devise 3.2.3 → 3.2.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/Gemfile +2 -2
- data/Gemfile.lock +6 -6
- data/README.md +7 -0
- data/Rakefile +1 -1
- data/app/controllers/devise/confirmations_controller.rb +2 -2
- data/app/controllers/devise/omniauth_callbacks_controller.rb +2 -2
- data/app/controllers/devise/passwords_controller.rb +3 -3
- data/app/controllers/devise/registrations_controller.rb +7 -7
- data/app/controllers/devise/sessions_controller.rb +6 -6
- data/app/controllers/devise/unlocks_controller.rb +2 -2
- data/app/controllers/devise_controller.rb +3 -3
- data/app/helpers/devise_helper.rb +2 -2
- data/app/views/devise/confirmations/new.html.erb +2 -2
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +3 -3
- data/app/views/devise/passwords/new.html.erb +2 -2
- data/app/views/devise/registrations/edit.html.erb +6 -6
- data/app/views/devise/registrations/new.html.erb +4 -4
- data/app/views/devise/sessions/new.html.erb +3 -3
- data/app/views/devise/unlocks/new.html.erb +2 -2
- data/devise.gemspec +1 -1
- data/gemfiles/Gemfile.rails-3.2-stable +3 -3
- data/gemfiles/Gemfile.rails-4.0-stable +3 -3
- data/gemfiles/Gemfile.rails-head +3 -3
- data/lib/devise.rb +3 -3
- data/lib/devise/controllers/helpers.rb +5 -5
- data/lib/devise/controllers/rememberable.rb +3 -3
- data/lib/devise/controllers/sign_in_out.rb +8 -8
- data/lib/devise/failure_app.rb +3 -3
- data/lib/devise/hooks/activatable.rb +1 -1
- data/lib/devise/hooks/lockable.rb +1 -1
- data/lib/devise/hooks/proxy.rb +1 -1
- data/lib/devise/hooks/rememberable.rb +1 -1
- data/lib/devise/hooks/timeoutable.rb +1 -1
- data/lib/devise/hooks/trackable.rb +1 -1
- data/lib/devise/mailers/helpers.rb +8 -8
- data/lib/devise/models/authenticatable.rb +3 -3
- data/lib/devise/models/confirmable.rb +9 -9
- data/lib/devise/models/database_authenticatable.rb +1 -1
- data/lib/devise/models/lockable.rb +6 -6
- data/lib/devise/models/omniauthable.rb +1 -1
- data/lib/devise/models/recoverable.rb +1 -1
- data/lib/devise/models/rememberable.rb +3 -3
- data/lib/devise/models/trackable.rb +1 -1
- data/lib/devise/models/validatable.rb +6 -6
- data/lib/devise/modules.rb +9 -9
- data/lib/devise/omniauth/url_helpers.rb +2 -2
- data/lib/devise/rails.rb +1 -1
- data/lib/devise/rails/routes.rb +81 -81
- data/lib/devise/test_helpers.rb +2 -2
- data/lib/devise/time_inflector.rb +1 -1
- data/lib/devise/version.rb +1 -1
- data/lib/generators/active_record/devise_generator.rb +6 -6
- data/lib/generators/active_record/templates/migration.rb +4 -4
- data/lib/generators/active_record/templates/migration_existing.rb +4 -4
- data/lib/generators/devise/devise_generator.rb +3 -3
- data/lib/generators/devise/views_generator.rb +29 -18
- data/lib/generators/mongoid/devise_generator.rb +19 -19
- data/lib/generators/templates/README +2 -2
- data/lib/generators/templates/devise.rb +9 -7
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/helpers_test.rb +31 -31
- data/test/controllers/internal_helpers_test.rb +6 -6
- data/test/controllers/sessions_controller_test.rb +18 -18
- data/test/controllers/url_helpers_test.rb +4 -4
- data/test/delegator_test.rb +1 -1
- data/test/devise_test.rb +3 -3
- data/test/failure_app_test.rb +21 -21
- data/test/generators/active_record_generator_test.rb +4 -4
- data/test/generators/devise_generator_test.rb +2 -2
