devise 3.2.3 → 3.2.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/Gemfile +2 -2
- data/Gemfile.lock +6 -6
- data/README.md +7 -0
- data/Rakefile +1 -1
- data/app/controllers/devise/confirmations_controller.rb +2 -2
- data/app/controllers/devise/omniauth_callbacks_controller.rb +2 -2
- data/app/controllers/devise/passwords_controller.rb +3 -3
- data/app/controllers/devise/registrations_controller.rb +7 -7
- data/app/controllers/devise/sessions_controller.rb +6 -6
- data/app/controllers/devise/unlocks_controller.rb +2 -2
- data/app/controllers/devise_controller.rb +3 -3
- data/app/helpers/devise_helper.rb +2 -2
- data/app/views/devise/confirmations/new.html.erb +2 -2
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +3 -3
- data/app/views/devise/passwords/new.html.erb +2 -2
- data/app/views/devise/registrations/edit.html.erb +6 -6
- data/app/views/devise/registrations/new.html.erb +4 -4
- data/app/views/devise/sessions/new.html.erb +3 -3
- data/app/views/devise/unlocks/new.html.erb +2 -2
- data/devise.gemspec +1 -1
- data/gemfiles/Gemfile.rails-3.2-stable +3 -3
- data/gemfiles/Gemfile.rails-4.0-stable +3 -3
- data/gemfiles/Gemfile.rails-head +3 -3
- data/lib/devise.rb +3 -3
- data/lib/devise/controllers/helpers.rb +5 -5
- data/lib/devise/controllers/rememberable.rb +3 -3
- data/lib/devise/controllers/sign_in_out.rb +8 -8
- data/lib/devise/failure_app.rb +3 -3
- data/lib/devise/hooks/activatable.rb +1 -1
- data/lib/devise/hooks/lockable.rb +1 -1
- data/lib/devise/hooks/proxy.rb +1 -1
- data/lib/devise/hooks/rememberable.rb +1 -1
- data/lib/devise/hooks/timeoutable.rb +1 -1
- data/lib/devise/hooks/trackable.rb +1 -1
- data/lib/devise/mailers/helpers.rb +8 -8
- data/lib/devise/models/authenticatable.rb +3 -3
- data/lib/devise/models/confirmable.rb +9 -9
- data/lib/devise/models/database_authenticatable.rb +1 -1
- data/lib/devise/models/lockable.rb +6 -6
- data/lib/devise/models/omniauthable.rb +1 -1
- data/lib/devise/models/recoverable.rb +1 -1
- data/lib/devise/models/rememberable.rb +3 -3
- data/lib/devise/models/trackable.rb +1 -1
- data/lib/devise/models/validatable.rb +6 -6
- data/lib/devise/modules.rb +9 -9
- data/lib/devise/omniauth/url_helpers.rb +2 -2
- data/lib/devise/rails.rb +1 -1
- data/lib/devise/rails/routes.rb +81 -81
- data/lib/devise/test_helpers.rb +2 -2
- data/lib/devise/time_inflector.rb +1 -1
- data/lib/devise/version.rb +1 -1
- data/lib/generators/active_record/devise_generator.rb +6 -6
- data/lib/generators/active_record/templates/migration.rb +4 -4
- data/lib/generators/active_record/templates/migration_existing.rb +4 -4
- data/lib/generators/devise/devise_generator.rb +3 -3
- data/lib/generators/devise/views_generator.rb +29 -18
- data/lib/generators/mongoid/devise_generator.rb +19 -19
- data/lib/generators/templates/README +2 -2
- data/lib/generators/templates/devise.rb +9 -7
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/helpers_test.rb +31 -31
- data/test/controllers/internal_helpers_test.rb +6 -6
- data/test/controllers/sessions_controller_test.rb +18 -18
- data/test/controllers/url_helpers_test.rb +4 -4
- data/test/delegator_test.rb +1 -1
- data/test/devise_test.rb +3 -3
- data/test/failure_app_test.rb +21 -21
- data/test/generators/active_record_generator_test.rb +4 -4
- data/test/generators/devise_generator_test.rb +2 -2
- data/test/generators/mongoid_generator_test.rb +1 -1
- data/test/generators/views_generator_test.rb +30 -1
- data/test/helpers/devise_helper_test.rb +11 -11
- data/test/integration/authenticatable_test.rb +42 -42
- data/test/integration/confirmable_test.rb +46 -46
- data/test/integration/database_authenticatable_test.rb +16 -16
- data/test/integration/http_authenticatable_test.rb +11 -11
- data/test/integration/lockable_test.rb +37 -37
- data/test/integration/omniauthable_test.rb +3 -3
- data/test/integration/recoverable_test.rb +41 -41
- data/test/integration/registerable_test.rb +49 -49
- data/test/integration/rememberable_test.rb +13 -13
- data/test/integration/timeoutable_test.rb +7 -7
- data/test/integration/trackable_test.rb +2 -2
- data/test/mailers/confirmation_instructions_test.rb +4 -4
