RubyGems - devise - Versions diffs - 4.1.1 → 4.2.0 - Mend

devise 4.1.1 → 4.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devise might be problematic. Click here for more details.

Files changed (79) hide show

checksums.yaml +4 -4
data/.travis.yml +9 -7
data/CHANGELOG.md +46 -2
data/CONTRIBUTING.md +30 -7
data/Gemfile +14 -7
data/Gemfile.lock +96 -81
data/README.md +89 -37
data/app/controllers/devise/omniauth_callbacks_controller.rb +3 -3
data/app/controllers/devise/registrations_controller.rb +3 -3
data/app/views/devise/registrations/edit.html.erb +4 -0
data/gemfiles/Gemfile.rails-4.1-stable +4 -4
data/gemfiles/Gemfile.rails-4.1-stable.lock +27 -23
data/gemfiles/Gemfile.rails-4.2-stable +4 -4
data/gemfiles/Gemfile.rails-4.2-stable.lock +58 -54
data/guides/bug_report_templates/integration_test.rb +104 -0
data/lib/devise.rb +21 -14
data/lib/devise/controllers/helpers.rb +12 -1
data/lib/devise/controllers/rememberable.rb +1 -1
data/lib/devise/controllers/sign_in_out.rb +25 -10
data/lib/devise/failure_app.rb +25 -17
data/lib/devise/hooks/proxy.rb +1 -1
data/lib/devise/models/authenticatable.rb +23 -2
data/lib/devise/models/confirmable.rb +13 -7
data/lib/devise/models/database_authenticatable.rb +0 -5
data/lib/devise/models/recoverable.rb +10 -15
data/lib/devise/omniauth/url_helpers.rb +0 -51
data/lib/devise/orm/active_record.rb +3 -1
data/lib/devise/orm/mongoid.rb +4 -2
data/lib/devise/parameter_sanitizer.rb +0 -55
data/lib/devise/rails.rb +3 -1
data/lib/devise/test/controller_helpers.rb +162 -0
data/lib/devise/test/integration_helpers.rb +61 -0
data/lib/devise/test_helpers.rb +5 -129
data/lib/devise/version.rb +1 -1
data/lib/generators/templates/README +1 -8
data/lib/generators/templates/devise.rb +6 -0
data/test/controllers/custom_registrations_controller_test.rb +1 -1
data/test/controllers/custom_strategy_test.rb +1 -1
data/test/controllers/helpers_test.rb +4 -4
data/test/controllers/internal_helpers_test.rb +1 -1
data/test/controllers/passwords_controller_test.rb +1 -1
data/test/controllers/sessions_controller_test.rb +2 -2
data/test/devise_test.rb +9 -9
data/test/failure_app_test.rb +18 -0
data/test/integration/authenticatable_test.rb +36 -36
data/test/integration/confirmable_test.rb +7 -7
data/test/integration/database_authenticatable_test.rb +5 -5
data/test/integration/http_authenticatable_test.rb +2 -2
data/test/integration/lockable_test.rb +1 -1
data/test/integration/mounted_engine_test.rb +36 -0
data/test/integration/omniauthable_test.rb +1 -1
data/test/integration/recoverable_test.rb +4 -4
data/test/integration/registerable_test.rb +12 -6
data/test/integration/rememberable_test.rb +10 -10
data/test/integration/timeoutable_test.rb +5 -5
data/test/mapping_test.rb +1 -1
data/test/models/confirmable_test.rb +33 -25
data/test/models/database_authenticatable_test.rb +13 -13
data/test/models/lockable_test.rb +16 -16
data/test/models/omniauthable_test.rb +1 -1
data/test/models/recoverable_test.rb +10 -10
data/test/models/registerable_test.rb +1 -1
data/test/models/rememberable_test.rb +16 -3
data/test/models/serializable_test.rb +5 -0
data/test/models/timeoutable_test.rb +7 -7
data/test/models/trackable_test.rb +1 -1
data/test/models/validatable_test.rb +1 -1
data/test/models_test.rb +2 -2
data/test/parameter_sanitizer_test.rb +0 -56
data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +1 -1
data/test/rails_app/config/environments/production.rb +3 -1
data/test/rails_app/config/environments/test.rb +5 -6
data/test/rails_app/db/migrate/20100401102949_create_tables.rb +5 -1
data/test/support/assertions.rb +0 -11
data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +2 -2
data/test/test/integration_helpers_test.rb +32 -0
metadata +11 -6
data/gemfiles/Gemfile.rails-5.0-beta +0 -37
data/gemfiles/Gemfile.rails-5.0-beta.lock +0 -199