- data/test/generators/mongoid_generator_test.rb +1 -1
- data/test/generators/views_generator_test.rb +30 -1
- data/test/helpers/devise_helper_test.rb +11 -11
- data/test/integration/authenticatable_test.rb +42 -42
- data/test/integration/confirmable_test.rb +46 -46
- data/test/integration/database_authenticatable_test.rb +16 -16
- data/test/integration/http_authenticatable_test.rb +11 -11
- data/test/integration/lockable_test.rb +37 -37
- data/test/integration/omniauthable_test.rb +3 -3
- data/test/integration/recoverable_test.rb +41 -41
- data/test/integration/registerable_test.rb +49 -49
- data/test/integration/rememberable_test.rb +13 -13
- data/test/integration/timeoutable_test.rb +7 -7
- data/test/integration/trackable_test.rb +2 -2
- data/test/mailers/confirmation_instructions_test.rb +4 -4
- data/test/mailers/reset_password_instructions_test.rb +3 -3
- data/test/mailers/unlock_instructions_test.rb +2 -2
- data/test/models/authenticatable_test.rb +3 -3
- data/test/models/confirmable_test.rb +31 -31
- data/test/models/database_authenticatable_test.rb +27 -27
- data/test/models/lockable_test.rb +29 -29
- data/test/models/recoverable_test.rb +19 -19
- data/test/models/rememberable_test.rb +8 -8
- data/test/models/serializable_test.rb +8 -8
- data/test/models/timeoutable_test.rb +1 -1
- data/test/models/validatable_test.rb +11 -11
- data/test/omniauth/config_test.rb +3 -3
- data/test/omniauth/url_helpers_test.rb +3 -3
- data/test/parameter_sanitizer_test.rb +1 -1
- data/test/rails_app/app/controllers/admins_controller.rb +1 -1
- data/test/rails_app/app/controllers/application_controller.rb +2 -2
- data/test/rails_app/app/controllers/home_controller.rb +1 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +2 -2
- data/test/rails_app/app/controllers/users_controller.rb +5 -5
- data/test/rails_app/app/mailers/users/mailer.rb +4 -4
- data/test/rails_app/app/mongoid/admin.rb +11 -11
- data/test/rails_app/app/mongoid/shim.rb +2 -2
- data/test/rails_app/app/mongoid/user.rb +19 -19
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +2 -2
- data/test/rails_app/config/initializers/devise.rb +3 -3
- data/test/rails_app/config/initializers/secret_token.rb +1 -1
- data/test/rails_app/config/routes.rb +43 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +7 -7
- data/test/rails_app/lib/shared_admin.rb +4 -4
- data/test/routes_test.rb +59 -59
- data/test/support/helpers.rb +4 -4
- data/test/support/integration.rb +12 -12
- data/test/test_helpers_test.rb +3 -3
- data/test/test_models.rb +5 -5
- metadata +4 -4
@@ -30,10 +30,10 @@ if DEVISE_ORM == :active_record
|
|
30
30
|
run_generator %w(monster)
|
31
31
|
assert_migration "db/migrate/devise_create_monsters.rb"
|
32
32
|
assert_migration "db/migrate/add_devise_to_monsters.rb"
|
33
|
-
run_generator %w(monster), :
|
33
|
+
run_generator %w(monster), behavior: :revoke
|
34
34
|
assert_no_migration "db/migrate/add_devise_to_monsters.rb"
|
35
35
|
assert_migration "db/migrate/devise_create_monsters.rb"
|
36
|
-
run_generator %w(monster), :
|
36
|
+
run_generator %w(monster), behavior: :revoke
|
37
37
|
assert_no_file "app/models/monster.rb"
|
38
38
|
assert_no_migration "db/migrate/devise_create_monsters.rb"
|
39
39
|
end
|
@@ -47,11 +47,11 @@ if DEVISE_ORM == :active_record
|
|
47
47
|
|
48
48
