devise 3.2.4 → 4.0.0

data/test/controllers/helper_methods_test.rb

@@ -0,0 +1,22 @@
+require 'test_helper'
+
+class ApiController < ActionController::Metal
+  include Devise::Controllers::Helpers
+end
+
+class HelperMethodsTest < Devise::ControllerTestCase
+  tests ApiController
+
+  test 'includes Devise::Controllers::Helpers' do
+    assert_includes @controller.class.ancestors, Devise::Controllers::Helpers
+  end
+
+  test 'does not respond_to helper or helper_method' do
+    refute_respond_to @controller.class, :helper
+    refute_respond_to @controller.class, :helper_method
+  end
+
+  test 'defines methods like current_user' do
+    assert_respond_to @controller, :current_user
+  end
+end

data/test/controllers/helpers_test.rb

@@ -1,7 +1,7 @@
 require 'test_helper'
 require 'ostruct'
 
-class ControllerAuthenticatableTest < ActionController::TestCase
+class ControllerAuthenticatableTest < Devise::ControllerTestCase
   tests ApplicationController
 
   def setup
@@ -25,6 +25,13 @@ class ControllerAuthenticatableTest < ActionController::TestCase
     @controller.signed_in?
   end
 
+  test 'proxy [group]_signed_in? to authenticate? with each scope' do
+    [:user, :admin].each do |scope|
+      @mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
+    end
+    @controller.commenter_signed_in?
+  end
+
   test 'proxy current_user to authenticate with user scope' do
     @mock_warden.expects(:authenticate).with(scope: :user)
     @controller.current_user
@@ -35,6 +42,20 @@ class ControllerAuthenticatableTest < ActionController::TestCase
     @controller.current_admin
   end
 
+  test 'proxy current_[group] to authenticate with each scope' do
+    [:user, :admin].each do |scope|
+      @mock_warden.expects(:authenticate).with(scope: scope).returns(nil)
+    end
+    @controller.current_commenter
+  end
+
+  test 'proxy current_[plural_group] to authenticate with each scope' do
+    [:user, :admin].each do |scope|
+      @mock_warden.expects(:authenticate).with(scope: scope)
+    end
+    @controller.current_commenters
+  end
+
   test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
     @mock_warden.expects(:authenticate).with(scope: :publisher_account)
     @controller.current_publisher_account
@@ -55,6 +76,14 @@ class ControllerAuthenticatableTest < ActionController::TestCase
     @controller.authenticate_admin!
   end
 
+  test 'proxy authenticate_[group]! to authenticate!? with each scope' do
+    [:user, :admin].each do |scope|
+      @mock_warden.expects(:authenticate!).with(scope: scope)
+      @mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
+    end
+    @controller.authenticate_commenter!
+  end
+
   test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
     @mock_warden.expects(:authenticate!).with(scope: :publisher_account)
     @controller.authenticate_publisher_account!
@@ -193,6 +222,12 @@ class ControllerAuthenticatableTest < ActionController::TestCase
     assert_equal "/foo.bar", @controller.stored_location_for(:user)
   end
 
+  test 'store bad location for stores a location to redirect back to' do
+    assert_nil @controller.stored_location_for(:user)
+    @controller.store_location_for(:user, "/foo.bar\">Carry")
+    assert_nil @controller.stored_location_for(:user)
+  end
+
   test 'store location for accepts a resource as argument' do
     @controller.store_location_for(User.new, "/foo.bar")
     assert_equal "/foo.bar", @controller.stored_location_for(User.new)
@@ -210,6 +245,11 @@ class ControllerAuthenticatableTest < ActionController::TestCase
     assert_equal "/foo?bar=baz", @controller.stored_location_for(:user)
   end
 
+  test 'store location for stores fragments' do
+    @controller.store_location_for(:user, "/foo#bar")
+    assert_equal "/foo#bar", @controller.stored_location_for(:user)
+  end
+
   test 'after sign in path defaults to root path if none by was specified for the given scope' do
     assert_equal root_path, @controller.after_sign_in_path_for(:user)
   end

