devise 3.5.10 → 4.0.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +9 -9
- data/CHANGELOG.md +33 -1188
- data/Gemfile +0 -1
- data/Gemfile.lock +15 -18
- data/MIT-LICENSE +1 -1
- data/README.md +20 -10
- data/app/controllers/devise/omniauth_callbacks_controller.rb +4 -4
- data/app/controllers/devise/passwords_controller.rb +2 -2
- data/app/controllers/devise/registrations_controller.rb +2 -2
- data/app/controllers/devise/sessions_controller.rb +4 -4
- data/app/controllers/devise/unlocks_controller.rb +1 -1
- data/app/controllers/devise_controller.rb +11 -7
- data/devise.gemspec +2 -3
- data/gemfiles/Gemfile.rails-4.1-stable +0 -1
- data/gemfiles/Gemfile.rails-4.1-stable.lock +38 -41
- data/gemfiles/Gemfile.rails-4.2-stable +0 -1
- data/gemfiles/Gemfile.rails-4.2-stable.lock +47 -50
- data/gemfiles/Gemfile.rails-5.0-beta +37 -0
- data/gemfiles/Gemfile.rails-5.0-beta.lock +242 -0
- data/lib/devise.rb +8 -8
- data/lib/devise/controllers/helpers.rb +7 -11
- data/lib/devise/failure_app.rb +17 -9
- data/lib/devise/models/authenticatable.rb +5 -1
- data/lib/devise/models/confirmable.rb +3 -4
- data/lib/devise/models/database_authenticatable.rb +1 -0
- data/lib/devise/models/lockable.rb +1 -5
- data/lib/devise/models/rememberable.rb +5 -11
- data/lib/devise/parameter_sanitizer.rb +176 -61
- data/lib/devise/rails.rb +1 -10
- data/lib/devise/rails/routes.rb +25 -14
- data/lib/devise/rails/warden_compat.rb +1 -10
- data/lib/devise/strategies/rememberable.rb +6 -3
- data/lib/devise/test_helpers.rb +9 -4
- data/lib/devise/token_generator.rb +1 -41
- data/lib/devise/version.rb +1 -1
- data/lib/generators/active_record/devise_generator.rb +3 -3
- data/lib/generators/active_record/templates/migration.rb +1 -1
- data/lib/generators/active_record/templates/migration_existing.rb +1 -1
- data/lib/generators/devise/orm_helpers.rb +0 -17
- data/lib/generators/templates/controllers/registrations_controller.rb +4 -4
- data/lib/generators/templates/controllers/sessions_controller.rb +2 -2
- data/lib/generators/templates/devise.rb +4 -5
- data/test/controllers/custom_registrations_controller_test.rb +5 -5
- data/test/controllers/custom_strategy_test.rb +7 -5
- data/test/controllers/helper_methods_test.rb +3 -2
- data/test/controllers/helpers_test.rb +1 -1
- data/test/controllers/inherited_controller_i18n_messages_test.rb +2 -2
- data/test/controllers/internal_helpers_test.rb +8 -10
- data/test/controllers/load_hooks_controller_test.rb +1 -1
- data/test/controllers/passwords_controller_test.rb +4 -3
- data/test/controllers/sessions_controller_test.rb +21 -18
- data/test/controllers/url_helpers_test.rb +1 -1
- data/test/failure_app_test.rb +19 -14
- data/test/generators/active_record_generator_test.rb +0 -26
- data/test/helpers/devise_helper_test.rb +1 -1
- data/test/integration/authenticatable_test.rb +18 -18
- data/test/integration/confirmable_test.rb +5 -5
- data/test/integration/database_authenticatable_test.rb +1 -1
- data/test/integration/http_authenticatable_test.rb +4 -5
- data/test/integration/lockable_test.rb +4 -3
- data/test/integration/omniauthable_test.rb +1 -1
- data/test/integration/recoverable_test.rb +10 -10
- data/test/integration/registerable_test.rb +9 -11
