devise 3.2.3 → 3.2.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/Gemfile +2 -2
- data/Gemfile.lock +6 -6
- data/README.md +7 -0
- data/Rakefile +1 -1
- data/app/controllers/devise/confirmations_controller.rb +2 -2
- data/app/controllers/devise/omniauth_callbacks_controller.rb +2 -2
- data/app/controllers/devise/passwords_controller.rb +3 -3
- data/app/controllers/devise/registrations_controller.rb +7 -7
- data/app/controllers/devise/sessions_controller.rb +6 -6
- data/app/controllers/devise/unlocks_controller.rb +2 -2
- data/app/controllers/devise_controller.rb +3 -3
- data/app/helpers/devise_helper.rb +2 -2
- data/app/views/devise/confirmations/new.html.erb +2 -2
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +3 -3
- data/app/views/devise/passwords/new.html.erb +2 -2
- data/app/views/devise/registrations/edit.html.erb +6 -6
- data/app/views/devise/registrations/new.html.erb +4 -4
- data/app/views/devise/sessions/new.html.erb +3 -3
- data/app/views/devise/unlocks/new.html.erb +2 -2
- data/devise.gemspec +1 -1
- data/gemfiles/Gemfile.rails-3.2-stable +3 -3
- data/gemfiles/Gemfile.rails-4.0-stable +3 -3
- data/gemfiles/Gemfile.rails-head +3 -3
- data/lib/devise.rb +3 -3
- data/lib/devise/controllers/helpers.rb +5 -5
- data/lib/devise/controllers/rememberable.rb +3 -3
- data/lib/devise/controllers/sign_in_out.rb +8 -8
- data/lib/devise/failure_app.rb +3 -3
- data/lib/devise/hooks/activatable.rb +1 -1
- data/lib/devise/hooks/lockable.rb +1 -1
- data/lib/devise/hooks/proxy.rb +1 -1
- data/lib/devise/hooks/rememberable.rb +1 -1
- data/lib/devise/hooks/timeoutable.rb +1 -1
- data/lib/devise/hooks/trackable.rb +1 -1
- data/lib/devise/mailers/helpers.rb +8 -8
- data/lib/devise/models/authenticatable.rb +3 -3
- data/lib/devise/models/confirmable.rb +9 -9
- data/lib/devise/models/database_authenticatable.rb +1 -1
- data/lib/devise/models/lockable.rb +6 -6
- data/lib/devise/models/omniauthable.rb +1 -1
- data/lib/devise/models/recoverable.rb +1 -1
- data/lib/devise/models/rememberable.rb +3 -3
- data/lib/devise/models/trackable.rb +1 -1
- data/lib/devise/models/validatable.rb +6 -6
- data/lib/devise/modules.rb +9 -9
- data/lib/devise/omniauth/url_helpers.rb +2 -2
- data/lib/devise/rails.rb +1 -1
- data/lib/devise/rails/routes.rb +81 -81
- data/lib/devise/test_helpers.rb +2 -2
- data/lib/devise/time_inflector.rb +1 -1
- data/lib/devise/version.rb +1 -1
- data/lib/generators/active_record/devise_generator.rb +6 -6
- data/lib/generators/active_record/templates/migration.rb +4 -4
- data/lib/generators/active_record/templates/migration_existing.rb +4 -4
- data/lib/generators/devise/devise_generator.rb +3 -3
- data/lib/generators/devise/views_generator.rb +29 -18
- data/lib/generators/mongoid/devise_generator.rb +19 -19
- data/lib/generators/templates/README +2 -2
- data/lib/generators/templates/devise.rb +9 -7
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/helpers_test.rb +31 -31
- data/test/controllers/internal_helpers_test.rb +6 -6
- data/test/controllers/sessions_controller_test.rb +18 -18
- data/test/controllers/url_helpers_test.rb +4 -4
- data/test/delegator_test.rb +1 -1
- data/test/devise_test.rb +3 -3
- data/test/failure_app_test.rb +21 -21
- data/test/generators/active_record_generator_test.rb +4 -4
- data/test/generators/devise_generator_test.rb +2 -2
- data/test/generators/mongoid_generator_test.rb +1 -1
- data/test/generators/views_generator_test.rb +30 -1
- data/test/helpers/devise_helper_test.rb +11 -11
- data/test/integration/authenticatable_test.rb +42 -42
