devise 3.5.1 → 4.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/CHANGELOG.md +259 -1076
- data/MIT-LICENSE +1 -1
- data/README.md +256 -68
- data/app/controllers/devise/confirmations_controller.rb +3 -1
- data/app/controllers/devise/omniauth_callbacks_controller.rb +8 -6
- data/app/controllers/devise/passwords_controller.rb +10 -7
- data/app/controllers/devise/registrations_controller.rb +39 -18
- data/app/controllers/devise/sessions_controller.rb +9 -7
- data/app/controllers/devise/unlocks_controller.rb +4 -2
- data/app/controllers/devise_controller.rb +23 -10
- data/app/helpers/devise_helper.rb +12 -19
- data/app/mailers/devise/mailer.rb +10 -0
- data/app/views/devise/confirmations/new.html.erb +2 -2
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/passwords/edit.html.erb +5 -5
- data/app/views/devise/passwords/new.html.erb +2 -2
- data/app/views/devise/registrations/edit.html.erb +9 -5
- data/app/views/devise/registrations/new.html.erb +4 -4
- data/app/views/devise/sessions/new.html.erb +4 -4
- data/app/views/devise/shared/_error_messages.html.erb +15 -0
- data/app/views/devise/shared/_links.html.erb +8 -8
- data/app/views/devise/unlocks/new.html.erb +2 -2
- data/config/locales/en.yml +6 -1
- data/lib/devise/controllers/helpers.rb +35 -26
- data/lib/devise/controllers/rememberable.rb +11 -2
- data/lib/devise/controllers/scoped_views.rb +2 -0
- data/lib/devise/controllers/sign_in_out.rb +35 -18
- data/lib/devise/controllers/store_location.rb +25 -7
- data/lib/devise/controllers/url_helpers.rb +2 -0
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +6 -4
- data/lib/devise/failure_app.rb +84 -27
- data/lib/devise/hooks/activatable.rb +2 -0
- data/lib/devise/hooks/csrf_cleaner.rb +2 -0
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +6 -1
- data/lib/devise/hooks/proxy.rb +3 -1
- data/lib/devise/hooks/rememberable.rb +2 -0
- data/lib/devise/hooks/timeoutable.rb +7 -7
- data/lib/devise/hooks/trackable.rb +2 -0
- data/lib/devise/mailers/helpers.rb +7 -4
- data/lib/devise/mapping.rb +2 -0
- data/lib/devise/models/authenticatable.rb +51 -26
- data/lib/devise/models/confirmable.rb +106 -33
- data/lib/devise/models/database_authenticatable.rb +97 -21
- data/lib/devise/models/lockable.rb +15 -5
- data/lib/devise/models/omniauthable.rb +2 -0
- data/lib/devise/models/recoverable.rb +32 -24
- data/lib/devise/models/registerable.rb +4 -0
- data/lib/devise/models/rememberable.rb +42 -26
- data/lib/devise/models/timeoutable.rb +2 -6
- data/lib/devise/models/trackable.rb +15 -1
- data/lib/devise/models/validatable.rb +10 -3
- data/lib/devise/models.rb +3 -1
- data/lib/devise/modules.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +4 -0
- data/lib/devise/parameter_sanitizer.rb +139 -65
- data/lib/devise/rails/routes.rb +67 -47
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/rails.rb +7 -16
- data/lib/devise/secret_key_finder.rb +27 -0
- data/lib/devise/strategies/authenticatable.rb +5 -3
- data/lib/devise/strategies/base.rb +2 -0
- data/lib/devise/strategies/database_authenticatable.rb +11 -4
- data/lib/devise/strategies/rememberable.rb +5 -6
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +2 -0
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/devise.rb +73 -46
- data/lib/generators/active_record/devise_generator.rb +29 -10
- data/lib/generators/active_record/templates/migration.rb +4 -2
- data/lib/generators/active_record/templates/migration_existing.rb +4 -2
- data/lib/generators/devise/controllers_generator.rb +3 -1
- data/lib/generators/devise/devise_generator.rb +4 -2
- data/lib/generators/devise/install_generator.rb +17 -0
- data/lib/generators/devise/orm_helpers.rb +10 -21
- data/lib/generators/devise/views_generator.rb +21 -11
- data/lib/generators/mongoid/devise_generator.rb +7 -5
- data/lib/generators/templates/README +1 -8
- data/lib/generators/templates/controllers/README +1 -1
- data/lib/generators/templates/controllers/confirmations_controller.rb +2 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +2 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +2 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +6 -4
- data/lib/generators/templates/controllers/sessions_controller.rb +4 -2
- data/lib/generators/templates/controllers/unlocks_controller.rb +2 -0
- data/lib/generators/templates/devise.rb +52 -22
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +5 -1
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +10 -2
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +4 -1
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +11 -3
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +11 -3
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +7 -2
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +4 -1
- metadata +15 -301
- data/.gitignore +0 -10
- data/.travis.yml +0 -45
- data/.yardopts +0 -9
- data/CONTRIBUTING.md +0 -14
- data/Gemfile +0 -29
- data/Gemfile.lock +0 -191
- data/Rakefile +0 -36
- data/devise.gemspec +0 -29
- data/devise.png +0 -0
- data/gemfiles/Gemfile.rails-3.2-stable +0 -29
- data/gemfiles/Gemfile.rails-3.2-stable.lock +0 -169
- data/gemfiles/Gemfile.rails-4.0-stable +0 -29
