devise 4.3.0 → 4.4.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +10 -5
- data/CHANGELOG.md +20 -0
- data/Gemfile +2 -3
- data/Gemfile.lock +2 -3
- data/ISSUE_TEMPLATE.md +19 -0
- data/README.md +66 -2
- data/Rakefile +1 -0
- data/app/controllers/devise/confirmations_controller.rb +2 -0
- data/app/controllers/devise/omniauth_callbacks_controller.rb +3 -1
- data/app/controllers/devise/passwords_controller.rb +2 -0
- data/app/controllers/devise/registrations_controller.rb +5 -3
- data/app/controllers/devise/sessions_controller.rb +3 -1
- data/app/controllers/devise/unlocks_controller.rb +2 -0
- data/app/controllers/devise_controller.rb +2 -0
- data/app/helpers/devise_helper.rb +2 -0
- data/app/mailers/devise/mailer.rb +2 -0
- data/app/views/devise/confirmations/new.html.erb +1 -1
- data/app/views/devise/passwords/new.html.erb +1 -1
- data/app/views/devise/registrations/edit.html.erb +1 -1
- data/app/views/devise/registrations/new.html.erb +1 -1
- data/app/views/devise/sessions/new.html.erb +1 -1
- data/app/views/devise/unlocks/new.html.erb +1 -1
- data/devise.gemspec +2 -0
- data/gemfiles/Gemfile.rails-4.1-stable +3 -1
- data/gemfiles/Gemfile.rails-4.1-stable.lock +3 -3
- data/gemfiles/Gemfile.rails-4.2-stable +3 -1
- data/gemfiles/Gemfile.rails-4.2-stable.lock +3 -3
- data/gemfiles/Gemfile.rails-5.0-stable +2 -3
- data/gemfiles/Gemfile.rails-5.0-stable.lock +2 -3
- data/guides/bug_report_templates/integration_test.rb +2 -0
- data/lib/devise.rb +3 -1
- data/lib/devise/controllers/helpers.rb +7 -5
- data/lib/devise/controllers/rememberable.rb +2 -0
- data/lib/devise/controllers/scoped_views.rb +2 -0
- data/lib/devise/controllers/sign_in_out.rb +2 -0
- data/lib/devise/controllers/store_location.rb +24 -6
- data/lib/devise/controllers/url_helpers.rb +2 -0
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +2 -0
- data/lib/devise/failure_app.rb +2 -0
- data/lib/devise/hooks/activatable.rb +2 -0
- data/lib/devise/hooks/csrf_cleaner.rb +2 -0
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +2 -0
- data/lib/devise/hooks/proxy.rb +2 -0
- data/lib/devise/hooks/rememberable.rb +2 -0
- data/lib/devise/hooks/timeoutable.rb +2 -0
- data/lib/devise/hooks/trackable.rb +2 -0
- data/lib/devise/mailers/helpers.rb +2 -0
- data/lib/devise/mapping.rb +2 -0
- data/lib/devise/models.rb +2 -0
- data/lib/devise/models/authenticatable.rb +4 -2
- data/lib/devise/models/confirmable.rb +3 -1
- data/lib/devise/models/database_authenticatable.rb +3 -1
- data/lib/devise/models/lockable.rb +8 -2
- data/lib/devise/models/omniauthable.rb +2 -0
- data/lib/devise/models/recoverable.rb +2 -0
- data/lib/devise/models/registerable.rb +2 -0
- data/lib/devise/models/rememberable.rb +3 -1
- data/lib/devise/models/timeoutable.rb +2 -0
- data/lib/devise/models/trackable.rb +3 -1
- data/lib/devise/models/validatable.rb +3 -1
- data/lib/devise/modules.rb +2 -0
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +2 -0
- data/lib/devise/orm/active_record.rb +2 -0
- data/lib/devise/orm/mongoid.rb +2 -0
- data/lib/devise/parameter_filter.rb +2 -0
- data/lib/devise/parameter_sanitizer.rb +2 -0
- data/lib/devise/rails.rb +2 -0
- data/lib/devise/rails/routes.rb +2 -0
- data/lib/devise/rails/warden_compat.rb +2 -0
- data/lib/devise/strategies/authenticatable.rb +2 -0
- data/lib/devise/strategies/base.rb +2 -0
- data/lib/devise/strategies/database_authenticatable.rb +2 -0
- data/lib/devise/strategies/rememberable.rb +2 -0
- data/lib/devise/test/controller_helpers.rb +2 -0
- data/lib/devise/test/integration_helpers.rb +2 -0
- data/lib/devise/test_helpers.rb +2 -0
- data/lib/devise/time_inflector.rb +2 -0
- data/lib/devise/token_generator.rb +2 -0
- data/lib/devise/version.rb +3 -1
- data/lib/generators/active_record/devise_generator.rb +15 -2
- data/lib/generators/active_record/templates/migration.rb +3 -1