- data/test/integration/confirmable_test.rb +46 -46
- data/test/integration/database_authenticatable_test.rb +16 -16
- data/test/integration/http_authenticatable_test.rb +11 -11
- data/test/integration/lockable_test.rb +37 -37
- data/test/integration/omniauthable_test.rb +3 -3
- data/test/integration/recoverable_test.rb +41 -41
- data/test/integration/registerable_test.rb +49 -49
- data/test/integration/rememberable_test.rb +13 -13
- data/test/integration/timeoutable_test.rb +7 -7
- data/test/integration/trackable_test.rb +2 -2
- data/test/mailers/confirmation_instructions_test.rb +4 -4
- data/test/mailers/reset_password_instructions_test.rb +3 -3
- data/test/mailers/unlock_instructions_test.rb +2 -2
- data/test/models/authenticatable_test.rb +3 -3
- data/test/models/confirmable_test.rb +31 -31
- data/test/models/database_authenticatable_test.rb +27 -27
- data/test/models/lockable_test.rb +29 -29
- data/test/models/recoverable_test.rb +19 -19
- data/test/models/rememberable_test.rb +8 -8
- data/test/models/serializable_test.rb +8 -8
- data/test/models/timeoutable_test.rb +1 -1
- data/test/models/validatable_test.rb +11 -11
- data/test/omniauth/config_test.rb +3 -3
- data/test/omniauth/url_helpers_test.rb +3 -3
- data/test/parameter_sanitizer_test.rb +1 -1
- data/test/rails_app/app/controllers/admins_controller.rb +1 -1
- data/test/rails_app/app/controllers/application_controller.rb +2 -2
- data/test/rails_app/app/controllers/home_controller.rb +1 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +2 -2
- data/test/rails_app/app/controllers/users_controller.rb +5 -5
- data/test/rails_app/app/mailers/users/mailer.rb +4 -4
- data/test/rails_app/app/mongoid/admin.rb +11 -11
- data/test/rails_app/app/mongoid/shim.rb +2 -2
- data/test/rails_app/app/mongoid/user.rb +19 -19
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +2 -2
- data/test/rails_app/config/initializers/devise.rb +3 -3
- data/test/rails_app/config/initializers/secret_token.rb +1 -1
- data/test/rails_app/config/routes.rb +43 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +7 -7
- data/test/rails_app/lib/shared_admin.rb +4 -4
- data/test/routes_test.rb +59 -59
- data/test/support/helpers.rb +4 -4
- data/test/support/integration.rb +12 -12
- data/test/test_helpers_test.rb +3 -3
- data/test/test_models.rb +5 -5
- metadata +4 -4
|
@@ -6,7 +6,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
6
6
|
test 'should downcase case insensitive keys when saving' do
|
|
7
7
|
# case_insensitive_keys is set to :email by default.
|
|
8
8
|
email = 'Foo@Bar.com'
|
|
9
|
-
user = new_user(:
|
|
9
|
+
user = new_user(email: email)
|
|
10
10
|
|
|
11
11
|
assert_equal email, user.email
|
|
12
12
|
user.save!
|
|
@@ -16,7 +16,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
16
16
|
test 'should downcase case insensitive keys that refer to virtual attributes when saving' do
|
|
17
17
|
email = 'Foo@Bar1.com'
|
|
18
18
|
confirmation = 'Foo@Bar1.com'
|
|
19
|
-
attributes = valid_attributes(:
|
|
19
|
+
attributes = valid_attributes(email: email, email_confirmation: confirmation)
|
|
20
20
|
user = UserWithVirtualAttributes.new(attributes)
|
|
21
21
|
|
|
22
22
|
assert_equal confirmation, user.email_confirmation
|
|
@@ -27,7 +27,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
27
27
|
test 'should not mutate value assigned to case insensitive key' do
|
|
28
28
|
email = 'Foo@Bar.com'
|
|
29
29
|
original_email = email.dup
|
|
30
|
-
user = new_user(:
|
|
30
|
+
user = new_user(email: email)
|
|
31
31
|
|
|
32
32
|
user.save!
