devise 4.5.0 → 4.6.0

data/test/models/serializable_test.rb

@@ -1,60 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class SerializableTest < ActiveSupport::TestCase
-  setup do
-    @user = create_user
-  end
-
-  test 'should not include unsafe keys on XML' do
-    assert_match(/email/, @user.to_xml)
-    assert_no_match(/confirmation-token/, @user.to_xml)
-  end
-
-  test 'should not include unsafe keys on XML even if a new except is provided' do
-    assert_no_match(/email/, @user.to_xml(except: :email))
-    assert_no_match(/confirmation-token/, @user.to_xml(except: :email))
-  end
-
-  test 'should include unsafe keys on XML if a force_except is provided' do
-    assert_no_match(/<email/, @user.to_xml(force_except: :email))
-    assert_match(/confirmation-token/, @user.to_xml(force_except: :email))
-  end
-
-  test 'should not include unsafe keys on JSON' do
-    keys = from_json().keys.select{ |key| !key.include?("id") }
-    assert_equal %w(created_at email facebook_token updated_at username), keys.sort
-  end
-
-  test 'should not include unsafe keys on JSON even if a new except is provided' do
-    assert_no_key "email", from_json(except: :email)
-    assert_no_key "confirmation_token", from_json(except: :email)
-  end
-
-  test 'should include unsafe keys on JSON if a force_except is provided' do
-    assert_no_key "email", from_json(force_except: :email)
-    assert_key "confirmation_token", from_json(force_except: :email)
-  end
-
-  test 'should not include unsafe keys in inspect' do
-    assert_match(/email/, @user.inspect)
-    assert_no_match(/confirmation_token/, @user.inspect)
-  end
-
-  test 'should accept frozen options' do
-    assert_key "username", @user.as_json({only: :username}.freeze)["user"]
-  end
-
-  def assert_key(key, subject)
-    assert subject.key?(key), "Expected #{subject.inspect} to have key #{key.inspect}"
-  end
-
-  def assert_no_key(key, subject)
-    assert !subject.key?(key), "Expected #{subject.inspect} to not have key #{key.inspect}"
-  end
-
-  def from_json(options=nil)
-    ActiveSupport::JSON.decode(@user.to_json(options))["user"]
-  end
-end

data/test/models/timeoutable_test.rb

@@ -1,53 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class TimeoutableTest < ActiveSupport::TestCase
-
-  test 'should be expired' do
-    assert new_user.timedout?(31.minutes.ago)
-  end
-
-  test 'should not be expired' do
-    refute new_user.timedout?(29.minutes.ago)
-  end
-
-  test 'should not be expired when params is nil' do
-    refute new_user.timedout?(nil)
-  end
-
-  test 'should use timeout_in method' do
-    user = new_user
-    user.instance_eval { def timeout_in; 10.minutes end }
-
-    assert user.timedout?(12.minutes.ago)
-    refute user.timedout?(8.minutes.ago)
-  end
-
-  test 'should not be expired when timeout_in method returns nil' do
-    user = new_user
-    user.instance_eval { def timeout_in; nil end }
-    refute user.timedout?(10.hours.ago)
-  end
-
-  test 'fallback to Devise config option' do
-    swap Devise, timeout_in: 1.minute do
-      user = new_user
-      assert user.timedout?(2.minutes.ago)
-      refute user.timedout?(30.seconds.ago)
-
-      Devise.timeout_in = 5.minutes
-      refute user.timedout?(2.minutes.ago)
-      assert user.timedout?(6.minutes.ago)
-    end
-  end
-
-  test 'required_fields should contain the fields that Devise uses' do
-    assert_equal Devise::Models::Timeoutable.required_fields(User), []
-  end
-
-  test 'should not raise error if remember_created_at is not empty and rememberable is disabled' do
-    user = create_admin(remember_created_at: Time.current)
-    assert user.timedout?(31.minutes.ago)
-  end
-end