data/test/controllers/inherited_controller_i18n_messages_test.rb

@@ -0,0 +1,51 @@
+require 'test_helper'
+
+class SessionsInheritedController < Devise::SessionsController
+  def test_i18n_scope
+    set_flash_message(:notice, :signed_in)
+  end
+end
+
+class AnotherInheritedController < SessionsInheritedController
+  protected
+
+  def translation_scope
+    'another'
+  end
+end
+
+class InheritedControllerTest < Devise::ControllerTestCase
+  tests SessionsInheritedController
+
+  def setup
+    @mock_warden = OpenStruct.new
+    @controller.request.env['warden'] = @mock_warden
+    @controller.request.env['devise.mapping'] = Devise.mappings[:user]
+  end
+
+  test 'I18n scope is inherited from Devise::Sessions' do
+    I18n.expects(:t).with do |message, options|
+      message == 'user.signed_in' &&
+        options[:scope] == 'devise.sessions'
+    end
+    @controller.test_i18n_scope
+  end
+end
+
+class AnotherInheritedControllerTest < Devise::ControllerTestCase
+  tests AnotherInheritedController
+
+  def setup
+    @mock_warden = OpenStruct.new
+    @controller.request.env['warden'] = @mock_warden
+    @controller.request.env['devise.mapping'] = Devise.mappings[:user]
+  end
+
+  test 'I18n scope is overridden' do
+    I18n.expects(:t).with do |message, options|
+      message == 'user.signed_in' &&
+        options[:scope] == 'another'
+    end
+    @controller.test_i18n_scope
+  end
+end

data/test/controllers/internal_helpers_test.rb

@@ -3,7 +3,7 @@ require 'test_helper'
 class MyController < DeviseController
 end
 
-class HelpersTest < ActionController::TestCase
+class HelpersTest < Devise::ControllerTestCase
   tests MyController
 
   def setup
@@ -13,16 +13,16 @@ class HelpersTest < ActionController::TestCase
   end
 
   test 'get resource name from env' do
-    assert_equal :user, @controller.resource_name
+    assert_equal :user, @controller.send(:resource_name)
   end
 
   test 'get resource class from env' do
-    assert_equal User, @controller.resource_class
+    assert_equal User, @controller.send(:resource_class)
   end
 
   test 'get resource instance variable from env' do
     @controller.instance_variable_set(:@user, user = User.new)
-    assert_equal user, @controller.resource
+    assert_equal user, @controller.send(:resource)
   end
 
   test 'set resource instance variable from env' do
@@ -36,22 +36,20 @@ class HelpersTest < ActionController::TestCase
   test 'get resource params from request params using resource name as key' do
     user_params = {'email' => 'shirley@templar.com'}
 
-    params = if Devise.rails4?
-      # Stub controller name so strong parameters can filter properly.
-      # DeviseController does not allow any parameters by default.
-      @controller.stubs(:controller_name).returns(:sessions_controller)
+    # Stub controller name so strong parameters can filter properly.
+    # DeviseController does not allow any parameters by default.
+    @controller.stubs(:controller_name).returns(:sessions_controller)
+
+    params = ActionController::Parameters.new({'user' => user_params})
 
-      ActionController::Parameters.new({'user' => user_params})
-    else
-      HashWithIndifferentAccess.new({'user' => user_params})
-    end
     @controller.stubs(:params).returns(params)
 
-    assert_equal user_params, @controller.send(:resource_params)
+    res_params = @controller.send(:resource_params).permit!.to_h
+    assert_equal user_params, res_params
   end
 
   test 'resources methods are not controller actions' do
-    assert @controller.class.action_methods.empty?
+    assert @controller.class.action_methods.delete_if { |m| m.include? 'commenter' }.empty?
   end
 
   test 'require no authentication tests current mapping' do
@@ -80,7 +78,7 @@ class HelpersTest < ActionController::TestCase
 
   test 'signed in resource returns signed in resource for current scope' do
     @mock_warden.expects(:authenticate).with(scope: :user).returns(User.new)
-    assert_kind_of User, @controller.signed_in_resource
+    assert_kind_of User, @controller.send(:signed_in_resource)
   end
 
   test 'is a devise controller' do
@@ -99,6 +97,12 @@ class HelpersTest < ActionController::TestCase
     assert_equal 'non-blank', flash[:notice]
   end
 
+  test 'issues non-blank flash.now messages normally' do
+    I18n.stubs(:t).returns('non-blank')
+    @controller.send :set_flash_message, :notice, :send_instructions, { now: true }
+    assert_equal 'non-blank', flash.now[:notice]
+  end
+
   test 'uses custom i18n options' do
     @controller.stubs(:devise_i18n_options).returns(default: "devise custom options")
     @controller.send :set_flash_message, :notice, :invalid_i18n_messagesend_instructions

data/test/controllers/load_hooks_controller_test.rb

@@ -0,0 +1,19 @@
+require 'test_helper'
+
+class LoadHooksControllerTest < Devise::ControllerTestCase
+  setup do
+    ActiveSupport.on_load(:devise_controller) do
+      define_method :defined_by_load_hook do
+        puts 'I am defined dynamically by activesupport load hook'
+      end
+    end
+  end
+
+  teardown do
+    DeviseController.class_eval { undef :defined_by_load_hook }
+  end
+
+  test 'load hook called when controller is loaded' do
+    assert DeviseController.instance_methods.include? :defined_by_load_hook
+  end
+end

data/test/controllers/passwords_controller_test.rb

@@ -1,18 +1,19 @@
 require 'test_helper'
 
