devise 3.5.3 → 4.7.1

data/test/models/validatable_test.rb

@@ -1,127 +0,0 @@
-# encoding: UTF-8
-require 'test_helper'
-
-class ValidatableTest < ActiveSupport::TestCase
-  test 'should require email to be set' do
-    user = new_user(email: nil)
-    assert user.invalid?
-    assert user.errors[:email]
-    assert_equal 'can\'t be blank', user.errors[:email].join
-  end
-
-  test 'should require uniqueness of email if email has changed, allowing blank' do
-    existing_user = create_user
-
-    user = new_user(email: '')
-    assert user.invalid?
-    assert_no_match(/taken/, user.errors[:email].join)
-
-    user.email = existing_user.email
-    assert user.invalid?
-    assert_match(/taken/, user.errors[:email].join)
-
-    user.save(validate: false)
-    assert user.valid?
-  end
-
-  test 'should require correct email format if email has changed, allowing blank' do
-    user = new_user(email: '')
-    assert user.invalid?
-    assert_not_equal 'is invalid', user.errors[:email].join
-
-    %w{invalid_email_format 123 $$$ () ☃ bla@bla.}.each do |email|
-      user.email = email
-      assert user.invalid?, 'should be invalid with email ' << email
-      assert_equal 'is invalid', user.errors[:email].join
-    end
-
-    user.save(validate: false)
-    assert user.valid?
-  end
-
-  test 'should accept valid emails' do
-    %w(a.b.c@example.com test_mail@gmail.com any@any.net email@test.br 123@mail.test 1☃3@mail.test).each do |email|
-      user = new_user(email: email)
-      assert user.valid?, 'should be valid with email ' << email
-      assert_blank user.errors[:email]
-    end
-  end
-
-  test 'should require password to be set when creating a new record' do
-    user = new_user(password: '', password_confirmation: '')
-    assert user.invalid?
-    assert_equal 'can\'t be blank', user.errors[:password].join
-  end
-
-  test 'should require confirmation to be set when creating a new record' do
-    user = new_user(password: 'new_password', password_confirmation: 'blabla')
-    assert user.invalid?
-
-    if Devise.rails4?
-      assert_equal 'doesn\'t match Password', user.errors[:password_confirmation].join
-    else
-      assert_equal 'doesn\'t match confirmation', user.errors[:password].join
-    end
-  end
-
-  test 'should require password when updating/resetting password' do
-    user = create_user
-
-    user.password = ''
-    user.password_confirmation = ''
-
-    assert user.invalid?
-    assert_equal 'can\'t be blank', user.errors[:password].join
-  end
-
-  test 'should require confirmation when updating/resetting password' do
-    user = create_user
-    user.password_confirmation = 'another_password'
-    assert user.invalid?
-
-    if Devise.rails4?
-      assert_equal 'doesn\'t match Password', user.errors[:password_confirmation].join
-    else
-      assert_equal 'doesn\'t match confirmation', user.errors[:password].join
-    end
-  end
-
-  test 'should require a password with minimum of 7 characters' do
-    user = new_user(password: '12345', password_confirmation: '12345')
-    assert user.invalid?
-    assert_equal 'is too short (minimum is 7 characters)', user.errors[:password].join
-  end
-
-  test 'should require a password with maximum of 72 characters long' do
-    user = new_user(password: 'x'*73, password_confirmation: 'x'*73)
-    assert user.invalid?
-    assert_equal 'is too long (maximum is 72 characters)', user.errors[:password].join
-  end
-
-  test 'should not require password length when it\'s not changed' do
-    user = create_user.reload
-    user.password = user.password_confirmation = nil
-    assert user.valid?
-
-    user.password_confirmation = 'confirmation'
-    assert user.invalid?
-    assert_not (user.errors[:password].join =~ /is too long/)
-  end
-
-  test 'should complain about length even if password is not required' do
-    user = new_user(password: 'x'*73, password_confirmation: 'x'*73)
-    user.stubs(:password_required?).returns(false)
-    assert user.invalid?
-    assert_equal 'is too long (maximum is 72 characters)', user.errors[:password].join
-  end
-
-  test 'should not be included in objects with invalid API' do
-    assert_raise RuntimeError do
-      Class.new.send :include, Devise::Models::Validatable
-    end
-  end
-
-  test 'required_fields should be an empty array' do
-    assert_equal Devise::Models::Validatable.required_fields(User), []
-  end
-end