- data/lib/generators/active_record/templates/migration_existing.rb +2 -0
- data/lib/generators/devise/controllers_generator.rb +2 -0
- data/lib/generators/devise/devise_generator.rb +4 -2
- data/lib/generators/devise/install_generator.rb +2 -0
- data/lib/generators/devise/orm_helpers.rb +7 -1
- data/lib/generators/devise/views_generator.rb +7 -8
- data/lib/generators/mongoid/devise_generator.rb +2 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +2 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +2 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +2 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +2 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +2 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +2 -0
- data/lib/generators/templates/devise.rb +2 -0
- data/test/controllers/custom_registrations_controller_test.rb +2 -0
- data/test/controllers/custom_strategy_test.rb +2 -0
- data/test/controllers/helper_methods_test.rb +2 -0
- data/test/controllers/helpers_test.rb +2 -0
- data/test/controllers/inherited_controller_i18n_messages_test.rb +2 -0
- data/test/controllers/internal_helpers_test.rb +2 -0
- data/test/controllers/load_hooks_controller_test.rb +2 -0
- data/test/controllers/passwords_controller_test.rb +2 -0
- data/test/controllers/sessions_controller_test.rb +2 -0
- data/test/controllers/url_helpers_test.rb +2 -0
- data/test/delegator_test.rb +2 -0
- data/test/devise_test.rb +2 -0
- data/test/failure_app_test.rb +2 -0
- data/test/generators/active_record_generator_test.rb +47 -0
- data/test/generators/controllers_generator_test.rb +2 -0
- data/test/generators/devise_generator_test.rb +2 -0
- data/test/generators/install_generator_test.rb +2 -0
- data/test/generators/mongoid_generator_test.rb +2 -0
- data/test/generators/views_generator_test.rb +2 -0
- data/test/helpers/devise_helper_test.rb +2 -0
- data/test/integration/authenticatable_test.rb +15 -1
- data/test/integration/confirmable_test.rb +2 -0
- data/test/integration/database_authenticatable_test.rb +2 -0
- data/test/integration/http_authenticatable_test.rb +2 -0
- data/test/integration/lockable_test.rb +5 -3
- data/test/integration/mounted_engine_test.rb +2 -0
- data/test/integration/omniauthable_test.rb +2 -0
- data/test/integration/recoverable_test.rb +2 -0
- data/test/integration/registerable_test.rb +2 -0
- data/test/integration/rememberable_test.rb +2 -0
- data/test/integration/timeoutable_test.rb +2 -0
- data/test/integration/trackable_test.rb +2 -0
- data/test/mailers/confirmation_instructions_test.rb +2 -0
- data/test/mailers/email_changed_test.rb +2 -0
- data/test/mailers/mailer_test.rb +2 -0
- data/test/mailers/reset_password_instructions_test.rb +2 -0
- data/test/mailers/unlock_instructions_test.rb +2 -0
- data/test/mapping_test.rb +2 -0
- data/test/models/authenticatable_test.rb +2 -0
- data/test/models/confirmable_test.rb +2 -0
- data/test/models/database_authenticatable_test.rb +2 -0
- data/test/models/lockable_test.rb +2 -0
- data/test/models/omniauthable_test.rb +2 -0
- data/test/models/recoverable_test.rb +2 -0
- data/test/models/registerable_test.rb +2 -0
- data/test/models/rememberable_test.rb +2 -0
- data/test/models/serializable_test.rb +6 -0
- data/test/models/timeoutable_test.rb +2 -0
- data/test/models/trackable_test.rb +11 -0
- data/test/models/validatable_test.rb +4 -2
- data/test/models_test.rb +2 -0
- data/test/omniauth/config_test.rb +2 -0
- data/test/omniauth/url_helpers_test.rb +2 -0
- data/test/orm/active_record.rb +2 -0
- data/test/orm/mongoid.rb +3 -1
- data/test/parameter_sanitizer_test.rb +2 -0
- data/test/rails_app/app/active_record/admin.rb +2 -0
- data/test/rails_app/app/active_record/shim.rb +2 -0
- data/test/rails_app/app/active_record/user.rb +4 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +2 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +2 -0