- data/gemfiles/Gemfile.rails-4.0-stable.lock +0 -163
- data/gemfiles/Gemfile.rails-4.1-stable +0 -29
- data/gemfiles/Gemfile.rails-4.1-stable.lock +0 -169
- data/gemfiles/Gemfile.rails-4.2-stable +0 -29
- data/gemfiles/Gemfile.rails-4.2-stable.lock +0 -191
- data/script/cached-bundle +0 -49
- data/script/s3-put +0 -71
- data/test/controllers/custom_registrations_controller_test.rb +0 -40
- data/test/controllers/custom_strategy_test.rb +0 -62
- data/test/controllers/helpers_test.rb +0 -316
- data/test/controllers/inherited_controller_i18n_messages_test.rb +0 -51
- data/test/controllers/internal_helpers_test.rb +0 -129
- data/test/controllers/load_hooks_controller_test.rb +0 -19
- data/test/controllers/passwords_controller_test.rb +0 -31
- data/test/controllers/sessions_controller_test.rb +0 -103
- data/test/controllers/url_helpers_test.rb +0 -65
- data/test/delegator_test.rb +0 -19
- data/test/devise_test.rb +0 -107
- data/test/failure_app_test.rb +0 -298
- data/test/generators/active_record_generator_test.rb +0 -109
- data/test/generators/controllers_generator_test.rb +0 -48
- data/test/generators/devise_generator_test.rb +0 -39
- data/test/generators/install_generator_test.rb +0 -13
- data/test/generators/mongoid_generator_test.rb +0 -23
- data/test/generators/views_generator_test.rb +0 -96
- data/test/helpers/devise_helper_test.rb +0 -49
- data/test/integration/authenticatable_test.rb +0 -729
- data/test/integration/confirmable_test.rb +0 -324
- data/test/integration/database_authenticatable_test.rb +0 -95
- data/test/integration/http_authenticatable_test.rb +0 -105
- data/test/integration/lockable_test.rb +0 -239
- data/test/integration/omniauthable_test.rb +0 -133
- data/test/integration/recoverable_test.rb +0 -347
- data/test/integration/registerable_test.rb +0 -359
- data/test/integration/rememberable_test.rb +0 -176
- data/test/integration/timeoutable_test.rb +0 -189
- data/test/integration/trackable_test.rb +0 -92
- data/test/mailers/confirmation_instructions_test.rb +0 -115
- data/test/mailers/reset_password_instructions_test.rb +0 -96
- data/test/mailers/unlock_instructions_test.rb +0 -91
- data/test/mapping_test.rb +0 -134
- data/test/models/authenticatable_test.rb +0 -23
- data/test/models/confirmable_test.rb +0 -468
- data/test/models/database_authenticatable_test.rb +0 -249
- data/test/models/lockable_test.rb +0 -328
- data/test/models/omniauthable_test.rb +0 -7
- data/test/models/recoverable_test.rb +0 -228
- data/test/models/registerable_test.rb +0 -7
- data/test/models/rememberable_test.rb +0 -204
- data/test/models/serializable_test.rb +0 -49
- data/test/models/timeoutable_test.rb +0 -51
- data/test/models/trackable_test.rb +0 -41
- data/test/models/validatable_test.rb +0 -127
- data/test/models_test.rb +0 -144
- data/test/omniauth/config_test.rb +0 -57
- data/test/omniauth/url_helpers_test.rb +0 -54
- data/test/orm/active_record.rb +0 -10
- data/test/orm/mongoid.rb +0 -13
- data/test/parameter_sanitizer_test.rb +0 -81
- data/test/rails_app/Rakefile +0 -6
- data/test/rails_app/app/active_record/admin.rb +0 -6
- data/test/rails_app/app/active_record/shim.rb +0 -2
- data/test/rails_app/app/active_record/user.rb +0 -6
- data/test/rails_app/app/active_record/user_on_engine.rb +0 -7
- data/test/rails_app/app/active_record/user_on_main_app.rb +0 -7
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +0 -6
- data/test/rails_app/app/controllers/admins_controller.rb +0 -11
- data/test/rails_app/app/controllers/application_controller.rb +0 -12
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +0 -30
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +0 -31
- data/test/rails_app/app/controllers/home_controller.rb +0 -25
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +0 -2
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +0 -2
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +0 -14
- data/test/rails_app/app/controllers/users_controller.rb +0 -31
- data/test/rails_app/app/helpers/application_helper.rb +0 -3
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +0 -3
- data/test/rails_app/app/mailers/users/mailer.rb +0 -3
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +0 -4
- data/test/rails_app/app/mongoid/admin.rb +0 -29
- data/test/rails_app/app/mongoid/shim.rb +0 -23
- data/test/rails_app/app/mongoid/user.rb +0 -39
- data/test/rails_app/app/mongoid/user_on_engine.rb +0 -39
- data/test/rails_app/app/mongoid/user_on_main_app.rb +0 -39
- data/test/rails_app/app/views/admins/index.html.erb +0 -1
- data/test/rails_app/app/views/admins/sessions/new.html.erb +0 -2
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +0 -1
- data/test/rails_app/app/views/home/index.html.erb +0 -1
- data/test/rails_app/app/views/home/join.html.erb +0 -1
- data/test/rails_app/app/views/home/private.html.erb +0 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +0 -1
- data/test/rails_app/app/views/layouts/application.html.erb +0 -24
- data/test/rails_app/app/views/users/edit_form.html.erb +0 -1
- data/test/rails_app/app/views/users/index.html.erb +0 -1
- data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +0 -1
- data/test/rails_app/app/views/users/sessions/new.html.erb +0 -1