data/test/models_test.rb

@@ -1,153 +0,0 @@
-require 'test_helper'
-require 'test_models'
-
-class ActiveRecordTest < ActiveSupport::TestCase
-  def include_module?(klass, mod)
-    klass.devise_modules.include?(mod) &&
-      klass.included_modules.include?(Devise::Models::const_get(mod.to_s.classify))
-  end
-
-  def assert_include_modules(klass, *modules)
-    modules.each do |mod|
-      assert include_module?(klass, mod)
-    end
-
-    (Devise::ALL - modules).each do |mod|
-      assert_not include_module?(klass, mod)
-    end
-  end
-
-  test 'can cherry pick modules' do
-    assert_include_modules Admin, :database_authenticatable, :registerable, :timeoutable, :recoverable, :lockable, :confirmable
-  end
-
-  test 'validations options are not applied too late' do
-    validators = WithValidation.validators_on :password
-    length = validators.find { |v| v.kind == :length }
-    assert_equal 2, length.options[:minimum]
-    assert_equal 6, length.options[:maximum]
-  end
-
-  test 'validations are applied just once' do
-    validators = Several.validators_on :password
-    assert_equal 1, validators.select{ |v| v.kind == :length }.length
-  end
-
-  test 'chosen modules are inheritable' do
-    assert_include_modules Inheritable, :database_authenticatable, :registerable, :timeoutable, :recoverable, :lockable, :confirmable
-  end
-
-  test 'order of module inclusion' do
-    correct_module_order   = [:database_authenticatable, :recoverable, :registerable, :confirmable, :lockable, :timeoutable]
-    incorrect_module_order = [:database_authenticatable, :timeoutable, :registerable, :recoverable, :lockable, :confirmable]
-
-    assert_include_modules Admin, *incorrect_module_order
-
-    # get module constants from symbol list
-    module_constants = correct_module_order.collect { |mod| Devise::Models::const_get(mod.to_s.classify) }
-
-    # confirm that they adhere to the order in ALL
-    # get included modules, filter out the noise, and reverse the order
-    assert_equal module_constants, (Admin.included_modules & module_constants).reverse
-  end
-
-  test 'raise error on invalid module' do
-    assert_raise NameError do
-      # Mix valid an invalid modules.
-      Configurable.class_eval { devise :database_authenticatable, :doesnotexit }
-    end
-  end
-
-  test 'set a default value for stretches' do
-    assert_equal 15, Configurable.stretches
-  end
-
-  test 'set a default value for pepper' do
-    assert_equal 'abcdef', Configurable.pepper
-  end
-
-  test 'set a default value for allow_unconfirmed_access_for' do
-    assert_equal 5.days, Configurable.allow_unconfirmed_access_for
-  end
-
-  test 'set a default value for remember_for' do
-    assert_equal 7.days, Configurable.remember_for
-  end
-
-  test 'set a default value for timeout_in' do
-    assert_equal 15.minutes, Configurable.timeout_in
-  end
-
-  test 'set a default value for unlock_in' do
-    assert_equal 10.days, Configurable.unlock_in
-  end
-
-  test 'set null fields on migrations' do
-    # Ignore email sending since no email exists.
-    klass = Class.new(Admin) do
-      def send_devise_notification(*); end
-    end
-
-    klass.create!
-  end
-end
-
-module StubModelFilters
-  def stub_filter(name)
-    define_singleton_method(name) { |*| nil }
-  end
-end
-
-class CheckFieldsTest < ActiveSupport::TestCase
-  test 'checks if the class respond_to the required fields' do
-    Player = Class.new do
-      extend Devise::Models
-      extend StubModelFilters
-
-      stub_filter :before_validation
-      stub_filter :after_update
-
-      devise :database_authenticatable
-
-      attr_accessor :encrypted_password, :email
-    end
-
-    assert_nothing_raised Devise::Models::MissingAttribute do
-      Devise::Models.check_fields!(Player)
-    end
-  end
-
-  test 'raises Devise::Models::MissingAtrribute and shows the missing attribute if the class doesn\'t respond_to one of the attributes' do
-    Clown = Class.new do
-      extend Devise::Models
-      extend StubModelFilters
-
-      stub_filter :before_validation
-      stub_filter :after_update
-
-      devise :database_authenticatable
-
-      attr_accessor :encrypted_password
-    end
-
-    assert_raise_with_message Devise::Models::MissingAttribute, "The following attribute(s) is (are) missing on your model: email" do
-      Devise::Models.check_fields!(Clown)
-    end
-  end
-
-  test 'raises Devise::Models::MissingAtrribute with all the missing attributes if there is more than one' do
-    Magician = Class.new do
-      extend Devise::Models
-      extend StubModelFilters
-
-      stub_filter :before_validation
-      stub_filter :after_update
-
-      devise :database_authenticatable
-    end
-
-    assert_raise_with_message Devise::Models::MissingAttribute, "The following attribute(s) is (are) missing on your model: encrypted_password, email" do
-      Devise::Models.check_fields!(Magician)
-    end
-  end
-end