data/test/parameter_sanitizer_test.rb CHANGED

@@ -73,59 +73,3 @@ class ParameterSanitizerTest < ActiveSupport::TestCase
     assert_equal({ 'username' => 'jose' }, sanitized)
   end
 end
-class DeprecatedParameterSanitizerAPITest < ActiveSupport::TestCase
-  class CustomSanitizer < Devise::ParameterSanitizer
-    def sign_in
-      default_params.permit(:username)
-    end
-  end
-  def sanitizer(params)
-    params = ActionController::Parameters.new(params)
-    Devise::ParameterSanitizer.new(User, :user, params)
-  end
-  test 'overriding instance methods have precedence over the default sanitized attributes' do
-    assert_deprecated do
-      params =  ActionController::Parameters.new(user: { "username" => "jose", "name" => "Jose" })
-      sanitizer = CustomSanitizer.new(User, :user, params)
-      sanitized = sanitizer.sanitize(:sign_in)
-      assert_equal({ "username" => "jose" }, sanitized)
-    end
-  end
-  test 'adding new parameters by mutating the Array' do
-    assert_deprecated do
-      sanitizer = sanitizer('user' => { 'username' => 'jose' })
-      sanitizer.for(:sign_in) << :username
-      sanitized = sanitizer.sanitize(:sign_in)
-      assert_equal({ 'username' => 'jose' }, sanitized)
-    end
-  end
-   test 'adding new parameters with a block' do
-     assert_deprecated do
-       sanitizer = sanitizer('user' => { 'username' => 'jose' })
-       sanitizer.for(:sign_in) { |user| user.permit(:username) }
-       sanitized = sanitizer.sanitize(:sign_in)
-       assert_equal({ 'username' => 'jose' }, sanitized)
-     end
-   end
-  test 'removing multiple default parameters' do
-    assert_deprecated do
-      sanitizer = sanitizer('user' => { 'email' => 'jose', 'password' => 'invalid', 'remember_me' => '1' })
-      sanitizer.for(:sign_in).delete(:email)
-      sanitizer.for(:sign_in).delete(:password)
-      sanitized = sanitizer.sanitize(:sign_in)
-      assert_equal({ 'remember_me' => '1' }, sanitized)
-    end
-  end
-end

data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb CHANGED

@@ -1,6 +1,6 @@
 class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
   def facebook
-    data = request.respond_to?(:get_header) ? request.get_header("omniauth.auth") : env["omniauth.auth"]
+    data = request.respond_to?(:get_header) ? request.get_header("omniauth.auth") : request.env["omniauth.auth"]
     session["devise.facebook_data"] = data["extra"]["user_hash"]
     render json: data
   end

data/test/rails_app/config/environments/production.rb CHANGED

@@ -20,7 +20,9 @@ RailsApp::Application.configure do
   # config.action_dispatch.rack_cache = true
   # Disable Rails's static asset server (Apache or nginx will already do this).
-  if Rails.version >= "4.2.0"
+  if Rails.version >= "5.0.0"
+    config.public_file_server.enabled = false
+  elsif Rails.version >= "4.2.0"
     config.serve_static_files = false
   else
     config.serve_static_assets = false

data/test/rails_app/config/environments/test.rb CHANGED

@@ -14,15 +14,14 @@ RailsApp::Application.configure do
   # Disable serving static files from the `/public` folder by default since
   # Apache or NGINX already handles this.
-  if Rails.version >= "4.2.0"
-    config.serve_static_files = true
-  else
-    config.serve_static_assets = true
-  end
   if Rails.version >= "5.0.0"
+    config.public_file_server.enabled = true
     config.public_file_server.headers = {'Cache-Control' => 'public, max-age=3600'}
+  elsif Rails.version >= "4.2.0"
+    config.serve_static_files = true
+    config.static_cache_control = "public, max-age=3600"
   else
+    config.serve_static_assets = true
     config.static_cache_control = "public, max-age=3600"
   end