- data/test/rails_app/bin/bundle +0 -3
- data/test/rails_app/bin/rails +0 -4
- data/test/rails_app/bin/rake +0 -4
- data/test/rails_app/config/application.rb +0 -40
- data/test/rails_app/config/boot.rb +0 -14
- data/test/rails_app/config/database.yml +0 -18
- data/test/rails_app/config/environment.rb +0 -5
- data/test/rails_app/config/environments/development.rb +0 -30
- data/test/rails_app/config/environments/production.rb +0 -84
- data/test/rails_app/config/environments/test.rb +0 -41
- data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
- data/test/rails_app/config/initializers/devise.rb +0 -180
- data/test/rails_app/config/initializers/inflections.rb +0 -2
- data/test/rails_app/config/initializers/secret_token.rb +0 -8
- data/test/rails_app/config/initializers/session_store.rb +0 -1
- data/test/rails_app/config/routes.rb +0 -122
- data/test/rails_app/config.ru +0 -4
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -71
- data/test/rails_app/db/schema.rb +0 -55
- data/test/rails_app/lib/shared_admin.rb +0 -17
- data/test/rails_app/lib/shared_user.rb +0 -29
- data/test/rails_app/lib/shared_user_without_omniauth.rb +0 -13
- data/test/rails_app/public/404.html +0 -26
- data/test/rails_app/public/422.html +0 -26
- data/test/rails_app/public/500.html +0 -26
- data/test/rails_app/public/favicon.ico +0 -0
- data/test/rails_test.rb +0 -9
- data/test/routes_test.rb +0 -264
- data/test/support/action_controller/record_identifier.rb +0 -10
- data/test/support/assertions.rb +0 -39
- data/test/support/helpers.rb +0 -73
- data/test/support/integration.rb +0 -92
- data/test/support/locale/en.yml +0 -8
- data/test/support/mongoid.yml +0 -6
- data/test/support/webrat/integrations/rails.rb +0 -24
- data/test/test_helper.rb +0 -34
- data/test/test_helpers_test.rb +0 -178
- data/test/test_models.rb +0 -33
data/test/mapping_test.rb
DELETED
|
@@ -1,134 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class FakeRequest < Struct.new(:path_info, :params)
|
|
4
|
-
end
|
|
5
|
-
|
|
6
|
-
class MappingTest < ActiveSupport::TestCase
|
|
7
|
-
def fake_request(path, params={})
|
|
8
|
-
FakeRequest.new(path, params)
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
test 'store options' do
|
|
12
|
-
mapping = Devise.mappings[:user]
|
|
13
|
-
assert_equal User, mapping.to
|
|
14
|
-
assert_equal User.devise_modules, mapping.modules
|
|
15
|
-
assert_equal "users", mapping.scoped_path
|
|
16
|
-
assert_equal :user, mapping.singular
|
|
17
|
-
assert_equal "users", mapping.path
|
|
18
|
-
assert_equal "/users", mapping.fullpath
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
test 'store options with namespace' do
|
|
22
|
-
mapping = Devise.mappings[:publisher_account]
|
|
23
|
-
assert_equal Admin, mapping.to
|
|
24
|
-
assert_equal "publisher/accounts", mapping.scoped_path
|
|
25
|
-
assert_equal :publisher_account, mapping.singular
|
|
26
|
-
assert_equal "accounts", mapping.path
|
|
27
|
-
assert_equal "/publisher/accounts", mapping.fullpath
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
test 'allows path to be given' do
|
|
31
|
-
assert_equal "admin_area", Devise.mappings[:admin].path
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
test 'allows to skip all routes' do
|
|
35
|
-
assert_equal [], Devise.mappings[:skip_admin].used_routes
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
test 'sign_out_via defaults to :get' do
|
|
39
|
-
assert_equal :get, Devise.mappings[:user].sign_out_via
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
test 'allows custom sign_out_via to be given' do
|
|
43
|
-
assert_equal :delete, Devise.mappings[:sign_out_via_delete].sign_out_via
|
|
44
|
-
assert_equal :post, Devise.mappings[:sign_out_via_post].sign_out_via
|
|
45
|
-
assert_equal [:delete, :post], Devise.mappings[:sign_out_via_delete_or_post].sign_out_via
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
test 'allows custom singular to be given' do
|
|
49
|
-
assert_equal "accounts", Devise.mappings[:manager].path
|
|
50
|
-
end
|
|
51
|
-
|
|
52
|
-
test 'has strategies depending on the model declaration' do
|
|
53
|
-
assert_equal [:rememberable, :database_authenticatable], Devise.mappings[:user].strategies
|
|
54
|
-
assert_equal [:database_authenticatable], Devise.mappings[:admin].strategies
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
test 'has no input strategies depending on the model declaration' do
|
|
58
|
-
assert_equal [:rememberable], Devise.mappings[:user].no_input_strategies
|
|
59
|
-
assert_equal [], Devise.mappings[:admin].no_input_strategies
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
test 'find scope for a given object' do
|
|
63
|
-
assert_equal :user, Devise::Mapping.find_scope!(User)
|
|
64
|
-
assert_equal :user, Devise::Mapping.find_scope!(:user)
|
|
65
|
-
assert_equal :user, Devise::Mapping.find_scope!("user")
|
|
66
|
-
assert_equal :user, Devise::Mapping.find_scope!(User.new)
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
test 'find scope works with single table inheritance' do
|
|
70
|
-
assert_equal :user, Devise::Mapping.find_scope!(Class.new(User))
|
|
71
|
-
