devise 3.5.10 → 4.7.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (257) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +265 -1129
  3. data/MIT-LICENSE +2 -1
  4. data/README.md +291 -96
  5. data/app/controllers/devise/confirmations_controller.rb +3 -1
  6. data/app/controllers/devise/omniauth_callbacks_controller.rb +8 -6
  7. data/app/controllers/devise/passwords_controller.rb +7 -4
  8. data/app/controllers/devise/registrations_controller.rb +39 -18
  9. data/app/controllers/devise/sessions_controller.rb +9 -7
  10. data/app/controllers/devise/unlocks_controller.rb +4 -2
  11. data/app/controllers/devise_controller.rb +25 -12
  12. data/app/helpers/devise_helper.rb +23 -18
  13. data/app/mailers/devise/mailer.rb +10 -4
  14. data/app/views/devise/confirmations/new.html.erb +2 -2
  15. data/app/views/devise/mailer/email_changed.html.erb +7 -0
  16. data/app/views/devise/passwords/edit.html.erb +3 -3
  17. data/app/views/devise/passwords/new.html.erb +2 -2
  18. data/app/views/devise/registrations/edit.html.erb +9 -5
  19. data/app/views/devise/registrations/new.html.erb +4 -4
  20. data/app/views/devise/sessions/new.html.erb +4 -4
  21. data/app/views/devise/shared/_error_messages.html.erb +15 -0
  22. data/app/views/devise/shared/_links.html.erb +7 -7
  23. data/app/views/devise/unlocks/new.html.erb +2 -2
  24. data/config/locales/en.yml +5 -2
  25. data/lib/devise/controllers/helpers.rb +30 -27
  26. data/lib/devise/controllers/rememberable.rb +3 -1
  27. data/lib/devise/controllers/scoped_views.rb +2 -0
  28. data/lib/devise/controllers/sign_in_out.rb +37 -14
  29. data/lib/devise/controllers/store_location.rb +25 -7
  30. data/lib/devise/controllers/url_helpers.rb +3 -1
  31. data/lib/devise/delegator.rb +2 -0
  32. data/lib/devise/encryptor.rb +6 -4
  33. data/lib/devise/failure_app.rb +75 -38
  34. data/lib/devise/hooks/activatable.rb +2 -0
  35. data/lib/devise/hooks/csrf_cleaner.rb +2 -0
  36. data/lib/devise/hooks/forgetable.rb +2 -0
  37. data/lib/devise/hooks/lockable.rb +6 -1
  38. data/lib/devise/hooks/proxy.rb +3 -1
  39. data/lib/devise/hooks/rememberable.rb +2 -0
  40. data/lib/devise/hooks/timeoutable.rb +4 -2
  41. data/lib/devise/hooks/trackable.rb +2 -0
  42. data/lib/devise/mailers/helpers.rb +7 -4
  43. data/lib/devise/mapping.rb +3 -1
  44. data/lib/devise/models/authenticatable.rb +57 -31
  45. data/lib/devise/models/confirmable.rb +90 -29
  46. data/lib/devise/models/database_authenticatable.rb +93 -22
  47. data/lib/devise/models/lockable.rb +11 -5
  48. data/lib/devise/models/omniauthable.rb +2 -0
  49. data/lib/devise/models/recoverable.rb +33 -21
  50. data/lib/devise/models/registerable.rb +4 -0
  51. data/lib/devise/models/rememberable.rb +6 -11
  52. data/lib/devise/models/timeoutable.rb +2 -0
  53. data/lib/devise/models/trackable.rb +15 -1
  54. data/lib/devise/models/validatable.rb +10 -3
  55. data/lib/devise/models.rb +3 -1
  56. data/lib/devise/modules.rb +2 -0
  57. data/lib/devise/omniauth/config.rb +2 -0
  58. data/lib/devise/omniauth/url_helpers.rb +14 -5
  59. data/lib/devise/omniauth.rb +2 -0
  60. data/lib/devise/orm/active_record.rb +5 -1
  61. data/lib/devise/orm/mongoid.rb +6 -2
  62. data/lib/devise/parameter_filter.rb +4 -0
  63. data/lib/devise/parameter_sanitizer.rb +139 -65
  64. data/lib/devise/rails/routes.rb +48 -37
  65. data/lib/devise/rails/warden_compat.rb +3 -10
  66. data/lib/devise/rails.rb +7 -16
  67. data/lib/devise/secret_key_finder.rb +27 -0
  68. data/lib/devise/strategies/authenticatable.rb +3 -1
  69. data/lib/devise/strategies/base.rb +2 -0
  70. data/lib/devise/strategies/database_authenticatable.rb +11 -4
  71. data/lib/devise/strategies/rememberable.rb +2 -0
  72. data/lib/devise/test/controller_helpers.rb +167 -0
  73. data/lib/devise/test/integration_helpers.rb +63 -0
  74. data/lib/devise/test_helpers.rb +7 -124
  75. data/lib/devise/time_inflector.rb +2 -0
  76. data/lib/devise/token_generator.rb +3 -41
  77. data/lib/devise/version.rb +3 -1
  78. data/lib/devise.rb +57 -40
  79. data/lib/generators/active_record/devise_generator.rb +29 -10
  80. data/lib/generators/active_record/templates/migration.rb +4 -2
  81. data/lib/generators/active_record/templates/migration_existing.rb +4 -2
  82. data/lib/generators/devise/controllers_generator.rb +3 -1
  83. data/lib/generators/devise/devise_generator.rb +5 -3
  84. data/lib/generators/devise/install_generator.rb +18 -5
  85. data/lib/generators/devise/orm_helpers.rb +10 -21
  86. data/lib/generators/devise/views_generator.rb +8 -9
