RubyGems - devise - Versions diffs - 4.1.1 → 4.2.0 - Mend

devise 4.1.1 → 4.2.0

Potentially problematic release.

This version of devise might be problematic. Click here for more details.

Files changed (79) hide show

checksums.yaml +4 -4
data/.travis.yml +9 -7
data/CHANGELOG.md +46 -2
data/CONTRIBUTING.md +30 -7
data/Gemfile +14 -7
data/Gemfile.lock +96 -81
data/README.md +89 -37
data/app/controllers/devise/omniauth_callbacks_controller.rb +3 -3
data/app/controllers/devise/registrations_controller.rb +3 -3
data/app/views/devise/registrations/edit.html.erb +4 -0
data/gemfiles/Gemfile.rails-4.1-stable +4 -4
data/gemfiles/Gemfile.rails-4.1-stable.lock +27 -23
data/gemfiles/Gemfile.rails-4.2-stable +4 -4
data/gemfiles/Gemfile.rails-4.2-stable.lock +58 -54
data/guides/bug_report_templates/integration_test.rb +104 -0
data/lib/devise.rb +21 -14
data/lib/devise/controllers/helpers.rb +12 -1
data/lib/devise/controllers/rememberable.rb +1 -1
data/lib/devise/controllers/sign_in_out.rb +25 -10
data/lib/devise/failure_app.rb +25 -17
data/lib/devise/hooks/proxy.rb +1 -1
data/lib/devise/models/authenticatable.rb +23 -2
data/lib/devise/models/confirmable.rb +13 -7
data/lib/devise/models/database_authenticatable.rb +0 -5
data/lib/devise/models/recoverable.rb +10 -15
data/lib/devise/omniauth/url_helpers.rb +0 -51
data/lib/devise/orm/active_record.rb +3 -1
data/lib/devise/orm/mongoid.rb +4 -2
data/lib/devise/parameter_sanitizer.rb +0 -55
data/lib/devise/rails.rb +3 -1
data/lib/devise/test/controller_helpers.rb +162 -0
data/lib/devise/test/integration_helpers.rb +61 -0
data/lib/devise/test_helpers.rb +5 -129
data/lib/devise/version.rb +1 -1
data/lib/generators/templates/README +1 -8
data/lib/generators/templates/devise.rb +6 -0
data/test/controllers/custom_registrations_controller_test.rb +1 -1
data/test/controllers/custom_strategy_test.rb +1 -1
data/test/controllers/helpers_test.rb +4 -4
data/test/controllers/internal_helpers_test.rb +1 -1
data/test/controllers/passwords_controller_test.rb +1 -1
data/test/controllers/sessions_controller_test.rb +2 -2
data/test/devise_test.rb +9 -9
data/test/failure_app_test.rb +18 -0
data/test/integration/authenticatable_test.rb +36 -36
data/test/integration/confirmable_test.rb +7 -7
data/test/integration/database_authenticatable_test.rb +5 -5
data/test/integration/http_authenticatable_test.rb +2 -2
data/test/integration/lockable_test.rb +1 -1
data/test/integration/mounted_engine_test.rb +36 -0
data/test/integration/omniauthable_test.rb +1 -1
data/test/integration/recoverable_test.rb +4 -4
data/test/integration/registerable_test.rb +12 -6
data/test/integration/rememberable_test.rb +10 -10
data/test/integration/timeoutable_test.rb +5 -5
data/test/mapping_test.rb +1 -1
data/test/models/confirmable_test.rb +33 -25
data/test/models/database_authenticatable_test.rb +13 -13
data/test/models/lockable_test.rb +16 -16
data/test/models/omniauthable_test.rb +1 -1
data/test/models/recoverable_test.rb +10 -10
data/test/models/registerable_test.rb +1 -1
data/test/models/rememberable_test.rb +16 -3
data/test/models/serializable_test.rb +5 -0
data/test/models/timeoutable_test.rb +7 -7
data/test/models/trackable_test.rb +1 -1
data/test/models/validatable_test.rb +1 -1
data/test/models_test.rb +2 -2
data/test/parameter_sanitizer_test.rb +0 -56
data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +1 -1
data/test/rails_app/config/environments/production.rb +3 -1
data/test/rails_app/config/environments/test.rb +5 -6
data/test/rails_app/db/migrate/20100401102949_create_tables.rb +5 -1
data/test/support/assertions.rb +0 -11
data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +2 -2
data/test/test/integration_helpers_test.rb +32 -0
metadata +11 -6
data/gemfiles/Gemfile.rails-5.0-beta +0 -37
data/gemfiles/Gemfile.rails-5.0-beta.lock +0 -199