- data/test/integration/rememberable_test.rb +7 -43
- data/test/integration/timeoutable_test.rb +4 -4
- data/test/integration/trackable_test.rb +1 -1
- data/test/models/confirmable_test.rb +5 -13
- data/test/models/lockable_test.rb +0 -22
- data/test/models/rememberable_test.rb +0 -12
- data/test/models/validatable_test.rb +2 -10
- data/test/omniauth/url_helpers_test.rb +1 -2
- data/test/orm/active_record.rb +6 -1
- data/test/parameter_sanitizer_test.rb +103 -53
- data/test/rails_app/app/active_record/user.rb +3 -0
- data/test/rails_app/app/controllers/admins_controller.rb +1 -1
- data/test/rails_app/app/controllers/application_controller.rb +2 -2
- data/test/rails_app/app/controllers/home_controller.rb +5 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +2 -2
- data/test/rails_app/app/controllers/users_controller.rb +5 -5
- data/test/rails_app/config/application.rb +1 -1
- data/test/rails_app/config/boot.rb +3 -3
- data/test/rails_app/config/environments/test.rb +6 -1
- data/test/rails_app/config/initializers/secret_token.rb +1 -6
- data/test/routes_test.rb +26 -11
- data/test/support/http_method_compatibility.rb +51 -0
- data/test/support/webrat/integrations/rails.rb +9 -0
- data/test/test_helpers_test.rb +3 -3
- metadata +13 -31
- data/gemfiles/Gemfile.rails-3.2-stable +0 -29
- data/gemfiles/Gemfile.rails-3.2-stable.lock +0 -172
- data/gemfiles/Gemfile.rails-4.0-stable +0 -30
- data/gemfiles/Gemfile.rails-4.0-stable.lock +0 -166
- data/script/cached-bundle +0 -49
- data/script/s3-put +0 -71
- data/test/time_helpers.rb +0 -137
data/lib/devise/rails.rb
CHANGED
@@ -39,18 +39,9 @@ module Devise
|
|
39
39
|
Devise.token_generator ||=
|
40
40
|
if secret_key = Devise.secret_key
|
41
41
|
Devise::TokenGenerator.new(
|
42
|
-
|
42
|
+
ActiveSupport::CachingKeyGenerator.new(ActiveSupport::KeyGenerator.new(secret_key))
|
43
43
|
)
|
44
44
|
end
|
45
45
|
end
|
46
|
-
|
47
|
-
initializer "devise.fix_routes_proxy_missing_respond_to_bug" do
|
48
|
-
# Deprecate: Remove once we move to Rails 4 only.
|
49
|
-
ActionDispatch::Routing::RoutesProxy.class_eval do
|
50
|
-
def respond_to?(method, include_private = false)
|
51
|
-
super || routes.url_helpers.respond_to?(method)
|
52
|
-
end
|
53
|
-
end
|
54
|
-
end
|
55
46
|
end
|
56
47
|
end
|
data/lib/devise/rails/routes.rb
CHANGED
@@ -1,13 +1,10 @@
|
|
1
1
|
require "active_support/core_ext/object/try"
|
2
2
|
require "active_support/core_ext/hash/slice"
|
3
3
|
|
4
|
-
module
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
def finalize_with_devise!
|
9
|
-
result = finalize_without_devise!
|
10
|
-
|
4
|
+
module Devise
|
5
|
+
module RouteSet
|
6
|
+
def finalize!
|
7
|
+
result = super
|
11
8
|
@devise_finalized ||= begin
|
12
9
|
if Devise.router_name.nil? && defined?(@devise_finalized) && self != Rails.application.try(:routes)
|
13
10
|
warn "[DEVISE] We have detected that you are using devise_for inside engine routes. " \
|
@@ -21,10 +18,16 @@ module ActionDispatch::Routing
|
|
21
18
|
Devise.regenerate_helpers!
|
22
19
|
true
|
23
20
|
end
|
24
|
-
|
25
21
|
result
|
26
22
|
end
|
27
|
-
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
module ActionDispatch::Routing
|
27
|
+
class RouteSet #:nodoc:
