devise 3.2.4 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.gitignore +0 -1
- data/.travis.yml +33 -17
- data/CHANGELOG.md +57 -1033
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +2 -0
- data/Gemfile +5 -5
- data/Gemfile.lock +138 -115
- data/MIT-LICENSE +1 -1
- data/README.md +124 -65
- data/Rakefile +2 -1
- data/app/controllers/devise/confirmations_controller.rb +7 -3
- data/app/controllers/devise/omniauth_callbacks_controller.rb +8 -4
- data/app/controllers/devise/passwords_controller.rb +16 -6
- data/app/controllers/devise/registrations_controller.rb +22 -10
- data/app/controllers/devise/sessions_controller.rb +42 -14
- data/app/controllers/devise/unlocks_controller.rb +5 -2
- data/app/controllers/devise_controller.rb +63 -29
- data/app/mailers/devise/mailer.rb +4 -0
- data/app/views/devise/confirmations/new.html.erb +7 -3
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/passwords/edit.html.erb +14 -5
- data/app/views/devise/passwords/new.html.erb +7 -3
- data/app/views/devise/registrations/edit.html.erb +19 -9
- data/app/views/devise/registrations/new.html.erb +18 -7
- data/app/views/devise/sessions/new.html.erb +16 -7
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
- data/app/views/devise/unlocks/new.html.erb +7 -3
- data/bin/test +13 -0
- data/config/locales/en.yml +19 -16
- data/devise.gemspec +3 -4
- data/gemfiles/{Gemfile.rails-3.2-stable → Gemfile.rails-4.1-stable} +6 -6
- data/gemfiles/Gemfile.rails-4.1-stable.lock +167 -0
- data/gemfiles/{Gemfile.rails-head → Gemfile.rails-4.2-stable} +6 -6
- data/gemfiles/Gemfile.rails-4.2-stable.lock +189 -0
- data/gemfiles/Gemfile.rails-5.0-beta +37 -0
- data/gemfiles/Gemfile.rails-5.0-beta.lock +199 -0
- data/lib/devise/controllers/helpers.rb +94 -27
- data/lib/devise/controllers/rememberable.rb +9 -2
- data/lib/devise/controllers/sign_in_out.rb +2 -9
- data/lib/devise/controllers/store_location.rb +11 -3
- data/lib/devise/controllers/url_helpers.rb +7 -7
- data/lib/devise/encryptor.rb +22 -0
- data/lib/devise/failure_app.rb +72 -23
- data/lib/devise/hooks/activatable.rb +3 -4
- data/lib/devise/hooks/csrf_cleaner.rb +3 -1
- data/lib/devise/hooks/timeoutable.rb +13 -8
- data/lib/devise/mailers/helpers.rb +1 -1
- data/lib/devise/mapping.rb +6 -2
- data/lib/devise/models/authenticatable.rb +32 -28
- data/lib/devise/models/confirmable.rb +55 -22
- data/lib/devise/models/database_authenticatable.rb +32 -19
- data/lib/devise/models/lockable.rb +5 -5
- data/lib/devise/models/recoverable.rb +44 -20
- data/lib/devise/models/rememberable.rb +54 -27
- data/lib/devise/models/timeoutable.rb +0 -6
- data/lib/devise/models/trackable.rb +5 -3
- data/lib/devise/models/validatable.rb +3 -3
- data/lib/devise/models.rb +1 -1
- data/lib/devise/omniauth/url_helpers.rb +62 -4
- data/lib/devise/parameter_sanitizer.rb +176 -61
- data/lib/devise/rails/routes.rb +76 -59
- data/lib/devise/rails/warden_compat.rb +1 -10
- data/lib/devise/rails.rb +2 -11
- data/lib/devise/strategies/authenticatable.rb +15 -6
- data/lib/devise/strategies/database_authenticatable.rb +5 -4
- data/lib/devise/strategies/rememberable.rb +13 -3
- data/lib/devise/test_helpers.rb +12 -7
- data/lib/devise/token_generator.rb +1 -41
- data/lib/devise/version.rb +1 -1
- data/lib/devise.rb +150 -58
- data/lib/generators/active_record/devise_generator.rb +28 -4
- data/lib/generators/active_record/templates/migration.rb +3 -3
- data/lib/generators/active_record/templates/migration_existing.rb +3 -3
- data/lib/generators/devise/controllers_generator.rb +44 -0
- data/lib/generators/devise/install_generator.rb +15 -0
- data/lib/generators/devise/orm_helpers.rb +1 -18
- data/lib/generators/devise/views_generator.rb +14 -3
- data/lib/generators/templates/README +1 -1
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +28 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +28 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +32 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +60 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +25 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +28 -0