|
|
33
33
|
assert_equal original_email, email
|
|
@@ -36,7 +36,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
36
36
|
test 'should remove whitespace from strip whitespace keys when saving' do
|
|
37
37
|
# strip_whitespace_keys is set to :email by default.
|
|
38
38
|
email = ' foo@bar.com '
|
|
39
|
-
user = new_user(:
|
|
39
|
+
user = new_user(email: email)
|
|
40
40
|
|
|
41
41
|
assert_equal email, user.email
|
|
42
42
|
user.save!
|
|
@@ -46,20 +46,20 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
46
46
|
test 'should not mutate value assigned to string whitespace key' do
|
|
47
47
|
email = ' foo@bar.com '
|
|
48
48
|
original_email = email.dup
|
|
49
|
-
user = new_user(:
|
|
49
|
+
user = new_user(email: email)
|
|
50
50
|
|
|
51
51
|
user.save!
|
|
52
52
|
assert_equal original_email, email
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
test "doesn't throw exception when globally configured strip_whitespace_keys are not present on a model" do
|
|
56
|
-
swap Devise, :
|
|
56
|
+
swap Devise, strip_whitespace_keys: [:fake_key] do
|
|
57
57
|
assert_nothing_raised { create_user }
|
|
58
58
|
end
|
|
59
59
|
end
|
|
60
60
|
|
|
61
61
|
test "doesn't throw exception when globally configured case_insensitive_keys are not present on a model" do
|
|
62
|
-
swap Devise, :
|
|
62
|
+
swap Devise, case_insensitive_keys: [:fake_key] do
|
|
63
63
|
assert_nothing_raised { create_user }
|
|
64
64
|
end
|
|
65
65
|
end
|
|
@@ -94,7 +94,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
94
94
|
end
|
|
95
95
|
|
|
96
96
|
test 'should support custom encryption methods' do
|
|
97
|
-
user = UserWithCustomEncryption.new(:
|
|
97
|
+
user = UserWithCustomEncryption.new(password: '654321')
|
|
98
98
|
assert_equal user.encrypted_password, '123456'
|
|
99
99
|
end
|
|
100
100
|
|
|
@@ -105,8 +105,8 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
test 'should not generate encrypted password if password is blank' do
|
|
108
|
-
assert_blank new_user(:
|
|
109
|
-
assert_blank new_user(:
|
|
108
|
+
assert_blank new_user(password: nil).encrypted_password
|
|
109
|
+
assert_blank new_user(password: '').encrypted_password
|
|
110
110
|
end
|
|
111
111
|
|
|
112
112
|
test 'should encrypt password again if password has changed' do
|
|
@@ -141,23 +141,23 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
141
141
|
|
|
142
142
|
test 'should update password with valid current password' do
|
|
143
143
|
user = create_user
|
|
144
|
-
assert user.update_with_password(:
|
|
145
|
-
:
|
|
144
|
+
assert user.update_with_password(current_password: '12345678',
|
|
145
|
+
password: 'pass4321', password_confirmation: 'pass4321')
|
|
146
146
|
assert user.reload.valid_password?('pass4321')
|
|
147
147
|
end
|
|
148
148
|
|
|
149
149
|
test 'should add an error to current password when it is invalid' do
|
|
150
150
|
user = create_user
|
|
151
|
-
assert_not user.update_with_password(:
|
|
152
|
-
:
|
|
151
|
+
assert_not user.update_with_password(current_password: 'other',
|
|
152
|
+
password: 'pass4321', password_confirmation: 'pass4321')
|
|
153
153
|
assert user.reload.valid_password?('12345678')
|
|
154
154
|
assert_match "is invalid", user.errors[:current_password].join
|
|
155
155
|
end
|
|
156
156
|
|
|
157
157
|
test 'should add an error to current password when it is blank' do
|
|
158
158
|
user = create_user
|
|
159
|
-
assert_not user.update_with_password(:
|
|
160
|
-
:
|
|
159
|
+
assert_not user.update_with_password(password: 'pass4321',
|
|
160
|
+
password_confirmation: 'pass4321')
|
|
161
161
|
assert user.reload.valid_password?('12345678')
|
|
162
162
|
assert_match "can't be blank", user.errors[:current_password].join
|
|
163
163
|
end
|
|
@@ -166,41 +166,41 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
166
166
|
user = UserWithValidation.create!(valid_attributes)
|
|
167
167
|
user.save
|
|
168
168
|
assert user.persisted?