- data/test/mailers/reset_password_instructions_test.rb +3 -3
- data/test/mailers/unlock_instructions_test.rb +2 -2
- data/test/models/authenticatable_test.rb +3 -3
- data/test/models/confirmable_test.rb +31 -31
- data/test/models/database_authenticatable_test.rb +27 -27
- data/test/models/lockable_test.rb +29 -29
- data/test/models/recoverable_test.rb +19 -19
- data/test/models/rememberable_test.rb +8 -8
- data/test/models/serializable_test.rb +8 -8
- data/test/models/timeoutable_test.rb +1 -1
- data/test/models/validatable_test.rb +11 -11
- data/test/omniauth/config_test.rb +3 -3
- data/test/omniauth/url_helpers_test.rb +3 -3
- data/test/parameter_sanitizer_test.rb +1 -1
- data/test/rails_app/app/controllers/admins_controller.rb +1 -1
- data/test/rails_app/app/controllers/application_controller.rb +2 -2
- data/test/rails_app/app/controllers/home_controller.rb +1 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +2 -2
- data/test/rails_app/app/controllers/users_controller.rb +5 -5
- data/test/rails_app/app/mailers/users/mailer.rb +4 -4
- data/test/rails_app/app/mongoid/admin.rb +11 -11
- data/test/rails_app/app/mongoid/shim.rb +2 -2
- data/test/rails_app/app/mongoid/user.rb +19 -19
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +2 -2
- data/test/rails_app/config/initializers/devise.rb +3 -3
- data/test/rails_app/config/initializers/secret_token.rb +1 -1
- data/test/rails_app/config/routes.rb +43 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +7 -7
- data/test/rails_app/lib/shared_admin.rb +4 -4
- data/test/routes_test.rb +59 -59
- data/test/support/helpers.rb +4 -4
- data/test/support/integration.rb +12 -12
- data/test/test_helpers_test.rb +3 -3
- data/test/test_models.rb +5 -5
- metadata +4 -4
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
<h2>Sign up</h2>
|
|
2
2
|
|
|
3
|
-
<%= simple_form_for(resource, :
|
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
|
|
4
4
|
<%= f.error_notification %>
|
|
5
5
|
|
|
6
6
|
<div class="form-inputs">
|
|
7
|
-
<%= f.input :email, :
|
|
8
|
-
<%= f.input :password, :
|
|
9
|
-
<%= f.input :password_confirmation, :
|
|
7
|
+
<%= f.input :email, required: true, autofocus: true %>
|
|
8
|
+
<%= f.input :password, required: true %>
|
|
9
|
+
<%= f.input :password_confirmation, required: true %>
|
|
10
10
|
</div>
|
|
11
11
|
|
|
12
12
|
<div class="form-actions">
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
<h2>Sign in</h2>
|
|
2
2
|
|
|
3
|
-
<%= simple_form_for(resource, :
|
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
|
|
4
4
|
<div class="form-inputs">
|
|
5
|
-
<%= f.input :email, :
|
|
6
|
-
<%= f.input :password, :
|
|
7
|
-
<%= f.input :remember_me, :
|
|
5
|
+
<%= f.input :email, required: false, autofocus: true %>
|
|
6
|
+
<%= f.input :password, required: false %>
|
|
7
|
+
<%= f.input :remember_me, as: :boolean if devise_mapping.rememberable? %>
|
|
8
8
|
</div>
|
|
9
9
|
|
|
10
10
|
<div class="form-actions">
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
<h2>Resend unlock instructions</h2>
|
|
2
2
|
|
|
3
|
-
<%= simple_form_for(resource, :
|
|
3
|
+
<%= simple_form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %>
|
|
4
4
|
<%= f.error_notification %>
|
|
5
5
|
<%= f.full_error :unlock_token %>
|
|
6
6
|
|
|
7
7
|
<div class="form-inputs">
|
|
8
|
-
<%= f.input :email, :
|
|
8
|
+
<%= f.input :email, required: true, autofocus: true %>
|
|
9
9
|
</div>
|
|
10
10
|
|
|
11
11
|
<div class="form-actions">
|
|
@@ -14,81 +14,81 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
test 'proxy signed_in?(scope) to authenticate?' do
|
|
17
|
-
@mock_warden.expects(:authenticate?).with(:
|
|
17
|
+
@mock_warden.expects(:authenticate?).with(scope: :my_scope)
|
|
18
18
|
@controller.signed_in?(:my_scope)
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
test 'proxy signed_in?(nil) to authenticate?' do
|
|
22
22
|
Devise.mappings.keys.each do |scope| # :user, :admin, :manager
|
|
23
|
-
@mock_warden.expects(:authenticate?).with(:
|
|
23
|
+
@mock_warden.expects(:authenticate?).with(scope: scope)
|
|
24
24
|
end
|
|
25
25
|
@controller.signed_in?