|
28
|
+
# Ensure Devise modules are included only after loading routes, because we
|
29
|
+
# need devise_for mappings already declared to create filters and helpers.
|
30
|
+
prepend Devise::RouteSet
|
28
31
|
end
|
29
32
|
|
30
33
|
class Mapper
|
@@ -105,7 +108,7 @@ module ActionDispatch::Routing
|
|
105
108
|
# end
|
106
109
|
#
|
107
110
|
# class ManagerController < ApplicationController
|
108
|
-
#
|
111
|
+
# before_action authenticate_manager!
|
109
112
|
#
|
110
113
|
# def show
|
111
114
|
# @manager = current_manager
|
@@ -428,8 +431,12 @@ options to another `devise_for` call outside the scope. Here is an example:
|
|
428
431
|
end
|
429
432
|
ERROR
|
430
433
|
end
|
431
|
-
|
432
|
-
|
434
|
+
current_scope = @scope.dup
|
435
|
+
if @scope.respond_to? :new
|
436
|
+
@scope = @scope.new path: nil
|
437
|
+
else
|
438
|
+
@scope[:path] = nil
|
439
|
+
end
|
433
440
|
path_prefix = Devise.omniauth_path_prefix || "/#{mapping.fullpath}/auth".squeeze("/")
|
434
441
|
|
435
442
|
set_omniauth_path_prefix!(path_prefix)
|
@@ -448,7 +455,7 @@ ERROR
|
|
448
455
|
as: :omniauth_callback,
|
449
456
|
via: [:get, :post]
|
450
457
|
ensure
|
451
|
-
@scope
|
458
|
+
@scope = current_scope
|
452
459
|
end
|
453
460
|
|
454
461
|
def with_devise_exclusive_scope(new_path, new_as, options) #:nodoc:
|
@@ -457,7 +464,11 @@ ERROR
|
|
457
464
|
exclusive = { as: new_as, path: new_path, module: nil }
|
458
465
|
exclusive.merge!(options.slice(:constraints, :defaults, :options))
|
459
466
|
|
460
|
-
|
467
|
+
if @scope.respond_to? :new
|
468
|
+
@scope = @scope.new exclusive
|
469
|
+
else
|
470
|
+
exclusive.each_pair { |key, value| @scope[key] = value }
|
471
|
+
end
|
461
472
|
yield
|
462
473
|
ensure
|
463
474
|
@scope = current_scope
|
@@ -3,17 +3,8 @@ module Warden::Mixins::Common
|
|
3
3
|
@request ||= ActionDispatch::Request.new(env)
|
4
4
|
end
|
5
5
|
|
6
|
-
# Deprecate: Remove this check once we move to Rails 4 only.
|
7
|
-
NULL_STORE =
|
8
|
-
defined?(ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullSessionHash) ?
|
9
|
-
ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullSessionHash : nil
|
10
|
-
|
11
6
|
def reset_session!
|
12
|
-
|
13
|
-
# This is a bug that needs to be fixed in Rails.
|
14
|
-
unless NULL_STORE && request.session.is_a?(NULL_STORE)
|
15
|
-
request.reset_session
|
16
|
-
end
|
7
|
+
request.reset_session
|
17
8
|
end
|
18
9
|
|
19
10
|
def cookies
|
@@ -25,7 +25,8 @@ module Devise
|
|
25
25
|
end
|
26
26
|
|
27
27
|
if validate(resource)
|
28
|
-
remember_me(resource)
|
28
|
+
remember_me(resource)
|
29
|
+
extend_remember_me_period(resource)
|
29
30
|
resource.after_remembered
|
30
31
|
success!(resource)
|
31
32
|
end
|
@@ -42,8 +43,10 @@ module Devise
|
|
42
43
|
|
43
44
|
private
|
44
45
|
|
45
|
-
def
|
46
|
-
resource.respond_to?(:extend_remember_period)
|
46
|
+
def extend_remember_me_period(resource)
|
47
|
+
if resource.respond_to?(:extend_remember_period=)
|
48
|
+
resource.extend_remember_period = mapping.to.extend_remember_period
|
49
|
+
end
|
47
50
|
end
|
48
51
|
|
49
52
|
def remember_me?
|
data/lib/devise/test_helpers.rb
CHANGED
@@ -16,7 +16,10 @@ module Devise
|
|
16
16
|
# Override process to consider warden.
|
17
17
|
def process(*)
|
18
18
|
# Make sure we always return @response, a la ActionController::TestCase::Behaviour#process, even if warden interrupts
|
19
|
-
_catch_warden { super } || @response
|
19
|
+
_catch_warden { super } # || @response # _catch_warden will setup the @response object
