RubyGems - devise - Versions diffs - 3.5.1 → 4.7.1 - Mend

devise 3.5.1 → 4.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (256) hide show

checksums.yaml +5 -5
data/CHANGELOG.md +259 -1076
data/MIT-LICENSE +1 -1
data/README.md +256 -68
data/app/controllers/devise/confirmations_controller.rb +3 -1
data/app/controllers/devise/omniauth_callbacks_controller.rb +8 -6
data/app/controllers/devise/passwords_controller.rb +10 -7
data/app/controllers/devise/registrations_controller.rb +39 -18
data/app/controllers/devise/sessions_controller.rb +9 -7
data/app/controllers/devise/unlocks_controller.rb +4 -2
data/app/controllers/devise_controller.rb +23 -10
data/app/helpers/devise_helper.rb +12 -19
data/app/mailers/devise/mailer.rb +10 -0
data/app/views/devise/confirmations/new.html.erb +2 -2
data/app/views/devise/mailer/email_changed.html.erb +7 -0
data/app/views/devise/mailer/password_change.html.erb +3 -0
data/app/views/devise/passwords/edit.html.erb +5 -5
data/app/views/devise/passwords/new.html.erb +2 -2
data/app/views/devise/registrations/edit.html.erb +9 -5
data/app/views/devise/registrations/new.html.erb +4 -4
data/app/views/devise/sessions/new.html.erb +4 -4
data/app/views/devise/shared/_error_messages.html.erb +15 -0
data/app/views/devise/shared/_links.html.erb +8 -8
data/app/views/devise/unlocks/new.html.erb +2 -2
data/config/locales/en.yml +6 -1
data/lib/devise/controllers/helpers.rb +35 -26
data/lib/devise/controllers/rememberable.rb +11 -2
data/lib/devise/controllers/scoped_views.rb +2 -0
data/lib/devise/controllers/sign_in_out.rb +35 -18
data/lib/devise/controllers/store_location.rb +25 -7
data/lib/devise/controllers/url_helpers.rb +2 -0
data/lib/devise/delegator.rb +2 -0
data/lib/devise/encryptor.rb +6 -4
data/lib/devise/failure_app.rb +84 -27
data/lib/devise/hooks/activatable.rb +2 -0
data/lib/devise/hooks/csrf_cleaner.rb +2 -0
data/lib/devise/hooks/forgetable.rb +2 -0
data/lib/devise/hooks/lockable.rb +6 -1
data/lib/devise/hooks/proxy.rb +3 -1
data/lib/devise/hooks/rememberable.rb +2 -0
data/lib/devise/hooks/timeoutable.rb +7 -7
data/lib/devise/hooks/trackable.rb +2 -0
data/lib/devise/mailers/helpers.rb +7 -4
data/lib/devise/mapping.rb +2 -0
data/lib/devise/models/authenticatable.rb +51 -26
data/lib/devise/models/confirmable.rb +106 -33
data/lib/devise/models/database_authenticatable.rb +97 -21
data/lib/devise/models/lockable.rb +15 -5
data/lib/devise/models/omniauthable.rb +2 -0
data/lib/devise/models/recoverable.rb +32 -24
data/lib/devise/models/registerable.rb +4 -0
data/lib/devise/models/rememberable.rb +42 -26
data/lib/devise/models/timeoutable.rb +2 -6
data/lib/devise/models/trackable.rb +15 -1
data/lib/devise/models/validatable.rb +10 -3
data/lib/devise/models.rb +3 -1
data/lib/devise/modules.rb +2 -0
data/lib/devise/omniauth/config.rb +2 -0
data/lib/devise/omniauth/url_helpers.rb +14 -5
data/lib/devise/omniauth.rb +2 -0
data/lib/devise/orm/active_record.rb +5 -1
data/lib/devise/orm/mongoid.rb +6 -2
data/lib/devise/parameter_filter.rb +4 -0
data/lib/devise/parameter_sanitizer.rb +139 -65
data/lib/devise/rails/routes.rb +67 -47
data/lib/devise/rails/warden_compat.rb +3 -10
data/lib/devise/rails.rb +7 -16
data/lib/devise/secret_key_finder.rb +27 -0
data/lib/devise/strategies/authenticatable.rb +5 -3
data/lib/devise/strategies/base.rb +2 -0
data/lib/devise/strategies/database_authenticatable.rb +11 -4
data/lib/devise/strategies/rememberable.rb +5 -6
data/lib/devise/test/controller_helpers.rb +165 -0
data/lib/devise/test/integration_helpers.rb +63 -0
data/lib/devise/test_helpers.rb +7 -124
data/lib/devise/time_inflector.rb +2 -0
data/lib/devise/token_generator.rb +3 -41
data/lib/devise/version.rb +3 -1
data/lib/devise.rb +73 -46
data/lib/generators/active_record/devise_generator.rb +29 -10
data/lib/generators/active_record/templates/migration.rb +4 -2
data/lib/generators/active_record/templates/migration_existing.rb +4 -2
data/lib/generators/devise/controllers_generator.rb +3 -1
data/lib/generators/devise/devise_generator.rb +4 -2
data/lib/generators/devise/install_generator.rb +17 -0
data/lib/generators/devise/orm_helpers.rb +10 -21
