devise 3.5.10 → 4.6.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +240 -1147
- data/MIT-LICENSE +1 -1
- data/README.md +240 -65
- data/app/controllers/devise/confirmations_controller.rb +3 -1
- data/app/controllers/devise/omniauth_callbacks_controller.rb +8 -6
- data/app/controllers/devise/passwords_controller.rb +7 -4
- data/app/controllers/devise/registrations_controller.rb +39 -18
- data/app/controllers/devise/sessions_controller.rb +9 -7
- data/app/controllers/devise/unlocks_controller.rb +4 -2
- data/app/controllers/devise_controller.rb +23 -10
- data/app/helpers/devise_helper.rb +12 -19
- data/app/mailers/devise/mailer.rb +6 -0
- data/app/views/devise/confirmations/new.html.erb +2 -2
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/passwords/edit.html.erb +2 -2
- data/app/views/devise/passwords/new.html.erb +2 -2
- data/app/views/devise/registrations/edit.html.erb +9 -5
- data/app/views/devise/registrations/new.html.erb +4 -4
- data/app/views/devise/sessions/new.html.erb +4 -4
- data/app/views/devise/shared/_error_messages.html.erb +15 -0
- data/app/views/devise/shared/_links.html.erb +7 -7
- data/app/views/devise/unlocks/new.html.erb +2 -2
- data/config/locales/en.yml +3 -0
- data/lib/devise/controllers/helpers.rb +23 -20
- data/lib/devise/controllers/rememberable.rb +3 -1
- data/lib/devise/controllers/scoped_views.rb +2 -0
- data/lib/devise/controllers/sign_in_out.rb +34 -11
- data/lib/devise/controllers/store_location.rb +25 -7
- data/lib/devise/controllers/url_helpers.rb +2 -0
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +6 -4
- data/lib/devise/failure_app.rb +81 -37
- data/lib/devise/hooks/activatable.rb +2 -0
- data/lib/devise/hooks/csrf_cleaner.rb +2 -0
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +6 -1
- data/lib/devise/hooks/proxy.rb +3 -1
- data/lib/devise/hooks/rememberable.rb +2 -0
- data/lib/devise/hooks/timeoutable.rb +2 -0
- data/lib/devise/hooks/trackable.rb +2 -0
- data/lib/devise/mailers/helpers.rb +7 -4
- data/lib/devise/mapping.rb +2 -0
- data/lib/devise/models/authenticatable.rb +51 -25
- data/lib/devise/models/confirmable.rb +76 -27
- data/lib/devise/models/database_authenticatable.rb +91 -23
- data/lib/devise/models/lockable.rb +10 -4
- data/lib/devise/models/omniauthable.rb +2 -0
- data/lib/devise/models/recoverable.rb +31 -19
- data/lib/devise/models/registerable.rb +4 -0
- data/lib/devise/models/rememberable.rb +5 -10
- data/lib/devise/models/timeoutable.rb +2 -0
- data/lib/devise/models/trackable.rb +15 -1
- data/lib/devise/models/validatable.rb +10 -3
- data/lib/devise/models.rb +3 -1
- data/lib/devise/modules.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +4 -0
- data/lib/devise/parameter_sanitizer.rb +139 -65
- data/lib/devise/rails/routes.rb +42 -31
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/rails.rb +7 -16
- data/lib/devise/secret_key_finder.rb +27 -0
- data/lib/devise/strategies/authenticatable.rb +2 -0
- data/lib/devise/strategies/base.rb +2 -0
- data/lib/devise/strategies/database_authenticatable.rb +11 -4
- data/lib/devise/strategies/rememberable.rb +2 -0
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +2 -0
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/devise.rb +61 -40
- data/lib/generators/active_record/devise_generator.rb +29 -10
- data/lib/generators/active_record/templates/migration.rb +4 -2
- data/lib/generators/active_record/templates/migration_existing.rb +4 -2
- data/lib/generators/devise/controllers_generator.rb +3 -1
- data/lib/generators/devise/devise_generator.rb +4 -2
- data/lib/generators/devise/install_generator.rb +17 -0
- data/lib/generators/devise/orm_helpers.rb +10 -21
- data/lib/generators/devise/views_generator.rb +7 -8
- data/lib/generators/mongoid/devise_generator.rb +7 -5
- data/lib/generators/templates/README +1 -8
- data/lib/generators/templates/controllers/confirmations_controller.rb +2 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +2 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +2 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +6 -4
- data/lib/generators/templates/controllers/sessions_controller.rb +4 -2
- data/lib/generators/templates/controllers/unlocks_controller.rb +2 -0
- data/lib/generators/templates/devise.rb +50 -20
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +2 -2
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +5 -1
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +6 -1
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +4 -1
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +11 -3
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +11 -3
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +7 -2
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +4 -1
- metadata +15 -307
- data/.gitignore +0 -10
- data/.travis.yml +0 -44
- data/.yardopts +0 -9
- data/CODE_OF_CONDUCT.md +0 -22
- data/CONTRIBUTING.md +0 -16
- data/Gemfile +0 -30
- data/Gemfile.lock +0 -187
- data/Rakefile +0 -36
- data/devise.gemspec +0 -27
- data/devise.png +0 -0
- data/gemfiles/Gemfile.rails-3.2-stable +0 -29
- data/gemfiles/Gemfile.rails-3.2-stable.lock +0 -172
- data/gemfiles/Gemfile.rails-4.0-stable +0 -30
- data/gemfiles/Gemfile.rails-4.0-stable.lock +0 -166
- data/gemfiles/Gemfile.rails-4.1-stable +0 -30
- data/gemfiles/Gemfile.rails-4.1-stable.lock +0 -171
- data/gemfiles/Gemfile.rails-4.2-stable +0 -30