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
test 'proxy current_user to authenticate with user scope' do
|
|
29
|
-
@mock_warden.expects(:authenticate).with(:
|
|
29
|
+
@mock_warden.expects(:authenticate).with(scope: :user)
|
|
30
30
|
@controller.current_user
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
test 'proxy current_admin to authenticate with admin scope' do
|
|
34
|
-
@mock_warden.expects(:authenticate).with(:
|
|
34
|
+
@mock_warden.expects(:authenticate).with(scope: :admin)
|
|
35
35
|
@controller.current_admin
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
|
|
39
|
-
@mock_warden.expects(:authenticate).with(:
|
|
39
|
+
@mock_warden.expects(:authenticate).with(scope: :publisher_account)
|
|
40
40
|
@controller.current_publisher_account
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
test 'proxy authenticate_user! to authenticate with user scope' do
|
|
44
|
-
@mock_warden.expects(:authenticate!).with(:
|
|
44
|
+
@mock_warden.expects(:authenticate!).with(scope: :user)
|
|
45
45
|
@controller.authenticate_user!
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
test 'proxy authenticate_user! options to authenticate with user scope' do
|
|
49
|
-
@mock_warden.expects(:authenticate!).with(:
|
|
50
|
-
@controller.authenticate_user!(:
|
|
49
|
+
@mock_warden.expects(:authenticate!).with(scope: :user, recall: "foo")
|
|
50
|
+
@controller.authenticate_user!(recall: "foo")
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
test 'proxy authenticate_admin! to authenticate with admin scope' do
|
|
54
|
-
@mock_warden.expects(:authenticate!).with(:
|
|
54
|
+
@mock_warden.expects(:authenticate!).with(scope: :admin)
|
|
55
55
|
@controller.authenticate_admin!
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
|
|
59
|
-
@mock_warden.expects(:authenticate!).with(:
|
|
59
|
+
@mock_warden.expects(:authenticate!).with(scope: :publisher_account)
|
|
60
60
|
@controller.authenticate_publisher_account!
|
|
61
61
|
end
|
|
62
62
|
|
|
63
63
|
test 'proxy user_signed_in? to authenticate with user scope' do
|
|
64
|
-
@mock_warden.expects(:authenticate).with(:
|
|
64
|
+
@mock_warden.expects(:authenticate).with(scope: :user).returns("user")
|
|
65
65
|
assert @controller.user_signed_in?
|
|
66
66
|
end
|
|
67
67
|
|
|
68
68
|
test 'proxy admin_signed_in? to authenticatewith admin scope' do
|
|
69
|
-
@mock_warden.expects(:authenticate).with(:
|
|
69
|
+
@mock_warden.expects(:authenticate).with(scope: :admin)
|
|
70
70
|
assert_not @controller.admin_signed_in?
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
test 'proxy publisher_account_signed_in? to authenticate with namespaced publisher account scope' do
|
|
74
|
-
@mock_warden.expects(:authenticate).with(:
|
|
74
|
+
@mock_warden.expects(:authenticate).with(scope: :publisher_account)
|
|
75
75
|
@controller.publisher_account_signed_in?
|
|
76
76
|
end
|
|
77
77
|
|
|
78
78
|
test 'proxy user_session to session scope in warden' do
|
|
79
|
-
@mock_warden.expects(:authenticate).with(:
|
|
79
|
+
@mock_warden.expects(:authenticate).with(scope: :user).returns(true)
|
|
80
80
|
@mock_warden.expects(:session).with(:user).returns({})
|
|
81
81
|
@controller.user_session
|
|
82
82
|
end
|
|
83
83
|
|
|
84
84
|
test 'proxy admin_session to session scope in warden' do
|
|
85
|
-
@mock_warden.expects(:authenticate).with(:
|
|
85
|
+
@mock_warden.expects(:authenticate).with(scope: :admin).returns(true)
|
|
86
86
|
@mock_warden.expects(:session).with(:admin).returns({})
|
|
87
87
|
@controller.admin_session
|
|
88
88
|
end
|
|
89
89
|
|
|
90
90
|
test 'proxy publisher_account_session from namespaced scope to session scope in warden' do
|
|
91
|
-
@mock_warden.expects(:authenticate).with(:
|
|
91
|
+
@mock_warden.expects(:authenticate).with(scope: :publisher_account).returns(true)
|
|
92
92
|
@mock_warden.expects(:session).with(:publisher_account).returns({})
|
|
93
93
|
@controller.publisher_account_session
|
|
94
94
|
end
|
|
@@ -96,14 +96,14 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
|
96
96
|
test 'sign in proxy to set_user on warden' do
|
|
97
97
|
user = User.new
|
|
98
98
|
@mock_warden.expects(:user).returns(nil)
|
|
99
|
-
@mock_warden.expects(:set_user).with(user, :
|
|
99
|
+
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
|
100
100
|
@controller.sign_in(:user, user)
|
|
101
101
|
end
|
|
102
102
|
|
|
103
103
|
test 'sign in accepts a resource as argument' do
|
|
104
104
|
user = User.new