  87. data/lib/generators/mongoid/devise_generator.rb +7 -5
  88. data/lib/generators/templates/README +9 -8
  89. data/lib/generators/templates/controllers/confirmations_controller.rb +2 -0
  90. data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +3 -1
  91. data/lib/generators/templates/controllers/passwords_controller.rb +2 -0
  92. data/lib/generators/templates/controllers/registrations_controller.rb +6 -4
  93. data/lib/generators/templates/controllers/sessions_controller.rb +4 -2
  94. data/lib/generators/templates/controllers/unlocks_controller.rb +2 -0
  95. data/lib/generators/templates/devise.rb +63 -21
  96. data/lib/generators/templates/markerb/email_changed.markerb +7 -0
  97. data/lib/generators/templates/markerb/password_change.markerb +2 -2
  98. data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +5 -1
  99. data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +10 -2
  100. data/lib/generators/templates/simple_form_for/passwords/new.html.erb +4 -1
  101. data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +11 -3
  102. data/lib/generators/templates/simple_form_for/registrations/new.html.erb +11 -3
  103. data/lib/generators/templates/simple_form_for/sessions/new.html.erb +7 -2
  104. data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +4 -1
  105. metadata +15 -314
  106. data/.gitignore +0 -10
  107. data/.travis.yml +0 -44
  108. data/.yardopts +0 -9
  109. data/CODE_OF_CONDUCT.md +0 -22
  110. data/CONTRIBUTING.md +0 -16
  111. data/Gemfile +0 -30
  112. data/Gemfile.lock +0 -187
  113. data/Rakefile +0 -36
  114. data/devise.gemspec +0 -27
  115. data/devise.png +0 -0
  116. data/gemfiles/Gemfile.rails-3.2-stable +0 -29
  117. data/gemfiles/Gemfile.rails-3.2-stable.lock +0 -172
  118. data/gemfiles/Gemfile.rails-4.0-stable +0 -30
  119. data/gemfiles/Gemfile.rails-4.0-stable.lock +0 -166
  120. data/gemfiles/Gemfile.rails-4.1-stable +0 -30
  121. data/gemfiles/Gemfile.rails-4.1-stable.lock +0 -171
  122. data/gemfiles/Gemfile.rails-4.2-stable +0 -30
  123. data/gemfiles/Gemfile.rails-4.2-stable.lock +0 -193
  124. data/script/cached-bundle +0 -49
  125. data/script/s3-put +0 -71
  126. data/test/controllers/custom_registrations_controller_test.rb +0 -40
  127. data/test/controllers/custom_strategy_test.rb +0 -62
  128. data/test/controllers/helper_methods_test.rb +0 -21
  129. data/test/controllers/helpers_test.rb +0 -316
  130. data/test/controllers/inherited_controller_i18n_messages_test.rb +0 -51
  131. data/test/controllers/internal_helpers_test.rb +0 -129
  132. data/test/controllers/load_hooks_controller_test.rb +0 -19
  133. data/test/controllers/passwords_controller_test.rb +0 -31
  134. data/test/controllers/sessions_controller_test.rb +0 -103
  135. data/test/controllers/url_helpers_test.rb +0 -65
  136. data/test/delegator_test.rb +0 -19
  137. data/test/devise_test.rb +0 -107
  138. data/test/failure_app_test.rb +0 -315
  139. data/test/generators/active_record_generator_test.rb +0 -109
  140. data/test/generators/controllers_generator_test.rb +0 -48
  141. data/test/generators/devise_generator_test.rb +0 -39
  142. data/test/generators/install_generator_test.rb +0 -13
  143. data/test/generators/mongoid_generator_test.rb +0 -23
  144. data/test/generators/views_generator_test.rb +0 -103
  145. data/test/helpers/devise_helper_test.rb +0 -49
  146. data/test/integration/authenticatable_test.rb +0 -729
  147. data/test/integration/confirmable_test.rb +0 -324
  148. data/test/integration/database_authenticatable_test.rb +0 -95
  149. data/test/integration/http_authenticatable_test.rb +0 -105
  150. data/test/integration/lockable_test.rb +0 -239
  151. data/test/integration/omniauthable_test.rb +0 -135
  152. data/test/integration/recoverable_test.rb +0 -347
  153. data/test/integration/registerable_test.rb +0 -359
  154. data/test/integration/rememberable_test.rb +0 -214
  155. data/test/integration/timeoutable_test.rb +0 -184
  156. data/test/integration/trackable_test.rb +0 -92
  157. data/test/mailers/confirmation_instructions_test.rb +0 -115
  158. data/test/mailers/reset_password_instructions_test.rb +0 -96
  159. data/test/mailers/unlock_instructions_test.rb +0 -91
  160. data/test/mapping_test.rb +0 -134
  161. data/test/models/authenticatable_test.rb +0 -23
  162. data/test/models/confirmable_test.rb +0 -511
  163. data/test/models/database_authenticatable_test.rb +0 -269
  164. data/test/models/lockable_test.rb +0 -350
  165. data/test/models/omniauthable_test.rb +0 -7
  166. data/test/models/recoverable_test.rb +0 -251