|
20
|
+
|
21
|
+
# process needs to return the ActionDispath::TestResponse object
|
22
|
+
@response
|
20
23
|
end
|
21
24
|
|
22
25
|
# We need to setup the environment variables and the response in the controller.
|
@@ -109,8 +112,9 @@ module Devise
|
|
109
112
|
|
110
113
|
status, headers, response = Devise.warden_config[:failure_app].call(env).to_a
|
111
114
|
@controller.response.headers.merge!(headers)
|
112
|
-
|
113
|
-
|
115
|
+
r_opts = { status: status, content_type: headers["Content-Type"], location: headers["Location"] }
|
116
|
+
r_opts[Rails.version.start_with?('5') ? :body : :text] = response.body
|
117
|
+
@controller.send :render, r_opts
|
114
118
|
nil # causes process return @response
|
115
119
|
end
|
116
120
|
|
@@ -122,7 +126,8 @@ module Devise
|
|
122
126
|
# ensure the controller response is set to our response.
|
123
127
|
@controller.response ||= @response
|
124
128
|
@response.status = ret.first
|
125
|
-
@response.headers
|
129
|
+
@response.headers.clear
|
130
|
+
ret.second.each { |k,v| @response[k] = v }
|
126
131
|
@response.body = ret.third
|
127
132
|
end
|
128
133
|
|
@@ -1,11 +1,8 @@
|
|
1
|
-
# Deprecate: Copied verbatim from Rails source, remove once we move to Rails 4 only.
|
2
|
-
require 'thread_safe'
|
3
1
|
require 'openssl'
|
4
|
-
require 'securerandom'
|
5
2
|
|
6
3
|
module Devise
|
7
4
|
class TokenGenerator
|
8
|
-
def initialize(key_generator, digest="SHA256")
|
5
|
+
def initialize(key_generator, digest = "SHA256")
|
9
6
|
@key_generator = key_generator
|
10
7
|
@digest = digest
|
11
8
|
end
|
@@ -30,41 +27,4 @@ module Devise
|
|
30
27
|
@key_generator.generate_key("Devise #{column}")
|
31
28
|
end
|
32
29
|
end
|
33
|
-
|
34
|
-
# KeyGenerator is a simple wrapper around OpenSSL's implementation of PBKDF2
|
35
|
-
# It can be used to derive a number of keys for various purposes from a given secret.
|
36
|
-
# This lets Rails applications have a single secure secret, but avoid reusing that
|
37
|
-
# key in multiple incompatible contexts.
|
38
|
-
class KeyGenerator
|
39
|
-
def initialize(secret, options = {})
|
40
|
-
@secret = secret
|
41
|
-
# The default iterations are higher than required for our key derivation uses
|
42
|
-
# on the off chance someone uses this for password storage
|
43
|
-
@iterations = options[:iterations] || 2**16
|
44
|
-
end
|
45
|
-
|
46
|
-
# Returns a derived key suitable for use. The default key_size is chosen
|
47
|
-
# to be compatible with the default settings of ActiveSupport::MessageVerifier.
|
48
|
-
# i.e. OpenSSL::Digest::SHA1#block_length
|
49
|
-
def generate_key(salt, key_size=64)
|
50
|
-
OpenSSL::PKCS5.pbkdf2_hmac_sha1(@secret, salt, @iterations, key_size)
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
# CachingKeyGenerator is a wrapper around KeyGenerator which allows users to avoid
|
55
|
-
# re-executing the key generation process when it's called using the same salt and
|
56
|
-
# key_size
|
57
|
-
class CachingKeyGenerator
|
58
|
-
def initialize(key_generator)
|
59
|
-
@key_generator = key_generator
|
60
|
-
@cache_keys = ThreadSafe::Cache.new
|
61
|
-
end
|
62
|
-
|
63
|
-
# Returns a derived key suitable for use. The default key_size is chosen
|
64
|
-
# to be compatible with the default settings of ActiveSupport::MessageVerifier.
|
65
|
-
# i.e. OpenSSL::Digest::SHA1#block_length
|
66
|
-
def generate_key(salt, key_size=64)
|
67
|
-
@cache_keys["#{salt}#{key_size}"] ||= @key_generator.generate_key(salt, key_size)
|
68
|
-
end
|
69
|
-
end
|
70
30
|
end
|
data/lib/devise/version.rb
CHANGED
@@ -8,27 +8,10 @@ module Devise
|
|
8
8
|
devise :database_authenticatable, :registerable,
|
9
9
|
:recoverable, :rememberable, :trackable, :validatable
|
10
10
|
|
11
|
-
CONTENT
|
12
|
-
buffer += <<-CONTENT if needs_attr_accessible?
|
13
|
-
# Setup accessible (or protected) attributes for your model
|
14
|
-
attr_accessible :email, :password, :password_confirmation, :remember_me
|
15
|
-
|
16
11
|
CONTENT
|
17
12
|
buffer
|
18
13
|
end
|
19
14
|
|
20
|
-
def needs_attr_accessible?