- data/lib/generators/templates/devise.rb +36 -28
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +1 -1
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +1 -1
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +2 -2
- data/test/controllers/custom_registrations_controller_test.rb +40 -0
- data/test/controllers/custom_strategy_test.rb +7 -5
- data/test/controllers/helper_methods_test.rb +22 -0
- data/test/controllers/helpers_test.rb +41 -1
- data/test/controllers/inherited_controller_i18n_messages_test.rb +51 -0
- data/test/controllers/internal_helpers_test.rb +19 -15
- data/test/controllers/load_hooks_controller_test.rb +19 -0
- data/test/controllers/passwords_controller_test.rb +5 -4
- data/test/controllers/sessions_controller_test.rb +24 -21
- data/test/controllers/url_helpers_test.rb +7 -1
- data/test/devise_test.rb +48 -8
- data/test/failure_app_test.rb +107 -19
- data/test/generators/active_record_generator_test.rb +6 -26
- data/test/generators/controllers_generator_test.rb +48 -0
- data/test/generators/install_generator_test.rb +14 -3
- data/test/generators/views_generator_test.rb +8 -1
- data/test/helpers/devise_helper_test.rb +10 -12
- data/test/integration/authenticatable_test.rb +37 -21
- data/test/integration/confirmable_test.rb +54 -14
- data/test/integration/database_authenticatable_test.rb +12 -1
- data/test/integration/http_authenticatable_test.rb +4 -5
- data/test/integration/lockable_test.rb +10 -9
- data/test/integration/omniauthable_test.rb +13 -11
- data/test/integration/recoverable_test.rb +28 -15
- data/test/integration/registerable_test.rb +41 -33
- data/test/integration/rememberable_test.rb +51 -7
- data/test/integration/timeoutable_test.rb +23 -22
- data/test/integration/trackable_test.rb +3 -3
- data/test/mailers/confirmation_instructions_test.rb +10 -10
- data/test/mailers/reset_password_instructions_test.rb +8 -8
- data/test/mailers/unlock_instructions_test.rb +8 -8
- data/test/mapping_test.rb +7 -0
- data/test/models/authenticatable_test.rb +11 -1
- data/test/models/confirmable_test.rb +91 -42
- data/test/models/database_authenticatable_test.rb +26 -6
- data/test/models/lockable_test.rb +29 -17
- data/test/models/recoverable_test.rb +74 -7
- data/test/models/rememberable_test.rb +68 -94
- data/test/models/trackable_test.rb +28 -0
- data/test/models/validatable_test.rb +9 -17
- data/test/models_test.rb +15 -6
- data/test/omniauth/url_helpers_test.rb +4 -7
- data/test/orm/active_record.rb +6 -1
- data/test/parameter_sanitizer_test.rb +103 -53
- data/test/rails_app/app/active_record/user.rb +1 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +7 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +7 -0
- data/test/rails_app/app/active_record/user_without_email.rb +8 -0
- data/test/rails_app/app/controllers/admins_controller.rb +1 -6
- data/test/rails_app/app/controllers/application_controller.rb +5 -2
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +30 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +31 -0
- data/test/rails_app/app/controllers/home_controller.rb +5 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +3 -3
- data/test/rails_app/app/controllers/users_controller.rb +6 -6
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +3 -0
- data/test/rails_app/app/mailers/users/mailer.rb +0 -9
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +4 -0
- data/test/rails_app/app/mongoid/user_on_engine.rb +39 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +39 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +33 -0
- data/test/rails_app/config/application.rb +3 -3
- data/test/rails_app/config/boot.rb +4 -4
- data/test/rails_app/config/environments/production.rb +6 -2
- data/test/rails_app/config/environments/test.rb +13 -3
- data/test/rails_app/config/initializers/devise.rb +15 -16
- data/test/rails_app/config/initializers/secret_token.rb +1 -6
- data/test/rails_app/config/routes.rb +23 -3
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +2 -2
- data/test/rails_app/lib/shared_user.rb +1 -1
- data/test/rails_app/lib/shared_user_without_email.rb +26 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +13 -0