  167. data/test/models/registerable_test.rb +0 -7
  168. data/test/models/rememberable_test.rb +0 -169
  169. data/test/models/serializable_test.rb +0 -49
  170. data/test/models/timeoutable_test.rb +0 -51
  171. data/test/models/trackable_test.rb +0 -41
  172. data/test/models/validatable_test.rb +0 -127
  173. data/test/models_test.rb +0 -153
  174. data/test/omniauth/config_test.rb +0 -57
  175. data/test/omniauth/url_helpers_test.rb +0 -54
  176. data/test/orm/active_record.rb +0 -10
  177. data/test/orm/mongoid.rb +0 -13
  178. data/test/parameter_sanitizer_test.rb +0 -81
  179. data/test/rails_app/Rakefile +0 -6
  180. data/test/rails_app/app/active_record/admin.rb +0 -6
  181. data/test/rails_app/app/active_record/shim.rb +0 -2
  182. data/test/rails_app/app/active_record/user.rb +0 -6
  183. data/test/rails_app/app/active_record/user_on_engine.rb +0 -7
  184. data/test/rails_app/app/active_record/user_on_main_app.rb +0 -7
  185. data/test/rails_app/app/active_record/user_without_email.rb +0 -8
  186. data/test/rails_app/app/controllers/admins/sessions_controller.rb +0 -6
  187. data/test/rails_app/app/controllers/admins_controller.rb +0 -6
  188. data/test/rails_app/app/controllers/application_controller.rb +0 -12
  189. data/test/rails_app/app/controllers/application_with_fake_engine.rb +0 -30
  190. data/test/rails_app/app/controllers/custom/registrations_controller.rb +0 -31
  191. data/test/rails_app/app/controllers/home_controller.rb +0 -25
  192. data/test/rails_app/app/controllers/publisher/registrations_controller.rb +0 -2
  193. data/test/rails_app/app/controllers/publisher/sessions_controller.rb +0 -2
  194. data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +0 -14
  195. data/test/rails_app/app/controllers/users_controller.rb +0 -31
  196. data/test/rails_app/app/helpers/application_helper.rb +0 -3
  197. data/test/rails_app/app/mailers/users/from_proc_mailer.rb +0 -3
  198. data/test/rails_app/app/mailers/users/mailer.rb +0 -3
  199. data/test/rails_app/app/mailers/users/reply_to_mailer.rb +0 -4
  200. data/test/rails_app/app/mongoid/admin.rb +0 -29
  201. data/test/rails_app/app/mongoid/shim.rb +0 -23
  202. data/test/rails_app/app/mongoid/user.rb +0 -39
  203. data/test/rails_app/app/mongoid/user_on_engine.rb +0 -39
  204. data/test/rails_app/app/mongoid/user_on_main_app.rb +0 -39
  205. data/test/rails_app/app/mongoid/user_without_email.rb +0 -33
  206. data/test/rails_app/app/views/admins/index.html.erb +0 -1
  207. data/test/rails_app/app/views/admins/sessions/new.html.erb +0 -2
  208. data/test/rails_app/app/views/home/admin_dashboard.html.erb +0 -1
  209. data/test/rails_app/app/views/home/index.html.erb +0 -1
  210. data/test/rails_app/app/views/home/join.html.erb +0 -1
  211. data/test/rails_app/app/views/home/private.html.erb +0 -1
  212. data/test/rails_app/app/views/home/user_dashboard.html.erb +0 -1
  213. data/test/rails_app/app/views/layouts/application.html.erb +0 -24
  214. data/test/rails_app/app/views/users/edit_form.html.erb +0 -1
  215. data/test/rails_app/app/views/users/index.html.erb +0 -1
  216. data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +0 -1
  217. data/test/rails_app/app/views/users/sessions/new.html.erb +0 -1
  218. data/test/rails_app/bin/bundle +0 -3
  219. data/test/rails_app/bin/rails +0 -4
  220. data/test/rails_app/bin/rake +0 -4
  221. data/test/rails_app/config/application.rb +0 -40
  222. data/test/rails_app/config/boot.rb +0 -14
  223. data/test/rails_app/config/database.yml +0 -18
  224. data/test/rails_app/config/environment.rb +0 -5
  225. data/test/rails_app/config/environments/development.rb +0 -30
  226. data/test/rails_app/config/environments/production.rb +0 -84
  227. data/test/rails_app/config/environments/test.rb +0 -41
  228. data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
  229. data/test/rails_app/config/initializers/devise.rb +0 -180
  230. data/test/rails_app/config/initializers/inflections.rb +0 -2
  231. data/test/rails_app/config/initializers/secret_token.rb +0 -8
  232. data/test/rails_app/config/initializers/session_store.rb +0 -1
  233. data/test/rails_app/config/routes.rb +0 -125
  234. data/test/rails_app/config.ru +0 -4
  235. data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -71
  236. data/test/rails_app/db/schema.rb +0 -55
  237. data/test/rails_app/lib/shared_admin.rb +0 -17
  238. data/test/rails_app/lib/shared_user.rb +0 -29
  239. data/test/rails_app/lib/shared_user_without_email.rb +0 -26
  240. data/test/rails_app/lib/shared_user_without_omniauth.rb +0 -13