data/test/rails_app/db/migrate/20100401102949_create_tables.rb CHANGED

@@ -1,4 +1,8 @@
-class CreateTables < ActiveRecord::Migration
+superclass = ActiveRecord::Migration
+# TODO: Inherit from the 5.0 Migration class directly when we drop support for Rails 4.
+superclass = ActiveRecord::Migration[5.0] if superclass.respond_to?(:[])
+class CreateTables < superclass
   def self.up
     create_table :users do |t|
       t.string :username

data/test/support/assertions.rb CHANGED

@@ -1,10 +1,6 @@
 require 'active_support/test_case'
 class ActiveSupport::TestCase
-  def assert_not(assertion)
-    assert !assertion
-  end
   def assert_blank(assertion)
     assert assertion.blank?
   end
@@ -24,13 +20,6 @@ class ActiveSupport::TestCase
     assert_no_difference('ActionMailer::Base.deliveries.size', &block)
   end
-  def assert_same_content(result, expected)
-    assert expected.size == result.size, "the arrays doesn't have the same size"
-    expected.each do |element|
-      assert result.include?(element), "The array doesn't include '#{element}'."
-    end
-  end
   def assert_raise_with_message(exception_klass, message, &block)
     exception = assert_raise exception_klass, &block
     assert_equal exception.message, message,

data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} RENAMED

@@ -1,8 +1,8 @@
 require 'test_helper'
-class TestHelpersTest < Devise::ControllerTestCase
+class TestControllerHelpersTest < Devise::ControllerTestCase
   tests UsersController
-  include Devise::TestHelpers
+  include Devise::Test::ControllerHelpers
   test "redirects if attempting to access a page unauthenticated" do
     get :index

data/test/test/integration_helpers_test.rb ADDED

@@ -0,0 +1,32 @@
+require 'test_helper'
+class TestIntegrationsHelpersTest < Devise::IntegrationTest
+  include Devise::Test::IntegrationHelpers
+  test '#sign_in signs in the resource directly' do
+    sign_in(create_user)
+    visit '/'
+    assert warden.authenticated?(:user)
+  end
+  test '#sign_outs signs out in the resource directly' do
+    user = create_user
+    sign_in user
+    sign_out user
+    visit '/'
+    refute warden.authenticated?(:user)
+  end
+  test '#sign_out does not signs out other scopes' do
+    sign_in(create_user)
+    sign_in(create_admin)
+    sign_out :user
+    visit '/'
+    refute warden.authenticated?(:user)
+    assert warden.authenticated?(:admin)
+  end
+end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: devise
 version: !ruby/object:Gem::Version
-  version: 4.1.1
+  version: 4.2.0
 platform: ruby
 authors:
 - José Valim
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-05-15 00:00:00.000000000 Z
+date: 2016-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: warden
@@ -133,8 +133,7 @@ files:
 - gemfiles/Gemfile.rails-4.1-stable.lock
 - gemfiles/Gemfile.rails-4.2-stable
 - gemfiles/Gemfile.rails-4.2-stable.lock
-- gemfiles/Gemfile.rails-5.0-beta
-- gemfiles/Gemfile.rails-5.0-beta.lock
+- guides/bug_report_templates/integration_test.rb
 - lib/devise.rb
 - lib/devise/controllers/helpers.rb
 - lib/devise/controllers/rememberable.rb
@@ -182,6 +181,8 @@ files:
 - lib/devise/strategies/base.rb
 - lib/devise/strategies/database_authenticatable.rb
 - lib/devise/strategies/rememberable.rb
+- lib/devise/test/controller_helpers.rb
+- lib/devise/test/integration_helpers.rb
 - lib/devise/test_helpers.rb
 - lib/devise/time_inflector.rb
 - lib/devise/token_generator.rb
@@ -240,6 +241,7 @@ files:
 - test/integration/database_authenticatable_test.rb
 - test/integration/http_authenticatable_test.rb
 - test/integration/lockable_test.rb
+- test/integration/mounted_engine_test.rb
 - test/integration/omniauthable_test.rb
 - test/integration/recoverable_test.rb
 - test/integration/registerable_test.rb
@@ -344,8 +346,9 @@ files:
 - test/support/locale/en.yml
 - test/support/mongoid.yml
 - test/support/webrat/integrations/rails.rb
+- test/test/controller_helpers_test.rb
+- test/test/integration_helpers_test.rb
 - test/test_helper.rb
-- test/test_helpers_test.rb
 - test/test_models.rb
 homepage: https://github.com/plataformatec/devise
 licenses:
@@ -397,6 +400,7 @@ test_files:
 - test/integration/database_authenticatable_test.rb
 - test/integration/http_authenticatable_test.rb
 - test/integration/lockable_test.rb
+- test/integration/mounted_engine_test.rb
 - test/integration/omniauthable_test.rb
 - test/integration/recoverable_test.rb
 - test/integration/registerable_test.rb
@@ -501,6 +505,7 @@ test_files:
 - test/support/locale/en.yml
 - test/support/mongoid.yml
 - test/support/webrat/integrations/rails.rb
+- test/test/controller_helpers_test.rb
+- test/test/integration_helpers_test.rb
 - test/test_helper.rb
-- test/test_helpers_test.rb
 - test/test_models.rb