- data/gemfiles/Gemfile.rails-4.2-stable.lock +0 -193
- data/script/cached-bundle +0 -49
- data/script/s3-put +0 -71
- data/test/controllers/custom_registrations_controller_test.rb +0 -40
- data/test/controllers/custom_strategy_test.rb +0 -62
- data/test/controllers/helper_methods_test.rb +0 -21
- data/test/controllers/helpers_test.rb +0 -316
- data/test/controllers/inherited_controller_i18n_messages_test.rb +0 -51
- data/test/controllers/internal_helpers_test.rb +0 -129
- data/test/controllers/load_hooks_controller_test.rb +0 -19
- data/test/controllers/passwords_controller_test.rb +0 -31
- data/test/controllers/sessions_controller_test.rb +0 -103
- data/test/controllers/url_helpers_test.rb +0 -65
- data/test/delegator_test.rb +0 -19
- data/test/devise_test.rb +0 -107
- data/test/failure_app_test.rb +0 -315
- data/test/generators/active_record_generator_test.rb +0 -109
- data/test/generators/controllers_generator_test.rb +0 -48
- data/test/generators/devise_generator_test.rb +0 -39
- data/test/generators/install_generator_test.rb +0 -13
- data/test/generators/mongoid_generator_test.rb +0 -23
- data/test/generators/views_generator_test.rb +0 -103
- data/test/helpers/devise_helper_test.rb +0 -49
- data/test/integration/authenticatable_test.rb +0 -729
- data/test/integration/confirmable_test.rb +0 -324
- data/test/integration/database_authenticatable_test.rb +0 -95
- data/test/integration/http_authenticatable_test.rb +0 -105
- data/test/integration/lockable_test.rb +0 -239
- data/test/integration/omniauthable_test.rb +0 -135
- data/test/integration/recoverable_test.rb +0 -347
- data/test/integration/registerable_test.rb +0 -359
- data/test/integration/rememberable_test.rb +0 -214
- data/test/integration/timeoutable_test.rb +0 -184
- data/test/integration/trackable_test.rb +0 -92
- data/test/mailers/confirmation_instructions_test.rb +0 -115
- data/test/mailers/reset_password_instructions_test.rb +0 -96
- data/test/mailers/unlock_instructions_test.rb +0 -91
- data/test/mapping_test.rb +0 -134
- data/test/models/authenticatable_test.rb +0 -23
- data/test/models/confirmable_test.rb +0 -511
- data/test/models/database_authenticatable_test.rb +0 -269
- data/test/models/lockable_test.rb +0 -350
- data/test/models/omniauthable_test.rb +0 -7
- data/test/models/recoverable_test.rb +0 -251
- data/test/models/registerable_test.rb +0 -7
- data/test/models/rememberable_test.rb +0 -169
- data/test/models/serializable_test.rb +0 -49
- data/test/models/timeoutable_test.rb +0 -51
- data/test/models/trackable_test.rb +0 -41
- data/test/models/validatable_test.rb +0 -127
- data/test/models_test.rb +0 -153
- data/test/omniauth/config_test.rb +0 -57
- data/test/omniauth/url_helpers_test.rb +0 -54
- data/test/orm/active_record.rb +0 -10
- data/test/orm/mongoid.rb +0 -13
- data/test/parameter_sanitizer_test.rb +0 -81
- data/test/rails_app/Rakefile +0 -6
- data/test/rails_app/app/active_record/admin.rb +0 -6
- data/test/rails_app/app/active_record/shim.rb +0 -2
- data/test/rails_app/app/active_record/user.rb +0 -6
- data/test/rails_app/app/active_record/user_on_engine.rb +0 -7
- data/test/rails_app/app/active_record/user_on_main_app.rb +0 -7
- data/test/rails_app/app/active_record/user_without_email.rb +0 -8
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +0 -6
- data/test/rails_app/app/controllers/admins_controller.rb +0 -6
- data/test/rails_app/app/controllers/application_controller.rb +0 -12
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +0 -30
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +0 -31
- data/test/rails_app/app/controllers/home_controller.rb +0 -25
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +0 -2
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +0 -2
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +0 -14
- data/test/rails_app/app/controllers/users_controller.rb +0 -31
- data/test/rails_app/app/helpers/application_helper.rb +0 -3
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +0 -3
- data/test/rails_app/app/mailers/users/mailer.rb +0 -3
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +0 -4
- data/test/rails_app/app/mongoid/admin.rb +0 -29
- data/test/rails_app/app/mongoid/shim.rb +0 -23
- data/test/rails_app/app/mongoid/user.rb +0 -39
- data/test/rails_app/app/mongoid/user_on_engine.rb +0 -39
- data/test/rails_app/app/mongoid/user_on_main_app.rb +0 -39
- data/test/rails_app/app/mongoid/user_without_email.rb +0 -33
- data/test/rails_app/app/views/admins/index.html.erb +0 -1
- data/test/rails_app/app/views/admins/sessions/new.html.erb +0 -2
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +0 -1
- data/test/rails_app/app/views/home/index.html.erb +0 -1
- data/test/rails_app/app/views/home/join.html.erb +0 -1
- data/test/rails_app/app/views/home/private.html.erb +0 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +0 -1
- data/test/rails_app/app/views/layouts/application.html.erb +0 -24
- data/test/rails_app/app/views/users/edit_form.html.erb +0 -1
- data/test/rails_app/app/views/users/index.html.erb +0 -1
- data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +0 -1
- data/test/rails_app/app/views/users/sessions/new.html.erb +0 -1
- data/test/rails_app/bin/bundle +0 -3
- data/test/rails_app/bin/rails +0 -4
- data/test/rails_app/bin/rake +0 -4
- data/test/rails_app/config/application.rb +0 -40