  241. data/test/rails_app/public/404.html +0 -26
  242. data/test/rails_app/public/422.html +0 -26
  243. data/test/rails_app/public/500.html +0 -26
  244. data/test/rails_app/public/favicon.ico +0 -0
  245. data/test/rails_test.rb +0 -9
  246. data/test/routes_test.rb +0 -264
  247. data/test/support/action_controller/record_identifier.rb +0 -10
  248. data/test/support/assertions.rb +0 -39
  249. data/test/support/helpers.rb +0 -77
  250. data/test/support/integration.rb +0 -92
  251. data/test/support/locale/en.yml +0 -8
  252. data/test/support/mongoid.yml +0 -6
  253. data/test/support/webrat/integrations/rails.rb +0 -24
  254. data/test/test_helper.rb +0 -34
  255. data/test/test_helpers_test.rb +0 -178
  256. data/test/test_models.rb +0 -33
  257. data/test/time_helpers.rb +0 -137
@@ -1,316 +0,0 @@
1
- require 'test_helper'
2
- require 'ostruct'
3
-
4
- class ControllerAuthenticatableTest < ActionController::TestCase
5
- tests ApplicationController
6
-
7
- def setup
8
- @mock_warden = OpenStruct.new
9
- @controller.request.env['warden'] = @mock_warden
10
- end
11
-
12
- test 'provide access to warden instance' do
13
- assert_equal @mock_warden, @controller.warden
14
- end
15
-
16
- test 'proxy signed_in?(scope) to authenticate?' do
17
- @mock_warden.expects(:authenticate?).with(scope: :my_scope)
18
- @controller.signed_in?(:my_scope)
19
- end
20
-
21
- test 'proxy signed_in?(nil) to authenticate?' do
22
- Devise.mappings.keys.each do |scope| # :user, :admin, :manager
23
- @mock_warden.expects(:authenticate?).with(scope: scope)
24
- end
25
- @controller.signed_in?
26
- end
27
-
28
- test 'proxy [group]_signed_in? to authenticate? with each scope' do
29
- [:user, :admin].each do |scope|
30
- @mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
31
- end
32
- @controller.commenter_signed_in?
33
- end
34
-
35
- test 'proxy current_user to authenticate with user scope' do
36
- @mock_warden.expects(:authenticate).with(scope: :user)
37
- @controller.current_user
38
- end
39
-
40
- test 'proxy current_admin to authenticate with admin scope' do
41
- @mock_warden.expects(:authenticate).with(scope: :admin)
42
- @controller.current_admin
43
- end
44
-
45
- test 'proxy current_[group] to authenticate with each scope' do
46
- [:user, :admin].each do |scope|
47
- @mock_warden.expects(:authenticate).with(scope: scope).returns(nil)
48
- end
49
- @controller.current_commenter
50
- end
51
-
52
- test 'proxy current_[plural_group] to authenticate with each scope' do
53
- [:user, :admin].each do |scope|
54
- @mock_warden.expects(:authenticate).with(scope: scope)
55
- end
56
- @controller.current_commenters
57
- end
58
-
59
- test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
60
- @mock_warden.expects(:authenticate).with(scope: :publisher_account)
61
- @controller.current_publisher_account
62
- end
63
-
64
- test 'proxy authenticate_user! to authenticate with user scope' do
65
- @mock_warden.expects(:authenticate!).with(scope: :user)
66
- @controller.authenticate_user!
67
- end
68
-
69
- test 'proxy authenticate_user! options to authenticate with user scope' do
70
- @mock_warden.expects(:authenticate!).with(scope: :user, recall: "foo")
71
- @controller.authenticate_user!(recall: "foo")
72
- end
73
-
74
- test 'proxy authenticate_admin! to authenticate with admin scope' do
75
- @mock_warden.expects(:authenticate!).with(scope: :admin)
76
- @controller.authenticate_admin!
77
- end
78
-
79
- test 'proxy authenticate_[group]! to authenticate!? with each scope' do
80
- [:user, :admin].each do |scope|
81
- @mock_warden.expects(:authenticate!).with(scope: scope)
82
- @mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
83
- end
84
- @controller.authenticate_commenter!
85
- end
86
-
87
- test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
88
- @mock_warden.expects(:authenticate!).with(scope: :publisher_account)
89
- @controller.authenticate_publisher_account!
90
- end
91
-
92
- test 'proxy user_signed_in? to authenticate with user scope' do
93
- @mock_warden.expects(:authenticate).with(scope: :user).returns("user")
94
- assert @controller.user_signed_in?
95
- end
96
-
97
- test 'proxy admin_signed_in? to authenticatewith admin scope' do
98
- @mock_warden.expects(:authenticate).with(scope: :admin)
99
- assert_not @controller.admin_signed_in?
100
- end
101
-
102
- test 'proxy publisher_account_signed_in? to authenticate with namespaced publisher account scope' do
103
- @mock_warden.expects(:authenticate).with(scope: :publisher_account)
104
- @controller.publisher_account_signed_in?