- data/test/rails_test.rb +9 -0
- data/test/routes_test.rb +33 -16
- data/test/support/assertions.rb +2 -3
- data/test/support/helpers.rb +13 -6
- data/test/support/http_method_compatibility.rb +51 -0
- data/test/support/integration.rb +4 -4
- data/test/support/webrat/integrations/rails.rb +9 -0
- data/test/test_helper.rb +7 -0
- data/test/test_helpers_test.rb +43 -38
- data/test/test_models.rb +3 -3
- metadata +77 -23
- data/gemfiles/Gemfile.rails-4.0-stable +0 -29
@@ -23,13 +23,13 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
23
23
|
|
24
24
|
test 'should reset password and password confirmation from params' do
|
25
25
|
user = create_user
|
26
|
-
user.reset_password
|
26
|
+
user.reset_password('123456789', '987654321')
|
27
27
|
assert_equal '123456789', user.password
|
28
28
|
assert_equal '987654321', user.password_confirmation
|
29
29
|
end
|
30
30
|
|
31
31
|
test 'should reset password and save the record' do
|
32
|
-
assert create_user.reset_password
|
32
|
+
assert create_user.reset_password('123456789', '123456789')
|
33
33
|
end
|
34
34
|
|
35
35
|
test 'should clear reset password token while reseting the password' do
|
@@ -38,7 +38,53 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
38
38
|
|
39
39
|
user.send_reset_password_instructions
|
40
40
|
assert_present user.reset_password_token
|
41
|
-
assert user.reset_password
|
41
|
+
assert user.reset_password('123456789', '123456789')
|
42
|
+
assert_nil user.reset_password_token
|
43
|
+
end
|
44
|
+
|
45
|
+
test 'should not clear reset password token for new user' do
|
46
|
+
user = new_user
|
47
|
+
assert_nil user.reset_password_token
|
48
|
+
|
49
|
+
user.send_reset_password_instructions
|
50
|
+
assert_present user.reset_password_token
|
51
|
+
|
52
|
+
user.save
|
53
|
+
assert_present user.reset_password_token
|
54
|
+
end
|
55
|
+
|
56
|
+
test 'should clear reset password token if changing password' do
|
57
|
+
user = create_user
|
58
|
+
assert_nil user.reset_password_token
|
59
|
+
|
60
|
+
user.send_reset_password_instructions
|
61
|
+
assert_present user.reset_password_token
|
62
|
+
user.password = "123456678"
|
63
|
+
user.password_confirmation = "123456678"
|
64
|
+
user.save!
|
65
|
+
assert_nil user.reset_password_token
|
66
|
+
end
|
67
|
+
|
68
|
+
test 'should clear reset password token if changing email' do
|
69
|
+
user = create_user
|
70
|
+
assert_nil user.reset_password_token
|
71
|
+
|
72
|
+
user.send_reset_password_instructions
|
73
|
+
assert_present user.reset_password_token
|
74
|
+
user.email = "another@example.com"
|
75
|
+
user.save!
|
76
|
+
assert_nil user.reset_password_token
|
77
|
+
end
|
78
|
+
|
79
|
+
test 'should clear reset password successfully even if there is no email' do
|
80
|
+
user = create_user_without_email
|
81
|
+
assert_nil user.reset_password_token
|
82
|
+
|
83
|
+
user.send_reset_password_instructions
|
84
|
+
assert_present user.reset_password_token
|
85
|
+
user.password = "123456678"
|
86
|
+
user.password_confirmation = "123456678"
|
87
|
+
user.save!
|
42
88
|
assert_nil user.reset_password_token
|
43
89
|
end
|
44
90
|
|
@@ -46,14 +92,14 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
46
92
|
user = create_user
|
47
93
|
user.send_reset_password_instructions
|
48
94
|
assert_present user.reset_password_token
|
49
|
-
assert_not user.reset_password
|
95
|
+
assert_not user.reset_password('123456789', '987654321')
|
50
96
|
assert_present user.reset_password_token
|
51
97
|
end
|
52
98
|
|
53
99
|
test 'should not reset password with invalid data' do
|
54
100
|
user = create_user
|
55
101
|
user.stubs(:valid?).returns(false)
|
56
|
-
assert_not user.reset_password
|
102
|
+
assert_not user.reset_password('123456789', '987654321')
|
57
103
|
end
|
58
104
|
|
59
105
|
test 'should reset reset password token and send instructions by email' do
|
@@ -135,6 +181,7 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
135
181
|
reset_password_user = User.reset_password_by_token(reset_password_token: raw, password: '')
|
136
182
|
assert_not reset_password_user.errors.empty?
