devise 0.5.1 → 0.5.2

data/CHANGELOG.rdoc

@@ -1,12 +1,15 @@
+== 0.5.2
+
 * enhancements
   * [#28] Improved sign_in and sign_out helpers to accepts resources
   * [#28] Added stored_location_for as a helper
+  * [#20] Added test helpers
 
 == 0.5.1
 
 * enhancements
-	* Added serializers based on Warden ones
-	* Allow authentication keys to be set
+  * Added serializers based on Warden ones
+  * Allow authentication keys to be set
 
 == 0.5.0
 

data/README.rdoc

@@ -228,6 +228,18 @@ Devise mailer uses the same pattern to create subject messages:
 
 Take a look at our locale file to check all available messages.
 
+== Test helpers
+
+Devise includes some tests helpers for functional specs. To use them, you just
+need to include Devise::TestHelpers in your test class and use the sign_in and
+sign_out method. Such methods have the same signature as in controllers:
+
+  sign_in :user, @user   # sign_in(scope, resource)
+  sign_in @user          # sign_in(resource)
+
+  sign_out :user         # sign_out(scope)
+  sign_out @user         # sign_out(resource)
+
 == Migrating from other solutions
 
 Devise implements encryption strategies for Clearance, Authlogic and Restful-Authentication. To make use of it set the desired encryptor in the encryptor initializer config option. You might also need to rename your encrypted password and salt columns to match Devises's one (encrypted_password and password_salt).

data/Rakefile

@@ -36,7 +36,7 @@ begin
     s.description = "Flexible authentication solution for Rails with Warden"
     s.authors = ['José Valim', 'Carlos Antônio']
     s.files =  FileList["[A-Z]*", "{app,config,generators,lib}/**/*", "init.rb"]
-    s.add_dependency("warden", "~> 0.6.0")
+    s.add_dependency("warden", "~> 0.6.1")
   end
 
   Jeweler::GemcutterTasks.new

data/TODO

@@ -1,5 +1,4 @@
 * Devise::Timeoutable
-* Devise::TestHelper
 * Use request_ip in session cookies
 * Devise::BruteForceProtection
 * Devise::MagicColumns

data/app/controllers/sessions_controller.rb

@@ -17,7 +17,7 @@ class SessionsController < ApplicationController
       set_flash_message :success, :signed_in
       redirect_back_or_to home_or_root_path
     else
-      set_now_flash_message :failure, :invalid
+      set_now_flash_message :failure, warden.message || :invalid
       build_resource
       render :new
     end

data/lib/devise.rb

@@ -110,7 +110,7 @@ module Devise
     def configure_warden_manager(manager) #:nodoc:
       manager.default_strategies *Devise::STRATEGIES
       manager.default_serializers *Devise::SERIALIZERS
-      manager.failure_app = Devise::Failure
+      manager.failure_app = Devise::FailureApp
       manager.silence_missing_strategies!
       manager.silence_missing_serializers!
 
@@ -135,4 +135,4 @@ end
 require 'devise/strategies/base'
 require 'devise/serializers/base'
 
-require 'devise/rails'
+require 'devise/rails'

data/lib/devise/controllers/filters.rb

@@ -54,11 +54,11 @@ module Devise
       #
       # Examples:
       #
-      #   sign_in :user, @user # sign_in(scope, resource)
-      #   sign_in @user        # sign_in(resource)
+      #   sign_in :user, @user    # sign_in(scope, resource)
+      #   sign_in @user           # sign_in(resource)
       #
       def sign_in(resource_or_scope, resource=nil)
-        scope    ||= find_devise_scope(resource_or_scope)
+        scope    ||= Devise::Mapping.find_scope!(resource_or_scope)
         resource ||= resource_or_scope
         warden.set_user(resource, :scope => scope)
       end
@@ -72,7 +72,7 @@ module Devise
       #   sign_out @user     # sign_out(resource)
       #
       def sign_out(resource_or_scope)
-        scope = find_devise_scope(resource_or_scope)
+        scope = Devise::Mapping.find_scope!(resource_or_scope)
         warden.user(scope) # Without loading user here, before_logout hook is not called
         warden.raw_session.inspect # Without this inspect here. The session does not clear.
         warden.logout(scope)
@@ -86,7 +86,7 @@ module Devise
       #   redirect_to stored_location_for(:user) || root_path
       #
       def stored_location_for(resource_or_scope)
-        scope = find_devise_scope(resource_or_scope)
+        scope = Devise::Mapping.find_scope!(resource_or_scope)
         session.delete(:"#{scope}.return_to")
       end
 