|
def simulate_inside_engine(engine, namespace)
|
49
49
|
if Rails::Generators.respond_to?(:namespace=)
|
50
|
-
swap Rails::Generators, :
|
50
|
+
swap Rails::Generators, namespace: namespace do
|
51
51
|
yield
|
52
52
|
end
|
53
53
|
else
|
54
|
-
swap Rails, :
|
54
|
+
swap Rails, application: engine.instance do
|
55
55
|
yield
|
56
56
|
end
|
57
57
|
end
|
@@ -18,13 +18,13 @@ class DeviseGeneratorTest < Rails::Generators::TestCase
|
|
18
18
|
|
19
19
|
test "route generation for namespaced model names" do
|
20
20
|
run_generator %w(monster/goblin name:string)
|
21
|
-
match = /devise_for :goblins, :
|
21
|
+
match = /devise_for :goblins, class_name: "Monster::Goblin"/
|
22
22
|
assert_file "config/routes.rb", match
|
23
23
|
end
|
24
24
|
|
25
25
|
test "route generation with skip routes" do
|
26
26
|
run_generator %w(monster name:string --skip-routes)
|
27
|
-
match = /devise_for :monsters, :
|
27
|
+
match = /devise_for :monsters, skip: :all/
|
28
28
|
assert_file "config/routes.rb", match
|
29
29
|
end
|
30
30
|
|
@@ -33,7 +33,36 @@ class ViewsGeneratorTest < Rails::Generators::TestCase
|
|
33
33
|
|
34
34
|
test "Assert views with markerb" do
|
35
35
|
run_generator %w(--markerb)
|
36
|
-
assert_files nil, :
|
36
|
+
assert_files nil, mail_template_engine: "markerb"
|
37
|
+
end
|
38
|
+
|
39
|
+
|
40
|
+
test "Assert only views within specified directories" do
|
41
|
+
run_generator %w(-v sessions registrations)
|
42
|
+
assert_file "app/views/devise/sessions/new.html.erb"
|
43
|
+
assert_file "app/views/devise/registrations/new.html.erb"
|
44
|
+
assert_file "app/views/devise/registrations/edit.html.erb"
|
45
|
+
assert_no_file "app/views/devise/confirmations/new.html.erb"
|
46
|
+
assert_no_file "app/views/devise/mailer/confirmation_instructions.html.erb"
|
47
|
+
end
|
48
|
+
|
49
|
+
test "Assert specified directories with scope" do
|
50
|
+
run_generator %w(users -v sessions)
|
51
|
+
assert_file "app/views/users/sessions/new.html.erb"
|
52
|
+
assert_no_file "app/views/users/confirmations/new.html.erb"
|
53
|
+
end
|
54
|
+
|
55
|
+
test "Assert specified directories with simple form" do
|
56
|
+
run_generator %w(-v registrations -b simple_form_for)
|
57
|
+
assert_file "app/views/devise/registrations/new.html.erb", /simple_form_for/
|
58
|
+
assert_no_file "app/views/devise/confirmations/new.html.erb"
|
59
|
+
end
|
60
|
+
|
61
|
+
test "Assert specified directories with markerb" do
|
62
|
+
run_generator %w(--markerb -v passwords mailer)
|
63
|
+
assert_file "app/views/devise/passwords/new.html.erb"
|
64
|
+
assert_no_file "app/views/devise/confirmations/new.html.erb"
|
65
|
+
assert_file "app/views/devise/mailer/reset_password_instructions.markerb"
|
37
66
|
end
|
38
67
|
|
39
68
|
def assert_files(scope = nil, options={})
|
@@ -2,16 +2,16 @@ require 'test_helper'
|
|
2
2
|
|
3
3
|
class DeviseHelperTest < ActionDispatch::IntegrationTest
|
4
4
|
setup do
|
5
|
-
model_labels = { :
|
5
|
+
model_labels = { models: { user: "utilisateur" } }
|
6
6
|
|
7
7
|
I18n.backend.store_translations :fr,
|
8
8
|
{
|
9
|
-
:
|
10
|
-
:
|
11
|
-
:
|
9
|
+
errors: { messages: { not_saved: {
|
10
|
+
one: "Erreur lors de l'enregistrement de '%{resource}': 1 erreur.",
|
11
|
+
other: "Erreur lors de l'enregistrement de '%{resource}': %{count} erreurs."