assert_equal :user, Devise::Mapping.find_scope!(Class.new(User).new)
|
|
72
|
-
end
|
|
73
|
-
|
|
74
|
-
test 'find scope uses devise_scope' do
|
|
75
|
-
user = User.new
|
|
76
|
-
def user.devise_scope; :special_scope; end
|
|
77
|
-
assert_equal :special_scope, Devise::Mapping.find_scope!(user)
|
|
78
|
-
end
|
|
79
|
-
|
|
80
|
-
test 'find scope raises an error if cannot be found' do
|
|
81
|
-
assert_raise RuntimeError do
|
|
82
|
-
Devise::Mapping.find_scope!(String)
|
|
83
|
-
end
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
test 'return default path names' do
|
|
87
|
-
mapping = Devise.mappings[:user]
|
|
88
|
-
assert_equal 'sign_in', mapping.path_names[:sign_in]
|
|
89
|
-
assert_equal 'sign_out', mapping.path_names[:sign_out]
|
|
90
|
-
assert_equal 'password', mapping.path_names[:password]
|
|
91
|
-
assert_equal 'confirmation', mapping.path_names[:confirmation]
|
|
92
|
-
assert_equal 'sign_up', mapping.path_names[:sign_up]
|
|
93
|
-
assert_equal 'unlock', mapping.path_names[:unlock]
|
|
94
|
-
end
|
|
95
|
-
|
|
96
|
-
test 'allow custom path names to be given' do
|
|
97
|
-
mapping = Devise.mappings[:manager]
|
|
98
|
-
assert_equal 'login', mapping.path_names[:sign_in]
|
|
99
|
-
assert_equal 'logout', mapping.path_names[:sign_out]
|
|
100
|
-
assert_equal 'secret', mapping.path_names[:password]
|
|
101
|
-
assert_equal 'verification', mapping.path_names[:confirmation]
|
|
102
|
-
assert_equal 'register', mapping.path_names[:sign_up]
|
|
103
|
-
assert_equal 'unblock', mapping.path_names[:unlock]
|
|
104
|
-
end
|
|
105
|
-
|
|
106
|
-
test 'magic predicates' do
|
|
107
|
-
mapping = Devise.mappings[:user]
|
|
108
|
-
assert mapping.authenticatable?
|
|
109
|
-
assert mapping.confirmable?
|
|
110
|
-
assert mapping.recoverable?
|
|
111
|
-
assert mapping.rememberable?
|
|
112
|
-
assert mapping.registerable?
|
|
113
|
-
|
|
114
|
-
mapping = Devise.mappings[:admin]
|
|
115
|
-
assert mapping.authenticatable?
|
|
116
|
-
assert mapping.recoverable?
|
|
117
|
-
assert mapping.lockable?
|
|
118
|
-
assert_not mapping.omniauthable?
|
|
119
|
-
end
|
|
120
|
-
|
|
121
|
-
test 'find mapping by path' do
|
|
122
|
-
assert_raise RuntimeError do
|
|
123
|
-
Devise::Mapping.find_by_path!('/accounts/facebook/callback')
|
|
124
|
-
end
|
|
125
|
-
|
|
126
|
-
assert_nothing_raised do
|
|
127
|
-
Devise::Mapping.find_by_path!('/:locale/accounts/login')
|
|
128
|
-
end
|
|
129
|
-
|
|
130
|
-
assert_nothing_raised do
|
|
131
|
-
Devise::Mapping.find_by_path!('/accounts/facebook/callback', :path)
|
|
132
|
-
end
|
|
133
|
-
end
|
|
134
|
-
end
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class AuthenticatableTest < ActiveSupport::TestCase
|
|
4
|
-
test 'required_fields should be an empty array' do
|
|
5
|
-
assert_equal Devise::Models::Validatable.required_fields(User), []
|
|
6
|
-
end
|
|
7
|
-
|
|
8
|
-
test 'find_first_by_auth_conditions allows custom filtering parameters' do
|
|
9
|
-
user = User.create!(email: "example@example.com", password: "1234567")
|
|
10
|
-
assert_equal User.find_first_by_auth_conditions({ email: "example@example.com" }), user
|
|
11
|
-
assert_nil User.find_first_by_auth_conditions({ email: "example@example.com" }, id: user.id.to_s.next)
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
if defined?(ActionController::Parameters)
|
|
15
|
-
test 'does not passes an ActionController::Parameters to find_first_by_auth_conditions through find_or_initialize_with_errors' do
|
|
16
|
-
user = create_user(email: 'example@example.com')
|
|
17
|
-
attributes = ActionController::Parameters.new(email: 'example@example.com')
|
|
18
|
-
|
|
19
|
-
User.expects(:find_first_by_auth_conditions).with('email' => 'example@example.com').returns(user)
|
|
20
|
-
User.find_or_initialize_with_errors([:email], attributes)
|
|
21
|
-
end
|
|
22
|
-
end
|
|
23
|
-
end
|
|
@@ -1,468 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class ConfirmableTest < ActiveSupport::TestCase
|
|
4
|
-
|
|
5
|
-
def setup
|
|
6
|
-
setup_mailer
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
test 'should generate confirmation token after creating a record' do
|
|
10
|
-
assert_nil new_user.confirmation_token
|
|
11
|
-
assert_not_nil create_user.confirmation_token
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
test 'should never generate the same confirmation token for different users' do
|
|
15
|
-
confirmation_tokens = []
|
|
16
|
-
3.times do
|
|
17
|
-
token = create_user.confirmation_token
|
|
18
|
-
assert !confirmation_tokens.include?(token)
|
|
19
|
-
confirmation_tokens << token
|
|
20
|
-
end
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
test 'should confirm a user by updating confirmed at' do
|
|
24
|
-
user = create_user
|
|
25
|
-
assert_nil user.confirmed_at
|
|
26
|
-
assert user.confirm
|
|
27
|
-
assert_not_nil user.confirmed_at
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
test 'should verify whether a user is confirmed or not' do
|
|
31
|
-
assert_not new_user.confirmed?
|
|
32
|
-
user = create_user
|
|
33
|
-
assert_not user.confirmed?
|
|
34
|
-
user.confirm
|
|
35
|
-
assert user.confirmed?