@@ -134,16 +134,6 @@ module Devise
         METHODS
       end
 
-      protected
-
-      def find_devise_scope(resource_or_scope)
-        if resource_or_scope.is_a?(Symbol)
-          resource_or_scope
-        else
-          Devise::Mapping.find_by_class!(resource_or_scope.class).name
-        end
-      end
-
     end
   end
 end

data/lib/devise/{failure.rb → failure_app.rb}

@@ -1,5 +1,5 @@
 module Devise
-  module Failure
+  module FailureApp
     mattr_accessor :default_url
 
     # Failure application that will be called every time :warden is thrown from
@@ -9,13 +9,15 @@ module Devise
     def self.call(env)
       options = env['warden.options']
       scope   = options[:scope]
-      params  = case env['warden'].try(:message)
+      message = env['warden'].try(:message) || options[:message]
+
+      params  = case message
         when Symbol
-          { env['warden'].message => true }
+          { message => true }
         when String
-          { :message => env['warden'].message }
+          { :message => message }
         else
-          options[:params]
+          {}
       end
 
       redirect_path = if mapping = Devise.mappings[scope]
@@ -23,14 +25,14 @@ module Devise
       else
         "/#{default_url}"
       end
+      query_string = Rack::Utils.build_query(params)
 
       headers = {}
       headers["Location"] = redirect_path
-      headers["Location"] << "?" << Rack::Utils.build_query(params) if params
+      headers["Location"] << "?" << query_string unless query_string.empty?
       headers["Content-Type"] = 'text/plain'
 
-      message = options[:message] || "You are being redirected to #{redirect_path}"
-      [302, headers, [message]]
+      [302, headers, ["You are being redirected to #{redirect_path}"]]
     end
   end
 end

data/lib/devise/hooks/confirmable.rb

@@ -6,6 +6,13 @@ Warden::Manager.after_set_user do |record, warden, options|
   if record && record.respond_to?(:active?) && !record.active?
     scope = options[:scope]
     warden.logout(scope)
-    throw :warden, :scope => scope, :params => { :unconfirmed => true }
+
+    if warden.winning_strategy
+      # If winning strategy was set, this is being called after authenticate and
+      # there is no need to force a redirect.
+      warden.winning_strategy.fail!(:unconfirmed)
+    else
+      throw :warden, :scope => scope, :message => :unconfirmed
+    end
   end
 end

data/lib/devise/mapping.rb

@@ -39,11 +39,17 @@ module Devise
       Devise.mappings.values.find { |m| return m if klass <= m.to }
     end
 
-    # Find by class but raising an error in case it can't be found.
-    def self.find_by_class!(klass)
-      mapping = find_by_class(klass)
-      raise "Could not find a valid mapping for #{klass}" unless mapping
-      mapping
+    # Receives an object and find a scope for it. If a scope cannot be found,
+    # raises an error. If a symbol is given, it's considered to be the scope.
+    def self.find_scope!(duck)
+      if duck.is_a?(Symbol)
+        duck
+      else
+        klass = duck.is_a?(Class) ? duck : duck.class
+        mapping = Devise::Mapping.find_by_class(klass)
+        raise "Could not find a valid mapping for #{duck}" unless mapping
+        mapping.name
+      end
     end
 
     # Default url options which can be used as prefix.

data/lib/devise/schema.rb

@@ -6,13 +6,19 @@ module Devise
     # Creates email, encrypted_password and password_salt.
     #
     # == Options
-    # * :null when true, allow columns to be null
-    # * :encryptor The encryptor going to be used, necessary for setting the proper encrypter password length
+    # * :null - When true, allow columns to be null.
+    # * :encryptor - The encryptor going to be used, necessary for setting the proper encrypter password length.
+    # * :skip_email - If you want to use another authentication key, you can skip e-mail creation.
+    #                 If you are using an ORM where the devise declaration is in the same class as the schema,
+    #                 as in Datamapper or Mongomapper, the email is skipped automatically if not included in
+    #                 authentication_keys.
     def authenticatable(options={})
       null = options[:null] || false
-      encryptor = options[:encryptor] || :sha1
+      encryptor  = options[:encryptor] || (respond_to?(:encryptor) ? self.encryptor : :sha1)
+      have_email = respond_to?(:authentication_keys) ? self.authentication_keys.include?(:email) : true
+      skip_email = options[:skip_email] || !have_email
 