data/test/omniauth/config_test.rb

@@ -1,57 +0,0 @@
-require 'test_helper'
-
-class OmniAuthConfigTest < ActiveSupport::TestCase
-  class MyStrategy
-    include OmniAuth::Strategy
-  end
-
-  test 'strategy_name returns provider if no options given' do
-    config = Devise::OmniAuth::Config.new :facebook, [{}]
-    assert_equal :facebook, config.strategy_name
-  end
-
-  test 'strategy_name returns provider if no name option are given' do
-    config = Devise::OmniAuth::Config.new :facebook, [{ other: :option }]
-    assert_equal :facebook, config.strategy_name
-  end
-
-  test 'returns name option when have a name' do
-    config = Devise::OmniAuth::Config.new :facebook, [{ name: :github }]
-    assert_equal :github, config.strategy_name
-  end
-
-  test "finds contrib strategies" do
-    config = Devise::OmniAuth::Config.new :facebook, [{}]
-    assert_equal OmniAuth::Strategies::Facebook, config.strategy_class
-  end
-
-  test "finds the strategy in OmniAuth's list by name" do
-    NamedTestStrategy = Class.new
-    NamedTestStrategy.send :include, OmniAuth::Strategy
-    NamedTestStrategy.option :name, :the_one
-
-    config = Devise::OmniAuth::Config.new :the_one, [{}]
-    assert_equal NamedTestStrategy, config.strategy_class
-  end
-
-  test "finds the strategy in OmniAuth's list by class name" do
-    UnNamedTestStrategy = Class.new
-    UnNamedTestStrategy.send :include, OmniAuth::Strategy
-
-    config = Devise::OmniAuth::Config.new :un_named_test_strategy, [{}]
-    assert_equal UnNamedTestStrategy, config.strategy_class
-  end
-
-  test 'raises an error if strategy cannot be found' do
-    config = Devise::OmniAuth::Config.new :my_other_strategy, [{}]
-    assert_raise Devise::OmniAuth::StrategyNotFound do
-      config.strategy_class
-    end
-  end
-
-  test 'allows the user to define a custom require path' do
-    config = Devise::OmniAuth::Config.new :my_strategy, [{strategy_class: MyStrategy}]
-    config_class = config.strategy_class
-    assert_equal MyStrategy, config_class
-  end
-end