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
test 'should not confirm a user already confirmed' do
|
|
39
|
-
user = create_user
|
|
40
|
-
assert user.confirm
|
|
41
|
-
assert_blank user.errors[:email]
|
|
42
|
-
|
|
43
|
-
assert_not user.confirm
|
|
44
|
-
assert_equal "was already confirmed, please try signing in", user.errors[:email].join
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
test 'should find and confirm a user automatically based on the raw token' do
|
|
48
|
-
user = create_user
|
|
49
|
-
raw = user.raw_confirmation_token
|
|
50
|
-
confirmed_user = User.confirm_by_token(raw)
|
|
51
|
-
assert_equal confirmed_user, user
|
|
52
|
-
assert user.reload.confirmed?
|
|
53
|
-
end
|
|
54
|
-
|
|
55
|
-
test 'should return a new record with errors when a invalid token is given' do
|
|
56
|
-
confirmed_user = User.confirm_by_token('invalid_confirmation_token')
|
|
57
|
-
assert_not confirmed_user.persisted?
|
|
58
|
-
assert_equal "is invalid", confirmed_user.errors[:confirmation_token].join
|
|
59
|
-
end
|
|
60
|
-
|
|
61
|
-
test 'should return a new record with errors when a blank token is given' do
|
|
62
|
-
confirmed_user = User.confirm_by_token('')
|
|
63
|
-
assert_not confirmed_user.persisted?
|
|
64
|
-
assert_equal "can't be blank", confirmed_user.errors[:confirmation_token].join
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
test 'should generate errors for a user email if user is already confirmed' do
|
|
68
|
-
user = create_user
|
|
69
|
-
user.confirmed_at = Time.now
|
|
70
|
-
user.save
|
|
71
|
-
confirmed_user = User.confirm_by_token(user.raw_confirmation_token)
|
|
72
|
-
assert confirmed_user.confirmed?
|
|
73
|
-
assert_equal "was already confirmed, please try signing in", confirmed_user.errors[:email].join
|
|
74
|
-
end
|
|
75
|
-
|
|
76
|
-
test 'should show error when a token has already been used' do
|
|
77
|
-
user = create_user
|
|
78
|
-
raw = user.raw_confirmation_token
|
|
79
|
-
User.confirm_by_token(raw)
|
|
80
|
-
assert user.reload.confirmed?
|
|
81
|
-
|
|
82
|
-
confirmed_user = User.confirm_by_token(raw)
|
|
83
|
-
assert_equal "was already confirmed, please try signing in", confirmed_user.errors[:email].join
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
test 'should send confirmation instructions by email' do
|
|
87
|
-
assert_email_sent "mynewuser@example.com" do
|
|
88
|
-
create_user email: "mynewuser@example.com"
|
|
89
|
-
end
|
|
90
|
-
end
|
|
91
|
-
|
|
92
|
-
test 'should not send confirmation when trying to save an invalid user' do
|
|
93
|
-
assert_email_not_sent do
|
|
94
|
-
user = new_user
|
|
95
|
-
user.stubs(:valid?).returns(false)
|
|
96
|
-
user.save
|
|
97
|
-
end
|
|
98
|
-
end
|
|
99
|
-
|
|
100
|
-
test 'should not generate a new token neither send e-mail if skip_confirmation! is invoked' do
|
|
101
|
-
user = new_user
|
|
102
|
-
user.skip_confirmation!
|
|
103
|
-
|
|
104
|
-
assert_email_not_sent do
|
|
105
|
-
user.save!
|
|
106
|
-
assert_nil user.confirmation_token
|
|
107
|
-
assert_not_nil user.confirmed_at
|
|
108
|
-
end
|
|
109
|
-
end
|
|
110
|
-
|
|
111
|
-
test 'should skip confirmation e-mail without confirming if skip_confirmation_notification! is invoked' do
|
|
112
|
-
user = new_user
|
|
113
|
-
user.skip_confirmation_notification!
|
|
114
|
-
|
|
115
|
-
assert_email_not_sent do
|
|
116
|
-
user.save!
|
|
117
|
-
assert !user.confirmed?
|
|
118
|
-
end
|
|
119
|
-
end
|
|
120
|
-
|
|
121
|
-
test 'should not send confirmation when no email is provided' do
|
|
122
|
-
assert_email_not_sent do
|
|
123
|
-
user = new_user
|
|
124
|
-
user.email = ''
|
|
125
|
-
user.save(validate: false)
|
|
126
|
-
end
|
|
127
|
-
end
|
|
128
|
-
|
|
129
|
-
test 'should find a user to send confirmation instructions' do
|
|
130
|
-
user = create_user
|
|
131
|
-
confirmation_user = User.send_confirmation_instructions(email: user.email)
|
|
132
|
-
assert_equal confirmation_user, user
|
|
133
|
-
end
|
|
134
|
-
|
|
135
|
-
test 'should return a new user if no email was found' do
|
|
136
|
-
confirmation_user = User.send_confirmation_instructions(email: "invalid@example.com")
|
|
137
|
-
assert_not confirmation_user.persisted?