|
21
|
-
rails_3? && !strong_parameters_enabled?
|
22
|
-
end
|
23
|
-
|
24
|
-
def rails_3?
|
25
|
-
Rails::VERSION::MAJOR == 3
|
26
|
-
end
|
27
|
-
|
28
|
-
def strong_parameters_enabled?
|
29
|
-
defined?(ActionController::StrongParameters)
|
30
|
-
end
|
31
|
-
|
32
15
|
private
|
33
16
|
|
34
17
|
def model_exists?
|
@@ -1,6 +1,6 @@
|
|
1
1
|
class <%= @scope_prefix %>RegistrationsController < Devise::RegistrationsController
|
2
|
-
#
|
3
|
-
#
|
2
|
+
# before_action :configure_sign_up_params, only: [:create]
|
3
|
+
# before_action :configure_account_update_params, only: [:update]
|
4
4
|
|
5
5
|
# GET /resource/sign_up
|
6
6
|
# def new
|
@@ -40,12 +40,12 @@ class <%= @scope_prefix %>RegistrationsController < Devise::RegistrationsControl
|
|
40
40
|
|
41
41
|
# If you have extra params to permit, append them to the sanitizer.
|
42
42
|
# def configure_sign_up_params
|
43
|
-
# devise_parameter_sanitizer.
|
43
|
+
# devise_parameter_sanitizer.permit(:sign_up, keys: [:attribute])
|
44
44
|
# end
|
45
45
|
|
46
46
|
# If you have extra params to permit, append them to the sanitizer.
|
47
47
|
# def configure_account_update_params
|
48
|
-
# devise_parameter_sanitizer.
|
48
|
+
# devise_parameter_sanitizer.permit(:account_update, keys: [:attribute])
|
49
49
|
# end
|
50
50
|
|
51
51
|
# The path used after sign up.
|
@@ -1,5 +1,5 @@
|
|
1
1
|
class <%= @scope_prefix %>SessionsController < Devise::SessionsController
|
2
|
-
#
|
2
|
+
# before_action :configure_sign_in_params, only: [:create]
|
3
3
|
|
4
4
|
# GET /resource/sign_in
|
5
5
|
# def new
|
@@ -20,6 +20,6 @@ class <%= @scope_prefix %>SessionsController < Devise::SessionsController
|
|
20
20
|
|
21
21
|
# If you have extra params to permit, append them to the sanitizer.
|
22
22
|
# def configure_sign_in_params
|
23
|
-
# devise_parameter_sanitizer.
|
23
|
+
# devise_parameter_sanitizer.permit(:sign_in, keys: [:attribute])
|
24
24
|
# end
|
25
25
|
end
|
@@ -4,13 +4,9 @@ Devise.setup do |config|
|
|
4
4
|
# The secret key used by Devise. Devise uses this key to generate
|
5
5
|
# random tokens. Changing this key will render invalid all existing
|
6
6
|
# confirmation, reset password and unlock tokens in the database.
|
7
|
-
# Devise will use the `secret_key_base`
|
7
|
+
# Devise will use the `secret_key_base` as its `secret_key`
|
8
8
|
# by default. You can change it below and use your own secret key.
|
9
|
-
<% if rails_4? -%>
|
10
9
|
# config.secret_key = '<%= SecureRandom.hex(64) %>'
|
11
|
-
<% else -%>
|
12
|
-
config.secret_key = '<%= SecureRandom.hex(64) %>'