data/test/parameter_sanitizer_test.rb CHANGED

@@ -73,59 +73,3 @@ class ParameterSanitizerTest < ActiveSupport::TestCase
     assert_equal({ 'username' => 'jose' }, sanitized)
   end
 end
-class DeprecatedParameterSanitizerAPITest < ActiveSupport::TestCase
-  class CustomSanitizer < Devise::ParameterSanitizer
-    def sign_in
-      default_params.permit(:username)
-    end
-  end
-  def sanitizer(params)
-    params = ActionController::Parameters.new(params)
-    Devise::ParameterSanitizer.new(User, :user, params)
-  end
-  test 'overriding instance methods have precedence over the default sanitized attributes' do
-    assert_deprecated do
-      params =  ActionController::Parameters.new(user: { "username" => "jose", "name" => "Jose" })
-      sanitizer = CustomSanitizer.new(User, :user, params)
-      sanitized = sanitizer.sanitize(:sign_in)
-      assert_equal({ "username" => "jose" }, sanitized)
-    end
-  end
-  test 'adding new parameters by mutating the Array' do
-    assert_deprecated do
-      sanitizer = sanitizer('user' => { 'username' => 'jose' })
-      sanitizer.for(:sign_in) << :username
-      sanitized = sanitizer.sanitize(:sign_in)
-      assert_equal({ 'username' => 'jose' }, sanitized)
-    end
-  end
-   test 'adding new parameters with a block' do
-     assert_deprecated do
-       sanitizer = sanitizer('user' => { 'username' => 'jose' })
-       sanitizer.for(:sign_in) { |user| user.permit(:username) }
-       sanitized = sanitizer.sanitize(:sign_in)
-       assert_equal({ 'username' => 'jose' }, sanitized)
-     end
-   end
-  test 'removing multiple default parameters' do
-    assert_deprecated do
-      sanitizer = sanitizer('user' => { 'email' => 'jose', 'password' => 'invalid', 'remember_me' => '1' })
-      sanitizer.for(:sign_in).delete(:email)
-      sanitizer.for(:sign_in).delete(:password)
-      sanitized = sanitizer.sanitize(:sign_in)
-      assert_equal({ 'remember_me' => '1' }, sanitized)
-    end
-  end
-end

data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb CHANGED

@@ -1,6 +1,6 @@
 class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
   def facebook
-    data = request.respond_to?(:get_header) ? request.get_header("omniauth.auth") : env["omniauth.auth"]
+    data = request.respond_to?(:get_header) ? request.get_header("omniauth.auth") : request.env["omniauth.auth"]
     session["devise.facebook_data"] = data["extra"]["user_hash"]
     render json: data
   end

data/test/rails_app/config/environments/production.rb CHANGED

@@ -20,7 +20,9 @@ RailsApp::Application.configure do
   # config.action_dispatch.rack_cache = true
   # Disable Rails's static asset server (Apache or nginx will already do this).
-  if Rails.version >= "4.2.0"
+  if Rails.version >= "5.0.0"
+    config.public_file_server.enabled = false
+  elsif Rails.version >= "4.2.0"
     config.serve_static_files = false
   else
     config.serve_static_assets = false

data/test/rails_app/config/environments/test.rb CHANGED

@@ -14,15 +14,14 @@ RailsApp::Application.configure do
   # Disable serving static files from the `/public` folder by default since
   # Apache or NGINX already handles this.
-  if Rails.version >= "4.2.0"
-    config.serve_static_files = true
-  else
-    config.serve_static_assets = true
-  end
   if Rails.version >= "5.0.0"
+    config.public_file_server.enabled = true
     config.public_file_server.headers = {'Cache-Control' => 'public, max-age=3600'}
+  elsif Rails.version >= "4.2.0"
+    config.serve_static_files = true
+    config.static_cache_control = "public, max-age=3600"
   else
+    config.serve_static_assets = true
     config.static_cache_control = "public, max-age=3600"
   end