|
|
169
|
-
assert_not user.update_with_password(:
|
|
169
|
+
assert_not user.update_with_password(username: "")
|
|
170
170
|
assert_match "usertest", user.reload.username
|
|
171
171
|
assert_match "can't be blank", user.errors[:username].join
|
|
172
172
|
end
|
|
173
173
|
|
|
174
174
|
test 'should ignore password and its confirmation if they are blank' do
|
|
175
175
|
user = create_user
|
|
176
|
-
assert user.update_with_password(:
|
|
176
|
+
assert user.update_with_password(current_password: '12345678', email: "new@example.com")
|
|
177
177
|
assert_equal "new@example.com", user.email
|
|
178
178
|
end
|
|
179
179
|
|
|
180
180
|
test 'should not update password with invalid confirmation' do
|
|
181
181
|
user = create_user
|
|
182
|
-
assert_not user.update_with_password(:
|
|
183
|
-
:
|
|
182
|
+
assert_not user.update_with_password(current_password: '12345678',
|
|
183
|
+
password: 'pass4321', password_confirmation: 'other')
|
|
184
184
|
assert user.reload.valid_password?('12345678')
|
|
185
185
|
end
|
|
186
186
|
|
|
187
187
|
test 'should clean up password fields on failure' do
|
|
188
188
|
user = create_user
|
|
189
|
-
assert_not user.update_with_password(:
|
|
190
|
-
:
|
|
189
|
+
assert_not user.update_with_password(current_password: '12345678',
|
|
190
|
+
password: 'pass4321', password_confirmation: 'other')
|
|
191
191
|
assert user.password.blank?
|
|
192
192
|
assert user.password_confirmation.blank?
|
|
193
193
|
end
|
|
194
194
|
|
|
195
195
|
test 'should update the user without password' do
|
|
196
196
|
user = create_user
|
|
197
|
-
user.update_without_password(:
|
|
197
|
+
user.update_without_password(email: 'new@example.com')
|
|
198
198
|
assert_equal 'new@example.com', user.email
|
|
199
199
|
end
|
|
200
200
|
|
|
201
201
|
test 'should not update password without password' do
|
|
202
202
|
user = create_user
|
|
203
|
-
user.update_without_password(:
|
|
203
|
+
user.update_without_password(password: 'pass4321', password_confirmation: 'pass4321')
|
|
204
204
|
assert !user.reload.valid_password?('pass4321')
|
|
205
205
|
assert user.valid_password?('12345678')
|
|
206
206
|
end
|
|
@@ -226,8 +226,8 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
226
226
|
end
|
|
227
227
|
|
|
228
228
|
test 'downcase_keys with validation' do
|
|
229
|
-
User.create(:
|
|
230
|
-
user = User.create(:
|
|
229
|
+
User.create(email: "HEllO@example.com", password: "123456")
|
|
230
|
+
user = User.create(email: "HEllO@example.com", password: "123456")
|
|
231
231
|
assert !user.valid?
|
|
232
232
|
end
|
|
233
233
|
|
|
@@ -239,7 +239,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
239
239
|
end
|
|
240
240
|
|
|
241
241
|
test 'required_fields should be encryptable_password and the login when the login is on authentication_keys' do
|
|
242
|
-
swap Devise, :
|
|
242
|
+
swap Devise, authentication_keys: [:login] do
|
|
243
243
|
assert_same_content Devise::Models::DatabaseAuthenticatable.required_fields(User), [
|
|
244
244
|
:encrypted_password,
|
|
245
245
|
:login
|
|
@@ -8,7 +8,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
8
8
|
test "should respect maximum attempts configuration" do
|
|
9
9
|
user = create_user
|
|
10
10
|
user.confirm!
|
|
11
|
-
swap Devise, :
|
|
11
|
+
swap Devise, maximum_attempts: 2 do
|
|
12
12
|
2.times { user.valid_for_authentication?{ false } }
|
|
13
13
|
assert user.reload.access_locked?
|
|
14
14
|
end
|
|
@@ -18,7 +18,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
18
18
|
user = create_user
|
|
19
19
|
user.confirm!