|
12
12
|
} } },
|
13
|
-
:
|
14
|
-
:
|
13
|
+
activerecord: model_labels,
|
14
|
+
mongoid: model_labels
|
15
15
|
}
|
16
16
|
|
17
17
|
I18n.locale = 'fr'
|
@@ -24,8 +24,8 @@ class DeviseHelperTest < ActionDispatch::IntegrationTest
|
|
24
24
|
test 'test errors.messages.not_saved with single error from i18n' do
|
25
25
|
get new_user_registration_path
|
26
26
|
|
27
|
-
fill_in 'password', :
|
28
|
-
fill_in 'password confirmation', :
|
27
|
+
fill_in 'password', with: 'new_user123'
|
28
|
+
fill_in 'password confirmation', with: 'new_user123'
|
29
29
|
click_button 'Sign up'
|
30
30
|
|
31
31
|
assert_have_selector '#error_explanation'
|
@@ -39,9 +39,9 @@ class DeviseHelperTest < ActionDispatch::IntegrationTest
|
|
39
39
|
|
40
40
|
get new_user_registration_path
|
41
41
|
|
42
|
-
fill_in 'email', :
|
43
|
-
fill_in 'password', :
|
44
|
-
fill_in 'password confirmation', :
|
42
|
+
fill_in 'email', with: 'invalid_email'
|
43
|
+
fill_in 'password', with: 'new_user123'
|
44
|
+
fill_in 'password confirmation', with: 'new_user321'
|
45
45
|
click_button 'Sign up'
|
46
46
|
|
47
47
|
assert_have_selector '#error_explanation'
|
@@ -27,7 +27,7 @@ class AuthenticationSanityTest < ActionDispatch::IntegrationTest
|
|
27
27
|
end
|
28
28
|
|
29
29
|
test 'sign out as user should not touch admin authentication if sign_out_all_scopes is false' do
|
30
|
-
swap Devise, :
|
30
|
+
swap Devise, sign_out_all_scopes: false do
|
31
31
|
sign_in_as_user
|
32
32
|
sign_in_as_admin
|
33
33
|
get destroy_user_session_path
|
@@ -37,7 +37,7 @@ class AuthenticationSanityTest < ActionDispatch::IntegrationTest
|
|
37
37
|
end
|
38
38
|
|
39
39
|
test 'sign out as admin should not touch user authentication if sign_out_all_scopes is false' do
|
40
|
-
swap Devise, :
|
40
|
+
swap Devise, sign_out_all_scopes: false do
|
41
41
|
sign_in_as_user
|
42
42
|
sign_in_as_admin
|
43
43
|
|
@@ -48,7 +48,7 @@ class AuthenticationSanityTest < ActionDispatch::IntegrationTest
|
|
48
48
|
end
|
49
49
|
|
50
50
|
test 'sign out as user should also sign out admin if sign_out_all_scopes is true' do
|
51
|
-
swap Devise, :
|
51
|
+
swap Devise, sign_out_all_scopes: true do
|
52
52
|
sign_in_as_user
|
53
53
|
sign_in_as_admin
|
54
54
|
|
@@ -59,7 +59,7 @@ class AuthenticationSanityTest < ActionDispatch::IntegrationTest
|
|
59
59
|
end
|
60
60
|
|
61
61
|
test 'sign out as admin should also sign out user if sign_out_all_scopes is true' do
|
62
|
-
swap Devise, :
|
62
|
+