105
- end
106
-
107
- test 'proxy user_session to session scope in warden' do
108
- @mock_warden.expects(:authenticate).with(scope: :user).returns(true)
109
- @mock_warden.expects(:session).with(:user).returns({})
110
- @controller.user_session
111
- end
112
-
113
- test 'proxy admin_session to session scope in warden' do
114
- @mock_warden.expects(:authenticate).with(scope: :admin).returns(true)
115
- @mock_warden.expects(:session).with(:admin).returns({})
116
- @controller.admin_session
117
- end
118
-
119
- test 'proxy publisher_account_session from namespaced scope to session scope in warden' do
120
- @mock_warden.expects(:authenticate).with(scope: :publisher_account).returns(true)
121
- @mock_warden.expects(:session).with(:publisher_account).returns({})
122
- @controller.publisher_account_session
123
- end
124
-
125
- test 'sign in proxy to set_user on warden' do
126
- user = User.new
127
- @mock_warden.expects(:user).returns(nil)
128
- @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
129
- @controller.sign_in(:user, user)
130
- end
131
-
132
- test 'sign in accepts a resource as argument' do
133
- user = User.new
134
- @mock_warden.expects(:user).returns(nil)
135
- @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
136
- @controller.sign_in(user)
137
- end
138
-
139
- test 'does not sign in again if the user is already in' do
140
- user = User.new
141
- @mock_warden.expects(:user).returns(user)
142
- @mock_warden.expects(:set_user).never
143
- assert @controller.sign_in(user)
144
- end
145
-
146
- test 'sign in again when the user is already in only if force is given' do
147
- user = User.new
148
- @mock_warden.expects(:user).returns(user)
149
- @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
150
- @controller.sign_in(user, force: true)
151
- end
152
-
153
- test 'sign in accepts bypass as option' do
154
- user = User.new
155
- @mock_warden.expects(:session_serializer).returns(serializer = mock())
156
- serializer.expects(:store).with(user, :user)
157
- @controller.sign_in(user, bypass: true)
158
- end
159
-
160
- test 'sign out clears up any signed in user from all scopes' do
161
- user = User.new
162
- @mock_warden.expects(:user).times(Devise.mappings.size)
163
- @mock_warden.expects(:logout).with().returns(true)
164
- @controller.instance_variable_set(:@current_user, user)
165
- @controller.instance_variable_set(:@current_admin, user)
166
- @controller.sign_out
167
- assert_equal nil, @controller.instance_variable_get(:@current_user)
168
- assert_equal nil, @controller.instance_variable_get(:@current_admin)
169
- end
170
-
171
- test 'sign out logs out and clears up any signed in user by scope' do
172
- user = User.new
173
- @mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(user)
174
- @mock_warden.expects(:logout).with(:user).returns(true)
175
- @mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
176
- @controller.instance_variable_set(:@current_user, user)
177
- @controller.sign_out(:user)
178
- assert_equal nil, @controller.instance_variable_get(:@current_user)
179
- end
180
-
181
- test 'sign out accepts a resource as argument' do
182
- @mock_warden.expects(:user).with(scope: :user, run_callbacks: false).returns(true)
183
- @mock_warden.expects(:logout).with(:user).returns(true)
184
- @mock_warden.expects(:clear_strategies_cache!).with(scope: :user).returns(true)
185
- @controller.sign_out(User.new)
186
- end
187
-
188
- test 'sign out without args proxy to sign out all scopes' do
189
- @mock_warden.expects(:user).times(Devise.mappings.size)
190
- @mock_warden.expects(:logout).with().returns(true)
191
- @mock_warden.expects(:clear_strategies_cache!).with().returns(true)
192
- @controller.sign_out
193
- end
194
-
195
- test 'sign out everybody proxy to logout on warden' do
196
- @mock_warden.expects(:user).times(Devise.mappings.size)
197
- @mock_warden.expects(:logout).with().returns(true)
198
- @controller.sign_out_all_scopes
199
- end
200
-
201
- test 'stored location for returns the location for a given scope' do
202
- assert_nil @controller.stored_location_for(:user)
203
- @controller.session[:"user_return_to"] = "/foo.bar"
204
- assert_equal "/foo.bar", @controller.stored_location_for(:user)
205
- end
206
-
207
- test 'stored location for accepts a resource as argument' do
208
- assert_nil @controller.stored_location_for(:user)
209
- @controller.session[:"user_return_to"] = "/foo.bar"
210
- assert_equal "/foo.bar", @controller.stored_location_for(User.new)
211
- end
212
-
213
- test 'stored location cleans information after reading' do
214
- @controller.session[:"user_return_to"] = "/foo.bar"
215
- assert_equal "/foo.bar", @controller.stored_location_for(:user)
216
- assert_nil @controller.session[:"user_return_to"]
217
- end
218
-
219
- test 'store location for stores a location to redirect back to' do
220
- assert_nil @controller.stored_location_for(:user)
221
- @controller.store_location_for(:user, "/foo.bar")
222
- assert_equal "/foo.bar", @controller.stored_location_for(:user)
223
- end
224
-
225
- test 'store bad location for stores a location to redirect back to' do
226
- assert_nil @controller.stored_location_for(:user)
227
- @controller.store_location_for(:user, "/foo.bar\">Carry")
228
- assert_nil @controller.stored_location_for(:user)
229
- end
230
-
231
- test 'store location for accepts a resource as argument' do
232
- @controller.store_location_for(User.new, "/foo.bar")
233
- assert_equal "/foo.bar", @controller.stored_location_for(User.new)
234
- end
235
-
236
- test 'store location for stores paths' do
237
- @controller.store_location_for(:user, "//host/foo.bar")
238
- assert_equal "/foo.bar", @controller.stored_location_for(:user)
239
- @controller.store_location_for(:user, "///foo.bar")
240
- assert_equal "/foo.bar", @controller.stored_location_for(:user)
241
- end
242
-
243
- test 'store location for stores query string' do
244