|
|
105
105
|
@mock_warden.expects(:user).returns(nil)
|
|
106
|
-
@mock_warden.expects(:set_user).with(user, :
|
|
106
|
+
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
|
107
107
|
@controller.sign_in(user)
|
|
108
108
|
end
|
|
109
109
|
|
|
@@ -117,15 +117,15 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
|
117
117
|
test 'sign in again when the user is already in only if force is given' do
|
|
118
118
|
user = User.new
|
|
119
119
|
@mock_warden.expects(:user).returns(user)
|
|
120
|
-
@mock_warden.expects(:set_user).with(user, :
|
|
121
|
-
@controller.sign_in(user, :
|
|
120
|
+
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
|
121
|
+
@controller.sign_in(user, force: true)
|
|
122
122
|
end
|
|
123
123
|
|
|
124
124
|
test 'sign in accepts bypass as option' do
|
|
125
125
|
user = User.new
|
|
126
126
|
@mock_warden.expects(:session_serializer).returns(serializer = mock())
|
|
127
127
|
serializer.expects(:store).with(user, :user)
|
|
128
|
-
@controller.sign_in(user, :
|
|
128
|
+
@controller.sign_in(user, bypass: true)
|
|
129
129
|
end
|
|
130
130
|
|
|
131
131
|
test 'sign out clears up any signed in user from all scopes' do
|
|
@@ -141,18 +141,18 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
|
141
141
|
|
|
142
142
|
test 'sign out logs out and clears up any signed in user by scope' do
|
|
143
143
|
user = User.new
|
|
144
|
-
@mock_warden.expects(:user).with(:
|
|
144
|
+
@mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(user)
|
|
145
145
|
@mock_warden.expects(:logout).with(:user).returns(true)
|
|
146
|
-
@mock_warden.expects(:clear_strategies_cache!).with(:
|
|
146
|
+
@mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
|
|
147
147
|
@controller.instance_variable_set(:@current_user, user)
|
|
148
148
|
@controller.sign_out(:user)
|
|
149
149
|
assert_equal nil, @controller.instance_variable_get(:@current_user)
|
|
150
150
|
end
|
|
151
151
|
|
|
152
152
|
test 'sign out accepts a resource as argument' do
|
|
153
|
-
@mock_warden.expects(:user).with(:
|
|
153
|
+
@mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(true)
|
|
154
154
|
@mock_warden.expects(:logout).with(:user).returns(true)
|
|
155
|
-
@mock_warden.expects(:clear_strategies_cache!).with(:
|
|
155
|
+
@mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
|
|
156
156
|
@controller.sign_out(User.new)
|
|
157
157
|
end
|
|
158
158
|
|
|
@@ -227,7 +227,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
|
227
227
|
user = User.new
|
|
228
228
|
@controller.session[:user_return_to] = "/foo.bar"
|
|
229
229
|
@mock_warden.expects(:user).with(:user).returns(nil)
|
|
230
|
-
@mock_warden.expects(:set_user).with(user, :
|
|
230
|
+
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
|
231
231
|
@controller.expects(:redirect_to).with("/foo.bar")
|
|
232
232
|
@controller.sign_in_and_redirect(user)
|
|
233
233
|
end
|
|
@@ -235,7 +235,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
|
235
235
|
test 'sign in and redirect uses the configured after sign in path' do
|
|
236
236
|
admin = Admin.new
|
|
237
237
|
@mock_warden.expects(:user).with(:admin).returns(nil)
|
|
238
|
-
@mock_warden.expects(:set_user).with(admin, :
|
|
238
|
+
@mock_warden.expects(:set_user).with(admin, scope: :admin).returns(true)
|
|
239
239
|
@controller.expects(:redirect_to).with(admin_root_path)
|
|
240
240
|
@controller.sign_in_and_redirect(admin)
|
|
241
241
|
end
|
|
@@ -249,10 +249,10 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
|
249
249
|
end
|
|
250
250
|
|
|
251
251
|
test 'sign out and redirect uses the configured after sign out path when signing out only the current scope' do
|
|
252
|
-
swap Devise, :
|
|
253
|
-
@mock_warden.expects(:user).with(:
|
|
252
|
+
swap Devise, sign_out_all_scopes: false do
|
|
253
|
+
@mock_warden.expects(:user).with(scope: :admin, run_callbacks: false).returns(true)
|
|
254
254
|
@mock_warden.expects(:logout).with(:admin).returns(true)
|
|
255
|
-
@mock_warden.expects(:clear_strategies_cache!).with(:
|
|
255
|
+
@mock_warden.expects(:clear_strategies_cache!).with(scope: :admin).returns(true)
|
|
256
256
|
@controller.expects(:redirect_to).with(admin_root_path)
|
|
257
257
|
@controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
|
|
258
258
|
@controller.sign_out_and_redirect(:admin)
|
|
@@ -260,7 +260,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
|
|
260
260
|
end
|
|
261
261
|
|
|
262
262
|