data/test/rails_app/db/migrate/20100401102949_create_tables.rb CHANGED

@@ -1,4 +1,8 @@
-class CreateTables < ActiveRecord::Migration
+superclass = ActiveRecord::Migration
+# TODO: Inherit from the 5.0 Migration class directly when we drop support for Rails 4.
+superclass = ActiveRecord::Migration[5.0] if superclass.respond_to?(:[])
+class CreateTables < superclass
   def self.up
     create_table :users do |t|
       t.string :username

data/test/support/assertions.rb CHANGED

@@ -1,10 +1,6 @@
 require 'active_support/test_case'
 class ActiveSupport::TestCase
-  def assert_not(assertion)
-    assert !assertion
-  end
   def assert_blank(assertion)
     assert assertion.blank?
   end
@@ -24,13 +20,6 @@ class ActiveSupport::TestCase
     assert_no_difference('ActionMailer::Base.deliveries.size', &block)
   end
-  def assert_same_content(result, expected)
-    assert expected.size == result.size, "the arrays doesn't have the same size"
-    expected.each do |element|
-      assert result.include?(element), "The array doesn't include '#{element}'."
-    end
-  end
   def assert_raise_with_message(exception_klass, message, &block)
     exception = assert_raise exception_klass, &block
     assert_equal exception.message, message,

data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} RENAMED

@@ -1,8 +1,8 @@
 require 'test_helper'
-class TestHelpersTest < Devise::ControllerTestCase
+class TestControllerHelpersTest < Devise::ControllerTestCase
   tests UsersController
-  include Devise::TestHelpers
+  include Devise::Test::ControllerHelpers
   test "redirects if attempting to access a page unauthenticated" do
     get :index

data/test/test/integration_helpers_test.rb ADDED

@@ -0,0 +1,32 @@
+require 'test_helper'
+class TestIntegrationsHelpersTest < Devise::IntegrationTest
+  include Devise::Test::IntegrationHelpers
+  test '#sign_in signs in the resource directly' do
+    sign_in(create_user)
+    visit '/'
+    assert warden.authenticated?(:user)
+  end
+  test '#sign_outs signs out in the resource directly' do
+    user = create_user
+    sign_in user
+    sign_out user
+    visit '/'
+    refute warden.authenticated?(:user)
+  end
+  test '#sign_out does not signs out other scopes' do
+    sign_in(create_user)
+    sign_in(create_admin)
+    sign_out :user
+    visit '/'
+    refute warden.authenticated?(:user)
+    assert warden.authenticated?(:admin)
+  end
+end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: devise
 version: !ruby/object:Gem::Version
-  version: 4.1.1
+  version: 4.2.0
 platform: ruby
 authors:
 - José Valim
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-05-15 00:00:00.000000000 Z
+date: 2016-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: warden
@@ -133,8 +133,7 @@ files:
 - gemfiles/Gemfile.rails-4.1-stable.lock
 - gemfiles/Gemfile.rails-4.2-stable
 - gemfiles/Gemfile.rails-4.2-stable.lock
-- gemfiles/Gemfile.rails-5.0-beta
-- gemfiles/Gemfile.rails-5.0-beta.lock
+- guides/bug_report_templates/integration_test.rb
 - lib/devise.rb
 - lib/devise/controllers/helpers.rb
 - lib/devise/controllers/rememberable.rb
@@ -182,6 +181,8 @@ files:
 - lib/devise/strategies/base.rb
 - lib/devise/strategies/database_authenticatable.rb
 - lib/devise/strategies/rememberable.rb
+- lib/devise/test/controller_helpers.rb
+- lib/devise/test/integration_helpers.rb
 - lib/devise/test_helpers.rb
 - lib/devise/time_inflector.rb
 - lib/devise/token_generator.rb
@@ -240,6 +241,7 @@ files:
 - test/integration/database_authenticatable_test.rb
 - test/integration/http_authenticatable_test.rb
 - test/integration/lockable_test.rb
+- test/integration/mounted_engine_test.rb
 - test/integration/omniauthable_test.rb
 - test/integration/recoverable_test.rb
 - test/integration/registerable_test.rb
@@ -344,8 +346,9 @@ files:
 - test/support/locale/en.yml
 - test/support/mongoid.yml
 - test/support/webrat/integrations/rails.rb
+- test/test/controller_helpers_test.rb
+- test/test/integration_helpers_test.rb
 - test/test_helper.rb
-- test/test_helpers_test.rb
 - test/test_models.rb
 homepage: https://github.com/plataformatec/devise
 licenses:
@@ -397,6 +400,7 @@ test_files:
 - test/integration/database_authenticatable_test.rb
 - test/integration/http_authenticatable_test.rb
 - test/integration/lockable_test.rb
+- test/integration/mounted_engine_test.rb
 - test/integration/omniauthable_test.rb
 - test/integration/recoverable_test.rb
 - test/integration/registerable_test.rb
@@ -501,6 +505,7 @@ test_files:
 - test/support/locale/en.yml
 - test/support/mongoid.yml
 - test/support/webrat/integrations/rails.rb
+- test/test/controller_helpers_test.rb
+- test/test/integration_helpers_test.rb
 - test/test_helper.rb
-- test/test_helpers_test.rb
 - test/test_models.rb