|
137
183
|
assert_match "can't be blank", reset_password_user.errors[:password].join
|
184
|
+
assert_equal raw, reset_password_user.reset_password_token
|
138
185
|
end
|
139
186
|
|
140
187
|
test 'should reset successfully user password given the new password and confirmation' do
|
@@ -142,15 +189,17 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
142
189
|
old_password = user.password
|
143
190
|
raw = user.send_reset_password_instructions
|
144
191
|
|
145
|
-
User.reset_password_by_token(
|
192
|
+
reset_password_user = User.reset_password_by_token(
|
146
193
|
reset_password_token: raw,
|
147
194
|
password: 'new_password',
|
148
195
|
password_confirmation: 'new_password'
|
149
196
|
)
|
150
|
-
|
197
|
+
assert_nil reset_password_user.reset_password_token
|
151
198
|
|
199
|
+
user.reload
|
152
200
|
assert_not user.valid_password?(old_password)
|
153
201
|
assert user.valid_password?('new_password')
|
202
|
+
assert_nil user.reset_password_token
|
154
203
|
end
|
155
204
|
|
156
205
|
test 'should not reset password after reset_password_within time' do
|
@@ -181,4 +230,22 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
181
230
|
:reset_password_token
|
182
231
|
]
|
183
232
|
end
|
233
|
+
|
234
|
+
test 'should return a user based on the raw token' do
|
235
|
+
user = create_user
|
236
|
+
raw = user.send_reset_password_instructions
|
237
|
+
|
238
|
+
assert_equal User.with_reset_password_token(raw), user
|
239
|
+
end
|
240
|
+
|
241
|
+
test 'should return the same reset password token as generated' do
|
242
|
+
user = create_user
|
243
|
+
raw = user.send_reset_password_instructions
|
244
|
+
assert_equal Devise.token_generator.digest(self.class, :reset_password_token, raw), user.reset_password_token
|
245
|
+
end
|
246
|
+
|
247
|
+
test 'should return nil if a user based on the raw token is not found' do
|
248
|
+
assert_equal User.with_reset_password_token('random-token'), nil
|
249
|
+
end
|
250
|
+
|
184
251
|
end
|
@@ -13,6 +13,7 @@ class RememberableTest < ActiveSupport::TestCase
|
|
13
13
|
user = create_user
|
14
14
|
user.expects(:valid?).never
|
15
15
|
user.remember_me!
|
16
|
+
assert user.remember_created_at
|
16
17
|
end
|
17
18
|
|
18
19
|
test 'forget_me should not clear remember token if using salt' do
|
@@ -33,145 +34,118 @@ class RememberableTest < ActiveSupport::TestCase
|
|
33
34
|
test 'serialize into cookie' do
|
34
35
|
user = create_user
|
35
36
|
user.remember_me!
|
36
|
-
|
37
|
+
id, token, date = User.serialize_into_cookie(user)
|
38
|
+
assert_equal id, user.to_key
|
39
|
+
assert_equal token, user.authenticatable_salt
|
40
|
+
assert date.is_a?(String)
|
37
41
|
end
|
38
42
|
|
39
43
|
test 'serialize from cookie' do
|
40
44
|
user = create_user
|
41
45
|
user.remember_me!
|
42
|
-
assert_equal user, User.serialize_from_cookie(user.to_key, user.authenticatable_salt)
|
46
|
+
assert_equal user, User.serialize_from_cookie(user.to_key, user.authenticatable_salt, Time.now.utc)
|
43
47
|
end
|
44
48
|
|
45
|
-
test '
|
46
|
-
user =
|
47
|
-
user.
|
48
|
-
|
49
|
-
user.rememberable_value
|
50
|
-
end
|
49
|
+
test 'serialize from cookie should accept a String with the datetime seconds and microseconds' do
|
50
|
+
user = create_user
|
51
|
+
user.remember_me!