data/test/omniauth/url_helpers_test.rb

@@ -1,54 +0,0 @@
-require 'test_helper'
-
-class OmniAuthRoutesTest < ActionController::TestCase
-  ExpectedUrlGeneratiorError = Devise.rails4? ?
-    ActionController::UrlGenerationError : ActionController::RoutingError
-
-  tests ApplicationController
-
-  def assert_path(action, provider, with_param=true)
-    # Resource param
-    assert_equal @controller.send(action, :user, provider),
-                 @controller.send("user_#{action}", provider)
-
-    # With an object
-    assert_equal @controller.send(action, User.new, provider),
-                 @controller.send("user_#{action}", provider)
-
-    if with_param
-      # Default url params
-      assert_equal @controller.send(action, :user, provider, param: 123),
-                   @controller.send("user_#{action}", provider, param: 123)
-    end
-  end
-
-  test 'should alias omniauth_callback to mapped user auth_callback' do
-    assert_path :omniauth_callback_path, :facebook
-  end
-
-  test 'should alias omniauth_authorize to mapped user auth_authorize' do
-    assert_path :omniauth_authorize_path, :facebook, false
-  end
-
-  test 'should generate authorization path' do
-    assert_match "/users/auth/facebook", @controller.omniauth_authorize_path(:user, :facebook)
-
-    assert_raise ExpectedUrlGeneratiorError do
-      @controller.omniauth_authorize_path(:user, :github)
-    end
-  end
-
-  test 'should generate authorization path for named open_id omniauth' do
-    assert_match "/users/auth/google", @controller.omniauth_authorize_path(:user, :google)
-  end
-
-  test 'should generate authorization path with params' do
-    assert_match "/users/auth/openid?openid_url=http%3A%2F%2Fyahoo.com",
-                  @controller.omniauth_authorize_path(:user, :openid, openid_url: "http://yahoo.com")
-  end
-
-  test 'should not add a "?" if no param was sent' do
-    assert_equal "/users/auth/openid",
-                  @controller.omniauth_authorize_path(:user, :openid)
-  end
-end

data/test/orm/active_record.rb

@@ -1,10 +0,0 @@
-ActiveRecord::Migration.verbose = false
-ActiveRecord::Base.logger = Logger.new(nil)
-ActiveRecord::Base.include_root_in_json = true
-
-ActiveRecord::Migrator.migrate(File.expand_path("../../rails_app/db/migrate/", __FILE__))
-
-class ActiveSupport::TestCase
-  self.use_transactional_fixtures = true
-  self.use_instantiated_fixtures  = false
-end

data/test/orm/mongoid.rb

@@ -1,13 +0,0 @@
-require 'mongoid/version'
-
-Mongoid.configure do |config|
-  config.load!('test/support/mongoid.yml')
-  config.use_utc = true
-  config.include_root_in_json = true
-end
-
-class ActiveSupport::TestCase
-  setup do
-    Mongoid.purge!
-  end
-end