test 'sign out and redirect uses the configured after sign out path when signing out all scopes' do
|
|
263
|
-
swap Devise, :
|
|
263
|
+
swap Devise, sign_out_all_scopes: true do
|
|
264
264
|
@mock_warden.expects(:user).times(Devise.mappings.size)
|
|
265
265
|
@mock_warden.expects(:logout).with().returns(true)
|
|
266
266
|
@mock_warden.expects(:clear_strategies_cache!).with().returns(true)
|
|
@@ -55,7 +55,7 @@ class HelpersTest < ActionController::TestCase
|
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
test 'require no authentication tests current mapping' do
|
|
58
|
-
@mock_warden.expects(:authenticate?).with(:rememberable, :
|
|
58
|
+
@mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
|
|
59
59
|
@mock_warden.expects(:user).with(:user).returns(User.new)
|
|
60
60
|
@controller.expects(:redirect_to).with(root_path)
|
|
61
61
|
@controller.send :require_no_authentication
|
|
@@ -71,7 +71,7 @@ class HelpersTest < ActionController::TestCase
|
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
test 'require no authentication sets a flash message' do
|
|
74
|
-
@mock_warden.expects(:authenticate?).with(:rememberable, :
|
|
74
|
+
@mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
|
|
75
75
|
@mock_warden.expects(:user).with(:user).returns(User.new)
|
|
76
76
|
@controller.expects(:redirect_to).with(root_path)
|
|
77
77
|
@controller.send :require_no_authentication
|
|
@@ -79,7 +79,7 @@ class HelpersTest < ActionController::TestCase
|
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
test 'signed in resource returns signed in resource for current scope' do
|
|
82
|
-
@mock_warden.expects(:authenticate).with(:
|
|
82
|
+
@mock_warden.expects(:authenticate).with(scope: :user).returns(User.new)
|
|
83
83
|
assert_kind_of User, @controller.signed_in_resource
|
|
84
84
|
end
|
|
85
85
|
|
|
@@ -100,21 +100,21 @@ class HelpersTest < ActionController::TestCase
|
|
|
100
100
|
end
|
|
101
101
|
|
|
102
102
|
test 'uses custom i18n options' do
|
|
103
|
-
@controller.stubs(:devise_i18n_options).returns(:
|
|
103
|
+
@controller.stubs(:devise_i18n_options).returns(default: "devise custom options")
|
|
104
104
|
@controller.send :set_flash_message, :notice, :invalid_i18n_messagesend_instructions
|
|
105
105
|
assert_equal 'devise custom options', flash[:notice]
|
|
106
106
|
end
|
|
107
107
|
|
|
108
108
|
test 'allows custom i18n options to override resource_name' do
|
|
109
109
|
I18n.expects(:t).with("custom_resource_name.confirmed", anything)
|
|
110
|
-
@controller.stubs(:devise_i18n_options).returns(:
|
|
110
|
+
@controller.stubs(:devise_i18n_options).returns(resource_name: "custom_resource_name")
|
|
111
111
|
@controller.send :set_flash_message, :notice, :confirmed
|
|
112
112
|
end
|
|
113
113
|
|
|
114
114
|
test 'navigational_formats not returning a wild card' do
|
|
115
115
|
MyController.send(:public, :navigational_formats)
|
|
116
116
|
|
|
117
|
-
swap Devise, :
|
|
117
|
+
swap Devise, navigational_formats: ['*/*', :html] do
|
|
118
118
|
assert_not @controller.navigational_formats.include?("*/*")
|
|
119
119
|
end
|
|
120
120
|
|
|
@@ -12,9 +12,9 @@ class SessionsControllerTest < ActionController::TestCase
|
|
|
12
12
|
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
13
13
|
request.session["user_return_to"] = 'foo.bar'
|
|
14
14
|
create_user
|
|
15
|
-
post :create, :
|
|
16
|
-
:
|
|
17
|
-
:
|
|
15
|
+
post :create, user: {
|
|
16
|
+
email: "wrong@email.com",
|
|
17
|
+
password: "wrongpassword"
|
|
18
18
|
}
|
|
19
19
|
assert_equal 200, @response.status
|
|
20
20
|
ensure
|
|
@@ -23,7 +23,7 @@ class SessionsControllerTest < ActionController::TestCase
|
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "#create works even with scoped views" do
|
|
26
|
-
swap Devise, :
|
|
26
|
+
swap Devise, scoped_views: true do
|
|
27
27
|
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
28
28
|
post :create
|
|
29
29
|
assert_equal 200, @response.status
|
|
@@ -37,9 +37,9 @@ class SessionsControllerTest < ActionController::TestCase
|
|
|
37
37
|
|
|
38
38
|
user = create_user
|
|
39
39
|
user.confirm!
|
|
40
|
-
post :create, :
|
|
41
|
-
:
|
|
42
|
-
:
|
|
40
|
+
post :create, user: {
|
|
41
|
+
email: user.email,
|
|
42
|
+
password: user.password
|
|
43
43
|
}
|
|
44
44
|
|
|
45
45
|
assert_nil request.session["user_return_to"]
|
|
@@ -51,9 +51,9 @@ class SessionsControllerTest < ActionController::TestCase
|
|
|
51
51
|
|
|
52
52
|
user = create_user
|
|
53
53
|
user.confirm!