|
|
20
20
|
|
|
21
|
-
swap Devise, :
|
|
21
|
+
swap Devise, maximum_attempts: 2 do
|
|
22
22
|
2.times { user.valid_for_authentication?{ false } }
|
|
23
23
|
assert user.reload.access_locked?
|
|
24
24
|
end
|
|
@@ -30,7 +30,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
30
30
|
test "should not touch failed_attempts if lock_strategy is none" do
|
|
31
31
|
user = create_user
|
|
32
32
|
user.confirm!
|
|
33
|
-
swap Devise, :
|
|
33
|
+
swap Devise, lock_strategy: :none, maximum_attempts: 2 do
|
|
34
34
|
3.times { user.valid_for_authentication?{ false } }
|
|
35
35
|
assert !user.access_locked?
|
|
36
36
|
assert_equal 0, user.failed_attempts
|
|
@@ -77,7 +77,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
77
77
|
end
|
|
78
78
|
|
|
79
79
|
test "should unlock user after unlock_in period" do
|
|
80
|
-
swap Devise, :
|
|
80
|
+
swap Devise, unlock_in: 3.hours do
|
|
81
81
|
user = new_user
|
|
82
82
|
user.locked_at = 2.hours.ago
|
|
83
83
|
assert user.access_locked?
|
|
@@ -88,7 +88,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
88
88
|
end
|
|
89
89
|
|
|
90
90
|
test "should not unlock in 'unlock_in' if :time unlock strategy is not set" do
|
|
91
|
-
swap Devise, :
|
|
91
|
+
swap Devise, unlock_strategy: :email do
|
|
92
92
|
user = new_user
|
|
93
93
|
user.locked_at = 2.hours.ago
|
|
94
94
|
assert user.access_locked?
|
|
@@ -114,7 +114,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
114
114
|
end
|
|
115
115
|
|
|
116
116
|
test "should not generate unlock_token when :email is not an unlock strategy" do
|
|
117
|
-
swap Devise, :
|
|
117
|
+
swap Devise, unlock_strategy: :time do
|
|
118
118
|
user = create_user
|
|
119
119
|
user.lock_access!
|
|
120
120
|
assert_nil user.unlock_token
|
|
@@ -122,7 +122,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
122
122
|
end
|
|
123
123
|
|
|
124
124
|
test "should send email with unlock instructions when :email is an unlock strategy" do
|
|
125
|
-
swap Devise, :
|
|
125
|
+
swap Devise, unlock_strategy: :email do
|
|
126
126
|
user = create_user
|
|
127
127
|
assert_email_sent do
|
|
128
128
|
user.lock_access!
|
|
@@ -131,7 +131,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
131
131
|
end
|
|
132
132
|
|
|
133
133
|
test "doesn't send email when you pass option send_instructions to false" do
|
|
134
|
-
swap Devise, :
|
|
134
|
+
swap Devise, unlock_strategy: :email do
|
|
135
135
|
user = create_user
|
|
136
136
|
assert_email_not_sent do
|
|
137
137
|
user.lock_access! send_instructions: false
|
|
@@ -140,7 +140,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
140
140
|
end
|
|
141
141
|
|
|
142
142
|
test "sends email when you pass options other than send_instructions" do
|
|
143
|
-
swap Devise, :
|
|
143
|
+
swap Devise, unlock_strategy: :email do
|
|
144
144
|
user = create_user
|
|
145
145
|
assert_email_sent do
|
|
146
146
|
user.lock_access! foo: :bar, bar: :foo
|
|
@@ -149,7 +149,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
149
149
|
end
|
|
150
150
|
|
|
151
151
|
test "should not send email with unlock instructions when :email is not an unlock strategy" do
|
|
152
|
-
swap Devise, :
|
|
152
|
+
swap Devise, unlock_strategy: :time do
|
|
153
153
|
user = create_user
|
|
154
154
|
assert_email_not_sent do
|
|
155
155
|
user.lock_access!
|
|
@@ -180,32 +180,32 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
180
180
|
test 'should find a user to send unlock instructions' do
|
|
181
181
|
user = create_user
|
|
182
182
|
user.lock_access!