- data/test/rails_app/app/active_record/user_with_validations.rb +12 -0
- data/test/rails_app/app/active_record/user_without_email.rb +2 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +2 -0
- data/test/rails_app/app/controllers/admins_controller.rb +2 -0
- data/test/rails_app/app/controllers/application_controller.rb +2 -0
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +2 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +2 -0
- data/test/rails_app/app/controllers/home_controller.rb +2 -0
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +2 -0
- data/test/rails_app/app/controllers/users_controller.rb +2 -0
- data/test/rails_app/app/helpers/application_helper.rb +2 -0
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +2 -0
- data/test/rails_app/app/mailers/users/mailer.rb +2 -0
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +2 -0
- data/test/rails_app/app/mongoid/admin.rb +2 -0
- data/test/rails_app/app/mongoid/shim.rb +2 -0
- data/test/rails_app/app/mongoid/user.rb +2 -0
- data/test/rails_app/app/mongoid/user_on_engine.rb +2 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +2 -0
- data/test/rails_app/app/mongoid/user_with_validations.rb +37 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +2 -0
- data/test/rails_app/config/application.rb +2 -0
- data/test/rails_app/config/boot.rb +2 -0
- data/test/rails_app/config/environment.rb +2 -0
- data/test/rails_app/config/environments/development.rb +2 -0
- data/test/rails_app/config/environments/production.rb +2 -0
- data/test/rails_app/config/environments/test.rb +2 -0
- data/test/rails_app/config/initializers/backtrace_silencers.rb +2 -0
- data/test/rails_app/config/initializers/devise.rb +2 -0
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +2 -0
- data/test/rails_app/config/initializers/session_store.rb +2 -0
- data/test/rails_app/config/routes.rb +2 -0
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +2 -0
- data/test/rails_app/db/schema.rb +2 -0
- data/test/rails_app/lib/shared_admin.rb +2 -0
- data/test/rails_app/lib/shared_user.rb +2 -0
- data/test/rails_app/lib/shared_user_without_email.rb +2 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +2 -0
- data/test/rails_test.rb +2 -0
- data/test/routes_test.rb +2 -0
- data/test/support/action_controller/record_identifier.rb +2 -0
- data/test/support/assertions.rb +2 -0
- data/test/support/helpers.rb +6 -0
- data/test/support/http_method_compatibility.rb +2 -0
- data/test/support/integration.rb +2 -0
- data/test/support/webrat/integrations/rails.rb +2 -0
- data/test/test/controller_helpers_test.rb +2 -0
- data/test/test/integration_helpers_test.rb +2 -0
- data/test/test_helper.rb +2 -0
- data/test/test_models.rb +2 -0
- metadata +8 -3
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
class AuthenticationSanityTest < Devise::IntegrationTest
|
@@ -369,7 +371,7 @@ class AuthenticationWithScopedViewsTest < Devise::IntegrationTest
|
|
369
371
|
end
|
370
372
|
end
|
371
373
|
|
372
|
-
test 'renders the scoped view if turned on in
|
374
|
+
test 'renders the scoped view if turned on in a specific controller' do
|
373
375
|
begin
|
374
376
|
Devise::SessionsController.scoped_views = true
|
375
377
|
assert_raise Webrat::NotFoundError do
|
@@ -543,6 +545,18 @@ class AuthenticationOthersTest < Devise::IntegrationTest
|
|
543
545
|
refute warden.authenticated?(:user)
|
544
546
|
end
|
545
547
|
end
|
548
|
+
|
549
|
+
test 'not signed in should return notification payload with 401 status' do
|
550
|
+
begin
|
551
|
+
subscriber = ActiveSupport::Notifications.subscribe /process_action.action_controller/ do |_name, _start, _finish, _id, payload|
|
552
|
+
assert_equal 401, payload[:status]
|
553
|
+
end
|
554
|
+
|
555
|
+
get admins_path
|
556
|
+
ensure
|
557
|
+