- data/test/rails_app/config/boot.rb +0 -14
- data/test/rails_app/config/database.yml +0 -18
- data/test/rails_app/config/environment.rb +0 -5
- data/test/rails_app/config/environments/development.rb +0 -30
- data/test/rails_app/config/environments/production.rb +0 -84
- data/test/rails_app/config/environments/test.rb +0 -41
- data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
- data/test/rails_app/config/initializers/devise.rb +0 -180
- data/test/rails_app/config/initializers/inflections.rb +0 -2
- data/test/rails_app/config/initializers/secret_token.rb +0 -8
- data/test/rails_app/config/initializers/session_store.rb +0 -1
- data/test/rails_app/config/routes.rb +0 -125
- data/test/rails_app/config.ru +0 -4
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -71
- data/test/rails_app/db/schema.rb +0 -55
- data/test/rails_app/lib/shared_admin.rb +0 -17
- data/test/rails_app/lib/shared_user.rb +0 -29
- data/test/rails_app/lib/shared_user_without_email.rb +0 -26
- data/test/rails_app/lib/shared_user_without_omniauth.rb +0 -13
- data/test/rails_app/public/404.html +0 -26
- data/test/rails_app/public/422.html +0 -26
- data/test/rails_app/public/500.html +0 -26
- data/test/rails_app/public/favicon.ico +0 -0
- data/test/rails_test.rb +0 -9
- data/test/routes_test.rb +0 -264
- data/test/support/action_controller/record_identifier.rb +0 -10
- data/test/support/assertions.rb +0 -39
- data/test/support/helpers.rb +0 -77
- data/test/support/integration.rb +0 -92
- data/test/support/locale/en.yml +0 -8
- data/test/support/mongoid.yml +0 -6
- data/test/support/webrat/integrations/rails.rb +0 -24
- data/test/test_helper.rb +0 -34
- data/test/test_helpers_test.rb +0 -178
- data/test/test_models.rb +0 -33
- data/test/time_helpers.rb +0 -137
|
@@ -1,316 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
require 'ostruct'
|
|
3
|
-
|
|
4
|
-
class ControllerAuthenticatableTest < ActionController::TestCase
|
|
5
|
-
tests ApplicationController
|
|
6
|
-
|
|
7
|
-
def setup
|
|
8
|
-
@mock_warden = OpenStruct.new
|
|
9
|
-
@controller.request.env['warden'] = @mock_warden
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
test 'provide access to warden instance' do
|
|
13
|
-
assert_equal @mock_warden, @controller.warden
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
test 'proxy signed_in?(scope) to authenticate?' do
|
|
17
|
-
@mock_warden.expects(:authenticate?).with(scope: :my_scope)
|
|
18
|
-
@controller.signed_in?(:my_scope)
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
test 'proxy signed_in?(nil) to authenticate?' do
|
|
22
|
-
Devise.mappings.keys.each do |scope| # :user, :admin, :manager
|
|
23
|
-
@mock_warden.expects(:authenticate?).with(scope: scope)
|
|
24
|
-
end
|
|
25
|
-
@controller.signed_in?
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
test 'proxy [group]_signed_in? to authenticate? with each scope' do
|
|
29
|
-
[:user, :admin].each do |scope|
|
|
30
|
-
@mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
|
|
31
|
-
end
|
|
32
|
-
@controller.commenter_signed_in?
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
test 'proxy current_user to authenticate with user scope' do
|
|
36
|
-
@mock_warden.expects(:authenticate).with(scope: :user)
|
|
37
|
-
@controller.current_user
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
test 'proxy current_admin to authenticate with admin scope' do
|
|
41
|
-
@mock_warden.expects(:authenticate).with(scope: :admin)
|
|
42
|
-
@controller.current_admin
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
test 'proxy current_[group] to authenticate with each scope' do
|
|
46
|
-
[:user, :admin].each do |scope|
|
|
47
|
-
@mock_warden.expects(:authenticate).with(scope: scope).returns(nil)
|
|
48
|
-
end
|
|
49
|
-
@controller.current_commenter
|
|
50
|
-
end
|
|
51
|
-
|
|
52
|
-
test 'proxy current_[plural_group] to authenticate with each scope' do
|
|
53
|
-
[:user, :admin].each do |scope|
|
|
54
|
-
@mock_warden.expects(:authenticate).with(scope: scope)
|
|
55
|
-
end
|
|
56
|
-
@controller.current_commenters
|
|
57
|
-
end
|
|
58
|
-
|
|
59
|
-
test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
|
|
60
|
-
@mock_warden.expects(:authenticate).with(scope: :publisher_account)
|
|
61
|
-
@controller.current_publisher_account
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
test 'proxy authenticate_user! to authenticate with user scope' do
|
|
65
|
-
@mock_warden.expects(:authenticate!).with(scope: :user)
|
|
66
|
-
@controller.authenticate_user!
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
test 'proxy authenticate_user! options to authenticate with user scope' do
|
|
70
|
-
@mock_warden.expects(:authenticate!).with(scope: :user, recall: "foo")
|
|
71
|
-
@controller.authenticate_user!(recall: "foo")
|
|
72
|
-
end
|
|
73
|
-
|
|
74
|
-
test 'proxy authenticate_admin! to authenticate with admin scope' do
|
|
75
|
-
@mock_warden.expects(:authenticate!).with(scope: :admin)
|
|
76
|
-
@controller.authenticate_admin!
|
|
77
|
-
end
|
|
78
|
-
|
|
79
|
-
test 'proxy authenticate_[group]! to authenticate!? with each scope' do
|
|
80
|
-
[:user, :admin].each do |scope|
|
|
81
|
-
@mock_warden.expects(:authenticate!).with(scope: scope)
|
|
82
|
-
@mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
|
|
83
|
-
end
|
|
84
|
-
@controller.authenticate_commenter!