|
|
138
|
-
end
|
|
139
|
-
|
|
140
|
-
test 'should add error to new user email if no email was found' do
|
|
141
|
-
confirmation_user = User.send_confirmation_instructions(email: "invalid@example.com")
|
|
142
|
-
assert confirmation_user.errors[:email]
|
|
143
|
-
assert_equal "not found", confirmation_user.errors[:email].join
|
|
144
|
-
end
|
|
145
|
-
|
|
146
|
-
test 'should send email instructions for the user confirm its email' do
|
|
147
|
-
user = create_user
|
|
148
|
-
assert_email_sent user.email do
|
|
149
|
-
User.send_confirmation_instructions(email: user.email)
|
|
150
|
-
end
|
|
151
|
-
end
|
|
152
|
-
|
|
153
|
-
test 'should always have confirmation token when email is sent' do
|
|
154
|
-
user = new_user
|
|
155
|
-
user.instance_eval { def confirmation_required?; false end }
|
|
156
|
-
user.save
|
|
157
|
-
user.send_confirmation_instructions
|
|
158
|
-
assert_not_nil user.reload.confirmation_token
|
|
159
|
-
end
|
|
160
|
-
|
|
161
|
-
test 'should not resend email instructions if the user change their email' do
|
|
162
|
-
user = create_user
|
|
163
|
-
user.email = 'new_test@example.com'
|
|
164
|
-
assert_email_not_sent do
|
|
165
|
-
user.save!
|
|
166
|
-
end
|
|
167
|
-
end
|
|
168
|
-
|
|
169
|
-
test 'should not reset confirmation status or token when updating email' do
|
|
170
|
-
user = create_user
|
|
171
|
-
original_token = user.confirmation_token
|
|
172
|
-
user.confirm
|
|
173
|
-
user.email = 'new_test@example.com'
|
|
174
|
-
user.save!
|
|
175
|
-
|
|
176
|
-
user.reload
|
|
177
|
-
assert user.confirmed?
|
|
178
|
-
assert_equal original_token, user.confirmation_token
|
|
179
|
-
end
|
|
180
|
-
|
|
181
|
-
test 'should not be able to send instructions if the user is already confirmed' do
|
|
182
|
-
user = create_user
|
|
183
|
-
user.confirm
|
|
184
|
-
assert_not user.resend_confirmation_instructions
|
|
185
|
-
assert user.confirmed?
|
|
186
|
-
assert_equal 'was already confirmed, please try signing in', user.errors[:email].join
|
|
187
|
-
end
|
|
188
|
-
|
|
189
|
-
test 'confirm time should fallback to devise confirm in default configuration' do
|
|
190
|
-
swap Devise, allow_unconfirmed_access_for: 1.day do
|
|
191
|
-
user = new_user
|
|
192
|
-
user.confirmation_sent_at = 2.days.ago
|
|
193
|
-
assert_not user.active_for_authentication?
|
|
194
|
-
|
|
195
|
-
Devise.allow_unconfirmed_access_for = 3.days
|
|
196
|
-
assert user.active_for_authentication?
|
|
197
|
-
end
|
|
198
|
-
end
|
|
199
|
-
|
|
200
|
-
test 'should be active when confirmation sent at is not overpast' do
|
|
201
|
-
swap Devise, allow_unconfirmed_access_for: 5.days do
|
|
202
|
-
Devise.allow_unconfirmed_access_for = 5.days
|
|
203
|
-
user = create_user
|
|
204
|
-
|
|
205
|
-
user.confirmation_sent_at = 4.days.ago
|
|
206
|
-
assert user.active_for_authentication?
|
|
207
|
-
|
|
208
|
-
user.confirmation_sent_at = 5.days.ago
|
|
209
|
-
assert_not user.active_for_authentication?
|
|
210
|
-
end
|
|
211
|
-
end
|
|
212
|
-
|
|
213
|
-
test 'should be active when already confirmed' do
|
|
214
|
-
user = create_user
|
|
215
|
-
assert_not user.confirmed?
|
|
216
|
-
assert_not user.active_for_authentication?
|
|
217
|
-
|
|
218
|
-
user.confirm
|
|
219
|
-
assert user.confirmed?
|
|
220
|
-
assert user.active_for_authentication?
|
|
221
|
-
end
|
|
222
|
-
|
|
223
|
-
test 'should not be active when confirm in is zero' do
|
|
224
|
-
Devise.allow_unconfirmed_access_for = 0.days
|
|
225
|
-
user = create_user
|
|
226
|
-
user.confirmation_sent_at = Time.zone.today
|
|
227
|
-
assert_not user.active_for_authentication?
|
|
228
|
-
end
|
|
229
|
-
|
|
230
|
-
test 'should be active when we set allow_unconfirmed_access_for to nil' do
|
|
231
|
-
swap Devise, allow_unconfirmed_access_for: nil do
|
|
232
|
-
user = create_user
|
|
233
|
-
user.confirmation_sent_at = Time.zone.today
|
|
234
|
-
assert user.active_for_authentication?
|
|
235
|
-
end
|
|
236
|
-
end
|
|
237
|
-
|
|
238
|
-
test 'should not be active without confirmation' do
|
|
239
|
-
user = create_user
|
|
240
|
-
user.confirmation_sent_at = nil
|
|
241
|
-
user.save
|
|
242
|
-
assert_not user.reload.active_for_authentication?
|
|
243
|
-
end
|
|
244
|
-
|
|
245
|
-
test 'should be active without confirmation when confirmation is not required' do
|
|
246
|
-
user = create_user
|
|
247
|
-
user.instance_eval { def confirmation_required?; false end }
|
|
248
|
-
user.confirmation_sent_at = nil
|
|
249
|
-
user.save
|
|
250
|
-
assert user.reload.active_for_authentication?