-class PasswordsControllerTest < ActionController::TestCase
+class PasswordsControllerTest < Devise::ControllerTestCase
   tests Devise::PasswordsController
   include Devise::TestHelpers
 
   setup do
     request.env["devise.mapping"] = Devise.mappings[:user]
-    @user = create_user.tap(&:confirm!)
+    @user = create_user.tap(&:confirm)
     @raw  = @user.send_reset_password_instructions
   end
 
   def put_update_with_params
-    put :update, "user" => {
-      "reset_password_token" => @raw, "password" => "123456", "password_confirmation" => "123456"
+    put :update, params: { "user" => {
+        "reset_password_token" => @raw, "password" => "1234567", "password_confirmation" => "1234567"
+      }
     }
   end
 

data/test/controllers/sessions_controller_test.rb

@@ -1,6 +1,6 @@
 require 'test_helper'
 
-class SessionsControllerTest < ActionController::TestCase
+class SessionsControllerTest < Devise::ControllerTestCase
   tests Devise::SessionsController
   include Devise::TestHelpers
 
@@ -12,9 +12,10 @@ class SessionsControllerTest < ActionController::TestCase
       request.env["devise.mapping"] = Devise.mappings[:user]
       request.session["user_return_to"] = 'foo.bar'
       create_user
-      post :create, user: {
-        email: "wrong@email.com",
-        password: "wrongpassword"
+      post :create, params: { user: {
+          email: "wrong@email.com",
+          password: "wrongpassword"
+        }
       }
       assert_equal 200, @response.status
     ensure
@@ -36,12 +37,12 @@ class SessionsControllerTest < ActionController::TestCase
     request.session["user_return_to"] = 'foo.bar'
 
     user = create_user
-    user.confirm!
-    post :create, user: {
-      email: user.email,
-      password: user.password
+    user.confirm
+    post :create, params: { user: {
+        email: user.email,
+        password: user.password
+      }
     }
-
     assert_nil request.session["user_return_to"]
   end
 
@@ -50,10 +51,11 @@ class SessionsControllerTest < ActionController::TestCase
     request.session["user_return_to"] = 'foo.bar'
 
     user = create_user
-    user.confirm!
-    post :create, format: 'json', user: {
-      email: user.email,
-      password: user.password
+    user.confirm
+    post :create, params: { format: 'json', user: {
+        email: user.email,
+        password: user.password
+      }
     }
 
     assert_equal 'foo.bar', request.session["user_return_to"]
@@ -61,9 +63,10 @@ class SessionsControllerTest < ActionController::TestCase
 
   test "#create doesn't raise exception after Warden authentication fails when TestHelpers included" do
     request.env["devise.mapping"] = Devise.mappings[:user]
-    post :create, user: {
-      email: "nosuchuser@example.com",
-      password: "wevdude"
+    post :create, params: { user: {
+        email: "nosuchuser@example.com",
+        password: "wevdude"
+      }
     }
     assert_equal 200, @response.status
     assert_template "devise/sessions/new"
@@ -72,12 +75,12 @@ class SessionsControllerTest < ActionController::TestCase
   test "#destroy doesn't set the flash if the requested format is not navigational" do
     request.env["devise.mapping"] = Devise.mappings[:user]
     user = create_user
-    user.confirm!
-    post :create, format: 'json', user: {
-      email: user.email,
-      password: user.password
+    user.confirm
+    post :create, params: { format: 'json', user: {
+        email: user.email,
+        password: user.password
+      }
     }
-
     delete :destroy, format: 'json'
     assert flash[:notice].blank?, "flash[:notice] should be blank, not #{flash[:notice].inspect}"
     assert_equal 204, @response.status

data/test/controllers/url_helpers_test.rb

@@ -1,6 +1,6 @@
 require 'test_helper'
 