data/test/parameter_sanitizer_test.rb

@@ -1,81 +0,0 @@
-require 'test_helper'
-require 'devise/parameter_sanitizer'
-
-class BaseSanitizerTest < ActiveSupport::TestCase
-  def sanitizer(params)
-    Devise::BaseSanitizer.new(User, :user, params)
-  end
-
-  test 'returns chosen params' do
-    sanitizer = sanitizer(user: { "email" => "jose" })
-    assert_equal({ "email" => "jose" }, sanitizer.sanitize(:sign_in))
-  end
-end
-
-if defined?(ActionController::StrongParameters)
-  require 'active_model/forbidden_attributes_protection'
-
-  class ParameterSanitizerTest < ActiveSupport::TestCase
-    def sanitizer(params)
-      params = ActionController::Parameters.new(params)
-      Devise::ParameterSanitizer.new(User, :user, params)
-    end
-
-    test 'filters some parameters on sign in by default' do
-      sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid", "remember_me" => "1" })
-      assert_equal({ "email" => "jose", "password" => "invalid", "remember_me" => "1" }, sanitizer.sanitize(:sign_in))
-    end
-
-    test 'handles auth keys as a hash' do
-      swap Devise, authentication_keys: {email: true} do
-        sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid" })
-        assert_equal({ "email" => "jose", "password" => "invalid" }, sanitizer.sanitize(:sign_in))
-      end
-    end
-
-    test 'filters some parameters on sign up by default' do
-      sanitizer = sanitizer(user: { "email" => "jose", "role" => "invalid" })
-      assert_equal({ "email" => "jose" }, sanitizer.sanitize(:sign_up))
-    end
-
-    test 'filters some parameters on account update by default' do
-      sanitizer = sanitizer(user: { "email" => "jose", "role" => "invalid" })
-      assert_equal({ "email" => "jose" }, sanitizer.sanitize(:account_update))
-    end
-
-    test 'allows custom hooks' do
-      sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid" })
-      sanitizer.for(:sign_in) { |user| user.permit(:email, :password) }
-      assert_equal({ "email" => "jose", "password" => "invalid" }, sanitizer.sanitize(:sign_in))
-    end
-
-    test 'adding multiple permitted parameters' do
-      sanitizer = sanitizer(user: { "email" => "jose", "username" => "jose1", "role" => "valid" })
-      sanitizer.for(:sign_in).concat([:username, :role])
-      assert_equal({ "email" => "jose", "username" => "jose1", "role" => "valid" }, sanitizer.sanitize(:sign_in))
-    end
-
-    test 'removing multiple default parameters' do
-      sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid", "remember_me" => "1" })
-      sanitizer.for(:sign_in).delete(:email)
-      sanitizer.for(:sign_in).delete(:password)
-      assert_equal({ "remember_me" => "1" }, sanitizer.sanitize(:sign_in))
-    end
-
-    test 'raises on unknown hooks' do
-      sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid" })
-      assert_raise NotImplementedError do
-        sanitizer.sanitize(:unknown)
-      end
-    end
-
-    test 'passes parameters to filter as arguments to sanitizer' do
-      params = {user: stub}
-      sanitizer = Devise::ParameterSanitizer.new(User, :user, params)
-
-      params[:user].expects(:permit).with(kind_of(Symbol), kind_of(Symbol), kind_of(Symbol))
-
-      sanitizer.sanitize(:sign_in)
-    end
-  end
-end

data/test/rails_app/Rakefile

@@ -1,6 +0,0 @@
-# Add your own tasks in files placed in lib/tasks ending in .rake,
-# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-
-require File.expand_path('../config/application', __FILE__)
-
-Rails.application.load_tasks

data/test/rails_app/app/active_record/admin.rb

@@ -1,6 +0,0 @@
-require 'shared_admin'
-
-class Admin < ActiveRecord::Base
-  include Shim
-  include SharedAdmin
-end

data/test/rails_app/app/active_record/shim.rb

@@ -1,2 +0,0 @@
-module Shim
-end

data/test/rails_app/app/active_record/user.rb

@@ -1,6 +0,0 @@
-require 'shared_user'
-
-class User < ActiveRecord::Base
-  include Shim
-  include SharedUser
-end

data/test/rails_app/app/active_record/user_on_engine.rb

@@ -1,7 +0,0 @@
-require 'shared_user_without_omniauth'
-
-class UserOnEngine < ActiveRecord::Base
-  self.table_name = 'users'
-  include Shim
-  include SharedUserWithoutOmniauth
-end