|
|
183
|
-
unlock_user = User.send_unlock_instructions(:
|
|
183
|
+
unlock_user = User.send_unlock_instructions(email: user.email)
|
|
184
184
|
assert_equal unlock_user, user
|
|
185
185
|
end
|
|
186
186
|
|
|
187
187
|
test 'should return a new user if no email was found' do
|
|
188
|
-
unlock_user = User.send_unlock_instructions(:
|
|
188
|
+
unlock_user = User.send_unlock_instructions(email: "invalid@example.com")
|
|
189
189
|
assert_not unlock_user.persisted?
|
|
190
190
|
end
|
|
191
191
|
|
|
192
192
|
test 'should add error to new user email if no email was found' do
|
|
193
|
-
unlock_user = User.send_unlock_instructions(:
|
|
193
|
+
unlock_user = User.send_unlock_instructions(email: "invalid@example.com")
|
|
194
194
|
assert_equal 'not found', unlock_user.errors[:email].join
|
|
195
195
|
end
|
|
196
196
|
|
|
197
197
|
test 'should find a user to send unlock instructions by authentication_keys' do
|
|
198
|
-
swap Devise, :
|
|
198
|
+
swap Devise, authentication_keys: [:username, :email] do
|
|
199
199
|
user = create_user
|
|
200
|
-
unlock_user = User.send_unlock_instructions(:
|
|
200
|
+
unlock_user = User.send_unlock_instructions(email: user.email, username: user.username)
|
|
201
201
|
assert_equal unlock_user, user
|
|
202
202
|
end
|
|
203
203
|
end
|
|
204
204
|
|
|
205
205
|
test 'should require all unlock_keys' do
|
|
206
|
-
swap Devise, :
|
|
206
|
+
swap Devise, unlock_keys: [:username, :email] do
|
|
207
207
|
user = create_user
|
|
208
|
-
unlock_user = User.send_unlock_instructions(:
|
|
208
|
+
unlock_user = User.send_unlock_instructions(email: user.email)
|
|
209
209
|
assert_not unlock_user.persisted?
|
|
210
210
|
assert_equal "can't be blank", unlock_user.errors[:username].join
|
|
211
211
|
end
|
|
@@ -219,7 +219,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
219
219
|
end
|
|
220
220
|
|
|
221
221
|
test 'should not be able to send instructions if the user if not locked and have username as unlock key' do
|
|
222
|
-
swap Devise, :
|
|
222
|
+
swap Devise, unlock_keys: [:username] do
|
|
223
223
|
user = create_user
|
|
224
224
|
assert_not user.resend_unlock_instructions
|
|
225
225
|
assert_not user.access_locked?
|
|
@@ -228,7 +228,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
228
228
|
end
|
|
229
229
|
|
|
230
230
|
test 'should unlock account if lock has expired and increase attempts on failure' do
|
|
231
|
-
swap Devise, :
|
|
231
|
+
swap Devise, unlock_in: 1.minute do
|
|
232
232
|
user = create_user
|
|
233
233
|
user.confirm!
|
|
234
234
|
|
|
@@ -241,7 +241,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
241
241
|
end
|
|
242
242
|
|
|
243
243
|
test 'should unlock account if lock has expired on success' do
|
|
244
|
-
swap Devise, :
|
|
244
|
+
swap Devise, unlock_in: 1.minute do
|
|
245
245
|
user = create_user
|
|
246
246
|
user.confirm!