|
|
85
|
-
end
|
|
86
|
-
|
|
87
|
-
test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
|
|
88
|
-
@mock_warden.expects(:authenticate!).with(scope: :publisher_account)
|
|
89
|
-
@controller.authenticate_publisher_account!
|
|
90
|
-
end
|
|
91
|
-
|
|
92
|
-
test 'proxy user_signed_in? to authenticate with user scope' do
|
|
93
|
-
@mock_warden.expects(:authenticate).with(scope: :user).returns("user")
|
|
94
|
-
assert @controller.user_signed_in?
|
|
95
|
-
end
|
|
96
|
-
|
|
97
|
-
test 'proxy admin_signed_in? to authenticatewith admin scope' do
|
|
98
|
-
@mock_warden.expects(:authenticate).with(scope: :admin)
|
|
99
|
-
assert_not @controller.admin_signed_in?
|
|
100
|
-
end
|
|
101
|
-
|
|
102
|
-
test 'proxy publisher_account_signed_in? to authenticate with namespaced publisher account scope' do
|
|
103
|
-
@mock_warden.expects(:authenticate).with(scope: :publisher_account)
|
|
104
|
-
@controller.publisher_account_signed_in?
|
|
105
|
-
end
|
|
106
|
-
|
|
107
|
-
test 'proxy user_session to session scope in warden' do
|
|
108
|
-
@mock_warden.expects(:authenticate).with(scope: :user).returns(true)
|
|
109
|
-
@mock_warden.expects(:session).with(:user).returns({})
|
|
110
|
-
@controller.user_session
|
|
111
|
-
end
|
|
112
|
-
|
|
113
|
-
test 'proxy admin_session to session scope in warden' do
|
|
114
|
-
@mock_warden.expects(:authenticate).with(scope: :admin).returns(true)
|
|
115
|
-
@mock_warden.expects(:session).with(:admin).returns({})
|
|
116
|
-
@controller.admin_session
|
|
117
|
-
end
|
|
118
|
-
|
|
119
|
-
test 'proxy publisher_account_session from namespaced scope to session scope in warden' do
|
|
120
|
-
@mock_warden.expects(:authenticate).with(scope: :publisher_account).returns(true)
|
|
121
|
-
@mock_warden.expects(:session).with(:publisher_account).returns({})
|
|
122
|
-
@controller.publisher_account_session
|
|
123
|
-
end
|
|
124
|
-
|
|
125
|
-
test 'sign in proxy to set_user on warden' do
|
|
126
|
-
user = User.new
|
|
127
|
-
@mock_warden.expects(:user).returns(nil)
|
|
128
|
-
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
|
129
|
-
@controller.sign_in(:user, user)
|
|
130
|
-
end
|
|
131
|
-
|
|
132
|
-
test 'sign in accepts a resource as argument' do
|
|
133
|
-
user = User.new
|
|
134
|
-
@mock_warden.expects(:user).returns(nil)
|
|
135
|
-
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
|
136
|
-
@controller.sign_in(user)
|
|
137
|
-
end
|
|
138
|
-
|
|
139
|
-
test 'does not sign in again if the user is already in' do
|
|
140
|
-
user = User.new
|
|
141
|
-
@mock_warden.expects(:user).returns(user)
|
|
142
|
-
@mock_warden.expects(:set_user).never
|
|
143
|
-
assert @controller.sign_in(user)
|
|
144
|
-
end
|
|
145
|
-
|
|
146
|
-
test 'sign in again when the user is already in only if force is given' do
|
|
147
|
-
user = User.new
|
|
148
|
-
@mock_warden.expects(:user).returns(user)
|
|
149
|
-
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
|
150
|
-
@controller.sign_in(user, force: true)
|
|
151
|
-
end
|
|
152
|
-
|
|
153
|
-
test 'sign in accepts bypass as option' do
|
|
154
|
-
user = User.new
|
|
155
|
-
@mock_warden.expects(:session_serializer).returns(serializer = mock())
|
|
156
|
-
serializer.expects(:store).with(user, :user)
|
|
157
|
-
@controller.sign_in(user, bypass: true)
|
|
158
|
-
end
|
|
159
|
-
|
|
160
|
-
test 'sign out clears up any signed in user from all scopes' do
|
|
161
|
-
user = User.new
|
|
162
|
-
@mock_warden.expects(:user).times(Devise.mappings.size)
|
|
163
|
-
@mock_warden.expects(:logout).with().returns(true)
|
|
164
|
-
@controller.instance_variable_set(:@current_user, user)
|
|
165
|
-
@controller.instance_variable_set(:@current_admin, user)
|
|
166
|
-
@controller.sign_out
|
|
167
|
-
assert_equal nil, @controller.instance_variable_get(:@current_user)
|
|
168
|
-
assert_equal nil, @controller.instance_variable_get(:@current_admin)
|
|
169
|
-
end
|
|
170
|
-
|
|
171
|
-
test 'sign out logs out and clears up any signed in user by scope' do
|
|
172
|
-
user = User.new
|
|
173
|
-
@mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(user)
|
|
174
|
-
@mock_warden.expects(:logout).with(:user).returns(true)
|
|
175
|
-
@mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
|
|
176
|
-
@controller.instance_variable_set(:@current_user, user)
|
|
177
|
-
@controller.sign_out(:user)
|
|
178
|
-
assert_equal nil, @controller.instance_variable_get(:@current_user)
|
|
179
|
-
end
|
|
180
|
-
|
|
181
|
-
test 'sign out accepts a resource as argument' do
|
|
182
|
-
@mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(true)
|
|
183
|
-
@mock_warden.expects(:logout).with(:user).returns(true)
|
|
184
|
-
@mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
|
|
185
|
-
@controller.sign_out(User.new)
|
|
186
|
-
end
|
|
187
|
-
|
|
188
|
-
test 'sign out without args proxy to sign out all scopes' do
|
|
189
|
-
@mock_warden.expects(:user).times(Devise.mappings.size)
|
|
190
|
-
@mock_warden.expects(:logout).with().returns(true)
|
|
191
|
-
@mock_warden.expects(:clear_strategies_cache!).with().returns(true)
|
|
192
|
-
@controller.sign_out