data/lib/generators/devise/views_generator.rb +21 -11
data/lib/generators/mongoid/devise_generator.rb +7 -5
data/lib/generators/templates/README +1 -8
data/lib/generators/templates/controllers/README +1 -1
data/lib/generators/templates/controllers/confirmations_controller.rb +2 -0
data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +2 -0
data/lib/generators/templates/controllers/passwords_controller.rb +2 -0
data/lib/generators/templates/controllers/registrations_controller.rb +6 -4
data/lib/generators/templates/controllers/sessions_controller.rb +4 -2
data/lib/generators/templates/controllers/unlocks_controller.rb +2 -0
data/lib/generators/templates/devise.rb +52 -22
data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
data/lib/generators/templates/markerb/email_changed.markerb +7 -0
data/lib/generators/templates/markerb/password_change.markerb +3 -0
data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +5 -1
data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +10 -2
data/lib/generators/templates/simple_form_for/passwords/new.html.erb +4 -1
data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +11 -3
data/lib/generators/templates/simple_form_for/registrations/new.html.erb +11 -3
data/lib/generators/templates/simple_form_for/sessions/new.html.erb +7 -2
data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +4 -1
metadata +15 -301
data/.gitignore +0 -10
data/.travis.yml +0 -45
data/.yardopts +0 -9
data/CONTRIBUTING.md +0 -14
data/Gemfile +0 -29
data/Gemfile.lock +0 -191
data/Rakefile +0 -36
data/devise.gemspec +0 -29
data/devise.png +0 -0
data/gemfiles/Gemfile.rails-3.2-stable +0 -29
data/gemfiles/Gemfile.rails-3.2-stable.lock +0 -169
data/gemfiles/Gemfile.rails-4.0-stable +0 -29
data/gemfiles/Gemfile.rails-4.0-stable.lock +0 -163
data/gemfiles/Gemfile.rails-4.1-stable +0 -29
data/gemfiles/Gemfile.rails-4.1-stable.lock +0 -169
data/gemfiles/Gemfile.rails-4.2-stable +0 -29
data/gemfiles/Gemfile.rails-4.2-stable.lock +0 -191
data/script/cached-bundle +0 -49
data/script/s3-put +0 -71
data/test/controllers/custom_registrations_controller_test.rb +0 -40
data/test/controllers/custom_strategy_test.rb +0 -62
data/test/controllers/helpers_test.rb +0 -316
data/test/controllers/inherited_controller_i18n_messages_test.rb +0 -51
data/test/controllers/internal_helpers_test.rb +0 -129
data/test/controllers/load_hooks_controller_test.rb +0 -19
data/test/controllers/passwords_controller_test.rb +0 -31
data/test/controllers/sessions_controller_test.rb +0 -103
data/test/controllers/url_helpers_test.rb +0 -65
data/test/delegator_test.rb +0 -19
data/test/devise_test.rb +0 -107
data/test/failure_app_test.rb +0 -298
data/test/generators/active_record_generator_test.rb +0 -109
data/test/generators/controllers_generator_test.rb +0 -48
data/test/generators/devise_generator_test.rb +0 -39
data/test/generators/install_generator_test.rb +0 -13
data/test/generators/mongoid_generator_test.rb +0 -23
data/test/generators/views_generator_test.rb +0 -96
data/test/helpers/devise_helper_test.rb +0 -49
data/test/integration/authenticatable_test.rb +0 -729
data/test/integration/confirmable_test.rb +0 -324
data/test/integration/database_authenticatable_test.rb +0 -95
data/test/integration/http_authenticatable_test.rb +0 -105
data/test/integration/lockable_test.rb +0 -239
data/test/integration/omniauthable_test.rb +0 -133
data/test/integration/recoverable_test.rb +0 -347
data/test/integration/registerable_test.rb +0 -359
data/test/integration/rememberable_test.rb +0 -176
data/test/integration/timeoutable_test.rb +0 -189
data/test/integration/trackable_test.rb +0 -92
data/test/mailers/confirmation_instructions_test.rb +0 -115
data/test/mailers/reset_password_instructions_test.rb +0 -96
data/test/mailers/unlock_instructions_test.rb +0 -91
data/test/mapping_test.rb +0 -134
data/test/models/authenticatable_test.rb +0 -23
data/test/models/confirmable_test.rb +0 -468
data/test/models/database_authenticatable_test.rb +0 -249
data/test/models/lockable_test.rb +0 -328
data/test/models/omniauthable_test.rb +0 -7
data/test/models/recoverable_test.rb +0 -228