|
|
247
247
|
|
|
@@ -255,8 +255,8 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
255
255
|
end
|
|
256
256
|
|
|
257
257
|
test 'required_fields should contain the all the fields when all the strategies are enabled' do
|
|
258
|
-
swap Devise, :
|
|
259
|
-
swap Devise, :
|
|
258
|
+
swap Devise, unlock_strategy: :both do
|
|
259
|
+
swap Devise, lock_strategy: :failed_attempts do
|
|
260
260
|
assert_same_content Devise::Models::Lockable.required_fields(User), [
|
|
261
261
|
:failed_attempts,
|
|
262
262
|
:locked_at,
|
|
@@ -267,8 +267,8 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
267
267
|
end
|
|
268
268
|
|
|
269
269
|
test 'required_fields should contain only failed_attempts and locked_at when the strategies are time and failed_attempts are enabled' do
|
|
270
|
-
swap Devise, :
|
|
271
|
-
swap Devise, :
|
|
270
|
+
swap Devise, unlock_strategy: :time do
|
|
271
|
+
swap Devise, lock_strategy: :failed_attempts do
|
|
272
272
|
assert_same_content Devise::Models::Lockable.required_fields(User), [
|
|
273
273
|
:failed_attempts,
|
|
274
274
|
:locked_at
|
|
@@ -278,8 +278,8 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
278
278
|
end
|
|
279
279
|
|
|
280
280
|
test 'required_fields should contain only failed_attempts and unlock_token when the strategies are token and failed_attempts are enabled' do
|
|
281
|
-
swap Devise, :
|
|
282
|
-
swap Devise, :
|
|
281
|
+
swap Devise, unlock_strategy: :email do
|
|
282
|
+
swap Devise, lock_strategy: :failed_attempts do
|
|
283
283
|
assert_same_content Devise::Models::Lockable.required_fields(User), [
|
|
284
284
|
:failed_attempts,
|
|
285
285
|
:unlock_token
|
|
@@ -289,7 +289,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
289
289
|
end
|
|
290
290
|
|
|
291
291
|
test 'should not return a locked unauthenticated message if in paranoid mode' do
|
|
292
|
-
swap Devise, :
|
|
292
|
+
swap Devise, paranoid: :true do
|
|
293
293
|
user = create_user
|
|
294
294
|
user.failed_attempts = Devise.maximum_attempts + 1
|
|
295
295
|
user.lock_access!
|
|
@@ -299,8 +299,8 @@ class LockableTest < ActiveSupport::TestCase
|
|
|
299
299
|
end
|
|
300
300
|
|
|
301
301
|
test 'should return last attempt message if user made next-to-last attempt of password entering' do
|
|
302
|
-
swap Devise, :
|
|
303
|
-
swap Devise, :
|
|
302
|
+
swap Devise, last_attempt_warning: :true do
|
|
303
|
+
swap Devise, lock_strategy: :failed_attempts do
|
|
304
304
|
user = create_user
|
|
305
305
|
user.failed_attempts = Devise.maximum_attempts - 2
|
|
306
306
|
assert_equal :invalid, user.unauthenticated_message
|
|
@@ -67,28 +67,28 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
|
67
67
|
|
|
68
68
|
test 'should find a user to send instructions by email' do
|
|
69
69
|
user = create_user
|
|
70
|
-
reset_password_user = User.send_reset_password_instructions(:
|
|
70
|
+
reset_password_user = User.send_reset_password_instructions(email: user.email)
|
|
71
71
|
assert_equal reset_password_user, user
|
|
72
72
|
end
|
|
73
73
|
|
|
74
74
|
test 'should return a new record with errors if user was not found by e-mail' do
|
|
75
|
-
reset_password_user = User.send_reset_password_instructions(:
|
|
75
|
+
reset_password_user = User.send_reset_password_instructions(email: "invalid@example.com")
|
|
76
76
|
assert_not reset_password_user.persisted?
|
|
77
77
|
assert_equal "not found", reset_password_user.errors[:email].join
|
|
78
78
|
end
|
|
79
79
|
|
|
80
80
|
test 'should find a user to send instructions by authentication_keys' do
|
|
81
|
-
swap Devise, :
|
|
81
|
+
swap Devise, authentication_keys: [:username, :email] do
|
|
82
82
|
user = create_user
|
|
83
|
-
reset_password_user = User.send_reset_password_instructions(:
|
|
83
|
+
reset_password_user = User.send_reset_password_instructions(email: user.email, username: user.username)
|
|
84
84
|
assert_equal reset_password_user, user
|
|
85
85
|
end
|
|
86
86
|
end
|
|
87
87
|
|
|
88
88
|
test 'should require all reset_password_keys' do
|
|
89
|
-
swap Devise, :
|
|
89
|
+
swap Devise, reset_password_keys: [:username, :email] do
|
|
90
90
|
user = create_user
|
|
91
|
-
reset_password_user = User.send_reset_password_instructions(:
|
|
91
|
+
reset_password_user = User.send_reset_password_instructions(email: user.email)
|
|
92
92
|
assert_not reset_password_user.persisted?