|
|
193
|
-
end
|
|
194
|
-
|
|
195
|
-
test 'sign out everybody proxy to logout on warden' do
|
|
196
|
-
@mock_warden.expects(:user).times(Devise.mappings.size)
|
|
197
|
-
@mock_warden.expects(:logout).with().returns(true)
|
|
198
|
-
@controller.sign_out_all_scopes
|
|
199
|
-
end
|
|
200
|
-
|
|
201
|
-
test 'stored location for returns the location for a given scope' do
|
|
202
|
-
assert_nil @controller.stored_location_for(:user)
|
|
203
|
-
@controller.session[:"user_return_to"] = "/foo.bar"
|
|
204
|
-
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
|
205
|
-
end
|
|
206
|
-
|
|
207
|
-
test 'stored location for accepts a resource as argument' do
|
|
208
|
-
assert_nil @controller.stored_location_for(:user)
|
|
209
|
-
@controller.session[:"user_return_to"] = "/foo.bar"
|
|
210
|
-
assert_equal "/foo.bar", @controller.stored_location_for(User.new)
|
|
211
|
-
end
|
|
212
|
-
|
|
213
|
-
test 'stored location cleans information after reading' do
|
|
214
|
-
@controller.session[:"user_return_to"] = "/foo.bar"
|
|
215
|
-
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
|
216
|
-
assert_nil @controller.session[:"user_return_to"]
|
|
217
|
-
end
|
|
218
|
-
|
|
219
|
-
test 'store location for stores a location to redirect back to' do
|
|
220
|
-
assert_nil @controller.stored_location_for(:user)
|
|
221
|
-
@controller.store_location_for(:user, "/foo.bar")
|
|
222
|
-
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
|
223
|
-
end
|
|
224
|
-
|
|
225
|
-
test 'store bad location for stores a location to redirect back to' do
|
|
226
|
-
assert_nil @controller.stored_location_for(:user)
|
|
227
|
-
@controller.store_location_for(:user, "/foo.bar\">Carry")
|
|
228
|
-
assert_nil @controller.stored_location_for(:user)
|
|
229
|
-
end
|
|
230
|
-
|
|
231
|
-
test 'store location for accepts a resource as argument' do
|
|
232
|
-
@controller.store_location_for(User.new, "/foo.bar")
|
|
233
|
-
assert_equal "/foo.bar", @controller.stored_location_for(User.new)
|
|
234
|
-
end
|
|
235
|
-
|
|
236
|
-
test 'store location for stores paths' do
|
|
237
|
-
@controller.store_location_for(:user, "//host/foo.bar")
|
|
238
|
-
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
|
239
|
-
@controller.store_location_for(:user, "///foo.bar")
|
|
240
|
-
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
|
241
|
-
end
|
|
242
|
-
|
|
243
|
-
test 'store location for stores query string' do
|
|
244
|
-
@controller.store_location_for(:user, "/foo?bar=baz")
|
|
245
|
-
assert_equal "/foo?bar=baz", @controller.stored_location_for(:user)
|
|
246
|
-
end
|
|
247
|
-
|
|
248
|
-
test 'store location for stores fragments' do
|
|
249
|
-
@controller.store_location_for(:user, "/foo#bar")
|
|
250
|
-
assert_equal "/foo#bar", @controller.stored_location_for(:user)
|
|
251
|
-
end
|
|
252
|
-
|
|
253
|
-
test 'after sign in path defaults to root path if none by was specified for the given scope' do
|
|
254
|
-
assert_equal root_path, @controller.after_sign_in_path_for(:user)
|
|
255
|
-
end
|
|
256
|
-
|
|
257
|
-
test 'after sign in path defaults to the scoped root path' do
|
|
258
|
-
assert_equal admin_root_path, @controller.after_sign_in_path_for(:admin)
|
|
259
|
-
end
|
|
260
|
-
|
|
261
|
-
test 'after sign out path defaults to the root path' do
|
|
262
|
-
assert_equal root_path, @controller.after_sign_out_path_for(:admin)
|
|
263
|
-
assert_equal root_path, @controller.after_sign_out_path_for(:user)
|
|
264
|
-
end
|
|
265
|
-
|
|
266
|
-
test 'sign in and redirect uses the stored location' do
|
|
267
|
-
user = User.new
|
|
268
|
-
@controller.session[:user_return_to] = "/foo.bar"
|
|
269
|
-
@mock_warden.expects(:user).with(:user).returns(nil)
|
|
270
|
-
@mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
|
|
271
|
-
@controller.expects(:redirect_to).with("/foo.bar")
|
|
272
|
-
@controller.sign_in_and_redirect(user)
|
|
273
|
-
end
|
|
274
|
-
|
|
275
|
-
test 'sign in and redirect uses the configured after sign in path' do
|
|
276
|
-
admin = Admin.new
|
|
277
|
-
@mock_warden.expects(:user).with(:admin).returns(nil)
|
|
278
|
-
@mock_warden.expects(:set_user).with(admin, scope: :admin).returns(true)
|
|
279
|
-
@controller.expects(:redirect_to).with(admin_root_path)
|
|
280
|
-
@controller.sign_in_and_redirect(admin)
|
|
281
|
-
end
|
|
282
|
-
|
|
283
|
-
test 'sign in and redirect does not sign in again if user is already signed' do
|
|
284
|
-
admin = Admin.new
|
|
285
|
-
@mock_warden.expects(:user).with(:admin).returns(admin)
|
|
286
|
-
@mock_warden.expects(:set_user).never
|
|
287
|
-
@controller.expects(:redirect_to).with(admin_root_path)
|
|
288
|
-
@controller.sign_in_and_redirect(admin)
|
|
289
|
-
end
|
|
290
|
-
|
|
291
|
-
test 'sign out and redirect uses the configured after sign out path when signing out only the current scope' do
|
|
292
|
-
swap Devise, sign_out_all_scopes: false do
|
|
293
|
-
@mock_warden.expects(:user).with(scope: :admin, run_callbacks: false).returns(true)
|
|
294
|
-
@mock_warden.expects(:logout).with(:admin).returns(true)
|
|
295
|
-