- @controller.store_location_for(:user, "/foo?bar=baz")
245
- assert_equal "/foo?bar=baz", @controller.stored_location_for(:user)
246
- end
247
-
248
- test 'store location for stores fragments' do
249
- @controller.store_location_for(:user, "/foo#bar")
250
- assert_equal "/foo#bar", @controller.stored_location_for(:user)
251
- end
252
-
253
- test 'after sign in path defaults to root path if none by was specified for the given scope' do
254
- assert_equal root_path, @controller.after_sign_in_path_for(:user)
255
- end
256
-
257
- test 'after sign in path defaults to the scoped root path' do
258
- assert_equal admin_root_path, @controller.after_sign_in_path_for(:admin)
259
- end
260
-
261
- test 'after sign out path defaults to the root path' do
262
- assert_equal root_path, @controller.after_sign_out_path_for(:admin)
263
- assert_equal root_path, @controller.after_sign_out_path_for(:user)
264
- end
265
-
266
- test 'sign in and redirect uses the stored location' do
267
- user = User.new
268
- @controller.session[:user_return_to] = "/foo.bar"
269
- @mock_warden.expects(:user).with(:user).returns(nil)
270
- @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
271
- @controller.expects(:redirect_to).with("/foo.bar")
272
- @controller.sign_in_and_redirect(user)
273
- end
274
-
275
- test 'sign in and redirect uses the configured after sign in path' do
276
- admin = Admin.new
277
- @mock_warden.expects(:user).with(:admin).returns(nil)
278
- @mock_warden.expects(:set_user).with(admin, scope: :admin).returns(true)
279
- @controller.expects(:redirect_to).with(admin_root_path)
280
- @controller.sign_in_and_redirect(admin)
281
- end
282
-
283
- test 'sign in and redirect does not sign in again if user is already signed' do
284
- admin = Admin.new
285
- @mock_warden.expects(:user).with(:admin).returns(admin)
286
- @mock_warden.expects(:set_user).never
287
- @controller.expects(:redirect_to).with(admin_root_path)
288
- @controller.sign_in_and_redirect(admin)
289
- end
290
-
291
- test 'sign out and redirect uses the configured after sign out path when signing out only the current scope' do
292
- swap Devise, sign_out_all_scopes: false do
293
- @mock_warden.expects(:user).with(scope: :admin, run_callbacks: false).returns(true)
294
- @mock_warden.expects(:logout).with(:admin).returns(true)
295
- @mock_warden.expects(:clear_strategies_cache!).with(scope: :admin).returns(true)
296
- @controller.expects(:redirect_to).with(admin_root_path)
297
- @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
298
- @controller.sign_out_and_redirect(:admin)
299
- end
300
- end
301
-
302
- test 'sign out and redirect uses the configured after sign out path when signing out all scopes' do
303
- swap Devise, sign_out_all_scopes: true do
304
- @mock_warden.expects(:user).times(Devise.mappings.size)
305
- @mock_warden.expects(:logout).with().returns(true)
306
- @mock_warden.expects(:clear_strategies_cache!).with().returns(true)
307
- @controller.expects(:redirect_to).with(admin_root_path)
308
- @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
309
- @controller.sign_out_and_redirect(:admin)
310
- end
311
- end
312
-
313
- test 'is not a devise controller' do
314
- assert_not @controller.devise_controller?
315
- end
316
- end
@@ -1,51 +0,0 @@
1
- require 'test_helper'
2
-
3
- class SessionsInheritedController < Devise::SessionsController
4
- def test_i18n_scope
5
- set_flash_message(:notice, :signed_in)
6
- end
7
- end
8
-
9
- class AnotherInheritedController < SessionsInheritedController
10
- protected
11
-
12
- def translation_scope
13
- 'another'
14
- end
15
- end
16
-
17
- class InheritedControllerTest < ActionController::TestCase
18
- tests SessionsInheritedController
19
-
20
- def setup
21
- @mock_warden = OpenStruct.new
22
- @controller.request.env['warden'] = @mock_warden
23
- @controller.request.env['devise.mapping'] = Devise.mappings[:user]
24
- end
25
-
26
- test 'I18n scope is inherited from Devise::Sessions' do
27
- I18n.expects(:t).with do |message, options|
28
- message == 'user.signed_in' &&
29
- options[:scope] == 'devise.sessions'
30
- end
31
- @controller.test_i18n_scope
32
- end
33
- end
34
-
35
- class AnotherInheritedControllerTest < ActionController::TestCase
36
- tests AnotherInheritedController
37
-
38
- def setup
39
- @mock_warden = OpenStruct.new
40
- @controller.request.env['warden'] = @mock_warden
41
- @controller.request.env['devise.mapping'] = Devise.mappings[:user]
42
- end
43
-
44
- test 'I18n scope is overridden' do
45
- I18n.expects(:t).with do |message, options|
46
- message == 'user.signed_in' &&
47
- options[:scope] == 'another'
48
- end
49
- @controller.test_i18n_scope
50
- end
51
- end
@@ -1,129 +0,0 @@
1
- require 'test_helper'
2
-
3
- class MyController < DeviseController
4
- end
5
-
6
- class HelpersTest < ActionController::TestCase
7
- tests MyController
8
-
9
- def setup
10
- @mock_warden = OpenStruct.new
11
- @controller.request.env['warden'] = @mock_warden
12
- @controller.request.env['devise.mapping'] = Devise.mappings[:user]
13
- end
14
-
15
- test 'get resource name from env' do
16
- assert_equal :user, @controller.send(:resource_name)
17
- end
18
-
19
- test 'get resource class from env' do
20
- assert_equal User, @controller.send(:resource_class)
21
- end
22
-
23
- test 'get resource instance variable from env' do
24
- @controller.instance_variable_set(:@user, user = User.new)
25
- assert_equal user, @controller.send(:resource)
26
- end
27
-
28
- test 'set resource instance variable from env' do
29
- user = @controller.send(:resource_class).new
30
- @controller.send(:resource=, user)
31
-
32
- assert_equal user, @controller.send(:resource)
33
- assert_equal user, @controller.instance_variable_get(:@user)
34
- end
35
-
36
- test 'get resource params from request params using resource name as key' do
37
- user_params = {'email' => 'shirley@templar.com'}
38
-
39
- params = if Devise.rails4?