data/test/models/registerable_test.rb +0 -7
data/test/models/rememberable_test.rb +0 -204
data/test/models/serializable_test.rb +0 -49
data/test/models/timeoutable_test.rb +0 -51
data/test/models/trackable_test.rb +0 -41
data/test/models/validatable_test.rb +0 -127
data/test/models_test.rb +0 -144
data/test/omniauth/config_test.rb +0 -57
data/test/omniauth/url_helpers_test.rb +0 -54
data/test/orm/active_record.rb +0 -10
data/test/orm/mongoid.rb +0 -13
data/test/parameter_sanitizer_test.rb +0 -81
data/test/rails_app/Rakefile +0 -6
data/test/rails_app/app/active_record/admin.rb +0 -6
data/test/rails_app/app/active_record/shim.rb +0 -2
data/test/rails_app/app/active_record/user.rb +0 -6
data/test/rails_app/app/active_record/user_on_engine.rb +0 -7
data/test/rails_app/app/active_record/user_on_main_app.rb +0 -7
data/test/rails_app/app/controllers/admins/sessions_controller.rb +0 -6
data/test/rails_app/app/controllers/admins_controller.rb +0 -11
data/test/rails_app/app/controllers/application_controller.rb +0 -12
data/test/rails_app/app/controllers/application_with_fake_engine.rb +0 -30
data/test/rails_app/app/controllers/custom/registrations_controller.rb +0 -31
data/test/rails_app/app/controllers/home_controller.rb +0 -25
data/test/rails_app/app/controllers/publisher/registrations_controller.rb +0 -2
data/test/rails_app/app/controllers/publisher/sessions_controller.rb +0 -2
data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +0 -14
data/test/rails_app/app/controllers/users_controller.rb +0 -31
data/test/rails_app/app/helpers/application_helper.rb +0 -3
data/test/rails_app/app/mailers/users/from_proc_mailer.rb +0 -3
data/test/rails_app/app/mailers/users/mailer.rb +0 -3
data/test/rails_app/app/mailers/users/reply_to_mailer.rb +0 -4
data/test/rails_app/app/mongoid/admin.rb +0 -29
data/test/rails_app/app/mongoid/shim.rb +0 -23
data/test/rails_app/app/mongoid/user.rb +0 -39
data/test/rails_app/app/mongoid/user_on_engine.rb +0 -39
data/test/rails_app/app/mongoid/user_on_main_app.rb +0 -39
data/test/rails_app/app/views/admins/index.html.erb +0 -1
data/test/rails_app/app/views/admins/sessions/new.html.erb +0 -2
data/test/rails_app/app/views/home/admin_dashboard.html.erb +0 -1
data/test/rails_app/app/views/home/index.html.erb +0 -1
data/test/rails_app/app/views/home/join.html.erb +0 -1
data/test/rails_app/app/views/home/private.html.erb +0 -1
data/test/rails_app/app/views/home/user_dashboard.html.erb +0 -1
data/test/rails_app/app/views/layouts/application.html.erb +0 -24
data/test/rails_app/app/views/users/edit_form.html.erb +0 -1
data/test/rails_app/app/views/users/index.html.erb +0 -1
data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +0 -1
data/test/rails_app/app/views/users/sessions/new.html.erb +0 -1
data/test/rails_app/bin/bundle +0 -3
data/test/rails_app/bin/rails +0 -4
data/test/rails_app/bin/rake +0 -4
data/test/rails_app/config/application.rb +0 -40
data/test/rails_app/config/boot.rb +0 -14
data/test/rails_app/config/database.yml +0 -18
data/test/rails_app/config/environment.rb +0 -5
data/test/rails_app/config/environments/development.rb +0 -30
data/test/rails_app/config/environments/production.rb +0 -84
data/test/rails_app/config/environments/test.rb +0 -41
data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
data/test/rails_app/config/initializers/devise.rb +0 -180
data/test/rails_app/config/initializers/inflections.rb +0 -2
data/test/rails_app/config/initializers/secret_token.rb +0 -8
data/test/rails_app/config/initializers/session_store.rb +0 -1
data/test/rails_app/config/routes.rb +0 -122
data/test/rails_app/config.ru +0 -4
data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -71
data/test/rails_app/db/schema.rb +0 -55
data/test/rails_app/lib/shared_admin.rb +0 -17
data/test/rails_app/lib/shared_user.rb +0 -29
data/test/rails_app/lib/shared_user_without_omniauth.rb +0 -13
data/test/rails_app/public/404.html +0 -26
data/test/rails_app/public/422.html +0 -26
data/test/rails_app/public/500.html +0 -26
data/test/rails_app/public/favicon.ico +0 -0
data/test/rails_test.rb +0 -9
data/test/routes_test.rb +0 -264