data/test/rails_app/app/active_record/user_on_main_app.rb

@@ -1,7 +0,0 @@
-require 'shared_user_without_omniauth'
-
-class UserOnMainApp < ActiveRecord::Base
-  self.table_name = 'users'
-  include Shim
-  include SharedUserWithoutOmniauth
-end

data/test/rails_app/app/active_record/user_without_email.rb

@@ -1,8 +0,0 @@
-require "shared_user_without_email"
-
-class UserWithoutEmail < ActiveRecord::Base
-  self.table_name = 'users'
-  include Shim
-  include SharedUserWithoutEmail
-end
-

data/test/rails_app/app/controllers/admins/sessions_controller.rb

@@ -1,6 +0,0 @@
-class Admins::SessionsController < Devise::SessionsController
-  def new
-    flash[:special] = "Welcome to #{controller_path.inspect} controller!"
-    super
-  end
-end

data/test/rails_app/app/controllers/admins_controller.rb

@@ -1,6 +0,0 @@
-class AdminsController < ApplicationController
-  before_filter :authenticate_admin!
-
-  def index
-  end
-end

data/test/rails_app/app/controllers/application_controller.rb

@@ -1,12 +0,0 @@
-# Filters added to this controller apply to all controllers in the application.
-# Likewise, all the methods added will be available for all controllers.
-
-class ApplicationController < ActionController::Base
-  protect_from_forgery
-  before_filter :current_user, unless: :devise_controller?
-  before_filter :authenticate_user!, if: :devise_controller?
-  respond_to *Mime::SET.map(&:to_sym)
-
-  devise_group :commenter, contains: [:user, :admin]
-end
-

data/test/rails_app/app/controllers/application_with_fake_engine.rb

@@ -1,30 +0,0 @@
-class ApplicationWithFakeEngine < ApplicationController
-  private
-
-  helper_method :fake_engine
-  def fake_engine
-    @fake_engine ||= FakeEngine.new
-  end
-end
-
-class FakeEngine
-  def user_on_engine_confirmation_path
-    '/user_on_engine/confirmation'
-  end
-
-  def new_user_on_engine_session_path
-    '/user_on_engine/confirmation/new'
-  end
-
-  def new_user_on_engine_registration_path
-    '/user_on_engine/registration/new'
-  end
-
-  def new_user_on_engine_password_path
-    '/user_on_engine/password/new'
-  end
-
-  def new_user_on_engine_unlock_path
-    '/user_on_engine/unlock/new'
-  end
-end

data/test/rails_app/app/controllers/custom/registrations_controller.rb

@@ -1,31 +0,0 @@
-class Custom::RegistrationsController < Devise::RegistrationsController
-  def new
-    super do |resource|
-      @new_block_called = true
-    end
-  end
-
-  def create
-    super do |resource|
-      @create_block_called = true
-    end
-  end
-
-  def update
-    super do |resource|
-      @update_block_called = true
-    end
-  end
-
-  def create_block_called?
-    @create_block_called == true
-  end
-
-  def update_block_called?
-    @update_block_called == true
-  end
-
-  def new_block_called?
-    @new_block_called == true
-  end
-end

data/test/rails_app/app/controllers/home_controller.rb

@@ -1,25 +0,0 @@
-class HomeController < ApplicationController
-  def index
-  end
-
-  def private
-  end
-
-  def user_dashboard
-  end
-
-  def admin_dashboard
-  end
-
-  def join
-  end
-
-  def set
-    session["devise.foo_bar"] = "something"
-    head :ok
-  end
-
-  def unauthenticated
-    render text: "unauthenticated", status: :unauthorized
-  end
-end

data/test/rails_app/app/controllers/publisher/registrations_controller.rb

@@ -1,2 +0,0 @@
-class Publisher::RegistrationsController < ApplicationController
-end

data/test/rails_app/app/controllers/publisher/sessions_controller.rb

@@ -1,2 +0,0 @@
-class Publisher::SessionsController < ApplicationController
-end