|
|
251
|
-
end
|
|
252
|
-
|
|
253
|
-
test 'should find a user to send email instructions for the user confirm its email by authentication_keys' do
|
|
254
|
-
swap Devise, authentication_keys: [:username, :email] do
|
|
255
|
-
user = create_user
|
|
256
|
-
confirm_user = User.send_confirmation_instructions(email: user.email, username: user.username)
|
|
257
|
-
assert_equal confirm_user, user
|
|
258
|
-
end
|
|
259
|
-
end
|
|
260
|
-
|
|
261
|
-
test 'should require all confirmation_keys' do
|
|
262
|
-
swap Devise, confirmation_keys: [:username, :email] do
|
|
263
|
-
user = create_user
|
|
264
|
-
confirm_user = User.send_confirmation_instructions(email: user.email)
|
|
265
|
-
assert_not confirm_user.persisted?
|
|
266
|
-
assert_equal "can't be blank", confirm_user.errors[:username].join
|
|
267
|
-
end
|
|
268
|
-
end
|
|
269
|
-
|
|
270
|
-
def confirm_user_by_token_with_confirmation_sent_at(confirmation_sent_at)
|
|
271
|
-
user = create_user
|
|
272
|
-
user.update_attribute(:confirmation_sent_at, confirmation_sent_at)
|
|
273
|
-
confirmed_user = User.confirm_by_token(user.raw_confirmation_token)
|
|
274
|
-
assert_equal confirmed_user, user
|
|
275
|
-
user.reload.confirmed?
|
|
276
|
-
end
|
|
277
|
-
|
|
278
|
-
test 'should accept confirmation email token even after 5 years when no expiration is set' do
|
|
279
|
-
assert confirm_user_by_token_with_confirmation_sent_at(5.years.ago)
|
|
280
|
-
end
|
|
281
|
-
|
|
282
|
-
test 'should accept confirmation email token after 2 days when expiration is set to 3 days' do
|
|
283
|
-
swap Devise, confirm_within: 3.days do
|
|
284
|
-
assert confirm_user_by_token_with_confirmation_sent_at(2.days.ago)
|
|
285
|
-
end
|
|
286
|
-
end
|
|
287
|
-
|
|
288
|
-
test 'should not accept confirmation email token after 4 days when expiration is set to 3 days' do
|
|
289
|
-
swap Devise, confirm_within: 3.days do
|
|
290
|
-
assert_not confirm_user_by_token_with_confirmation_sent_at(4.days.ago)
|
|
291
|
-
end
|
|
292
|
-
end
|
|
293
|
-
|
|
294
|
-
test 'always generate a new token on resend' do
|
|
295
|
-
user = create_user
|
|
296
|
-
old = user.confirmation_token
|
|
297
|
-
user = User.find(user.id)
|
|
298
|
-
user.resend_confirmation_instructions
|
|
299
|
-
assert_not_equal user.confirmation_token, old
|
|
300
|
-
end
|
|
301
|
-
|
|
302
|
-
test 'should call after_confirmation if confirmed' do
|
|
303
|
-
user = create_user
|
|
304
|
-
user.define_singleton_method :after_confirmation do
|
|
305
|
-
self.username = self.username.to_s + 'updated'
|
|
306
|
-
end
|
|
307
|
-
old = user.username
|
|
308
|
-
assert user.confirm
|
|
309
|
-
assert_not_equal user.username, old
|
|
310
|
-
end
|
|
311
|
-
|
|
312
|
-
test 'should not call after_confirmation if not confirmed' do
|
|
313
|
-
user = create_user
|
|
314
|
-
assert user.confirm
|
|
315
|
-
user.define_singleton_method :after_confirmation do
|
|
316
|
-
self.username = self.username.to_s + 'updated'
|
|
317
|
-
end
|
|
318
|
-
old = user.username
|
|
319
|
-
assert_not user.confirm
|
|
320
|
-
assert_equal user.username, old
|
|
321
|
-
end
|
|
322
|
-
|
|
323
|
-
test 'should always perform validations upon confirm when ensure valid true' do
|
|
324
|
-
admin = create_admin
|
|
325
|
-
admin.stubs(:valid?).returns(false)
|
|
326
|
-
assert_not admin.confirm(ensure_valid: true)
|
|
327
|
-
end
|
|
328
|
-
end
|
|
329
|
-
|
|
330
|
-
class ReconfirmableTest < ActiveSupport::TestCase
|
|
331
|
-
test 'should not worry about validations on confirm even with reconfirmable' do
|
|
332
|
-
admin = create_admin
|
|
333
|
-
admin.reset_password_token = "a"
|
|
334
|
-
assert admin.confirm
|
|
335
|
-
end
|
|
336
|
-
|
|
337
|
-
test 'should generate confirmation token after changing email' do
|
|
338
|
-
admin = create_admin
|
|
339
|
-
assert admin.confirm
|
|
340
|
-
residual_token = admin.confirmation_token
|
|
341
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
342
|
-
assert_not_equal residual_token, admin.confirmation_token
|
|
343
|
-
end
|
|
344
|
-
|
|
345
|
-
test 'should not regenerate confirmation token or require reconfirmation if skipping reconfirmation after changing email' do
|
|
346
|
-
admin = create_admin
|
|
347
|
-
original_token = admin.confirmation_token
|
|
348
|
-
assert admin.confirm
|
|
349
|
-
admin.skip_reconfirmation!
|
|
350
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
351
|
-
assert admin.confirmed?
|
|
352
|
-
assert_not admin.pending_reconfirmation?
|
|
353
|
-
assert_equal original_token, admin.confirmation_token
|
|
354
|
-
end
|
|
355
|
-
|
|
356
|
-
test 'should skip sending reconfirmation email when email is changed and skip_confirmation_notification! is invoked' do
|
|
357
|
-
admin = create_admin
|
|
358
|
-
admin.skip_confirmation_notification!