data/test/support/action_controller/record_identifier.rb +0 -10
data/test/support/assertions.rb +0 -39
data/test/support/helpers.rb +0 -73
data/test/support/integration.rb +0 -92
data/test/support/locale/en.yml +0 -8
data/test/support/mongoid.yml +0 -6
data/test/support/webrat/integrations/rails.rb +0 -24
data/test/test_helper.rb +0 -34
data/test/test_helpers_test.rb +0 -178
data/test/test_models.rb +0 -33

data/test/integration/recoverable_test.rb DELETED Viewed

@@ -1,347 +0,0 @@
-require 'test_helper'
-class PasswordTest < ActionDispatch::IntegrationTest
-  def visit_new_password_path
-    visit new_user_session_path
-    click_link 'Forgot your password?'
-  end
-  def request_forgot_password(&block)
-    visit_new_password_path
-    assert_response :success
-    assert_not warden.authenticated?(:user)
-    fill_in 'email', with: 'user@test.com'
-    yield if block_given?
-    Devise.stubs(:friendly_token).returns("abcdef")
-    click_button 'Send me reset password instructions'
-  end
-  def reset_password(options={}, &block)
-    unless options[:visit] == false
-      visit edit_user_password_path(reset_password_token: options[:reset_password_token] || "abcdef")
-      assert_response :success
-    end
-    fill_in 'New password', with: '987654321'
-    fill_in 'Confirm new password', with: '987654321'
-    yield if block_given?
-    click_button 'Change my password'
-  end
-  test 'reset password with email of different case should succeed when email is in the list of case insensitive keys' do
-    create_user(email: 'Foo@Bar.com')
-    request_forgot_password do
-      fill_in 'email', with: 'foo@bar.com'
-    end
-    assert_current_url '/users/sign_in'
-    assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
-  end
-  test 'reset password with email should send an email from a custom mailer' do
-    create_user(email: 'Foo@Bar.com')
-    User.any_instance.stubs(:devise_mailer).returns(Users::Mailer)
-    request_forgot_password do
-      fill_in 'email', with: 'foo@bar.com'
-    end
-    mail = ActionMailer::Base.deliveries.last
-    assert_equal ['custom@example.com'], mail.from
-    assert_match edit_user_password_path(reset_password_token: 'abcdef'), mail.body.encoded
-  end
-  test 'reset password with email of different case should fail when email is NOT the list of case insensitive keys' do
-    swap Devise, case_insensitive_keys: [] do
-      create_user(email: 'Foo@Bar.com')
-      request_forgot_password do
-        fill_in 'email', with: 'foo@bar.com'
-      end
-      assert_response :success
-      assert_current_url '/users/password'
-      assert_have_selector "input[type=email][value='foo@bar.com']"
-      assert_contain 'not found'
-    end
-  end
-  test 'reset password with email with extra whitespace should succeed when email is in the list of strip whitespace keys' do
-    create_user(email: 'foo@bar.com')
-    request_forgot_password do
-      fill_in 'email', with: ' foo@bar.com '
-    end
-    assert_current_url '/users/sign_in'
-    assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
-  end
-  test 'reset password with email with extra whitespace should fail when email is NOT the list of strip whitespace keys' do
-    swap Devise, strip_whitespace_keys: [] do
-      create_user(email: 'foo@bar.com')
-      request_forgot_password do
-        fill_in 'email', with: ' foo@bar.com '
-      end
-      assert_response :success
-      assert_current_url '/users/password'
-      assert_have_selector "input[type=email][value=' foo@bar.com ']"
-      assert_contain 'not found'
-    end
-  end
-  test 'authenticated user should not be able to visit forgot password page' do
-    sign_in_as_user
-    assert warden.authenticated?(:user)
-    get new_user_password_path
-    assert_response :redirect
-    assert_redirected_to root_path
-  end
-  test 'not authenticated user should be able to request a forgot password' do
-    create_user
-    request_forgot_password
-    assert_current_url '/users/sign_in'
-    assert_contain 'You will receive an email with instructions on how to reset your password in a few minutes.'