40
- # Stub controller name so strong parameters can filter properly.
41
- # DeviseController does not allow any parameters by default.
42
- @controller.stubs(:controller_name).returns(:sessions_controller)
43
-
44
- ActionController::Parameters.new({'user' => user_params})
45
- else
46
- HashWithIndifferentAccess.new({'user' => user_params})
47
- end
48
- @controller.stubs(:params).returns(params)
49
-
50
- assert_equal user_params, @controller.send(:resource_params)
51
- end
52
-
53
- test 'resources methods are not controller actions' do
54
- assert @controller.class.action_methods.delete_if { |m| m.include? 'commenter' }.empty?
55
- end
56
-
57
- test 'require no authentication tests current mapping' do
58
- @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
59
- @mock_warden.expects(:user).with(:user).returns(User.new)
60
- @controller.expects(:redirect_to).with(root_path)
61
- @controller.send :require_no_authentication
62
- end
63
-
64
- test 'require no authentication only checks if already authenticated if no inputs strategies are available' do
65
- Devise.mappings[:user].expects(:no_input_strategies).returns([])
66
- @mock_warden.expects(:authenticate?).never
67
- @mock_warden.expects(:authenticated?).with(:user).once.returns(true)
68
- @mock_warden.expects(:user).with(:user).returns(User.new)
69
- @controller.expects(:redirect_to).with(root_path)
70
- @controller.send :require_no_authentication
71
- end
72
-
73
- test 'require no authentication sets a flash message' do
74
- @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
75
- @mock_warden.expects(:user).with(:user).returns(User.new)
76
- @controller.expects(:redirect_to).with(root_path)
77
- @controller.send :require_no_authentication
78
- assert flash[:alert] == I18n.t("devise.failure.already_authenticated")
79
- end
80
-
81
- test 'signed in resource returns signed in resource for current scope' do
82
- @mock_warden.expects(:authenticate).with(scope: :user).returns(User.new)
83
- assert_kind_of User, @controller.send(:signed_in_resource)
84
- end
85
-
86
- test 'is a devise controller' do
87
- assert @controller.devise_controller?
88
- end
89
-
90
- test 'does not issue blank flash messages' do
91
- I18n.stubs(:t).returns(' ')
92
- @controller.send :set_flash_message, :notice, :send_instructions
93
- assert flash[:notice].nil?
94
- end
95
-
96
- test 'issues non-blank flash messages normally' do
97
- I18n.stubs(:t).returns('non-blank')
98
- @controller.send :set_flash_message, :notice, :send_instructions
99
- assert_equal 'non-blank', flash[:notice]
100
- end
101
-
102
- test 'issues non-blank flash.now messages normally' do
103
- I18n.stubs(:t).returns('non-blank')
104
- @controller.send :set_flash_message, :notice, :send_instructions, { now: true }
105
- assert_equal 'non-blank', flash.now[:notice]
106
- end
107
-
108
- test 'uses custom i18n options' do
109
- @controller.stubs(:devise_i18n_options).returns(default: "devise custom options")
110
- @controller.send :set_flash_message, :notice, :invalid_i18n_messagesend_instructions
111
- assert_equal 'devise custom options', flash[:notice]
112
- end
113
-
114
- test 'allows custom i18n options to override resource_name' do
115
- I18n.expects(:t).with("custom_resource_name.confirmed", anything)
116
- @controller.stubs(:devise_i18n_options).returns(resource_name: "custom_resource_name")
117
- @controller.send :set_flash_message, :notice, :confirmed
118
- end
119
-
120
- test 'navigational_formats not returning a wild card' do
121
- MyController.send(:public, :navigational_formats)
122
-
123
- swap Devise, navigational_formats: ['*/*', :html] do
124
- assert_not @controller.navigational_formats.include?("*/*")
125
- end
126
-
127
- MyController.send(:protected, :navigational_formats)
128
- end
129
- end
@@ -1,19 +0,0 @@
1
- require 'test_helper'
2
-
3
- class LoadHooksControllerTest < ActionController::TestCase
4
- setup do
5
- ActiveSupport.on_load(:devise_controller) do
6
- define_method :defined_by_load_hook do
7
- puts 'I am defined dynamically by activesupport load hook'
8
- end
9
- end
10
- end
11
-
12
- teardown do
13
- DeviseController.class_eval { undef :defined_by_load_hook }
14
- end
15
-
16
- test 'load hook called when controller is loaded' do
17
- assert DeviseController.instance_methods.include? :defined_by_load_hook
18
- end
19
- end
@@ -1,31 +0,0 @@
1
- require 'test_helper'
2
-
3
- class PasswordsControllerTest < ActionController::TestCase
