devise 4.4.3 → 4.8.1

data/test/controllers/internal_helpers_test.rb

@@ -1,129 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class MyController < DeviseController
-end
-
-class HelpersTest < Devise::ControllerTestCase
-  tests MyController
-
-  def setup
-    @mock_warden = OpenStruct.new
-    @controller.request.env['warden'] = @mock_warden
-    @controller.request.env['devise.mapping'] = Devise.mappings[:user]
-  end
-
-  test 'get resource name from env' do
-    assert_equal :user, @controller.send(:resource_name)
-  end
-
-  test 'get resource class from env' do
-    assert_equal User, @controller.send(:resource_class)
-  end
-
-  test 'get resource instance variable from env' do
-    @controller.instance_variable_set(:@user, user = User.new)
-    assert_equal user, @controller.send(:resource)
-  end
-
-  test 'set resource instance variable from env' do
-    user = @controller.send(:resource_class).new
-    @controller.send(:resource=, user)
-
-    assert_equal user, @controller.send(:resource)
-    assert_equal user, @controller.instance_variable_get(:@user)
-  end
-
-  test 'get resource params from request params using resource name as key' do
-    user_params = {'email' => 'shirley@templar.com'}
-
-    # Stub controller name so strong parameters can filter properly.
-    # DeviseController does not allow any parameters by default.
-    @controller.stubs(:controller_name).returns(:sessions_controller)
-
-    params = ActionController::Parameters.new({'user' => user_params})
-
-    @controller.stubs(:params).returns(params)
-
-    res_params = @controller.send(:resource_params).permit!.to_h
-    assert_equal user_params, res_params
-  end
-
-  test 'resources methods are not controller actions' do
-    assert @controller.class.action_methods.delete_if { |m| m.include? 'commenter' }.empty?
-  end
-
-  test 'require no authentication tests current mapping' do
-    @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
-    @mock_warden.expects(:user).with(:user).returns(User.new)
-    @controller.expects(:redirect_to).with(root_path)
-    @controller.send :require_no_authentication
-  end
-
-  test 'require no authentication only checks if already authenticated if no inputs strategies are available' do
-    Devise.mappings[:user].expects(:no_input_strategies).returns([])
-    @mock_warden.expects(:authenticate?).never
-    @mock_warden.expects(:authenticated?).with(:user).once.returns(true)
-    @mock_warden.expects(:user).with(:user).returns(User.new)
-    @controller.expects(:redirect_to).with(root_path)
-    @controller.send :require_no_authentication
-  end
-
-  test 'require no authentication sets a flash message' do
-    @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
-    @mock_warden.expects(:user).with(:user).returns(User.new)
-    @controller.expects(:redirect_to).with(root_path)
-    @controller.send :require_no_authentication
-    assert flash[:alert] == I18n.t("devise.failure.already_authenticated")
-  end
-
-  test 'signed in resource returns signed in resource for current scope' do
-    @mock_warden.expects(:authenticate).with(scope: :user).returns(User.new)
-    assert_kind_of User, @controller.send(:signed_in_resource)
-  end
-
-  test 'is a devise controller' do
-    assert @controller.devise_controller?
-  end
-
-  test 'does not issue blank flash messages' do
-    I18n.stubs(:t).returns('   ')
-    @controller.send :set_flash_message, :notice, :send_instructions
-    assert flash[:notice].nil?
-  end
-
-  test 'issues non-blank flash messages normally' do
-    I18n.stubs(:t).returns('non-blank')
-    @controller.send :set_flash_message, :notice, :send_instructions
-    assert_equal 'non-blank', flash[:notice]
-  end
-
-  test 'issues non-blank flash.now messages normally' do
-    I18n.stubs(:t).returns('non-blank')
-    @controller.send :set_flash_message, :notice, :send_instructions, { now: true }
-    assert_equal 'non-blank', flash.now[:notice]
-  end
-
-  test 'uses custom i18n options' do
-    @controller.stubs(:devise_i18n_options).returns(default: "devise custom options")
-    @controller.send :set_flash_message, :notice, :invalid_i18n_messagesend_instructions
-    assert_equal 'devise custom options', flash[:notice]
-  end
-
-  test 'allows custom i18n options to override resource_name' do
-    I18n.expects(:t).with("custom_resource_name.confirmed", anything)
-    @controller.stubs(:devise_i18n_options).returns(resource_name: "custom_resource_name")
-    @controller.send :set_flash_message, :notice, :confirmed
-  end
-
-  test 'navigational_formats not returning a wild card' do
-    MyController.send(:public, :navigational_formats)
-
-    swap Devise, navigational_formats: ['*/*', :html] do
-      refute @controller.navigational_formats.include?("*/*")
-    end
-
-    MyController.send(:protected, :navigational_formats)
-  end
-end