-  end
-  test 'not authenticated user with invalid email should receive an error message' do
-    request_forgot_password do
-      fill_in 'email', with: 'invalid.test@test.com'
-    end
-    assert_response :success
-    assert_current_url '/users/password'
-    assert_have_selector "input[type=email][value='invalid.test@test.com']"
-    assert_contain 'not found'
-  end
-  test 'authenticated user should not be able to visit edit password page' do
-    sign_in_as_user
-    get edit_user_password_path
-    assert_response :redirect
-    assert_redirected_to root_path
-    assert warden.authenticated?(:user)
-  end
-  test 'not authenticated user without a reset password token should not be able to visit the page' do
-    get edit_user_password_path
-    assert_response :redirect
-    assert_redirected_to "/users/sign_in"
-  end
-  test 'not authenticated user with invalid reset password token should not be able to change their password' do
-    user = create_user
-    reset_password reset_password_token: 'invalid_reset_password'
-    assert_response :success
-    assert_current_url '/users/password'
-    assert_have_selector '#error_explanation'
-    assert_contain /Reset password token(.*)invalid/
-    assert_not user.reload.valid_password?('987654321')
-  end
-  test 'not authenticated user with valid reset password token but invalid password should not be able to change their password' do
-    user = create_user
-    request_forgot_password
-    reset_password do
-      fill_in 'Confirm new password', with: 'other_password'
-    end
-    assert_response :success
-    assert_current_url '/users/password'
-    assert_have_selector '#error_explanation'
-    assert_contain Devise.rails4? ?
-      "Password confirmation doesn't match Password" : "Password doesn't match confirmation"
-    assert_not user.reload.valid_password?('987654321')
-  end
-  test 'not authenticated user with valid data should be able to change their password' do
-    user = create_user
-    request_forgot_password
-    reset_password
-    assert_current_url '/'
-    assert_contain 'Your password has been changed successfully. You are now signed in.'
-    assert user.reload.valid_password?('987654321')
-  end
-  test 'after entering invalid data user should still be able to change their password' do
-    user = create_user
-    request_forgot_password
-    reset_password {  fill_in 'Confirm new password', with: 'other_password' }
-    assert_response :success
-    assert_have_selector '#error_explanation'
-    assert_not user.reload.valid_password?('987654321')
-    reset_password visit: false
-    assert_contain 'Your password has been changed successfully.'
-    assert user.reload.valid_password?('987654321')
-  end
-  test 'sign in user automatically after changing its password' do
-    create_user
-    request_forgot_password
-    reset_password
-    assert warden.authenticated?(:user)
-  end
-  test 'does not sign in user automatically after changing its password if config.sign_in_after_reset_password is false' do
-    swap Devise, sign_in_after_reset_password: false do
-      create_user
-      request_forgot_password
-      reset_password
-      assert_contain 'Your password has been changed successfully.'
-      assert_not_contain 'You are now signed in.'