data/gemfiles/Gemfile.rails-5.0-beta DELETED

@@ -1,37 +0,0 @@
-source "https://rubygems.org"
-gemspec path: ".."
-gem "rails", "5.0.0.beta3"
-gem "omniauth", " ~>1.3"
-gem "oauth2"
-gem "omniauth-oauth2", ">= 1.2.0", "< 1.5.0"
-gem "rdoc"
-gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
-gem "rails-controller-testing"
-gem "responders", "~> 2.1.1"
-group :test do
-  gem "omniauth-facebook"
-  gem "omniauth-openid", "~> 1.0.1"
-  gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
-end
-platforms :jruby do
-  gem "activerecord-jdbc-adapter"
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jruby-openssl"
-end
-platforms :ruby do
-  gem "sqlite3"
-end
-# TODO:
-# group :mongoid do
-#   gem "mongoid", "~> 4.0.0"
-# end

data/gemfiles/Gemfile.rails-5.0-beta.lock DELETED

@@ -1,199 +0,0 @@
-GIT
-  remote: git://github.com/rails/activemodel-serializers-xml.git
-  revision: f380ea5ddefcb9a37f4fbc47606ed6fbecdb2b2a
-  specs:
-    activemodel-serializers-xml (1.0.0)
-      activemodel (> 5.x)
-      activerecord (> 5.x)
-      activesupport (> 5.x)
-      builder (~> 3.1)
-PATH
-  remote: ..
-  specs:
-    devise (4.0.0.rc2)
-      bcrypt (~> 3.0)
-      orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 5.1)
-      responders
-      warden (~> 1.2.3)
-GEM
-  remote: https://rubygems.org/
-  specs:
-    actioncable (5.0.0.beta3)
-      actionpack (= 5.0.0.beta3)
-      nio4r (~> 1.2)
-      websocket-driver (~> 0.6.1)
-    actionmailer (5.0.0.beta3)
-      actionpack (= 5.0.0.beta3)
-      actionview (= 5.0.0.beta3)
-      activejob (= 5.0.0.beta3)
-      mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (5.0.0.beta3)
-      actionview (= 5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      rack (~> 2.x)
-      rack-test (~> 0.6.3)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      builder (~> 3.1)
-      erubis (~> 2.7.0)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activejob (5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      globalid (>= 0.3.6)
-    activemodel (5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-    activerecord (5.0.0.beta3)
-      activemodel (= 5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      arel (~> 7.0)
-    activesupport (5.0.0.beta3)
-      concurrent-ruby (~> 1.0)
-      i18n (~> 0.7)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-    arel (7.0.0)
-    bcrypt (3.1.11)
-    builder (3.2.2)
-    concurrent-ruby (1.0.1)
-    erubis (2.7.0)
-    faraday (0.9.2)
-      multipart-post (>= 1.2, < 3)
-    globalid (0.3.6)
-      activesupport (>= 4.1.0)
-    hashie (3.4.3)
-    i18n (0.7.0)
-    json (1.8.3)
-    jwt (1.5.1)
-    loofah (2.0.3)
-      nokogiri (>= 1.5.9)
-    mail (2.6.4)
-      mime-types (>= 1.16, < 4)
-    metaclass (0.0.4)
-    method_source (0.8.2)
-    mime-types (3.0)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2016.0221)
-    mini_portile2 (2.0.0)