-      apply_schema :email,              String, :null => null, :limit => 100
+      apply_schema :email,              String, :null => null, :limit => 100 unless skip_email
       apply_schema :encrypted_password, String, :null => null, :limit => Devise::ENCRYPTORS_LENGTH[encryptor]
       apply_schema :password_salt,      String, :null => null, :limit => 20
     end

data/lib/devise/strategies/authenticatable.rb

@@ -13,8 +13,12 @@ module Devise
       # The first does not perform any action when calling authenticate, just
       # when authenticate! is invoked. The second always perform the action.
       def authenticate!
-        if valid_attributes? && resource = mapping.to.authenticate(params[scope])
-          success!(resource)
+        if valid_attributes?
+          if resource = mapping.to.authenticate(params[scope])
+            success!(resource)
+          else
+            fail!(:invalid)
+          end
         else
           store_location
           fail!(:unauthenticated)
@@ -33,7 +37,7 @@ module Devise
         # yet, but we still need to store the uri based on scope, so different scopes
         # would never use the same uri to redirect.
         def store_location
-          session[:"#{mapping.name}.return_to"] = request.request_uri if request.get?
+          session[:"#{mapping.name}.return_to"] ||= request.request_uri if request.get?
         end
     end
   end

data/lib/devise/strategies/base.rb

@@ -5,6 +5,7 @@ module Devise
       # Validate strategy. By default will raise an error if no scope or an
       # invalid mapping is found.
       def valid?
+        raise "Could not find mapping for #{scope}" unless mapping
         mapping.for.include?(klass_type)
       end
 

data/lib/devise/test_helpers.rb

@@ -0,0 +1,85 @@
+module Devise
+  module TestHelpers
+    def self.included(base)
+      base.class_eval do
+        setup :setup_controller_for_warden, :warden if respond_to?(:setup)
+      end
+    end
+
+    # This is a Warden::Proxy customized for functional tests. It's meant to
+    # some of Warden::Manager resposnabilities, as retrieving configuration
+    # options and calling the FailureApp.
+    class TestWarden < Warden::Proxy #:nodoc:
+      attr_reader :controller
+
+      def initialize(controller)
+        @controller = controller
+        manager = Warden::Manager.new(nil) do |manager|
+          Devise.configure_warden_manager(manager)
+        end
+        super(controller.request.env, manager.config)
+      end
+
+      def authenticate!(*args)
+        catch_with_redirect { super }
+      end
+
+      def catch_with_redirect(&block)
+        result = catch(:warden, &block)
+
+        if result.is_a?(Hash) && !custom_failure? && !@controller.send(:performed?)
+          result[:action] ||= :unauthenticated
+
+          env = @controller.request.env
+          env["PATH_INFO"] = "/#{result[:action]}"
+          env["warden.options"] = result
+          Warden::Manager._before_failure.each{ |hook| hook.call(env, result) }
+
+          status, headers, body = Devise::FailureApp.call(env).to_a
+          @controller.send :redirect_to, headers["Location"]
+        else
+          result
+        end
+      end
+    end
+
+    # We need to setup the environment variables and the response in the controller.
+    def setup_controller_for_warden #:nodoc:
+      @request.env['action_controller.rescue.request']  = @request
+      @request.env['action_controller.rescue.response'] = @response
+      @request.env['rack.session'] = session
+      @controller.response = @response
+    end
+
+    # Quick access to Warden::Proxy.
+    def warden #:nodoc:
+      @warden ||= (@request.env['warden'] = TestWarden.new(@controller))
+    end
+
+    # sign_in a given resource by storing its keys in the session.
+    #
+    # Examples:
+    #
+    #   sign_in :user, @user   # sign_in(scope, resource)
+    #   sign_in @user          # sign_in(resource)
+    #
+    def sign_in(resource_or_scope, resource=nil)
+      scope    ||= Devise::Mapping.find_scope!(resource_or_scope)
+      resource ||= resource_or_scope
+      session["warden.user.#{scope}.key"] = resource.class.serialize_into_session(resource)
+    end
+
+    # Sign out a given resource or scope by calling logout on Warden.
+    #
+    # Examples:
+    #
+    #   sign_out :user     # sign_out(scope)
+    #   sign_out @user     # sign_out(resource)
+    #
+    def sign_out(resource_or_scope)
+      scope = Devise::Mapping.find_scope!(resource_or_scope)
+      warden.logout(scope)
+    end
+
+  end
+end

data/lib/devise/version.rb

@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "0.5.1".freeze
+  VERSION = "0.5.2".freeze
 end

data/test/devise_test.rb

@@ -61,7 +61,7 @@ class DeviseTest < ActiveSupport::TestCase
     manager = MockManager.new
     Devise.configure_warden_manager(manager)
 