data/test/models/trackable_test.rb

@@ -1,80 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class TrackableTest < ActiveSupport::TestCase
-  test 'required_fields should contain the fields that Devise uses' do
-    assert_equal Devise::Models::Trackable.required_fields(User), [
-      :current_sign_in_at,
-      :current_sign_in_ip,
-      :last_sign_in_at,
-      :last_sign_in_ip,
-      :sign_in_count
-    ]
-  end
-
-  test 'update_tracked_fields should only set attributes but not save the record' do
-    user = create_user
-    request = mock
-    request.stubs(:remote_ip).returns("127.0.0.1")
-
-    assert_nil user.current_sign_in_ip
-    assert_nil user.last_sign_in_ip
-    assert_nil user.current_sign_in_at
-    assert_nil user.last_sign_in_at
-    assert_equal 0, user.sign_in_count
-
-    user.update_tracked_fields(request)
-
-    assert_equal "127.0.0.1", user.current_sign_in_ip
-    assert_equal "127.0.0.1", user.last_sign_in_ip
-    assert_not_nil user.current_sign_in_at
-    assert_not_nil user.last_sign_in_at
-    assert_equal 1, user.sign_in_count
-
-    user.reload
-
-    assert_nil user.current_sign_in_ip
-    assert_nil user.last_sign_in_ip
-    assert_nil user.current_sign_in_at
-    assert_nil user.last_sign_in_at
-    assert_equal 0, user.sign_in_count
-  end
-
-  test "update_tracked_fields! should not persist invalid records" do
-    user = UserWithValidations.new
-    request = mock
-    request.stubs(:remote_ip).returns("127.0.0.1")
-
-    assert_not user.update_tracked_fields!(request)
-    assert_not user.persisted?
-  end
-
-  test "update_tracked_fields! should not run model validations" do
-    user = User.new
-    request = mock
-    request.stubs(:remote_ip).returns("127.0.0.1")
-
-    user.expects(:after_validation_callback).never
-
-    assert_not user.update_tracked_fields!(request)
-  end
-
-  test 'extract_ip_from should be overridable' do
-    class UserWithOverride < User
-      protected
-        def extract_ip_from(request)
-          "127.0.0.2"
-        end
-    end
-
-    request = mock
-    request.stubs(:remote_ip).returns("127.0.0.1")
-    user = UserWithOverride.new
-
-    user.update_tracked_fields(request)
-
-    assert_equal "127.0.0.2", user.current_sign_in_ip
-    assert_equal "127.0.0.2", user.last_sign_in_ip
-  end
-end