|
52
|
+
assert_equal user, User.serialize_from_cookie(user.to_key, user.authenticatable_salt, Time.now.utc.to_f.to_json)
|
51
53
|
end
|
52
54
|
|
53
|
-
test 'should
|
54
|
-
|
55
|
-
|
55
|
+
test 'serialize from cookie should return nil with invalid datetime' do
|
56
|
+
user = create_user
|
57
|
+
user.remember_me!
|
58
|
+
assert_nil User.serialize_from_cookie(user.to_key, user.authenticatable_salt, "2013")
|
56
59
|
end
|
57
60
|
|
58
|
-
test '
|
59
|
-
|
60
|
-
resource.remember_me!
|
61
|
-
assert_not resource.remember_created_at.nil?
|
62
|
-
resource.forget_me!
|
63
|
-
assert resource.remember_created_at.nil?
|
61
|
+
test 'serialize from cookie should return nil if no resource is found' do
|
62
|
+
assert_nil resource_class.serialize_from_cookie([0], "123", Time.now.utc)
|
64
63
|
end
|
65
64
|
|
66
|
-
test '
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
resource.destroy
|
72
|
-
resource.forget_me!
|
65
|
+
test 'serialize from cookie should return nil if no timestamp' do
|
66
|
+
user = create_user
|
67
|
+
user.remember_me!
|
68
|
+
assert_nil User.serialize_from_cookie(user.to_key, user.authenticatable_salt)
|
73
69
|
end
|
74
70
|
|
75
|
-
test '
|
76
|
-
|
71
|
+
test 'serialize from cookie should return nil if timestamp is earlier than token creation' do
|
72
|
+
user = create_user
|
73
|
+
user.remember_me!
|
74
|
+
assert_nil User.serialize_from_cookie(user.to_key, user.authenticatable_salt, 1.day.ago)
|
77
75
|
end
|
78
76
|
|
79
|
-
test 'serialize should return nil if
|
80
|
-
|
77
|
+
test 'serialize from cookie should return nil if timestamp is older than remember_for' do
|
78
|
+
user = create_user
|
79
|
+
user.remember_created_at = 1.month.ago
|
80
|
+
user.remember_me!
|
81
|
+
assert_nil User.serialize_from_cookie(user.to_key, user.authenticatable_salt, 3.weeks.ago)
|
81
82
|
end
|
82
83
|
|
83
|
-
test '
|
84
|
-
|
85
|
-
|
84
|
+
test 'serialize from cookie me return nil if is a valid resource with invalid token' do
|
85
|
+
user = create_user
|
86
|
+
user.remember_me!
|
87
|
+
assert_nil User.serialize_from_cookie(user.to_key, "123", Time.now.utc)
|
86
88
|
end
|
87
89
|
|
88
|
-
test '
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
90
|
+
test 'raises a RuntimeError if authenticatable_salt is nil or empty' do
|
91
|
+
user = User.new
|
92
|
+
def user.authenticable_salt; nil; end
|
93
|
+
assert_raise RuntimeError do
|
94
|
+
user.rememberable_value
|
93
95
|
end
|
94
|
-
end
|
95
96
|
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
assert_equal 3.days.from_now.to_date, resource.remember_expires_at.to_date
|
101
|
-
|
102
|
-
Devise.remember_for = 5.days
|
103
|
-
assert_equal 5.days.from_now.to_date, resource.remember_expires_at.to_date
|
97
|
+
user = User.new
|
98
|
+
def user.authenticable_salt; ""; end
|
99
|
+
assert_raise RuntimeError do
|
100
|
+
user.rememberable_value
|
104
101
|
end
|
105
102
|
end
|
106
103
|
|
107
|
-
test '
|
108
|
-
|
109
|
-
|
110
|
-
resource = create_resource
|
111
|
-
resource.remember_me!
|
112
|
-
assert resource.remember_expired?
|
113
|
-
end
|
104
|
+
test 'should respond to remember_me attribute' do
|
105
|
+
assert resource_class.new.respond_to?(:remember_me)
|
106
|
+
assert resource_class.new.respond_to?(:remember_me=)
|
114
107
|
end
|
115
108
|
|
116
|
-
test '
|
117
|
-
swap Devise,
|
109
|
+
test 'forget_me should clear remember_created_at if expire_all_remember_me_on_sign_out is true' do
|
110
|
+
swap Devise, expire_all_remember_me_on_sign_out: true do
|
118
111
|
resource = create_resource
|
119
112
|
resource.remember_me!