@mock_warden.expects(:clear_strategies_cache!).with(scope: :admin).returns(true)
|
|
296
|
-
@controller.expects(:redirect_to).with(admin_root_path)
|
|
297
|
-
@controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
|
|
298
|
-
@controller.sign_out_and_redirect(:admin)
|
|
299
|
-
end
|
|
300
|
-
end
|
|
301
|
-
|
|
302
|
-
test 'sign out and redirect uses the configured after sign out path when signing out all scopes' do
|
|
303
|
-
swap Devise, sign_out_all_scopes: true do
|
|
304
|
-
@mock_warden.expects(:user).times(Devise.mappings.size)
|
|
305
|
-
@mock_warden.expects(:logout).with().returns(true)
|
|
306
|
-
@mock_warden.expects(:clear_strategies_cache!).with().returns(true)
|
|
307
|
-
@controller.expects(:redirect_to).with(admin_root_path)
|
|
308
|
-
@controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
|
|
309
|
-
@controller.sign_out_and_redirect(:admin)
|
|
310
|
-
end
|
|
311
|
-
end
|
|
312
|
-
|
|
313
|
-
test 'is not a devise controller' do
|
|
314
|
-
assert_not @controller.devise_controller?
|
|
315
|
-
end
|
|
316
|
-
end
|
|
@@ -1,51 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class SessionsInheritedController < Devise::SessionsController
|
|
4
|
-
def test_i18n_scope
|
|
5
|
-
set_flash_message(:notice, :signed_in)
|
|
6
|
-
end
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
class AnotherInheritedController < SessionsInheritedController
|
|
10
|
-
protected
|
|
11
|
-
|
|
12
|
-
def translation_scope
|
|
13
|
-
'another'
|
|
14
|
-
end
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
class InheritedControllerTest < ActionController::TestCase
|
|
18
|
-
tests SessionsInheritedController
|
|
19
|
-
|
|
20
|
-
def setup
|
|
21
|
-
@mock_warden = OpenStruct.new
|
|
22
|
-
@controller.request.env['warden'] = @mock_warden
|
|
23
|
-
@controller.request.env['devise.mapping'] = Devise.mappings[:user]
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
test 'I18n scope is inherited from Devise::Sessions' do
|
|
27
|
-
I18n.expects(:t).with do |message, options|
|
|
28
|
-
message == 'user.signed_in' &&
|
|
29
|
-
options[:scope] == 'devise.sessions'
|
|
30
|
-
end
|
|
31
|
-
@controller.test_i18n_scope
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
class AnotherInheritedControllerTest < ActionController::TestCase
|
|
36
|
-
tests AnotherInheritedController
|
|
37
|
-
|
|
38
|
-
def setup
|
|
39
|
-
@mock_warden = OpenStruct.new
|
|
40
|
-
@controller.request.env['warden'] = @mock_warden
|
|
41
|
-
@controller.request.env['devise.mapping'] = Devise.mappings[:user]
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
test 'I18n scope is overridden' do
|
|
45
|
-
I18n.expects(:t).with do |message, options|
|
|
46
|
-
message == 'user.signed_in' &&
|
|
47
|
-
options[:scope] == 'another'
|
|
48
|
-
end
|
|
49
|
-
@controller.test_i18n_scope
|
|
50
|
-
end
|
|
51
|
-
end
|
|
@@ -1,129 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class MyController < DeviseController
|
|
4
|
-
end
|
|
5
|
-
|
|
6
|
-
class HelpersTest < ActionController::TestCase
|
|
7
|
-
tests MyController
|
|
8
|
-
|
|
9
|
-
def setup
|
|
10
|
-
@mock_warden = OpenStruct.new
|
|
11
|
-
@controller.request.env['warden'] = @mock_warden
|
|
12
|
-
@controller.request.env['devise.mapping'] = Devise.mappings[:user]
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
test 'get resource name from env' do
|
|
16
|
-
assert_equal :user, @controller.send(:resource_name)
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
test 'get resource class from env' do
|
|
20
|
-
assert_equal User, @controller.send(:resource_class)
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
test 'get resource instance variable from env' do
|
|
24
|
-
@controller.instance_variable_set(:@user, user = User.new)
|
|
25
|
-
assert_equal user, @controller.send(:resource)
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
test 'set resource instance variable from env' do
|
|
29
|
-
user = @controller.send(:resource_class).new
|
|
30
|
-
@controller.send(:resource=, user)
|
|
31
|
-
|
|
32
|
-
assert_equal user, @controller.send(:resource)
|
|
33
|
-
assert_equal user, @controller.instance_variable_get(:@user)
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
test 'get resource params from request params using resource name as key' do
|
|
37
|
-
user_params = {'email' => 'shirley@templar.com'}
|
|
38
|
-
|
|
39
|
-
params = if Devise.rails4?
|
|
40
|
-
# Stub controller name so strong parameters can filter properly.
|
|
41
|
-
# DeviseController does not allow any parameters by default.
|
|
42
|
-
@controller.stubs(:controller_name).returns(:sessions_controller)
|
|
43
|
-
|
|
44
|
-
ActionController::Parameters.new({'user' => user_params})
|
|
45
|
-
else
|
|
46
|
-
HashWithIndifferentAccess.new({'user' => user_params})
|
|
47
|
-
end
|
|
48
|
-
@controller.stubs(:params).returns(params)
|
|
49
|
-
|
|
50
|
-
assert_equal user_params, @controller.send(:resource_params)
|
|
51
|
-
end
|
|
52
|
-
|
|
53
|
-
test 'resources methods are not controller actions' do
|
|
54
|
-
assert @controller.class.action_methods.delete_if { |m| m.include? 'commenter' }.empty?