data/test/models/validatable_test.rb

@@ -1,121 +0,0 @@
-# encoding: UTF-8
-# frozen_string_literal: true
-
-require 'test_helper'
-
-class ValidatableTest < ActiveSupport::TestCase
-  test 'should require email to be set' do
-    user = new_user(email: nil)
-    assert user.invalid?
-    assert user.errors[:email]
-    assert_equal 'can\'t be blank', user.errors[:email].join
-  end
-
-  test 'should require uniqueness of email if email has changed, allowing blank' do
-    existing_user = create_user
-
-    user = new_user(email: '')
-    assert user.invalid?
-    assert_no_match(/taken/, user.errors[:email].join)
-
-    user.email = existing_user.email
-    assert user.invalid?
-    assert_match(/taken/, user.errors[:email].join)
-
-    user.save(validate: false)
-    assert user.valid?
-  end
-
-  test 'should require correct email format if email has changed, allowing blank' do
-    user = new_user(email: '')
-    assert user.invalid?
-    assert_not_equal 'is invalid', user.errors[:email].join
-
-    %w{invalid_email_format 123 $$$ () ☃}.each do |email|
-      user.email = email
-      assert user.invalid?, "should be invalid with email #{email}"
-      assert_equal 'is invalid', user.errors[:email].join
-    end
-
-    user.save(validate: false)
-    assert user.valid?
-  end
-
-  test 'should accept valid emails' do
-    %w(a.b.c@example.com test_mail@gmail.com any@any.net email@test.br 123@mail.test 1☃3@mail.test).each do |email|
-      user = new_user(email: email)
-      assert user.valid?, "should be valid with email #{email}"
-      assert_blank user.errors[:email]
-    end
-  end
-
-  test 'should require password to be set when creating a new record' do
-    user = new_user(password: '', password_confirmation: '')
-    assert user.invalid?
-    assert_equal 'can\'t be blank', user.errors[:password].join
-  end
-
-  test 'should require confirmation to be set when creating a new record' do
-    user = new_user(password: 'new_password', password_confirmation: 'blabla')
-    assert user.invalid?
-
-    assert_equal 'doesn\'t match Password', user.errors[:password_confirmation].join
-  end
-
-  test 'should require password when updating/resetting password' do
-    user = create_user
-
-    user.password = ''
-    user.password_confirmation = ''
-
-    assert user.invalid?
-    assert_equal 'can\'t be blank', user.errors[:password].join
-  end
-
-  test 'should require confirmation when updating/resetting password' do
-    user = create_user
-    user.password_confirmation = 'another_password'
-    assert user.invalid?
-
-    assert_equal 'doesn\'t match Password', user.errors[:password_confirmation].join
-  end
-
-  test 'should require a password with minimum of 7 characters' do
-    user = new_user(password: '12345', password_confirmation: '12345')
-    assert user.invalid?
-    assert_equal 'is too short (minimum is 7 characters)', user.errors[:password].join
-  end
-
-  test 'should require a password with maximum of 72 characters long' do
-    user = new_user(password: 'x'*73, password_confirmation: 'x'*73)
-    assert user.invalid?
-    assert_equal 'is too long (maximum is 72 characters)', user.errors[:password].join
-  end
-
-  test 'should not require password length when it\'s not changed' do
-    user = create_user.reload
-    user.password = user.password_confirmation = nil
-    assert user.valid?
-
-    user.password_confirmation = 'confirmation'
-    assert user.invalid?
-    refute (user.errors[:password].join =~ /is too long/)
-  end
-
-  test 'should complain about length even if password is not required' do
-    user = new_user(password: 'x'*73, password_confirmation: 'x'*73)
-    user.stubs(:password_required?).returns(false)
-    assert user.invalid?
-    assert_equal 'is too long (maximum is 72 characters)', user.errors[:password].join
-  end
-
-  test 'should not be included in objects with invalid API' do
-    assert_raise RuntimeError do
-      Class.new.send :include, Devise::Models::Validatable
-    end
-  end
-
-  test 'required_fields should be an empty array' do
-    assert_equal Devise::Models::Validatable.required_fields(User), []
-  end
-end