|
|
54
|
-
post :create, :
|
|
55
|
-
:
|
|
56
|
-
:
|
|
54
|
+
post :create, format: 'json', user: {
|
|
55
|
+
email: user.email,
|
|
56
|
+
password: user.password
|
|
57
57
|
}
|
|
58
58
|
|
|
59
59
|
assert_equal 'foo.bar', request.session["user_return_to"]
|
|
@@ -61,9 +61,9 @@ class SessionsControllerTest < ActionController::TestCase
|
|
|
61
61
|
|
|
62
62
|
test "#create doesn't raise exception after Warden authentication fails when TestHelpers included" do
|
|
63
63
|
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
64
|
-
post :create, :
|
|
65
|
-
:
|
|
66
|
-
:
|
|
64
|
+
post :create, user: {
|
|
65
|
+
email: "nosuchuser@example.com",
|
|
66
|
+
password: "wevdude"
|
|
67
67
|
}
|
|
68
68
|
assert_equal 200, @response.status
|
|
69
69
|
assert_template "devise/sessions/new"
|
|
@@ -73,12 +73,12 @@ class SessionsControllerTest < ActionController::TestCase
|
|
|
73
73
|
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
74
74
|
user = create_user
|
|
75
75
|
user.confirm!
|
|
76
|
-
post :create, :
|
|
77
|
-
:
|
|
78
|
-
:
|
|
76
|
+
post :create, format: 'json', user: {
|
|
77
|
+
email: user.email,
|
|
78
|
+
password: user.password
|
|
79
79
|
}
|
|
80
80
|
|
|
81
|
-
delete :destroy, :
|
|
81
|
+
delete :destroy, format: 'json'
|
|
82
82
|
assert flash[:notice].blank?, "flash[:notice] should be blank, not #{flash[:notice].inspect}"
|
|
83
83
|
assert_equal 204, @response.status
|
|
84
84
|
end
|
|
@@ -92,7 +92,7 @@ class SessionsControllerTest < ActionController::TestCase
|
|
|
92
92
|
|
|
93
93
|
begin
|
|
94
94
|
assert_nothing_raised ActiveModel::MassAssignmentSecurity::Error do
|
|
95
|
-
get :new, :
|
|
95
|
+
get :new, user: { email: "allez viens!" }
|
|
96
96
|
end
|
|
97
97
|
ensure
|
|
98
98
|
ActiveRecord::Base.mass_assignment_sanitizer = :logger
|
|
@@ -14,10 +14,10 @@ class RoutesTest < ActionController::TestCase
|
|
|
14
14
|
send(:"#{prepend_path}user_#{name}_url")
|
|
15
15
|
|
|
16
16
|
# Default url params
|
|
17
|
-
assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, :
|
|
18
|
-
send(:"#{prepend_path}user_#{name}_path", :
|
|
19
|
-
assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user, :
|
|
20
|
-
send(:"#{prepend_path}user_#{name}_url", :
|
|
17
|
+
assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, param: 123),
|
|
18
|
+
send(:"#{prepend_path}user_#{name}_path", param: 123)
|
|
19
|
+
assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user, param: 123),
|
|
20
|
+
send(:"#{prepend_path}user_#{name}_url", param: 123)
|
|
21
21
|
|
|
22
22
|
@request.path = nil
|
|
23
23
|
# With an object
|
data/test/delegator_test.rb
CHANGED
|
@@ -14,6 +14,6 @@ class DelegatorTest < ActiveSupport::TestCase
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
test 'failure_app returns associated failure app by scope in the given environment' do
|
|
17
|
-
assert_kind_of Proc, delegator.failure_app({"warden.options" => {:
|
|
17
|
+
assert_kind_of Proc, delegator.failure_app({"warden.options" => {scope: "manager"}})
|
|
18
18
|
end
|
|
19
19
|
end
|
data/test/devise_test.rb
CHANGED
|
@@ -23,7 +23,7 @@ class DeviseTest < ActiveSupport::TestCase
|
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test 'model options can be configured through Devise' do
|
|
26
|
-
swap Devise, :
|
|
26
|
+
swap Devise, allow_unconfirmed_access_for: 113, pepper: "foo" do
|
|
27
27
|
assert_equal 113, Devise.allow_unconfirmed_access_for
|
|
28
28
|
assert_equal "foo", Devise.pepper
|
|
29
29
|
end
|
|
@@ -60,12 +60,12 @@ class DeviseTest < ActiveSupport::TestCase
|
|
|
60
60
|
assert_not defined?(Devise::Models::Coconut)
|
|
61
61
|
Devise::ALL.delete(:coconut)
|
|
62
62
|
|
|
63
|
-
assert_nothing_raised(Exception) { Devise.add_module(:banana, :
|
|
63
|
+
assert_nothing_raised(Exception) { Devise.add_module(:banana, strategy: :fruits) }
|
|
64
64
|
assert_equal :fruits, Devise::STRATEGIES[:banana]
|
|
65
65
|
Devise::ALL.delete(:banana)
|
|
66
66
|
Devise::STRATEGIES.delete(:banana)
|
|
67
67
|
|
|
68
|
-
assert_nothing_raised(Exception) { Devise.add_module(:kivi, :
|
|
68
|
+
assert_nothing_raised(Exception) { Devise.add_module(:kivi, controller: :fruits) }
|
|
69
69
|