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
test 'require no authentication tests current mapping' do
|
|
58
|
-
@mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
|
|
59
|
-
@mock_warden.expects(:user).with(:user).returns(User.new)
|
|
60
|
-
@controller.expects(:redirect_to).with(root_path)
|
|
61
|
-
@controller.send :require_no_authentication
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
test 'require no authentication only checks if already authenticated if no inputs strategies are available' do
|
|
65
|
-
Devise.mappings[:user].expects(:no_input_strategies).returns([])
|
|
66
|
-
@mock_warden.expects(:authenticate?).never
|
|
67
|
-
@mock_warden.expects(:authenticated?).with(:user).once.returns(true)
|
|
68
|
-
@mock_warden.expects(:user).with(:user).returns(User.new)
|
|
69
|
-
@controller.expects(:redirect_to).with(root_path)
|
|
70
|
-
@controller.send :require_no_authentication
|
|
71
|
-
end
|
|
72
|
-
|
|
73
|
-
test 'require no authentication sets a flash message' do
|
|
74
|
-
@mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
|
|
75
|
-
@mock_warden.expects(:user).with(:user).returns(User.new)
|
|
76
|
-
@controller.expects(:redirect_to).with(root_path)
|
|
77
|
-
@controller.send :require_no_authentication
|
|
78
|
-
assert flash[:alert] == I18n.t("devise.failure.already_authenticated")
|
|
79
|
-
end
|
|
80
|
-
|
|
81
|
-
test 'signed in resource returns signed in resource for current scope' do
|
|
82
|
-
@mock_warden.expects(:authenticate).with(scope: :user).returns(User.new)
|
|
83
|
-
assert_kind_of User, @controller.send(:signed_in_resource)
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
test 'is a devise controller' do
|
|
87
|
-
assert @controller.devise_controller?
|
|
88
|
-
end
|
|
89
|
-
|
|
90
|
-
test 'does not issue blank flash messages' do
|
|
91
|
-
I18n.stubs(:t).returns(' ')
|
|
92
|
-
@controller.send :set_flash_message, :notice, :send_instructions
|
|
93
|
-
assert flash[:notice].nil?
|
|
94
|
-
end
|
|
95
|
-
|
|
96
|
-
test 'issues non-blank flash messages normally' do
|
|
97
|
-
I18n.stubs(:t).returns('non-blank')
|
|
98
|
-
@controller.send :set_flash_message, :notice, :send_instructions
|
|
99
|
-
assert_equal 'non-blank', flash[:notice]
|
|
100
|
-
end
|
|
101
|
-
|
|
102
|
-
test 'issues non-blank flash.now messages normally' do
|
|
103
|
-
I18n.stubs(:t).returns('non-blank')
|
|
104
|
-
@controller.send :set_flash_message, :notice, :send_instructions, { now: true }
|
|
105
|
-
assert_equal 'non-blank', flash.now[:notice]
|
|
106
|
-
end
|
|
107
|
-
|
|
108
|
-
test 'uses custom i18n options' do
|
|
109
|
-
@controller.stubs(:devise_i18n_options).returns(default: "devise custom options")
|
|
110
|
-
@controller.send :set_flash_message, :notice, :invalid_i18n_messagesend_instructions
|
|
111
|
-
assert_equal 'devise custom options', flash[:notice]
|
|
112
|
-
end
|
|
113
|
-
|
|
114
|
-
test 'allows custom i18n options to override resource_name' do
|
|
115
|
-
I18n.expects(:t).with("custom_resource_name.confirmed", anything)
|
|
116
|
-
@controller.stubs(:devise_i18n_options).returns(resource_name: "custom_resource_name")
|
|
117
|
-
@controller.send :set_flash_message, :notice, :confirmed
|
|
118
|
-
end
|
|
119
|
-
|
|
120
|
-
test 'navigational_formats not returning a wild card' do
|
|
121
|
-
MyController.send(:public, :navigational_formats)
|
|
122
|
-
|
|
123
|
-
swap Devise, navigational_formats: ['*/*', :html] do
|
|
124
|
-
assert_not @controller.navigational_formats.include?("*/*")
|
|
125
|
-
end
|
|
126
|
-
|
|
127
|
-
MyController.send(:protected, :navigational_formats)
|
|
128
|
-
end
|
|
129
|
-
end
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class LoadHooksControllerTest < ActionController::TestCase
|
|
4
|
-
setup do
|
|
5
|
-
ActiveSupport.on_load(:devise_controller) do
|
|
6
|
-
define_method :defined_by_load_hook do
|
|
7
|
-
puts 'I am defined dynamically by activesupport load hook'
|
|
8
|
-
end
|
|
9
|
-
end
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
teardown do
|
|
13
|
-
DeviseController.class_eval { undef :defined_by_load_hook }
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
test 'load hook called when controller is loaded' do
|
|
17
|
-
assert DeviseController.instance_methods.include? :defined_by_load_hook
|
|
18
|
-
end
|
|
19
|
-
end
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class PasswordsControllerTest < ActionController::TestCase
|
|
4
|
-
tests Devise::PasswordsController
|
|
5
|
-
include Devise::TestHelpers
|
|
6
|
-
|
|
7
|
-
setup do
|
|
8
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
9
|
-
@user = create_user.tap(&:confirm)
|
|
10
|
-
@raw = @user.send_reset_password_instructions
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
def put_update_with_params
|
|
14
|
-
put :update, "user" => {
|
|
15
|
-