|
13
|
-
<% end -%>
|
14
10
|
|
15
11
|
# ==> Mailer Configuration
|
16
12
|
# Configure the e-mail address which will be shown in Devise::Mailer,
|
@@ -21,6 +17,9 @@ Devise.setup do |config|
|
|
21
17
|
# Configure the class responsible to send e-mails.
|
22
18
|
# config.mailer = 'Devise::Mailer'
|
23
19
|
|
20
|
+
# Configure the parent class responsible to send e-mails.
|
21
|
+
# config.parent_mailer = 'ActionMailer::Base'
|
22
|
+
|
24
23
|
# ==> ORM configuration
|
25
24
|
# Load and configure the ORM. Supports :active_record (default) and
|
26
25
|
# :mongoid (bson_ext recommended) by default. Other ORMs may be
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'test_helper'
|
2
2
|
|
3
|
-
class CustomRegistrationsControllerTest <
|
3
|
+
class CustomRegistrationsControllerTest < Devise::ControllerTestCase
|
4
4
|
tests Custom::RegistrationsController
|
5
5
|
|
6
6
|
include Devise::TestHelpers
|
@@ -12,24 +12,24 @@ class CustomRegistrationsControllerTest < ActionController::TestCase
|
|
12
12
|
end
|
13
13
|
|
14
14
|
test "yield resource to block on create success" do
|
15
|
-
post :create, { user: { email: "user@example.org", password: "password", password_confirmation: "password" } }
|
15
|
+
post :create, params: { user: { email: "user@example.org", password: "password", password_confirmation: "password" } }
|
16
16
|
assert @controller.create_block_called?, "create failed to yield resource to provided block"
|
17
17
|
end
|
18
18
|
|
19
19
|
test "yield resource to block on create failure" do
|
20
|
-
post :create, { user: { } }
|
20
|
+
post :create, params: { user: { } }
|
21
21
|
assert @controller.create_block_called?, "create failed to yield resource to provided block"
|
22
22
|
end
|
23
23
|
|
24
24
|
test "yield resource to block on update success" do
|
25
25
|
sign_in @user
|
26
|
-
put :update, { user: { current_password: @password } }
|
26
|
+
put :update, params: { user: { current_password: @password } }
|
27
27
|
assert @controller.update_block_called?, "update failed to yield resource to provided block"
|
28
28
|
end
|
29
29
|
|
30
30
|
test "yield resource to block on update failure" do
|
31
31
|
sign_in @user
|
32
|
-
put :update, { user: { } }
|
32
|
+
put :update, params: { user: { } }
|
33
33
|
assert @controller.update_block_called?, "update failed to yield resource to provided block"
|
34
34
|
end
|
35
35
|
|
@@ -24,7 +24,7 @@ class CustomStrategy < Warden::Strategies::Base
|
|
24
24
|
end
|
25
25
|
end
|
26
26
|
|
27
|
-
class CustomStrategyTest <
|
27
|
+
class CustomStrategyTest < Devise::ControllerTestCase
|
28
28
|
tests CustomStrategyController
|
29
29
|
|
30
30
|
include Devise::TestHelpers
|
@@ -41,8 +41,9 @@ class CustomStrategyTest < ActionController::TestCase
|
|
41
41
|
ret = get :new
|
42
42
|
|
43
43
|
# check the returned rack array
|
44
|
-
assert ret.is_a?(Array)
|
45
|
-
assert_equal 400, ret.first
|
44
|
+
# assert ret.is_a?(Array)
|
45
|
+
# assert_equal 400, ret.first
|
46
|
+
assert ret.is_a?(ActionDispatch::TestResponse)
|
46
47
|
|
47
48
|
# check the saved response as well. This is purely so that the response is available to the testing framework
|
48
49
|
# for verification. In production, the above array would be delivered directly to Rack.
|
@@ -53,8 +54,9 @@ class CustomStrategyTest < ActionController::TestCase
|
|
53
54
|
ret = get :new
|
54
55
|
|
55
56
|
# check the returned rack array
|
56
|
-
assert ret.is_a?(Array)
|
57
|
-
assert_equal ret.third['X-FOO'], 'BAR'
|
57
|
+
# assert ret.is_a?(Array)
|
58
|
+
# assert_equal ret.third['X-FOO'], 'BAR'
|
59
|
+
assert ret.is_a?(ActionDispatch::TestResponse)
|
58
60
|
|
59
61
|
# check the saved response headers as well.
|
60
62
|
assert_equal response.headers['X-FOO'], 'BAR'
|
@@ -4,14 +4,15 @@ class ApiController < ActionController::Metal
|
|
4
4
|
include Devise::Controllers::Helpers
|
5
5
|
end
|
6
6
|
|
7
|
-
class HelperMethodsTest <
|
7
|
+
class HelperMethodsTest < Devise::ControllerTestCase
|
8
8
|
tests ApiController
|
9
9
|
|
10
10
|
test 'includes Devise::Controllers::Helpers' do
|
11
11
|
assert_includes @controller.class.ancestors, Devise::Controllers::Helpers
|
12
12
|
end
|
13
13
|
|
14
|
-
test 'does not respond_to helper_method' do
|
14
|
+
test 'does not respond_to helper or helper_method' do
|
15
|
+
refute_respond_to @controller.class, :helper
|
15
16
|
refute_respond_to @controller.class, :helper_method
|
16
17
|
end
|
17
18
|
|