data/test/controllers/load_hooks_controller_test.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class LoadHooksControllerTest < Devise::ControllerTestCase
-  setup do
-    ActiveSupport.on_load(:devise_controller) do
-      define_method :defined_by_load_hook do
-        puts 'I am defined dynamically by activesupport load hook'
-      end
-    end
-  end
-
-  teardown do
-    DeviseController.class_eval { undef :defined_by_load_hook }
-  end
-
-  test 'load hook called when controller is loaded' do
-    assert DeviseController.instance_methods.include? :defined_by_load_hook
-  end
-end

data/test/controllers/passwords_controller_test.rb

@@ -1,34 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class PasswordsControllerTest < Devise::ControllerTestCase
-  tests Devise::PasswordsController
-  include Devise::Test::ControllerHelpers
-
-  setup do
-    request.env["devise.mapping"] = Devise.mappings[:user]
-    @user = create_user.tap(&:confirm)
-    @raw  = @user.send_reset_password_instructions
-  end
-
-  def put_update_with_params
-    put :update, params: { "user" => {
-        "reset_password_token" => @raw, "password" => "1234567", "password_confirmation" => "1234567"
-      }
-    }
-  end
-
-  test 'redirect to after_sign_in_path_for if after_resetting_password_path_for is not overridden' do
-    put_update_with_params
-    assert_redirected_to "http://test.host/"
-  end
-
-  test 'redirect accordingly if after_resetting_password_path_for is overridden' do
-    custom_path = "http://custom.path/"
-    Devise::PasswordsController.any_instance.stubs(:after_resetting_password_path_for).with(@user).returns(custom_path)
-
-    put_update_with_params
-    assert_redirected_to custom_path
-  end
-end

data/test/controllers/sessions_controller_test.rb

@@ -1,108 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class SessionsControllerTest < Devise::ControllerTestCase
-  tests Devise::SessionsController
-  include Devise::Test::ControllerHelpers
-
-  test "#create doesn't raise unpermitted params when sign in fails" do
-    begin
-      subscriber = ActiveSupport::Notifications.subscribe %r{unpermitted_parameters} do |name, start, finish, id, payload|
-        flunk "Unpermitted params: #{payload}"
-      end
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      request.session["user_return_to"] = 'foo.bar'
-      create_user
-      post :create, params: { user: {
-          email: "wrong@email.com",
-          password: "wrongpassword"
-        }
-      }
-      assert_equal 200, @response.status
-    ensure
-      ActiveSupport::Notifications.unsubscribe(subscriber)
-    end
-  end
-
-  test "#create works even with scoped views" do
-    swap Devise, scoped_views: true do
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      post :create
-      assert_equal 200, @response.status
-      assert_template "users/sessions/new"
-    end
-  end
-
-  test "#create delete the url stored in the session if the requested format is navigational" do
-    request.env["devise.mapping"] = Devise.mappings[:user]
-    request.session["user_return_to"] = 'foo.bar'
-
-    user = create_user
-    user.confirm
-    post :create, params: { user: {
-        email: user.email,
-        password: user.password
-      }
-    }
-    assert_nil request.session["user_return_to"]
-  end
-
-  test "#create doesn't delete the url stored in the session if the requested format is not navigational" do
-    request.env["devise.mapping"] = Devise.mappings[:user]
-    request.session["user_return_to"] = 'foo.bar'
-
-    user = create_user
-    user.confirm
-    post :create, params: { format: 'json', user: {
-        email: user.email,
-        password: user.password
-      }
-    }
-
-    assert_equal 'foo.bar', request.session["user_return_to"]
-  end
-
-  test "#create doesn't raise exception after Warden authentication fails when TestHelpers included" do
-    request.env["devise.mapping"] = Devise.mappings[:user]
-    post :create, params: { user: {
-        email: "nosuchuser@example.com",
-        password: "wevdude"
-      }
-    }
-    assert_equal 200, @response.status
-    assert_template "devise/sessions/new"
-  end
-
-  test "#destroy doesn't set the flash if the requested format is not navigational" do
-    request.env["devise.mapping"] = Devise.mappings[:user]
-    user = create_user
-    user.confirm
-    post :create, params: { format: 'json', user: {
-        email: user.email,
-        password: user.password
-      }
-    }
-    delete :destroy, format: 'json'
-    assert flash[:notice].blank?, "flash[:notice] should be blank, not #{flash[:notice].inspect}"
-    assert_equal 204, @response.status
-  end
-
-  if defined?(ActiveRecord) && ActiveRecord::Base.respond_to?(:mass_assignment_sanitizer)
-    test "#new doesn't raise mass-assignment exception even if sign-in key is attr_protected" do
-      request.env["devise.mapping"] = Devise.mappings[:user]
-
-      ActiveRecord::Base.mass_assignment_sanitizer = :strict
-      User.class_eval { attr_protected :email }
-
-      begin
-        assert_nothing_raised do
-          get :new, user: { email: "allez viens!" }
-        end
-      ensure
-        ActiveRecord::Base.mass_assignment_sanitizer = :logger
-        User.class_eval { attr_accessible :email }
-      end
-    end
-  end
-end