swap Devise, sign_out_all_scopes: true do
|
63
63
|
sign_in_as_user
|
64
64
|
sign_in_as_admin
|
65
65
|
|
@@ -162,7 +162,7 @@ class AuthenticationRoutesRestrictions < ActionDispatch::IntegrationTest
|
|
162
162
|
end
|
163
163
|
|
164
164
|
test 'signed in as inactive admin should not be able to access private/active route restricted to active admins (authenticate denied)' do
|
165
|
-
sign_in_as_admin(:
|
165
|
+
sign_in_as_admin(active: false)
|
166
166
|
assert warden.authenticated?(:admin)
|
167
167
|
assert_not warden.authenticated?(:user)
|
168
168
|
|
@@ -172,7 +172,7 @@ class AuthenticationRoutesRestrictions < ActionDispatch::IntegrationTest
|
|
172
172
|
end
|
173
173
|
|
174
174
|
test 'signed in as active admin should be able to access private/active route restricted to active admins (authenticate accepted)' do
|
175
|
-
sign_in_as_admin(:
|
175
|
+
sign_in_as_admin(active: true)
|
176
176
|
assert warden.authenticated?(:admin)
|
177
177
|
assert_not warden.authenticated?(:user)
|
178
178
|
|
@@ -214,7 +214,7 @@ class AuthenticationRoutesRestrictions < ActionDispatch::IntegrationTest
|
|
214
214
|
end
|
215
215
|
|
216
216
|
test 'signed in as inactive admin should not be able to access dashboard/active route restricted to active admins (authenticated denied)' do
|
217
|
-
sign_in_as_admin(:
|
217
|
+
sign_in_as_admin(active: false)
|
218
218
|
assert warden.authenticated?(:admin)
|
219
219
|
assert_not warden.authenticated?(:user)
|
220
220
|
|
@@ -224,7 +224,7 @@ class AuthenticationRoutesRestrictions < ActionDispatch::IntegrationTest
|
|
224
224
|
end
|
225
225
|
|
226
226
|
test 'signed in as active admin should be able to access dashboard/active route restricted to active admins (authenticated accepted)' do
|
227
|
-
sign_in_as_admin(:
|
227
|
+
sign_in_as_admin(active: true)
|
228
228
|
assert warden.authenticated?(:admin)
|
229
229
|
assert_not warden.authenticated?(:user)
|
230
230
|
|
@@ -277,7 +277,7 @@ class AuthenticationRedirectTest < ActionDispatch::IntegrationTest
|
|
277
277
|
assert_equal users_path, session[:"user_return_to"]
|
278
278
|
|
279
279
|
follow_redirect!
|
280
|
-
sign_in_as_user :
|
280
|
+
sign_in_as_user visit: false
|
281
281
|
|
282
282
|
assert_current_url '/users'
|
283
283
|
assert_nil session[:"user_return_to"]
|
@@ -293,7 +293,7 @@ class AuthenticationRedirectTest < ActionDispatch::IntegrationTest
|
|
293
293
|
assert_equal users_path, session[:"user_return_to"]
|
294
294
|
|
295
295
|
follow_redirect!