|
|
359
|
-
|
|
360
|
-
assert_email_not_sent do
|
|
361
|
-
admin.update_attributes(email: 'new_test@example.com')
|
|
362
|
-
end
|
|
363
|
-
end
|
|
364
|
-
|
|
365
|
-
test 'should regenerate confirmation token after changing email' do
|
|
366
|
-
admin = create_admin
|
|
367
|
-
assert admin.confirm
|
|
368
|
-
assert admin.update_attributes(email: 'old_test@example.com')
|
|
369
|
-
token = admin.confirmation_token
|
|
370
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
371
|
-
assert_not_equal token, admin.confirmation_token
|
|
372
|
-
end
|
|
373
|
-
|
|
374
|
-
test 'should send confirmation instructions by email after changing email' do
|
|
375
|
-
admin = create_admin
|
|
376
|
-
assert admin.confirm
|
|
377
|
-
assert_email_sent "new_test@example.com" do
|
|
378
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
379
|
-
end
|
|
380
|
-
assert_match "new_test@example.com", ActionMailer::Base.deliveries.last.body.encoded
|
|
381
|
-
end
|
|
382
|
-
|
|
383
|
-
test 'should not send confirmation by email after changing password' do
|
|
384
|
-
admin = create_admin
|
|
385
|
-
assert admin.confirm
|
|
386
|
-
assert_email_not_sent do
|
|
387
|
-
assert admin.update_attributes(password: 'newpass', password_confirmation: 'newpass')
|
|
388
|
-
end
|
|
389
|
-
end
|
|
390
|
-
|
|
391
|
-
test 'should not send confirmation by email after changing to a blank email' do
|
|
392
|
-
admin = create_admin
|
|
393
|
-
assert admin.confirm
|
|
394
|
-
assert_email_not_sent do
|
|
395
|
-
admin.email = ''
|
|
396
|
-
admin.save(validate: false)
|
|
397
|
-
end
|
|
398
|
-
end
|
|
399
|
-
|
|
400
|
-
test 'should stay confirmed when email is changed' do
|
|
401
|
-
admin = create_admin
|
|
402
|
-
assert admin.confirm
|
|
403
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
404
|
-
assert admin.confirmed?
|
|
405
|
-
end
|
|
406
|
-
|
|
407
|
-
test 'should update email only when it is confirmed' do
|
|
408
|
-
admin = create_admin
|
|
409
|
-
assert admin.confirm
|
|
410
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
411
|
-
assert_not_equal 'new_test@example.com', admin.email
|
|
412
|
-
assert admin.confirm
|
|
413
|
-
assert_equal 'new_test@example.com', admin.email
|
|
414
|
-
end
|
|
415
|
-
|
|
416
|
-
test 'should not allow admin to get past confirmation email by resubmitting their new address' do
|
|
417
|
-
admin = create_admin
|
|
418
|
-
assert admin.confirm
|
|
419
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
420
|
-
assert_not_equal 'new_test@example.com', admin.email
|
|
421
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
422
|
-
assert_not_equal 'new_test@example.com', admin.email
|
|
423
|
-
end
|
|
424
|
-
|
|
425
|
-
test 'should find a admin by send confirmation instructions with unconfirmed_email' do
|
|
426
|
-
admin = create_admin
|
|
427
|
-
assert admin.confirm
|
|
428
|
-
assert admin.update_attributes(email: 'new_test@example.com')
|
|
429
|
-
confirmation_admin = Admin.send_confirmation_instructions(email: admin.unconfirmed_email)
|
|
430
|
-
assert_equal confirmation_admin, admin
|
|
431
|
-
end
|
|
432
|
-
|
|
433
|
-
test 'should return a new admin if no email or unconfirmed_email was found' do
|
|
434
|
-
confirmation_admin = Admin.send_confirmation_instructions(email: "invalid@email.com")
|
|
435
|
-
assert_not confirmation_admin.persisted?
|
|
436
|
-
end
|
|
437
|
-
|
|
438
|
-
test 'should add error to new admin email if no email or unconfirmed_email was found' do
|
|
439
|
-
confirmation_admin = Admin.send_confirmation_instructions(email: "invalid@email.com")
|
|
440
|
-
assert confirmation_admin.errors[:email]
|
|
441
|
-
assert_equal "not found", confirmation_admin.errors[:email].join
|
|
442
|
-
end
|
|
443
|
-
|
|
444
|
-
test 'should find admin with email in unconfirmed_emails' do
|
|
445
|
-
admin = create_admin
|
|
446
|
-
admin.unconfirmed_email = "new_test@email.com"
|
|
447
|
-
assert admin.save
|
|
448
|
-
admin = Admin.find_by_unconfirmed_email_with_errors(email: "new_test@email.com")
|
|
449
|
-
assert admin.persisted?
|
|
450
|
-
end
|
|
451
|
-
|
|
452
|
-
test 'required_fields should contain the fields that Devise uses' do
|
|
453
|
-
assert_same_content Devise::Models::Confirmable.required_fields(User), [
|
|
454
|
-
:confirmation_sent_at,
|
|
455
|
-
:confirmation_token,
|
|
456
|
-
:confirmed_at
|
|
457
|
-
]
|
|
458
|
-
end
|
|
459
|
-
|
|
460
|
-
test 'required_fields should also contain unconfirmable when reconfirmable_email is true' do
|
|
461
|
-
assert_same_content Devise::Models::Confirmable.required_fields(Admin), [
|
|
462
|
-
:confirmation_sent_at,
|
|
463
|
-
:confirmation_token,
|
|
464
|
-
:confirmed_at,
|
|
465
|
-
:unconfirmed_email
|
|
466
|
-
]
|
|
467
|
-
end
|
|
468
|
-
end
|