data/test/controllers/url_helpers_test.rb

@@ -1,67 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class RoutesTest < Devise::ControllerTestCase
-  tests ApplicationController
-
-  def assert_path_and_url(name, prepend_path=nil)
-    @request.path = '/users/session'
-    prepend_path = "#{prepend_path}_" if prepend_path
-
-    # Resource param
-    assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user),
-                 send(:"#{prepend_path}user_#{name}_path")
-    assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user),
-                 send(:"#{prepend_path}user_#{name}_url")
-
-    # With string
-    assert_equal @controller.send(:"#{prepend_path}#{name}_path", "user"),
-                 send(:"#{prepend_path}user_#{name}_path")
-    assert_equal @controller.send(:"#{prepend_path}#{name}_url", "user"),
-                 send(:"#{prepend_path}user_#{name}_url")
-
-    # Default url params
-    assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, param: 123),
-                 send(:"#{prepend_path}user_#{name}_path", param: 123)
-    assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user, param: 123),
-                 send(:"#{prepend_path}user_#{name}_url", param: 123)
-
-    @request.path = nil
-    # With an object
-    assert_equal @controller.send(:"#{prepend_path}#{name}_path", User.new),
-                 send(:"#{prepend_path}user_#{name}_path")
-    assert_equal @controller.send(:"#{prepend_path}#{name}_url", User.new),
-                 send(:"#{prepend_path}user_#{name}_url")
-  end
-
-
-  test 'should alias session to mapped user session' do
-    assert_path_and_url :session
-    assert_path_and_url :session, :new
-    assert_path_and_url :session, :destroy
-  end
-
-  test 'should alias password to mapped user password' do
-    assert_path_and_url :password
-    assert_path_and_url :password, :new
-    assert_path_and_url :password, :edit
-  end
-
-  test 'should alias confirmation to mapped user confirmation' do
-    assert_path_and_url :confirmation
-    assert_path_and_url :confirmation, :new
-  end
-
-  test 'should alias unlock to mapped user unlock' do
-    assert_path_and_url :unlock
-    assert_path_and_url :unlock, :new
-  end
-
-  test 'should alias registration to mapped user registration' do
-    assert_path_and_url :registration
-    assert_path_and_url :registration, :new
-    assert_path_and_url :registration, :edit
-    assert_path_and_url :registration, :cancel
-  end
-end