|
296
|
-
sign_in_as_user :
|
296
|
+
sign_in_as_user visit: false
|
297
297
|
|
298
298
|
assert_current_url '/users'
|
299
299
|
assert_nil session[:"user_return_to"]
|
@@ -392,7 +392,7 @@ end
|
|
392
392
|
|
393
393
|
class AuthenticationWithScopedViewsTest < ActionDispatch::IntegrationTest
|
394
394
|
test 'renders the scoped view if turned on and view is available' do
|
395
|
-
swap Devise, :
|
395
|
+
swap Devise, scoped_views: true do
|
396
396
|
assert_raise Webrat::NotFoundError do
|
397
397
|
sign_in_as_user
|
398
398
|
end
|
@@ -415,7 +415,7 @@ class AuthenticationWithScopedViewsTest < ActionDispatch::IntegrationTest
|
|
415
415
|
end
|
416
416
|
|
417
417
|
test 'does not render the scoped view if turned off' do
|
418
|
-
swap Devise, :
|
418
|
+
swap Devise, scoped_views: false do
|
419
419
|
assert_nothing_raised do
|
420
420
|
sign_in_as_user
|
421
421
|
end
|
@@ -423,7 +423,7 @@ class AuthenticationWithScopedViewsTest < ActionDispatch::IntegrationTest
|
|
423
423
|
end
|
424
424
|
|
425
425
|
test 'does not render the scoped view if not available' do
|
426
|
-
swap Devise, :
|
426
|
+
swap Devise, scoped_views: true do
|
427
427
|
assert_nothing_raised do
|
428
428
|
sign_in_as_admin
|
429
429
|
end
|
@@ -433,7 +433,7 @@ end
|
|
433
433
|
|
434
434
|
class AuthenticationOthersTest < ActionDispatch::IntegrationTest
|
435
435
|
test 'handles unverified requests gets rid of caches' do
|
436
|
-
swap ApplicationController, :
|
436
|
+
swap ApplicationController, allow_forgery_protection: true do
|
437
437
|
post exhibit_user_url(1)
|
438
438
|
assert_not warden.authenticated?(:user)
|
439
439
|
|
@@ -473,12 +473,12 @@ class AuthenticationOthersTest < ActionDispatch::IntegrationTest
|
|
473
473
|
test 'sign in with script name' do
|
474
474
|
assert_nothing_raised do
|
475
475
|
get new_user_session_path, {}, "SCRIPT_NAME" => "/omg"
|
476
|
-
fill_in "email", :
|
476
|
+
fill_in "email", with: "user@test.com"
|
477
477
|
end
|
478
478
|
end
|
479
479
|
|
480
480
|
test 'sign in stub in xml format' do
|
481
|
-
get new_user_session_path(:
|
481
|
+
get new_user_session_path(format: 'xml')
|
482
482
|
assert_match '<?xml version="1.0" encoding="UTF-8"?>', response.body
|
483
483
|
assert_match /<user>.*<\/user>/m, response.body
|
484
484
|
assert_match '<email></email>', response.body
|
@@ -486,15 +486,15 @@ class AuthenticationOthersTest < ActionDispatch::IntegrationTest
|
|
486
486
|
end
|
487
487
|
|
488
488
|
test 'sign in stub in json format' do
|
489
|
-
get new_user_session_path(:
|
489
|
+
get new_user_session_path(format: 'json')
|
490
490
|
assert_match '{"user":{', response.body
|
491
491
|
assert_match '"email":""', response.body
|
492
492
|
assert_match '"password":null', response.body
|
493
493
|
end
|
494
494
|
|
495
495
|
test 'sign in stub in json with non attribute key' do
|
496
|
-
swap Devise, :
|
497
|
-
get new_user_session_path(:
|
496
|
+
swap Devise, authentication_keys: [:other_key] do
|
497
|
+
get new_user_session_path(format: 'json')
|
498
498
|
assert_match '{"user":{', response.body
|
499
499
|
assert_match '"other_key":null', response.body
|
500
500
|
assert_match '"password":null', response.body
|
@@ -502,30 +502,30 @@ class AuthenticationOthersTest < ActionDispatch::IntegrationTest
|
|
502
502
|
end
|
503
503
|
|
504
504
|
test 'uses the mapping from router' do
|
505
|
-
sign_in_as_user :
|
505
|
+
sign_in_as_user visit: "/as/sign_in"
|
506
506
|
assert warden.authenticated?(:user)
|
507
507
|