|
120
|
-
resource.remember_created_at
|
121
|
-
resource.save
|
122
|
-
assert resource.remember_expired?
|
123
|
-
end
|
124
|
-
end
|
113
|
+
assert_not_nil resource.remember_created_at
|
125
114
|
|
126
|
-
|
127
|
-
|
128
|
-
resource = create_resource
|
129
|
-
resource.remember_me!
|
130
|
-
resource.remember_created_at = (30.days.ago + 2.minutes)
|
131
|
-
resource.save
|
132
|
-
assert_not resource.remember_expired?
|
115
|
+
resource.forget_me!
|
116
|
+
assert_nil resource.remember_created_at
|
133
117
|
end
|
134
118
|
end
|
135
119
|
|
136
|
-
test '
|
137
|
-
swap Devise,
|
120
|
+
test 'forget_me should not clear remember_created_at if expire_all_remember_me_on_sign_out is false' do
|
121
|
+
swap Devise, expire_all_remember_me_on_sign_out: false do
|
138
122
|
resource = create_resource
|
139
|
-
resource.remember_me!
|
140
|
-
assert resource.remember_created_at
|
123
|
+
resource.remember_me!
|
141
124
|
|
142
|
-
resource.remember_created_at
|
143
|
-
resource.save
|
125
|
+
assert_not_nil resource.remember_created_at
|
144
126
|
|
145
|
-
resource.
|
146
|
-
|
127
|
+
resource.forget_me!
|
128
|
+
assert_not_nil resource.remember_created_at
|
147
129
|
end
|
148
130
|
end
|
149
131
|
|
150
|
-
test '
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
assert resource.remember_created_at
|
155
|
-
|
156
|
-
resource.remember_created_at = old = 10.minutes.ago.utc
|
157
|
-
resource.save
|
132
|
+
test 'forget_me should not try to update resource if it has been destroyed' do
|
133
|
+
resource = create_resource
|
134
|
+
resource.expects(:remember_created_at).never
|
135
|
+
resource.expects(:save).never
|
158
136
|
|
159
|
-
|
160
|
-
|
161
|
-
end
|
137
|
+
resource.destroy
|
138
|
+
resource.forget_me!
|
162
139
|
end
|
163
140
|
|
164
|
-
test '
|
165
|
-
swap Devise, remember_for:
|
141
|
+
test 'remember expires at uses remember for configuration' do
|
142
|
+
swap Devise, remember_for: 3.days do
|
166
143
|
resource = create_resource
|
167
|
-
resource.remember_me!
|
168
|
-
|
169
|
-
|
170
|
-
resource.remember_created_at = old = 10.minutes.ago
|
171
|
-
resource.save
|
144
|
+
resource.remember_me!
|
145
|
+
assert_equal 3.days.from_now.to_date, resource.remember_expires_at.to_date
|
172
146
|
|
173
|
-
|
174
|
-
|
147
|
+
Devise.remember_for = 5.days
|
148
|
+
assert_equal 5.days.from_now.to_date, resource.remember_expires_at.to_date
|
175
149
|
end
|
176
150
|
end
|
177
151
|
|
@@ -10,4 +10,32 @@ class TrackableTest < ActiveSupport::TestCase
|
|
10
10
|
:sign_in_count
|
11
11
|
]
|
12
12
|
end
|
13
|
+
|
14
|
+
test 'update_tracked_fields should only set attributes but not save the record' do
|
15
|
+
user = create_user
|
16
|
+
request = mock
|
17
|
+
request.stubs(:remote_ip).returns("127.0.0.1")
|
18
|
+
|
19
|
+
assert_nil user.current_sign_in_ip
|
20
|
+
assert_nil user.last_sign_in_ip
|
21
|
+
assert_nil user.current_sign_in_at
|
22
|
+
assert_nil user.last_sign_in_at
|
23
|
+
assert_equal 0, user.sign_in_count
|
24
|
+
|
25
|
+
user.update_tracked_fields(request)
|
26
|
+
|
27
|
+
assert_equal "127.0.0.1", user.current_sign_in_ip
|
28
|
+
assert_equal "127.0.0.1", user.last_sign_in_ip
|
29
|
+
assert_not_nil user.current_sign_in_at
|
30
|
+
assert_not_nil user.last_sign_in_at
|
31
|
+
assert_equal 1, user.sign_in_count
|
32
|
+
|
33
|
+
user.reload
|
34
|
+
|
35
|
+
assert_nil user.current_sign_in_ip
|
36
|
+
assert_nil user.last_sign_in_ip
|
37
|
+
assert_nil user.current_sign_in_at
|
38
|
+
assert_nil user.last_sign_in_at
|
39
|
+
assert_equal 0, user.sign_in_count
|
40
|
+
end
|
13
41
|
end
|
@@ -57,11 +57,7 @@ class ValidatableTest < ActiveSupport::TestCase
|
|
57
57
|
user = new_user(password: 'new_password', password_confirmation: 'blabla')
|
58
58
|
assert user.invalid?