data/gemfiles/Gemfile.rails-5.0-beta DELETED

@@ -1,37 +0,0 @@
-source "https://rubygems.org"
-gemspec path: ".."
-gem "rails", "5.0.0.beta3"
-gem "omniauth", " ~>1.3"
-gem "oauth2"
-gem "omniauth-oauth2", ">= 1.2.0", "< 1.5.0"
-gem "rdoc"
-gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
-gem "rails-controller-testing"
-gem "responders", "~> 2.1.1"
-group :test do
-  gem "omniauth-facebook"
-  gem "omniauth-openid", "~> 1.0.1"
-  gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
-end
-platforms :jruby do
-  gem "activerecord-jdbc-adapter"
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jruby-openssl"
-end
-platforms :ruby do
-  gem "sqlite3"
-end
-# TODO:
-# group :mongoid do
-#   gem "mongoid", "~> 4.0.0"
-# end

data/gemfiles/Gemfile.rails-5.0-beta.lock DELETED

@@ -1,199 +0,0 @@
-GIT
-  remote: git://github.com/rails/activemodel-serializers-xml.git
-  revision: f380ea5ddefcb9a37f4fbc47606ed6fbecdb2b2a
-  specs:
-    activemodel-serializers-xml (1.0.0)
-      activemodel (> 5.x)
-      activerecord (> 5.x)
-      activesupport (> 5.x)
-      builder (~> 3.1)
-PATH
-  remote: ..
-  specs:
-    devise (4.0.0.rc2)
-      bcrypt (~> 3.0)
-      orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 5.1)
-      responders
-      warden (~> 1.2.3)
-GEM
-  remote: https://rubygems.org/
-  specs:
-    actioncable (5.0.0.beta3)
-      actionpack (= 5.0.0.beta3)
-      nio4r (~> 1.2)
-      websocket-driver (~> 0.6.1)
-    actionmailer (5.0.0.beta3)
-      actionpack (= 5.0.0.beta3)
-      actionview (= 5.0.0.beta3)
-      activejob (= 5.0.0.beta3)
-      mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (5.0.0.beta3)
-      actionview (= 5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      rack (~> 2.x)
-      rack-test (~> 0.6.3)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      builder (~> 3.1)
-      erubis (~> 2.7.0)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activejob (5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      globalid (>= 0.3.6)
-    activemodel (5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-    activerecord (5.0.0.beta3)
-      activemodel (= 5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      arel (~> 7.0)
-    activesupport (5.0.0.beta3)
-      concurrent-ruby (~> 1.0)
-      i18n (~> 0.7)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-    arel (7.0.0)
-    bcrypt (3.1.11)
-    builder (3.2.2)
-    concurrent-ruby (1.0.1)
-    erubis (2.7.0)
-    faraday (0.9.2)
-      multipart-post (>= 1.2, < 3)
-    globalid (0.3.6)
-      activesupport (>= 4.1.0)
-    hashie (3.4.3)
-    i18n (0.7.0)
-    json (1.8.3)
-    jwt (1.5.1)
-    loofah (2.0.3)
-      nokogiri (>= 1.5.9)
-    mail (2.6.4)
-      mime-types (>= 1.16, < 4)
-    metaclass (0.0.4)
-    method_source (0.8.2)
-    mime-types (3.0)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2016.0221)
-    mini_portile2 (2.0.0)
-    minitest (5.8.4)