assert_not warden.authenticated?(:admin)
|
508
508
|
end
|
509
509
|
|
510
510
|
test 'sign in with xml format returns xml response' do
|
511
511
|
create_user
|
512
|
-
post user_session_path(:
|
512
|
+
post user_session_path(format: 'xml'), user: {email: "user@test.com", password: '12345678'}
|
513
513
|
assert_response :success
|
514
514
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
|
515
515
|
end
|
516
516
|
|
517
517
|
test 'sign in with xml format is idempotent' do
|
518
|
-
get new_user_session_path(:
|
518
|
+
get new_user_session_path(format: 'xml')
|
519
519
|
assert_response :success
|
520
520
|
|
521
521
|
create_user
|
522
|
-
post user_session_path(:
|
522
|
+
post user_session_path(format: 'xml'), user: {email: "user@test.com", password: '12345678'}
|
523
523
|
assert_response :success
|
524
524
|
|
525
|
-
get new_user_session_path(:
|
525
|
+
get new_user_session_path(format: 'xml')
|
526
526
|
assert_response :success
|
527
527
|
|
528
|
-
post user_session_path(:
|
528
|
+
post user_session_path(format: 'xml'), user: {email: "user@test.com", password: '12345678'}
|
529
529
|
assert_response :success
|
530
530
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
|
531
531
|
end
|
@@ -537,27 +537,27 @@ class AuthenticationOthersTest < ActionDispatch::IntegrationTest
|
|
537
537
|
assert_current_url '/'
|
538
538
|
|
539
539
|
sign_in_as_user
|
540
|
-
get destroy_user_session_path(:
|
540
|
+
get destroy_user_session_path(format: 'html')
|
541
541
|
assert_response :redirect
|
542
542
|
assert_current_url '/'
|
543
543
|
end
|
544
544
|
|
545
545
|
test 'sign out with xml format returns no content' do
|
546
546
|
sign_in_as_user
|
547
|
-
get destroy_user_session_path(:
|
547
|
+
get destroy_user_session_path(format: 'xml')
|
548
548
|
assert_response :no_content
|
549
549
|
assert_not warden.authenticated?(:user)
|
550
550
|
end
|
551
551
|
|
552
552
|
test 'sign out with json format returns no content' do
|
553
553
|
sign_in_as_user
|
554
|
-
get destroy_user_session_path(:
|
554
|
+
get destroy_user_session_path(format: 'json')
|
555
555
|
assert_response :no_content
|
556
556
|
assert_not warden.authenticated?(:user)
|
557
557
|
end
|
558
558
|
|
559
559
|
test 'sign out with non-navigational format via XHR does not redirect' do
|
560
|
-
swap Devise, :
|
560
|
+
swap Devise, navigational_formats: ['*/*', :html] do
|
561
561
|
sign_in_as_user
|
562
562
|
xml_http_request :get, destroy_user_session_path, {}, { "HTTP_ACCEPT" => "application/json,text/javascript,*/*" } # NOTE: Bug is triggered by combination of XHR and */*.
|
563
563
|
assert_response :no_content
|
@@ -567,7 +567,7 @@ class AuthenticationOthersTest < ActionDispatch::IntegrationTest
|
|
567
567
|
|
568
568
|
# Belt and braces ... Perhaps this test is not necessary?
|
569
569
|
test 'sign out with navigational format via XHR does redirect' do
|
570
|
-
swap Devise, :
|
570
|
+
swap Devise, navigational_formats: ['*/*', :html] do
|
571
571
|
sign_in_as_user
|
572
572
|
xml_http_request :get, destroy_user_session_path, {}, { "HTTP_ACCEPT" => "text/html,*/*" }
|
573
573
|
assert_response :redirect
|
@@ -578,7 +578,7 @@ end
|
|
578
578
|
|
579
579
|
class AuthenticationKeysTest < ActionDispatch::IntegrationTest
|
580
580
|
test 'missing authentication keys cause authentication to abort' do
|
581
|
-
swap Devise, :
|
581
|
+
swap Devise, authentication_keys: [:subdomain] do
|
582
582
|
sign_in_as_user
|
583
583
|
assert_contain "Invalid email or password."