|
59
59
|
|
60
|
-
|
61
|
-
assert_equal 'doesn\'t match Password', user.errors[:password_confirmation].join
|
62
|
-
else
|
63
|
-
assert_equal 'doesn\'t match confirmation', user.errors[:password].join
|
64
|
-
end
|
60
|
+
assert_equal 'doesn\'t match Password', user.errors[:password_confirmation].join
|
65
61
|
end
|
66
62
|
|
67
63
|
test 'should require password when updating/resetting password' do
|
@@ -79,23 +75,19 @@ class ValidatableTest < ActiveSupport::TestCase
|
|
79
75
|
user.password_confirmation = 'another_password'
|
80
76
|
assert user.invalid?
|
81
77
|
|
82
|
-
|
83
|
-
assert_equal 'doesn\'t match Password', user.errors[:password_confirmation].join
|
84
|
-
else
|
85
|
-
assert_equal 'doesn\'t match confirmation', user.errors[:password].join
|
86
|
-
end
|
78
|
+
assert_equal 'doesn\'t match Password', user.errors[:password_confirmation].join
|
87
79
|
end
|
88
80
|
|
89
|
-
test 'should require a password with minimum of
|
81
|
+
test 'should require a password with minimum of 7 characters' do
|
90
82
|
user = new_user(password: '12345', password_confirmation: '12345')
|
91
83
|
assert user.invalid?
|
92
|
-
assert_equal 'is too short (minimum is
|
84
|
+
assert_equal 'is too short (minimum is 7 characters)', user.errors[:password].join
|
93
85
|
end
|
94
86
|
|
95
|
-
test 'should require a password with maximum of
|
96
|
-
user = new_user(password: 'x'*
|
87
|
+
test 'should require a password with maximum of 72 characters long' do
|
88
|
+
user = new_user(password: 'x'*73, password_confirmation: 'x'*73)
|
97
89
|
assert user.invalid?
|
98
|
-
assert_equal 'is too long (maximum is
|
90
|
+
assert_equal 'is too long (maximum is 72 characters)', user.errors[:password].join
|
99
91
|
end
|
100
92
|
|
101
93
|
test 'should not require password length when it\'s not changed' do
|
@@ -109,10 +101,10 @@ class ValidatableTest < ActiveSupport::TestCase
|
|
109
101
|
end
|
110
102
|
|
111
103
|
test 'should complain about length even if password is not required' do
|
112
|
-
user = new_user(password: 'x'*
|
104
|
+
user = new_user(password: 'x'*73, password_confirmation: 'x'*73)
|
113
105
|
user.stubs(:password_required?).returns(false)
|
114
106
|
assert user.invalid?