-    minitest (5.8.4)
-    mocha (1.1.0)
-      metaclass (~> 0.0.1)
-    multi_json (1.11.2)
-    multi_xml (0.5.5)
-    multipart-post (2.0.0)
-    nio4r (1.2.1)
-    nokogiri (1.6.7.2)
-      mini_portile2 (~> 2.0.0.rc2)
-    oauth2 (1.1.0)
-      faraday (>= 0.8, < 0.10)
-      jwt (~> 1.0, < 1.5.2)
-      multi_json (~> 1.3)
-      multi_xml (~> 0.5)
-      rack (>= 1.2, < 3)
-    omniauth (1.3.1)
-      hashie (>= 1.2, < 4)
-      rack (>= 1.0, < 3)
-    omniauth-facebook (3.0.0)
-      omniauth-oauth2 (~> 1.2)
-    omniauth-oauth2 (1.4.0)
-      oauth2 (~> 1.0)
-      omniauth (~> 1.2)
-    omniauth-openid (1.0.1)
-      omniauth (~> 1.0)
-      rack-openid (~> 1.3.1)
-    orm_adapter (0.5.0)
-    rack (2.0.0.alpha)
-      json
-    rack-openid (1.3.1)
-      rack (>= 1.1.0)
-      ruby-openid (>= 2.1.8)
-    rack-test (0.6.3)
-      rack (>= 1.0)
-    rails (5.0.0.beta3)
-      actioncable (= 5.0.0.beta3)
-      actionmailer (= 5.0.0.beta3)
-      actionpack (= 5.0.0.beta3)
-      actionview (= 5.0.0.beta3)
-      activejob (= 5.0.0.beta3)
-      activemodel (= 5.0.0.beta3)
-      activerecord (= 5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      bundler (>= 1.3.0, < 2.0)
-      railties (= 5.0.0.beta3)
-      sprockets-rails (>= 2.0.0)
-    rails-controller-testing (0.1.1)
-      actionpack (~> 5.x)
-      actionview (~> 5.x)
-      activesupport (~> 5.x)
-    rails-deprecated_sanitizer (1.0.3)
-      activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.7)
-      activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
-      rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
-    railties (5.0.0.beta3)
-      actionpack (= 5.0.0.beta3)
-      activesupport (= 5.0.0.beta3)
-      method_source
-      rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
-    rake (11.1.2)
-    rdoc (4.2.2)
-      json (~> 1.4)
-    responders (2.1.2)
-      railties (>= 4.2.0, < 5.1)
-    ruby-openid (2.7.0)
-    sprockets (3.6.0)
-      concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
-    sprockets-rails (3.0.4)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
-      sprockets (>= 3.0.0)
-    sqlite3 (1.3.11)
-    thor (0.19.1)
-    thread_safe (0.3.5)
-    tzinfo (1.2.2)
-      thread_safe (~> 0.1)
-    warden (1.2.6)
-      rack (>= 1.0)
-    webrat (0.7.3)
-      nokogiri (>= 1.2.0)
-      rack (>= 1.0)
-      rack-test (>= 0.5.3)
-    websocket-driver (0.6.3)
-      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.2)
-PLATFORMS
-  ruby
-DEPENDENCIES
-  activemodel-serializers-xml!
-  activerecord-jdbc-adapter
-  activerecord-jdbcsqlite3-adapter
-  devise!
-  jruby-openssl
-  mocha (~> 1.1)
-  oauth2
-  omniauth (~> 1.3)
-  omniauth-facebook
-  omniauth-oauth2 (>= 1.2.0, < 1.5.0)
-  omniauth-openid (~> 1.0.1)
-  rails (= 5.0.0.beta3)
-  rails-controller-testing
-  rdoc
-  responders (~> 2.1.1)
-  sqlite3
-  webrat (= 0.7.3)
-BUNDLED WITH
-   1.11.2