data/test/delegator_test.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class DelegatorTest < ActiveSupport::TestCase
-  def delegator
-    Devise::Delegator.new
-  end
-
-  test 'failure_app returns default failure app if no warden options in env' do
-    assert_equal Devise::FailureApp, delegator.failure_app({})
-  end
-
-  test 'failure_app returns default failure app if no scope in warden options' do
-    assert_equal Devise::FailureApp, delegator.failure_app({"warden.options" => {}})
-  end
-
-  test 'failure_app returns associated failure app by scope in the given environment' do
-    assert_kind_of Proc, delegator.failure_app({"warden.options" => {scope: "manager"}})
-  end
-end

data/test/devise_test.rb

@@ -1,109 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-module Devise
-  def self.yield_and_restore
-    @@warden_configured = nil
-    c, b = @@warden_config, @@warden_config_blocks
-    yield
-  ensure
-    @@warden_config, @@warden_config_blocks = c, b
-  end
-end
-
-class DeviseTest < ActiveSupport::TestCase
-  test 'bcrypt on the class' do
-    password = "super secret"
-    klass    = Struct.new(:pepper, :stretches).new("blahblah", 2)
-    hash     = Devise::Encryptor.digest(klass, password)
-    assert_equal ::BCrypt::Password.create(hash), hash
-
-    klass    = Struct.new(:pepper, :stretches).new("bla", 2)
-    hash     = Devise::Encryptor.digest(klass, password)
-    assert_not_equal ::BCrypt::Password.new(hash), hash
-  end
-
-  test 'model options can be configured through Devise' do
-    swap Devise, allow_unconfirmed_access_for: 113, pepper: "foo" do
-      assert_equal 113, Devise.allow_unconfirmed_access_for
-      assert_equal "foo", Devise.pepper
-    end
-  end
-
-  test 'setup block yields self' do
-    Devise.setup do |config|
-      assert_equal Devise, config
-    end
-  end
-
-  test 'stores warden configuration' do
-    assert_kind_of Devise::Delegator, Devise.warden_config.failure_app
-    assert_equal :user, Devise.warden_config.default_scope
-  end
-
-  test 'warden manager user configuration through a block' do
-    Devise.yield_and_restore do
-      executed = false
-      Devise.warden do |config|
-        executed = true
-        assert_kind_of Warden::Config, config
-      end
-
-      Devise.configure_warden!
-      assert executed
-    end
-  end
-
-  test 'warden manager user configuration through multiple blocks' do
-    Devise.yield_and_restore do
-      executed = 0
-
-      3.times do
-        Devise.warden { |config| executed += 1 }
-      end
-
-      Devise.configure_warden!
-      assert_equal 3, executed
-    end
-  end
-
-  test 'add new module using the helper method' do
-    Devise.add_module(:coconut)
-    assert_equal 1, Devise::ALL.select { |v| v == :coconut }.size
-    refute Devise::STRATEGIES.include?(:coconut)
-    refute defined?(Devise::Models::Coconut)
-    Devise::ALL.delete(:coconut)
-
-    Devise.add_module(:banana, strategy: :fruits)
-    assert_equal :fruits, Devise::STRATEGIES[:banana]
-    Devise::ALL.delete(:banana)
-    Devise::STRATEGIES.delete(:banana)
-
-    Devise.add_module(:kivi, controller: :fruits)
-    assert_equal :fruits, Devise::CONTROLLERS[:kivi]
-    Devise::ALL.delete(:kivi)
-    Devise::CONTROLLERS.delete(:kivi)
-  end
-
-  test 'should complain when comparing empty or different sized passes' do
-    [nil, ""].each do |empty|
-      refute Devise.secure_compare(empty, "something")
-      refute Devise.secure_compare("something", empty)
-      refute Devise.secure_compare(empty, empty)
-    end
-    refute Devise.secure_compare("size_1", "size_four")
-  end
-
-  test 'Devise.email_regexp should match valid email addresses' do
-    valid_emails = ["test@example.com", "jo@jo.co", "f4$_m@you.com", "testing.example@example.com.ua", "test@tt", "test@valid---domain.com"]
-    non_valid_emails = ["rex", "test user@example.com", "test_user@example server.com"]
-
-    valid_emails.each do |email|
-      assert_match Devise.email_regexp, email
-    end
-    non_valid_emails.each do |email|
-      assert_no_match Devise.email_regexp, email
-    end
-  end
-end