-class RoutesTest < ActionController::TestCase
+class RoutesTest < Devise::ControllerTestCase
   tests ApplicationController
 
   def assert_path_and_url(name, prepend_path=nil)
@@ -13,6 +13,12 @@ class RoutesTest < ActionController::TestCase
     assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user),
                  send(:"#{prepend_path}user_#{name}_url")
 
+    # With string
+    assert_equal @controller.send(:"#{prepend_path}#{name}_path", "user"),
+                 send(:"#{prepend_path}user_#{name}_path")
+    assert_equal @controller.send(:"#{prepend_path}#{name}_url", "user"),
+                 send(:"#{prepend_path}user_#{name}_url")
+
     # Default url params
     assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, param: 123),
                  send(:"#{prepend_path}user_#{name}_path", param: 123)

data/test/devise_test.rb

@@ -3,10 +3,10 @@ require 'test_helper'
 module Devise
   def self.yield_and_restore
     @@warden_configured = nil
-    c, b = @@warden_config, @@warden_config_block
+    c, b = @@warden_config, @@warden_config_blocks
     yield
   ensure
-    @@warden_config, @@warden_config_block = c, b
+    @@warden_config, @@warden_config_blocks = c, b
   end
 end
 
@@ -14,11 +14,11 @@ class DeviseTest < ActiveSupport::TestCase
   test 'bcrypt on the class' do
     password = "super secret"
     klass    = Struct.new(:pepper, :stretches).new("blahblah", 2)
-    hash     = Devise.bcrypt(klass, password)
+    hash     = Devise::Encryptor.digest(klass, password)
     assert_equal ::BCrypt::Password.create(hash), hash
 
     klass    = Struct.new(:pepper, :stretches).new("bla", 2)
-    hash     = Devise.bcrypt(klass, password)
+    hash     = Devise::Encryptor.digest(klass, password)
     assert_not_equal ::BCrypt::Password.new(hash), hash
   end
 
@@ -35,6 +35,33 @@ class DeviseTest < ActiveSupport::TestCase
     end
   end
 
+  test 'setup block warns about defaults changing' do
+    Devise.app_set_configs = Set.new
+
+    ActiveSupport::Deprecation.expects(:warn).with() { |value| value =~ /email_regexp/ }
+    ActiveSupport::Deprecation.expects(:warn).with() { |value| value =~ /reconfirmable/ }
+    ActiveSupport::Deprecation.expects(:warn).with() { |value| value =~ /sign_out_via/ }
+    ActiveSupport::Deprecation.expects(:warn).with() { |value| value =~ /skip_session_storage/ }
+    ActiveSupport::Deprecation.expects(:warn).with() { |value| value =~ /strip_whitespace_keys/ }
+
+    Devise.setup do
+    end
+  end
+
+  test 'setup block doest not warns when the change is explicit set' do
+    ActiveSupport::Deprecation.expects(:warn).never
+
+    swap Devise,
+        email_regexp: /@/,
+        reconfirmable: false,
+        sign_out_via: :get,
+        skip_session_storage: [],
+        strip_whitespace_keys: [] do
+        Devise.setup do
+        end
+    end
+  end
+
   test 'stores warden configuration' do
     assert_kind_of Devise::Delegator, Devise.warden_config.failure_app
     assert_equal :user, Devise.warden_config.default_scope
@@ -42,14 +69,27 @@ class DeviseTest < ActiveSupport::TestCase
 
   test 'warden manager user configuration through a block' do
     Devise.yield_and_restore do
-      @executed = false
+      executed = false
       Devise.warden do |config|
-        @executed = true
+        executed = true
         assert_kind_of Warden::Config, config
       end
 
       Devise.configure_warden!
-      assert @executed
+      assert executed
+    end
+  end
+
+  test 'warden manager user configuration through multiple blocks' do
+    Devise.yield_and_restore do
+      executed = 0
+
+      3.times do
+        Devise.warden { |config| executed += 1 }
+      end
+
+      Devise.configure_warden!
+      assert_equal 3, executed
     end
   end
 
@@ -82,7 +122,7 @@ class DeviseTest < ActiveSupport::TestCase
 
   test 'Devise.email_regexp should match valid email addresses' do
     valid_emails = ["test@example.com", "jo@jo.co", "f4$_m@you.com", "testing.example@example.com.ua"]
-    non_valid_emails = ["rex", "test@go,com", "test user@example.com", "test_user@example server.com"]
+    non_valid_emails = ["rex", "test@go,com", "test user@example.com", "test_user@example server.com", "test_user@example.com."]
 
     valid_emails.each do |email|
       assert_match Devise.email_regexp, email