-    assert_equal Devise::Failure, manager.failure_app
+    assert_equal Devise::FailureApp, manager.failure_app
     assert_equal [:authenticatable], manager.default_strategies
     assert manager.silence_missing_strategies
   end

data/test/{failure_test.rb → failure_app_test.rb}

@@ -1,10 +1,11 @@
 require 'test/test_helper'
+require 'ostruct' 
 
 class FailureTest < ActiveSupport::TestCase
 
   def call_failure(env_params={})
-    env = {'warden.options' => {:scope => :user}.update(env_params)}
-    Devise::Failure.call(env)
+    env = {'warden.options' => { :scope => :user }}.merge!(env_params)
+    Devise::FailureApp.call(env)
   end
 
   test 'return 302 status' do
@@ -15,8 +16,9 @@ class FailureTest < ActiveSupport::TestCase
     assert_equal '/users/sign_in', call_failure.second['Location']
   end
 
-  test 'add params to redirect location' do
-    location = call_failure(:params => {:test => true}).second['Location']
+  test 'uses the proxy failure message' do
+    warden = OpenStruct.new(:message => :test)
+    location = call_failure('warden' => warden).second['Location']
     assert_equal '/users/sign_in?test=true', location
   end
 
@@ -27,8 +29,4 @@ class FailureTest < ActiveSupport::TestCase
   test 'setup a default message' do
     assert_equal ['You are being redirected to /users/sign_in'], call_failure.last
   end
-
-  test 'pass in a different message' do
-    assert_equal ['Hello world'], call_failure(:message => 'Hello world').last
-  end
 end

data/test/integration/confirmable_test.rb

@@ -62,7 +62,7 @@ class ConfirmationTest < ActionController::IntegrationTest
     Devise.confirm_within = 0
     user = sign_in_as_user(:confirm => false)
 
-    assert_redirected_to new_user_session_path(:unconfirmed => true)
+    assert_contain 'You have to confirm your account before continuing'
     assert_not warden.authenticated?(:user)
   end
 

data/test/mapping_test.rb

@@ -49,9 +49,15 @@ class MappingTest < ActiveSupport::TestCase
     assert_equal Devise.mappings[:user], Devise::Mapping.find_by_class(klass)
   end
 
-  test 'find mapping raises an error for invalid class' do
+  test 'find scope for a given object' do
+    assert_equal :user, Devise::Mapping.find_scope!(User)
+    assert_equal :user, Devise::Mapping.find_scope!(:user)
+    assert_equal :user, Devise::Mapping.find_scope!(User.new)
+  end
+
+  test 'find scope raises an error if cannot be found' do
     assert_raise RuntimeError do
-      Devise::Mapping.find_by_class!(String)
+      Devise::Mapping.find_scope!(String)
     end
   end
 

