '/en/accounts/management/giveup')
   end
@@ -235,6 +239,14 @@ class CustomizedRoutingTest < ActionController::TestCase
   test 'map with format false is not permanent' do
     assert_equal "/set.xml", @routes.url_helpers.set_path(:xml)
   end
+
+  test 'checks if mapping has proper configuration for omniauth callback' do
+    assert_raise ArgumentError do
+      @routes.dup.eval_block do
+        devise_for :admin, controllers: {omniauth_callbacks: "users/omniauth_callbacks"}
+      end
+    end
+  end
 end
 
 class ScopedRoutingTest < ActionController::TestCase

data/test/support/action_controller/record_identifier.rb

@@ -0,0 +1,10 @@
+# Since webrat uses ActionController::RecordIdentifier class that was moved to
+# ActionView namespace in Rails 4.1+
+
+unless defined?(ActionController::RecordIdentifier)
+  require 'action_view/record_identifier'
+
+  module ActionController
+    RecordIdentifier = ActionView::RecordIdentifier
+  end
+end

data/test/support/mongoid.yml

@@ -0,0 +1,6 @@
+test:
+  sessions:
+    default:
+      database: devise-test-suite
+      hosts:
+        - localhost:<%= ENV['MONGODB_PORT'] || '27017' %>