-      assert_equal new_user_session_path, @request.path
-      assert !warden.authenticated?(:user)
-    end
-  end
-  test 'does not sign in user automatically after changing its password if it\'s locked and unlock strategy is :none or :time' do
-    [:none, :time].each do |strategy|
-      swap Devise, unlock_strategy: strategy do
-        user = create_user(locked: true)
-        request_forgot_password
-        reset_password
-        assert_contain 'Your password has been changed successfully.'
-        assert_not_contain 'You are now signed in.'
-        assert_equal new_user_session_path, @request.path
-        assert !warden.authenticated?(:user)
-      end
-    end
-  end
-  test 'unlocks and signs in locked user automatically after changing it\'s password if unlock strategy is :email' do
-    swap Devise, unlock_strategy: :email do
-      user = create_user(locked: true)
-      request_forgot_password
-      reset_password
-      assert_contain 'Your password has been changed successfully.'
-      assert !user.reload.access_locked?
-      assert warden.authenticated?(:user)
-    end
-  end
-  test 'unlocks and signs in locked user automatically after changing it\'s password if unlock strategy is :both' do
-    swap Devise, unlock_strategy: :both do
-      user = create_user(locked: true)
-      request_forgot_password
-      reset_password
-      assert_contain 'Your password has been changed successfully.'
-      assert !user.reload.access_locked?
-      assert warden.authenticated?(:user)
-    end
-  end
-  test 'reset password request with valid E-Mail in XML format should return valid response' do
-    create_user
-    post user_password_path(format: 'xml'), user: {email: "user@test.com"}
-    assert_response :success
-    assert_equal response.body, { }.to_xml
-  end
-  test 'reset password request with invalid E-Mail in XML format should return valid response' do
-    create_user
-    post user_password_path(format: 'xml'), user: {email: "invalid.test@test.com"}
-    assert_response :unprocessable_entity
-    assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
-  end
-  test 'reset password request with invalid E-Mail in XML format should return empty and valid response' do
-    swap Devise, paranoid: true do
-      create_user
-      post user_password_path(format: 'xml'), user: {email: "invalid@test.com"}
-      assert_response :success
-      assert_equal response.body, { }.to_xml
-    end
-  end
-  test 'change password with valid parameters in XML format should return valid response' do
-    create_user
-    request_forgot_password
-    put user_password_path(format: 'xml'), user: {
-      reset_password_token: 'abcdef', password: '987654321', password_confirmation: '987654321'
-    }
-    assert_response :success
-    assert warden.authenticated?(:user)
-  end
-  test 'change password with invalid token in XML format should return invalid response' do
-    create_user
-    request_forgot_password
-    put user_password_path(format: 'xml'), user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'}
-    assert_response :unprocessable_entity
-    assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
-  end
-  test 'change password with invalid new password in XML format should return invalid response' do
-    user = create_user
-    request_forgot_password
-    put user_password_path(format: 'xml'), user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'}
-    assert_response :unprocessable_entity
-    assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
-  end
-  test "when using json requests to ask a confirmable request, should not return the object" do
-    user = create_user(confirm: false)
-    post user_password_path(format: :json), user: { email: user.email }
-    assert_response :success
-    assert_equal response.body, "{}"
-  end
-  test "when in paranoid mode and with an invalid e-mail, asking to reset a password should display a message that does not indicates that the e-mail does not exists in the database" do
-    swap Devise, paranoid: true do
-      visit_new_password_path
-      fill_in "email", with: "arandomemail@test.com"
-      click_button 'Send me reset password instructions'
-      assert_not_contain "1 error prohibited this user from being saved:"
-      assert_not_contain "Email not found"
-      assert_contain "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
-      assert_current_url "/users/sign_in"
-    end
-  end
-  test "when in paranoid mode and with a valid e-mail, asking to reset password should display a message that does not indicates that the email exists in the database and redirect to the failure route" do
-    swap Devise, paranoid: true do
-      user = create_user
-      visit_new_password_path
-      fill_in 'email', with: user.email
-      click_button 'Send me reset password instructions'
-      assert_contain "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
-      assert_current_url "/users/sign_in"
-    end
-  end
-  test "after recovering a password, should set failed attempts to 0" do
-    user = create_user
-    user.update_attribute(:failed_attempts, 10)
-    assert_equal 10, user.failed_attempts
-    request_forgot_password
-    reset_password
-    assert warden.authenticated?(:user)
-    user.reload
-    assert_equal 0, user.failed_attempts
-  end
-end