|
584
584
|
assert_not warden.authenticated?(:user)
|
@@ -586,7 +586,7 @@ class AuthenticationKeysTest < ActionDispatch::IntegrationTest
|
|
586
586
|
end
|
587
587
|
|
588
588
|
test 'missing authentication keys cause authentication to abort unless marked as not required' do
|
589
|
-
swap Devise, :
|
589
|
+
swap Devise, authentication_keys: { email: true, subdomain: false } do
|
590
590
|
sign_in_as_user
|
591
591
|
assert warden.authenticated?(:user)
|
592
592
|
end
|
@@ -597,15 +597,15 @@ class AuthenticationRequestKeysTest < ActionDispatch::IntegrationTest
|
|
597
597
|
test 'request keys are used on authentication' do
|
598
598
|
host! 'foo.bar.baz'
|
599
599
|
|
600
|
-
swap Devise, :
|
601
|
-
User.expects(:find_for_authentication).with(:
|
600
|
+
swap Devise, request_keys: [:subdomain] do
|
601
|
+
User.expects(:find_for_authentication).with(subdomain: 'foo', email: 'user@test.com').returns(create_user)
|
602
602
|
sign_in_as_user
|
603
603
|
assert warden.authenticated?(:user)
|
604
604
|
end
|
605
605
|
end
|
606
606
|
|
607
607
|
test 'invalid request keys raises NoMethodError' do
|
608
|
-
swap Devise, :
|
608
|
+
swap Devise, request_keys: [:unknown_method] do
|
609
609
|
assert_raise NoMethodError do
|
610
610
|
sign_in_as_user
|
611
611
|
end
|
@@ -617,7 +617,7 @@ class AuthenticationRequestKeysTest < ActionDispatch::IntegrationTest
|
|
617
617
|
test 'blank request keys cause authentication to abort' do
|
618
618
|
host! 'test.com'
|
619
619
|
|
620
|
-
swap Devise, :
|
620
|
+
swap Devise, request_keys: [:subdomain] do
|
621
621
|
sign_in_as_user
|
622
622
|
assert_contain "Invalid email or password."
|
623
623
|
assert_not warden.authenticated?(:user)
|
@@ -627,7 +627,7 @@ class AuthenticationRequestKeysTest < ActionDispatch::IntegrationTest
|
|
627
627
|
test 'blank request keys cause authentication to abort unless if marked as not required' do
|
628
628
|
host! 'test.com'
|
629
629
|
|
630
|
-
swap Devise, :
|
630
|
+
swap Devise, request_keys: { subdomain: false } do
|
631
631
|
sign_in_as_user
|
632
632
|
assert warden.authenticated?(:user)
|
633
633
|
end
|
@@ -636,7 +636,7 @@ end
|
|
636
636
|
|
637
637
|
class AuthenticationSignOutViaTest < ActionDispatch::IntegrationTest
|
638
638
|
def sign_in!(scope)
|
639
|
-
sign_in_as_admin(:
|
639
|
+
sign_in_as_admin(visit: send("new_#{scope}_session_path"))
|
640
640
|
assert warden.authenticated?(scope)
|
641
641
|
end
|
642
642
|
|
@@ -692,22 +692,22 @@ end
|
|
692
692
|
class DoubleAuthenticationRedirectTest < ActionDispatch::IntegrationTest
|
693
693
|
test 'signed in as user redirects when visiting user sign in page' do
|
694
694
|
sign_in_as_user
|
695
|
-
get new_user_session_path(:
|
695
|
+
get new_user_session_path(format: :html)
|
696
696
|
assert_redirected_to '/'
|
697
697
|
end
|
698
698
|
|
699
699
|
test 'signed in as admin redirects when visiting admin sign in page' do
|
700
700
|
sign_in_as_admin
|
701
|
-
get new_admin_session_path(:
|
701
|
+
get new_admin_session_path(format: :html)
|
702
702
|
assert_redirected_to '/admin_area/home'
|
703
703
|
end
|
704
704
|
|
705
705
|
test 'signed in as both user and admin redirects when visiting admin sign in page' do
|
706
706
|
sign_in_as_user
|
707
707
|
sign_in_as_admin
|
708
|
-
get new_user_session_path(:
|
708
|
+
get new_user_session_path(format: :html)
|
709
709
|
assert_redirected_to '/'
|
710
|
-
get new_admin_session_path(:
|
710
|
+
get new_admin_session_path(format: :html)
|
711
711
|
assert_redirected_to '/admin_area/home'
|
712
712
|
end
|
713
713
|
end
|