|
115
|
-
assert_equal 'is too long (maximum is
|
107
|
+
assert_equal 'is too long (maximum is 72 characters)', user.errors[:password].join
|
116
108
|
end
|
117
109
|
|
118
110
|
test 'should not be included in objects with invalid API' do
|
data/test/models_test.rb
CHANGED
@@ -92,13 +92,20 @@ class ActiveRecordTest < ActiveSupport::TestCase
|
|
92
92
|
end
|
93
93
|
end
|
94
94
|
|
95
|
+
module StubModelFilters
|
96
|
+
def stub_filter(name)
|
97
|
+
define_singleton_method(name) { |*| nil }
|
98
|
+
end
|
99
|
+
end
|
100
|
+
|
95
101
|
class CheckFieldsTest < ActiveSupport::TestCase
|
96
102
|
test 'checks if the class respond_to the required fields' do
|
97
103
|
Player = Class.new do
|
98
104
|
extend Devise::Models
|
105
|
+
extend StubModelFilters
|
99
106
|
|
100
|
-
|
101
|
-
|
107
|
+
stub_filter :before_validation
|
108
|
+
stub_filter :after_update
|
102
109
|
|
103
110
|
devise :database_authenticatable
|
104
111
|
|
@@ -113,9 +120,10 @@ class CheckFieldsTest < ActiveSupport::TestCase
|
|
113
120
|
test 'raises Devise::Models::MissingAtrribute and shows the missing attribute if the class doesn\'t respond_to one of the attributes' do
|
114
121
|
Clown = Class.new do
|
115
122
|
extend Devise::Models
|
123
|
+
extend StubModelFilters
|
116
124
|
|
117
|
-
|
118
|
-
|
125
|
+
stub_filter :before_validation
|
126
|
+
stub_filter :after_update
|
119
127
|
|
120
128
|
devise :database_authenticatable
|
121
129
|
|
@@ -130,9 +138,10 @@ class CheckFieldsTest < ActiveSupport::TestCase
|
|
130
138
|
test 'raises Devise::Models::MissingAtrribute with all the missing attributes if there is more than one' do
|
131
139
|
Magician = Class.new do
|
132
140
|
extend Devise::Models
|
141
|
+
extend StubModelFilters
|
133
142
|
|
134
|
-
|
135
|
-
|
143
|
+
stub_filter :before_validation
|
144
|
+
stub_filter :after_update
|
136
145
|
|
137
146
|
devise :database_authenticatable
|
138
147
|
end
|
@@ -1,24 +1,21 @@
|
|
1
1
|
require 'test_helper'
|
2
2
|
|
3
3
|
class OmniAuthRoutesTest < ActionController::TestCase
|
4
|
-
ExpectedUrlGeneratiorError = Devise.rails4? ?
|
5
|
-
ActionController::UrlGenerationError : ActionController::RoutingError
|
6
|
-
|
7
4
|
tests ApplicationController
|
8
5
|
|
9
6
|
def assert_path(action, provider, with_param=true)
|
10
7
|
# Resource param
|
11
8
|
assert_equal @controller.send(action, :user, provider),
|
12
|
-
@controller.send("user_#{action}"
|
9
|
+
@controller.send("user_#{provider}_#{action}")
|
13
10
|
|
14
11
|
# With an object
|
15
12
|
assert_equal @controller.send(action, User.new, provider),
|
16
|
-
@controller.send("user_#{action}"
|
13
|
+
@controller.send("user_#{provider}_#{action}")
|
17
14
|
|
18
15
|
if with_param
|
19
16
|
# Default url params
|
20
17
|
assert_equal @controller.send(action, :user, provider, param: 123),
|
21
|
-
@controller.send("user_#{action}",
|
18
|
+
@controller.send("user_#{provider}_#{action}", param: 123)
|
22
19
|
end
|
23
20
|
end
|
24
21
|
|
@@ -33,7 +30,7 @@ class OmniAuthRoutesTest < ActionController::TestCase
|
|
33
30
|
test 'should generate authorization path' do
|
34
31
|
assert_match "/users/auth/facebook", @controller.omniauth_authorize_path(:user, :facebook)
|
35
32
|
|
36
|
-
assert_raise
|
33
|
+
assert_raise NoMethodError do
|
37
34
|
@controller.omniauth_authorize_path(:user, :github)
|
38
35
|
end
|
39
36
|
end
|
data/test/orm/active_record.rb
CHANGED
@@ -5,6 +5,11 @@ ActiveRecord::Base.include_root_in_json = true
|
|
5
5
|
ActiveRecord::Migrator.migrate(File.expand_path("../../rails_app/db/migrate/", __FILE__))
|
6
6
|
|
7
7
|
class ActiveSupport::TestCase
|
8
|
-
|
8
|
+
if Rails.version >= '5.0.0'
|
9
|
+
self.use_transactional_tests = true
|
10
|
+
else
|
11
|
+
self.use_transactional_fixtures = true
|
12
|
+
end
|
13
|
+
|
9
14
|
self.use_instantiated_fixtures = false
|
10
15
|
end
|