assert_equal :fruits, Devise::CONTROLLERS[:kivi]
|
|
70
70
|
Devise::ALL.delete(:kivi)
|
|
71
71
|
Devise::CONTROLLERS.delete(:kivi)
|
data/test/failure_app_test.rb
CHANGED
|
@@ -10,7 +10,7 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
10
10
|
|
|
11
11
|
class FailureWithI18nOptions < Devise::FailureApp
|
|
12
12
|
def i18n_options(options)
|
|
13
|
-
options.merge(:
|
|
13
|
+
options.merge(name: 'Steve')
|
|
14
14
|
end
|
|
15
15
|
end
|
|
16
16
|
|
|
@@ -23,11 +23,11 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
23
23
|
'REQUEST_URI' => 'http://test.host/',
|
|
24
24
|
'HTTP_HOST' => 'test.host',
|
|
25
25
|
'REQUEST_METHOD' => 'GET',
|
|
26
|
-
'warden.options' => { :
|
|
26
|
+
'warden.options' => { scope: :user },
|
|
27
27
|
'rack.session' => {},
|
|
28
28
|
'action_dispatch.request.formats' => Array(env_params.delete('formats') || Mime::HTML),
|
|
29
29
|
'rack.input' => "",
|
|
30
|
-
'warden' => OpenStruct.new(:
|
|
30
|
+
'warden' => OpenStruct.new(message: nil)
|
|
31
31
|
}.merge!(env_params)
|
|
32
32
|
|
|
33
33
|
@response = (env.delete(:app) || Devise::FailureApp).call(env).to_a
|
|
@@ -49,8 +49,8 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
test 'returns to the root path if no session path is available' do
|
|
52
|
-
swap Devise, :
|
|
53
|
-
call_failure :
|
|
52
|
+
swap Devise, router_name: :fake_app do
|
|
53
|
+
call_failure app: RootFailureApp
|
|
54
54
|
assert_equal 302, @response.first
|
|
55
55
|
assert_equal 'You need to sign in or sign up before continuing.', @request.flash[:alert]
|
|
56
56
|
assert_equal 'http://test.host/', @response.second['Location']
|
|
@@ -59,7 +59,7 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
59
59
|
|
|
60
60
|
if Rails.application.config.respond_to?(:relative_url_root)
|
|
61
61
|
test 'returns to the default redirect location considering the relative url root' do
|
|
62
|
-
swap Rails.application.config, :
|
|
62
|
+
swap Rails.application.config, relative_url_root: "/sample" do
|
|
63
63
|
call_failure
|
|
64
64
|
assert_equal 302, @response.first
|
|
65
65
|
assert_equal 'http://test.host/sample/users/sign_in', @response.second['Location']
|
|
@@ -68,18 +68,18 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
68
68
|
end
|
|
69
69
|
|
|
70
70
|
test 'uses the proxy failure message as symbol' do
|
|
71
|
-
call_failure('warden' => OpenStruct.new(:
|
|
71
|
+
call_failure('warden' => OpenStruct.new(message: :invalid))
|
|
72
72
|
assert_equal 'Invalid email or password.', @request.flash[:alert]
|
|
73
73
|
assert_equal 'http://test.host/users/sign_in', @response.second["Location"]
|
|
74
74
|
end
|
|
75
75
|
|
|
76
76
|
test 'uses custom i18n options' do
|
|
77
|
-
call_failure('warden' => OpenStruct.new(:
|
|
77
|
+
call_failure('warden' => OpenStruct.new(message: :does_not_exist), app: FailureWithI18nOptions)
|
|
78
78
|
assert_equal 'User Steve does not exist', @request.flash[:alert]
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
test 'uses the proxy failure message as string' do
|
|
82
|
-
call_failure('warden' => OpenStruct.new(:
|
|
82
|
+
call_failure('warden' => OpenStruct.new(message: 'Hello world'))
|
|
83
83
|
assert_equal 'Hello world', @request.flash[:alert]
|
|
84
84
|
assert_equal 'http://test.host/users/sign_in', @response.second["Location"]
|
|
85
85
|
end
|
|
@@ -97,14 +97,14 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
97
97
|
end
|
|
98
98
|
|
|
99
99
|
test 'works for any navigational format' do
|
|
100
|
-
swap Devise, :
|
|
100
|
+
swap Devise, navigational_formats: [:xml] do
|
|
101
101
|
call_failure('formats' => Mime::XML)
|
|
102
102
|
assert_equal 302, @response.first
|
|
103
103
|
end
|
|
104
104
|
end
|
|
105
105
|
|
|
106
106
|
test 'redirects the correct format if it is a non-html format request' do
|
|
107
|
-
swap Devise, :
|
|
107
|
+
swap Devise, navigational_formats: [:js] do
|
|
108
108
|
call_failure('formats' => Mime::JS)
|
|
109
109
|
assert_equal 'http://test.host/users/sign_in.js', @response.second["Location"]
|
|
110
110
|
end
|
|
@@ -140,28 +140,28 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
140
140
|
end
|
|
141
141
|
|
|
142
142
|