4
- tests Devise::PasswordsController
5
- include Devise::TestHelpers
6
-
7
- setup do
8
- request.env["devise.mapping"] = Devise.mappings[:user]
9
- @user = create_user.tap(&:confirm)
10
- @raw = @user.send_reset_password_instructions
11
- end
12
-
13
- def put_update_with_params
14
- put :update, "user" => {
15
- "reset_password_token" => @raw, "password" => "1234567", "password_confirmation" => "1234567"
16
- }
17
- end
18
-
19
- test 'redirect to after_sign_in_path_for if after_resetting_password_path_for is not overridden' do
20
- put_update_with_params
21
- assert_redirected_to "http://test.host/"
22
- end
23
-
24
- test 'redirect accordingly if after_resetting_password_path_for is overridden' do
25
- custom_path = "http://custom.path/"
26
- Devise::PasswordsController.any_instance.stubs(:after_resetting_password_path_for).with(@user).returns(custom_path)
27
-
28
- put_update_with_params
29
- assert_redirected_to custom_path
30
- end
31
- end
@@ -1,103 +0,0 @@
1
- require 'test_helper'
2
-
3
- class SessionsControllerTest < ActionController::TestCase
4
- tests Devise::SessionsController
5
- include Devise::TestHelpers
6
-
7
- test "#create doesn't raise unpermitted params when sign in fails" do
8
- begin
9
- subscriber = ActiveSupport::Notifications.subscribe /unpermitted_parameters/ do |name, start, finish, id, payload|
10
- flunk "Unpermitted params: #{payload}"
11
- end
12
- request.env["devise.mapping"] = Devise.mappings[:user]
13
- request.session["user_return_to"] = 'foo.bar'
14
- create_user
15
- post :create, user: {
16
- email: "wrong@email.com",
17
- password: "wrongpassword"
18
- }
19
- assert_equal 200, @response.status
20
- ensure
21
- ActiveSupport::Notifications.unsubscribe(subscriber)
22
- end
23
- end
24
-
25
- test "#create works even with scoped views" do
26
- swap Devise, scoped_views: true do
27
- request.env["devise.mapping"] = Devise.mappings[:user]
28
- post :create
29
- assert_equal 200, @response.status
30
- assert_template "users/sessions/new"
31
- end
32
- end
33
-
34
- test "#create delete the url stored in the session if the requested format is navigational" do
35
- request.env["devise.mapping"] = Devise.mappings[:user]
36
- request.session["user_return_to"] = 'foo.bar'
37
-
38
- user = create_user
39
- user.confirm
40
- post :create, user: {
41
- email: user.email,
42
- password: user.password
43
- }
44
-
45
- assert_nil request.session["user_return_to"]
46
- end
47
-
48
- test "#create doesn't delete the url stored in the session if the requested format is not navigational" do
49
- request.env["devise.mapping"] = Devise.mappings[:user]
50
- request.session["user_return_to"] = 'foo.bar'
51
-
52
- user = create_user
53
- user.confirm
54
- post :create, format: 'json', user: {
55
- email: user.email,
56
- password: user.password
57
- }
58
-
59
- assert_equal 'foo.bar', request.session["user_return_to"]
60
- end
61
-
62
- test "#create doesn't raise exception after Warden authentication fails when TestHelpers included" do
63
- request.env["devise.mapping"] = Devise.mappings[:user]
64
- post :create, user: {
65
- email: "nosuchuser@example.com",
66
- password: "wevdude"
67
- }
68
- assert_equal 200, @response.status
69
- assert_template "devise/sessions/new"
70
- end
71
-
72
- test "#destroy doesn't set the flash if the requested format is not navigational" do
73
- request.env["devise.mapping"] = Devise.mappings[:user]
74
- user = create_user
75
- user.confirm
76
- post :create, format: 'json', user: {
77
- email: user.email,
78
- password: user.password
79
- }
80
-
81
- delete :destroy, format: 'json'
82
- assert flash[:notice].blank?, "flash[:notice] should be blank, not #{flash[:notice].inspect}"
83
- assert_equal 204, @response.status
84
- end
85
-
86
- if defined?(ActiveRecord) && ActiveRecord::Base.respond_to?(:mass_assignment_sanitizer)
87
- test "#new doesn't raise mass-assignment exception even if sign-in key is attr_protected" do
88
- request.env["devise.mapping"] = Devise.mappings[:user]
89
-
90
- ActiveRecord::Base.mass_assignment_sanitizer = :strict
91
- User.class_eval { attr_protected :email }
92
-
93
- begin
94
- assert_nothing_raised ActiveModel::MassAssignmentSecurity::Error do
95
- get :new, user: { email: "allez viens!" }
96
- end
97
- ensure
98
- ActiveRecord::Base.mass_assignment_sanitizer = :logger
99
- User.class_eval { attr_accessible :email }
100
- end
101
- end
102
- end
103
- end