|
|
93
93
|
assert_equal "can't be blank", reset_password_user.errors[:username].join
|
|
94
94
|
end
|
|
@@ -97,14 +97,14 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
|
97
97
|
test 'should reset reset_password_token before send the reset instructions email' do
|
|
98
98
|
user = create_user
|
|
99
99
|
token = user.reset_password_token
|
|
100
|
-
User.send_reset_password_instructions(:
|
|
100
|
+
User.send_reset_password_instructions(email: user.email)
|
|
101
101
|
assert_not_equal token, user.reload.reset_password_token
|
|
102
102
|
end
|
|
103
103
|
|
|
104
104
|
test 'should send email instructions to the user reset their password' do
|
|
105
105
|
user = create_user
|
|
106
106
|
assert_email_sent do
|
|
107
|
-
User.send_reset_password_instructions(:
|
|
107
|
+
User.send_reset_password_instructions(email: user.email)
|
|
108
108
|
end
|
|
109
109
|
end
|
|
110
110
|
|
|
@@ -112,18 +112,18 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
|
112
112
|
user = create_user
|
|
113
113
|
raw = user.send_reset_password_instructions
|
|
114
114
|
|
|
115
|
-
reset_password_user = User.reset_password_by_token(:
|
|
115
|
+
reset_password_user = User.reset_password_by_token(reset_password_token: raw)
|
|
116
116
|
assert_equal reset_password_user, user
|
|
117
117
|
end
|
|
118
118
|
|
|
119
119
|
test 'should return a new record with errors if no reset_password_token is found' do
|
|
120
|
-
reset_password_user = User.reset_password_by_token(:
|
|
120
|
+
reset_password_user = User.reset_password_by_token(reset_password_token: 'invalid_token')
|
|
121
121
|
assert_not reset_password_user.persisted?
|
|
122
122
|
assert_equal "is invalid", reset_password_user.errors[:reset_password_token].join
|
|
123
123
|
end
|
|
124
124
|
|
|
125
125
|
test 'should return a new record with errors if reset_password_token is blank' do
|
|
126
|
-
reset_password_user = User.reset_password_by_token(:
|
|
126
|
+
reset_password_user = User.reset_password_by_token(reset_password_token: '')
|
|
127
127
|
assert_not reset_password_user.persisted?
|
|
128
128
|
assert_match "can't be blank", reset_password_user.errors[:reset_password_token].join
|
|
129
129
|
end
|
|
@@ -132,7 +132,7 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
|
132
132
|
user = create_user
|
|
133
133
|
raw = user.send_reset_password_instructions
|
|
134
134
|
|
|
135
|
-
reset_password_user = User.reset_password_by_token(:
|
|
135
|
+
reset_password_user = User.reset_password_by_token(reset_password_token: raw, password: '')
|
|
136
136
|
assert_not reset_password_user.errors.empty?
|
|
137
137
|
assert_match "can't be blank", reset_password_user.errors[:password].join
|
|
138
138
|
end
|
|
@@ -143,9 +143,9 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
|
143
143
|
raw = user.send_reset_password_instructions
|
|
144
144
|
|
|
145
145
|
User.reset_password_by_token(
|
|
146
|
-
:
|
|
147
|
-
:
|
|
148
|
-
:
|
|
146
|
+
reset_password_token: raw,
|
|
147
|
+
password: 'new_password',
|
|
148
|
+
password_confirmation: 'new_password'
|
|
149
149
|
)
|
|
150
150
|
user.reload
|
|
151
151
|
|
|
@@ -154,7 +154,7 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
|
154
154
|
end
|
|
155
155
|
|
|
156
156
|
test 'should not reset password after reset_password_within time' do
|
|
157
|
-
swap Devise, :
|
|
157
|
+
swap Devise, reset_password_within: 1.hour do
|
|
158
158
|
user = create_user
|
|
159
159
|
raw = user.send_reset_password_instructions
|
|
160
160
|
|
|
@@ -163,9 +163,9 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
|
163
163
|
user.save!
|
|
164
164
|
|
|
165
165
|
reset_password_user = User.reset_password_by_token(
|
|
166
|
-
:
|
|
167
|
-
:
|
|
168
|
-
:
|
|
166
|
+
reset_password_token: raw,
|
|
167
|
+
password: 'new_password',
|
|
168
|
+
password_confirmation: 'new_password'
|
|
169
169
|
)
|
|
170
170
|
user.reload
|
|
171
171
|
|