"reset_password_token" => @raw, "password" => "1234567", "password_confirmation" => "1234567"
|
|
16
|
-
}
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
test 'redirect to after_sign_in_path_for if after_resetting_password_path_for is not overridden' do
|
|
20
|
-
put_update_with_params
|
|
21
|
-
assert_redirected_to "http://test.host/"
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
test 'redirect accordingly if after_resetting_password_path_for is overridden' do
|
|
25
|
-
custom_path = "http://custom.path/"
|
|
26
|
-
Devise::PasswordsController.any_instance.stubs(:after_resetting_password_path_for).with(@user).returns(custom_path)
|
|
27
|
-
|
|
28
|
-
put_update_with_params
|
|
29
|
-
assert_redirected_to custom_path
|
|
30
|
-
end
|
|
31
|
-
end
|
|
@@ -1,103 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class SessionsControllerTest < ActionController::TestCase
|
|
4
|
-
tests Devise::SessionsController
|
|
5
|
-
include Devise::TestHelpers
|
|
6
|
-
|
|
7
|
-
test "#create doesn't raise unpermitted params when sign in fails" do
|
|
8
|
-
begin
|
|
9
|
-
subscriber = ActiveSupport::Notifications.subscribe /unpermitted_parameters/ do |name, start, finish, id, payload|
|
|
10
|
-
flunk "Unpermitted params: #{payload}"
|
|
11
|
-
end
|
|
12
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
13
|
-
request.session["user_return_to"] = 'foo.bar'
|
|
14
|
-
create_user
|
|
15
|
-
post :create, user: {
|
|
16
|
-
email: "wrong@email.com",
|
|
17
|
-
password: "wrongpassword"
|
|
18
|
-
}
|
|
19
|
-
assert_equal 200, @response.status
|
|
20
|
-
ensure
|
|
21
|
-
ActiveSupport::Notifications.unsubscribe(subscriber)
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
test "#create works even with scoped views" do
|
|
26
|
-
swap Devise, scoped_views: true do
|
|
27
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
28
|
-
post :create
|
|
29
|
-
assert_equal 200, @response.status
|
|
30
|
-
assert_template "users/sessions/new"
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
test "#create delete the url stored in the session if the requested format is navigational" do
|
|
35
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
36
|
-
request.session["user_return_to"] = 'foo.bar'
|
|
37
|
-
|
|
38
|
-
user = create_user
|
|
39
|
-
user.confirm
|
|
40
|
-
post :create, user: {
|
|
41
|
-
email: user.email,
|
|
42
|
-
password: user.password
|
|
43
|
-
}
|
|
44
|
-
|
|
45
|
-
assert_nil request.session["user_return_to"]
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
test "#create doesn't delete the url stored in the session if the requested format is not navigational" do
|
|
49
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
50
|
-
request.session["user_return_to"] = 'foo.bar'
|
|
51
|
-
|
|
52
|
-
user = create_user
|
|
53
|
-
user.confirm
|
|
54
|
-
post :create, format: 'json', user: {
|
|
55
|
-
email: user.email,
|
|
56
|
-
password: user.password
|
|
57
|
-
}
|
|
58
|
-
|
|
59
|
-
assert_equal 'foo.bar', request.session["user_return_to"]
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
test "#create doesn't raise exception after Warden authentication fails when TestHelpers included" do
|
|
63
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
64
|
-
post :create, user: {
|
|
65
|
-
email: "nosuchuser@example.com",
|
|
66
|
-
password: "wevdude"
|
|
67
|
-
}
|
|
68
|
-
assert_equal 200, @response.status
|
|
69
|
-
assert_template "devise/sessions/new"
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
test "#destroy doesn't set the flash if the requested format is not navigational" do
|
|
73
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
74
|
-
user = create_user
|
|
75
|
-
user.confirm
|
|
76
|
-
post :create, format: 'json', user: {
|
|
77
|
-
email: user.email,
|
|
78
|
-
password: user.password
|
|
79
|
-
}
|
|
80
|
-
|
|
81
|
-
delete :destroy, format: 'json'
|
|
82
|
-
assert flash[:notice].blank?, "flash[:notice] should be blank, not #{flash[:notice].inspect}"
|
|
83
|
-
assert_equal 204, @response.status
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
if defined?(ActiveRecord) && ActiveRecord::Base.respond_to?(:mass_assignment_sanitizer)
|
|
87
|
-
test "#new doesn't raise mass-assignment exception even if sign-in key is attr_protected" do
|
|
88
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
|
89
|
-
|
|
90
|
-
ActiveRecord::Base.mass_assignment_sanitizer = :strict
|
|
91
|
-
User.class_eval { attr_protected :email }
|
|
92
|
-
|
|
93
|
-
begin
|
|
94
|
-
assert_nothing_raised ActiveModel::MassAssignmentSecurity::Error do
|
|
95
|
-
get :new, user: { email: "allez viens!" }
|
|
96
|
-
end
|
|
97
|
-
ensure
|
|
98
|
-
ActiveRecord::Base.mass_assignment_sanitizer = :logger
|
|
99
|
-
User.class_eval { attr_accessible :email }
|
|
100
|
-
end
|
|
101
|
-
end
|
|
102
|
-
end
|
|
103
|
-
end
|