data/test/test_helpers_test.rb

@@ -0,0 +1,44 @@
+require 'test/test_helper'
+
+class TestHelpersTest < ActionController::TestCase
+  tests UsersController
+  include Devise::TestHelpers
+
+  test "redirects if attempting to access a page unauthenticated" do
+    get :index
+    assert_redirected_to "/users/sign_in?unauthenticated=true"
+  end
+
+  test "redirects if attempting to access a page with a unconfirmed account" do
+    swap Devise, :confirm_within => 0 do
+      sign_in create_user
+      get :index
+      assert_redirected_to "/users/sign_in?unconfirmed=true"
+    end
+  end
+
+  test "does not redirect with valid user" do
+    user = create_user
+    user.confirm!
+
+    sign_in user
+    get :index
+    assert_response :success
+  end
+
+  test "redirects if valid user signed out" do
+    user = create_user
+    user.confirm!
+
+    sign_in user
+    get :index
+
+    sign_out user
+    get :index
+    assert_redirected_to "/users/sign_in?unauthenticated=true"
+  end
+
+  def create_user
+    User.create!(:email => "jose.valim@plataformatec.com", :password => "123456")
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: devise
 version: !ruby/object:Gem::Version 
-  version: 0.5.1
+  version: 0.5.2
 platform: ruby
 authors: 
 - "Jos\xC3\xA9 Valim"
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-11-15 00:00:00 -02:00
+date: 2009-11-17 00:00:00 -02:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -21,7 +21,7 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        version: 0.6.0
+        version: 0.6.1
     version: 
 description: Flexible authentication solution for Rails with Warden
 email: contact@plataformatec.com.br
@@ -68,7 +68,7 @@ files:
 - lib/devise/encryptors/restful_authentication_sha1.rb
 - lib/devise/encryptors/sha1.rb
 - lib/devise/encryptors/sha512.rb
-- lib/devise/failure.rb
+- lib/devise/failure_app.rb
 - lib/devise/hooks/confirmable.rb
 - lib/devise/locales/en.yml
 - lib/devise/mapping.rb
@@ -89,6 +89,7 @@ files:
 - lib/devise/serializers/rememberable.rb
 - lib/devise/strategies/authenticatable.rb
 - lib/devise/strategies/base.rb
+- lib/devise/test_helpers.rb
 - lib/devise/version.rb
 has_rdoc: true
 homepage: http://github.com/plataformatec/devise
@@ -119,44 +120,45 @@ signing_key:
 specification_version: 3
 summary: Flexible authentication solution for Rails with Warden
 test_files: 
-- test/controllers/filters_test.rb
-- test/controllers/helpers_test.rb
+- test/rails_app/config/boot.rb
+- test/rails_app/config/routes.rb
+- test/rails_app/config/environments/development.rb
+- test/rails_app/config/environments/production.rb
+- test/rails_app/config/environments/test.rb
+- test/rails_app/config/environment.rb
+- test/rails_app/config/initializers/session_store.rb
+- test/rails_app/config/initializers/new_rails_defaults.rb
+- test/rails_app/app/controllers/users_controller.rb
+- test/rails_app/app/controllers/application_controller.rb
+- test/rails_app/app/controllers/admins_controller.rb
+- test/rails_app/app/controllers/home_controller.rb
+- test/rails_app/app/helpers/application_helper.rb
+- test/rails_app/app/models/admin.rb
+- test/rails_app/app/models/organizer.rb
+- test/rails_app/app/models/account.rb
+- test/rails_app/app/models/user.rb
 - test/controllers/url_helpers_test.rb
-- test/devise_test.rb
-- test/encryptors_test.rb
-- test/failure_test.rb
+- test/controllers/helpers_test.rb
+- test/controllers/filters_test.rb
+- test/models_test.rb
 - test/integration/authenticatable_test.rb
-- test/integration/confirmable_test.rb
-- test/integration/recoverable_test.rb
 - test/integration/rememberable_test.rb
+- test/integration/recoverable_test.rb
+- test/integration/confirmable_test.rb
 - test/mailers/confirmation_instructions_test.rb
 - test/mailers/reset_password_instructions_test.rb
-- test/mapping_test.rb
 - test/models/authenticatable_test.rb
-- test/models/confirmable_test.rb
-- test/models/recoverable_test.rb
 - test/models/rememberable_test.rb
+- test/models/recoverable_test.rb
 - test/models/validatable_test.rb
-- test/models_test.rb
-- test/rails_app/app/controllers/admins_controller.rb
-- test/rails_app/app/controllers/application_controller.rb
-- test/rails_app/app/controllers/home_controller.rb
-- test/rails_app/app/controllers/users_controller.rb
-- test/rails_app/app/helpers/application_helper.rb
-- test/rails_app/app/models/account.rb
-- test/rails_app/app/models/admin.rb
-- test/rails_app/app/models/organizer.rb
-- test/rails_app/app/models/user.rb
-- test/rails_app/config/boot.rb
-- test/rails_app/config/environment.rb
-- test/rails_app/config/environments/development.rb
-- test/rails_app/config/environments/production.rb
-- test/rails_app/config/environments/test.rb
-- test/rails_app/config/initializers/new_rails_defaults.rb
-- test/rails_app/config/initializers/session_store.rb
-- test/rails_app/config/routes.rb
-- test/routes_test.rb
+- test/models/confirmable_test.rb
+- test/encryptors_test.rb
+- test/support/model_tests_helper.rb
 - test/support/assertions_helper.rb
 - test/support/integration_tests_helper.rb
-- test/support/model_tests_helper.rb
+- test/failure_app_test.rb
+- test/devise_test.rb
+- test/routes_test.rb
 - test/test_helper.rb
+- test/test_helpers_test.rb
+- test/mapping_test.rb