data/test/models_test.rb

@@ -1,155 +0,0 @@
-# frozen_string_literal: true
-
-require 'test_helper'
-require 'test_models'
-
-class ActiveRecordTest < ActiveSupport::TestCase
-  def include_module?(klass, mod)
-    klass.devise_modules.include?(mod) &&
-      klass.included_modules.include?(Devise::Models::const_get(mod.to_s.classify))
-  end
-
-  def assert_include_modules(klass, *modules)
-    modules.each do |mod|
-      assert include_module?(klass, mod)
-    end
-
-    (Devise::ALL - modules).each do |mod|
-      refute include_module?(klass, mod)
-    end
-  end
-
-  test 'can cherry pick modules' do
-    assert_include_modules Admin, :database_authenticatable, :registerable, :timeoutable, :recoverable, :lockable, :confirmable
-  end
-
-  test 'validations options are not applied too late' do
-    validators = WithValidation.validators_on :password
-    length = validators.find { |v| v.kind == :length }
-    assert_equal 2, length.options[:minimum]
-    assert_equal 6, length.options[:maximum]
-  end
-
-  test 'validations are applied just once' do
-    validators = Several.validators_on :password
-    assert_equal 1, validators.select{ |v| v.kind == :length }.length
-  end
-
-  test 'chosen modules are inheritable' do
-    assert_include_modules Inheritable, :database_authenticatable, :registerable, :timeoutable, :recoverable, :lockable, :confirmable
-  end
-
-  test 'order of module inclusion' do
-    correct_module_order   = [:database_authenticatable, :recoverable, :registerable, :confirmable, :lockable, :timeoutable]
-    incorrect_module_order = [:database_authenticatable, :timeoutable, :registerable, :recoverable, :lockable, :confirmable]
-
-    assert_include_modules Admin, *incorrect_module_order
-
-    # get module constants from symbol list
-    module_constants = correct_module_order.collect { |mod| Devise::Models::const_get(mod.to_s.classify) }
-
-    # confirm that they adhere to the order in ALL
-    # get included modules, filter out the noise, and reverse the order
-    assert_equal module_constants, (Admin.included_modules & module_constants).reverse
-  end
-
-  test 'raise error on invalid module' do
-    assert_raise NameError do
-      # Mix valid an invalid modules.
-      Configurable.class_eval { devise :database_authenticatable, :doesnotexit }
-    end
-  end
-
-  test 'set a default value for stretches' do
-    assert_equal 15, Configurable.stretches
-  end
-
-  test 'set a default value for pepper' do
-    assert_equal 'abcdef', Configurable.pepper
-  end
-
-  test 'set a default value for allow_unconfirmed_access_for' do
-    assert_equal 5.days, Configurable.allow_unconfirmed_access_for
-  end
-
-  test 'set a default value for remember_for' do
-    assert_equal 7.days, Configurable.remember_for
-  end
-
-  test 'set a default value for timeout_in' do
-    assert_equal 15.minutes, Configurable.timeout_in
-  end
-
-  test 'set a default value for unlock_in' do
-    assert_equal 10.days, Configurable.unlock_in
-  end
-
-  test 'set null fields on migrations' do
-    # Ignore email sending since no email exists.
-    klass = Class.new(Admin) do
-      def send_devise_notification(*); end
-    end
-
-    klass.create!
-  end
-end
-
-module StubModelFilters
-  def stub_filter(name)
-    define_singleton_method(name) { |*| nil }
-  end
-end
-
-class CheckFieldsTest < ActiveSupport::TestCase
-  test 'checks if the class respond_to the required fields' do
-    Player = Class.new do
-      extend Devise::Models
-      extend StubModelFilters
-
-      stub_filter :before_validation
-      stub_filter :after_update
-
-      devise :database_authenticatable
-
-      attr_accessor :encrypted_password, :email
-    end
-
-    assert_nothing_raised do
-      Devise::Models.check_fields!(Player)
-    end
-  end
-
-  test 'raises Devise::Models::MissingAtrribute and shows the missing attribute if the class doesn\'t respond_to one of the attributes' do
-    Clown = Class.new do
-      extend Devise::Models
-      extend StubModelFilters
-
-      stub_filter :before_validation
-      stub_filter :after_update
-
-      devise :database_authenticatable
-
-      attr_accessor :encrypted_password
-    end
-
-    assert_raise_with_message Devise::Models::MissingAttribute, "The following attribute(s) is (are) missing on your model: email" do
-      Devise::Models.check_fields!(Clown)
-    end
-  end
-
-  test 'raises Devise::Models::MissingAtrribute with all the missing attributes if there is more than one' do
-    Magician = Class.new do
-      extend Devise::Models
-      extend StubModelFilters
-
-      stub_filter :before_validation
-      stub_filter :after_update
-
-      devise :database_authenticatable
-    end
-
-    assert_raise_with_message Devise::Models::MissingAttribute, "The following attribute(s) is (are) missing on your model: encrypted_password, email" do
-      Devise::Models.check_fields!(Magician)
-    end
-  end
-end