ActiveSupport::Notifications.unsubscribe(subscriber)
|
558
|
+
end
|
559
|
+
end
|
546
560
|
end
|
547
561
|
|
548
562
|
class AuthenticationKeysTest < Devise::IntegrationTest
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
class LockTest < Devise::IntegrationTest
|
@@ -172,7 +174,7 @@ class LockTest < Devise::IntegrationTest
|
|
172
174
|
assert_equal response.body, {}.to_json
|
173
175
|
end
|
174
176
|
|
175
|
-
test "in paranoid mode, when trying to unlock
|
177
|
+
test "in paranoid mode, when trying to unlock a user that exists it should not say that it exists if it is locked" do
|
176
178
|
swap Devise, paranoid: true do
|
177
179
|
user = create_user(locked: true)
|
178
180
|
|
@@ -187,7 +189,7 @@ class LockTest < Devise::IntegrationTest
|
|
187
189
|
end
|
188
190
|
end
|
189
191
|
|
190
|
-
test "in paranoid mode, when trying to unlock
|
192
|
+
test "in paranoid mode, when trying to unlock a user that exists it should not say that it exists if it is not locked" do
|
191
193
|
swap Devise, paranoid: true do
|
192
194
|
user = create_user(locked: false)
|
193
195
|
|
@@ -202,7 +204,7 @@ class LockTest < Devise::IntegrationTest
|
|
202
204
|
end
|
203
205
|
end
|
204
206
|
|
205
|
-
test "in paranoid mode, when trying to unlock
|
207
|
+
test "in paranoid mode, when trying to unlock a user that does not exists it should not say that it does not exists" do
|
206
208
|
swap Devise, paranoid: true do
|
207
209
|
visit new_user_session_path
|
208
210
|
click_link "Didn't receive unlock instructions?"
|
data/test/mailers/mailer_test.rb
CHANGED
data/test/mapping_test.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
class SerializableTest < ActiveSupport::TestCase
|
@@ -40,6 +42,10 @@ class SerializableTest < ActiveSupport::TestCase
|
|
40
42
|
assert_no_match(/confirmation_token/, @user.inspect)
|
41
43
|
end
|
42
44
|
|
45
|
+
test 'should accept frozen options' do
|
46
|
+
assert_key "username", @user.as_json({only: :username}.freeze)["user"]
|
47
|
+
end
|
48
|
+
|
43
49
|
def assert_key(key, subject)
|
44
50
|
assert subject.key?(key), "Expected #{subject.inspect} to have key #{key.inspect}"
|
45
51
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
class TrackableTest < ActiveSupport::TestCase
|
@@ -38,4 +40,13 @@ class TrackableTest < ActiveSupport::TestCase
|
|
38
40
|
assert_nil user.last_sign_in_at
|
39
41
|
assert_equal 0, user.sign_in_count
|
40
42
|
end
|
43
|
+
|
44
|
+
test 'update_tracked_fields should run model validations' do
|
45
|
+
user = UserWithValidations.new
|
46
|
+
request = mock
|
47
|
+
request.stubs(:remote_ip).returns("127.0.0.1")
|
48
|
+
|
49
|
+
assert_not user.update_tracked_fields!(request)
|
50
|
+
assert_not user.persisted?
|
51
|
+
end
|
41
52
|
end
|
@@ -1,4 +1,6 @@
|
|
1
1
|
# encoding: UTF-8
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
require 'test_helper'
|
3
5
|
|
4
6
|
class ValidatableTest < ActiveSupport::TestCase
|
@@ -31,7 +33,7 @@ class ValidatableTest < ActiveSupport::TestCase
|
|
31
33
|
|
32
34
|
%w{invalid_email_format 123 $$$ () ☃}.each do |email|
|
33
35
|
user.email = email
|
34
|
-
assert user.invalid?,
|
36
|
+
assert user.invalid?, "should be invalid with email #{email}"
|
35
37
|
assert_equal 'is invalid', user.errors[:email].join
|
36
38
|
end
|
37
39
|
|
@@ -42,7 +44,7 @@ class ValidatableTest < ActiveSupport::TestCase
|
|
42
44
|
test 'should accept valid emails' do
|
43
45
|
%w(a.b.c@example.com test_mail@gmail.com any@any.net email@test.br 123@mail.test 1☃3@mail.test).each do |email|
|
44
46
|
user = new_user(email: email)
|
45
|
-
assert user.valid?,
|
47
|
+
assert user.valid?, "should be valid with email #{email}"
|
46
48
|
assert_blank user.errors[:email]
|
47
49
|
end
|
48
50
|
end
|
data/test/models_test.rb
CHANGED
data/test/orm/active_record.rb
CHANGED
data/test/orm/mongoid.rb
CHANGED