test 'does not return WWW-authenticate headers if model does not allow' do
|
|
143
|
-
swap Devise, :
|
|
143
|
+
swap Devise, http_authenticatable: false do
|
|
144
144
|
call_failure('formats' => Mime::XML)
|
|
145
145
|
assert_nil @response.second["WWW-Authenticate"]
|
|
146
146
|
end
|
|
147
147
|
end
|
|
148
148
|
|
|
149
149
|
test 'works for any non navigational format' do
|
|
150
|
-
swap Devise, :
|
|
150
|
+
swap Devise, navigational_formats: [] do
|
|
151
151
|
call_failure('formats' => Mime::HTML)
|
|
152
152
|
assert_equal 401, @response.first
|
|
153
153
|
end
|
|
154
154
|
end
|
|
155
155
|
|
|
156
156
|
test 'uses the failure message as response body' do
|
|
157
|
-
call_failure('formats' => Mime::XML, 'warden' => OpenStruct.new(:
|
|
157
|
+
call_failure('formats' => Mime::XML, 'warden' => OpenStruct.new(message: :invalid))
|
|
158
158
|
assert_match '<error>Invalid email or password.</error>', @response.third.body
|
|
159
159
|
end
|
|
160
160
|
|
|
161
161
|
context 'on ajax call' do
|
|
162
162
|
context 'when http_authenticatable_on_xhr is false' do
|
|
163
163
|
test 'dont return 401 with navigational formats' do
|
|
164
|
-
swap Devise, :
|
|
164
|
+
swap Devise, http_authenticatable_on_xhr: false do
|
|
165
165
|
call_failure('formats' => Mime::HTML, 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest')
|
|
166
166
|
assert_equal 302, @response.first
|
|
167
167
|
assert_equal 'http://test.host/users/sign_in', @response.second["Location"]
|
|
@@ -169,7 +169,7 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
169
169
|
end
|
|
170
170
|
|
|
171
171
|
test 'dont return 401 with non navigational formats' do
|
|
172
|
-
swap Devise, :
|
|
172
|
+
swap Devise, http_authenticatable_on_xhr: false do
|
|
173
173
|
call_failure('formats' => Mime::JSON, 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest')
|
|
174
174
|
assert_equal 302, @response.first
|
|
175
175
|
assert_equal 'http://test.host/users/sign_in.json', @response.second["Location"]
|
|
@@ -179,14 +179,14 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
179
179
|
|
|
180
180
|
context 'when http_authenticatable_on_xhr is true' do
|
|
181
181
|
test 'return 401' do
|
|
182
|
-
swap Devise, :
|
|
182
|
+
swap Devise, http_authenticatable_on_xhr: true do
|
|
183
183
|
call_failure('formats' => Mime::HTML, 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest')
|
|
184
184
|
assert_equal 401, @response.first
|
|
185
185
|
end
|
|
186
186
|
end
|
|
187
187
|
|
|
188
188
|
test 'skip WWW-Authenticate header' do
|
|
189
|
-
swap Devise, :
|
|
189
|
+
swap Devise, http_authenticatable_on_xhr: true do
|
|
190
190
|
call_failure('formats' => Mime::HTML, 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest')
|
|
191
191
|
assert_nil @response.second['WWW-Authenticate']
|
|
192
192
|
end
|
|
@@ -198,7 +198,7 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
198
198
|
context 'With recall' do
|
|
199
199
|
test 'calls the original controller if invalid email or password' do
|
|
200
200
|
env = {
|
|
201
|
-
"warden.options" => { :
|
|
201
|
+
"warden.options" => { recall: "devise/sessions#new", attempted_path: "/users/sign_in" },
|
|
202
202
|
"devise.mapping" => Devise.mappings[:user],
|
|
203
203
|
"warden" => stub_everything
|
|
204
204
|
}
|
|
@@ -209,7 +209,7 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
209
209
|
|
|
210
210
|
test 'calls the original controller if not confirmed email' do
|
|
211
211
|
env = {
|
|
212
|
-
"warden.options" => { :
|
|
212
|
+
"warden.options" => { recall: "devise/sessions#new", attempted_path: "/users/sign_in", message: :unconfirmed },
|
|
213
213
|
"devise.mapping" => Devise.mappings[:user],
|
|
214
214
|
"warden" => stub_everything
|
|
215
215
|
}
|
|
@@ -220,7 +220,7 @@ class FailureTest < ActiveSupport::TestCase
|
|
|
220
220
|
|
|
221
221
|
test 'calls the original controller if inactive account' do
|
|
222
222
|
env = {
|
|
223
|
-
"warden.options" => { :
|
|
223
|
+
"warden.options" => { recall: "devise/sessions#new", attempted_path: "/users/sign_in", message: :inactive },
|
|
224
224
|
"devise.mapping" => Devise.mappings[:user],
|
|
225
225
|
"warden" => stub_everything
|
|
226
226
|
}
|