-    mocha (1.1.0)
-      metaclass (~> 0.0.1)
-    multi_json (1.11.2)
-    multi_xml (0.5.5)
-    multipart-post (2.0.0)
-    nio4r (1.2.1)
-    nokogiri (1.6.7.2)
-      mini_portile2 (~> 2.0.0.rc2)
-    oauth2 (1.1.0)
-      faraday (>= 0.8, < 0.10)
-      jwt (~> 1.0, < 1.5.2)
-      multi_json (~> 1.3)
-      multi_xml (~> 0.5)
-      rack (>= 1.2, < 3)
-    omniauth (1.3.1)
-      hashie (>= 1.2, < 4)
-      rack (>= 1.0, < 3)
-    omniauth-facebook (3.0.0)
-      omniauth-oauth2 (~> 1.2)
-    omniauth-oauth2 (1.4.0)
-      oauth2 (~> 1.0)
-      omniauth (~> 1.2)
-    omniauth-openid (1.0.1)
-      omniauth (~> 1.0)
-      rack-openid (~> 1.3.1)
-    orm_adapter (0.5.0)
-    rack (2.0.0.alpha)
-      json
-    rack-openid (1.3.1)
-      rack (>= 1.1.0)
-      ruby-openid (>= 2.1.8)
-    rack-test (0.6.3)
-      rack (>= 1.0)
-    rails (5.0.0.beta3)
-      actioncable (= 5.0.0.beta3)
-      actionmailer (= 5.0.0.beta3)
-      actionpack (= 5.0.0.beta3)
-      actionview (= 5.0.0.beta3)
-      activejob (= 5.0.0.beta3)
-      activemodel (= 5.0.0.beta3)
-      activerecord (= 5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      bundler (>= 1.3.0, < 2.0)
-      railties (= 5.0.0.beta3)
-      sprockets-rails (>= 2.0.0)
-    rails-controller-testing (0.1.1)
-      actionpack (~> 5.x)
-      actionview (~> 5.x)
-      activesupport (~> 5.x)
-    rails-deprecated_sanitizer (1.0.3)
-      activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.7)
-      activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
-      rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
-    railties (5.0.0.beta3)
-      actionpack (= 5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      method_source
-      rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
-    rake (11.1.2)
-    rdoc (4.2.2)
-      json (~> 1.4)
-    responders (2.1.2)
-      railties (>= 4.2.0, < 5.1)
-    ruby-openid (2.7.0)
-    sprockets (3.6.0)
-      concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
-    sprockets-rails (3.0.4)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
-      sprockets (>= 3.0.0)
-    sqlite3 (1.3.11)
-    thor (0.19.1)
-    thread_safe (0.3.5)
-    tzinfo (1.2.2)
-      thread_safe (~> 0.1)
-    warden (1.2.6)
-      rack (>= 1.0)
-    webrat (0.7.3)
-      nokogiri (>= 1.2.0)
-      rack (>= 1.0)
-      rack-test (>= 0.5.3)
-    websocket-driver (0.6.3)
-      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.2)
-PLATFORMS
-  ruby
-DEPENDENCIES
-  activemodel-serializers-xml!
-  activerecord-jdbc-adapter
-  activerecord-jdbcsqlite3-adapter
-  devise!
-  jruby-openssl
-  mocha (~> 1.1)
-  oauth2
-  omniauth (~> 1.3)
-  omniauth-facebook
-  omniauth-oauth2 (>= 1.2.0, < 1.5.0)
-  omniauth-openid (~> 1.0.1)
-  rails (= 5.0.0.beta3)
-  rails-controller-testing
-  rdoc
-  responders (~> 2.1.1)
-  sqlite3
-  webrat (= 0.7.3)
-BUNDLED WITH
-   1.11.2