devise 4.4.1 → 4.4.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/.travis.yml +5 -0
- data/CHANGELOG.md +14 -0
- data/Gemfile.lock +2 -2
- data/README.md +30 -1
- data/devise.gemspec +1 -1
- data/gemfiles/Gemfile.rails-4.1-stable.lock +2 -2
- data/gemfiles/Gemfile.rails-4.2-stable.lock +2 -2
- data/gemfiles/Gemfile.rails-5.0-stable.lock +2 -2
- data/gemfiles/Gemfile.rails-5.2-rc1 +26 -0
- data/gemfiles/Gemfile.rails-5.2-rc1.lock +201 -0
- data/lib/devise/controllers/helpers.rb +5 -5
- data/lib/devise/models/trackable.rb +6 -1
- data/lib/devise/rails.rb +3 -1
- data/lib/devise/test/controller_helpers.rb +1 -0
- data/lib/devise/version.rb +1 -1
- data/lib/generators/templates/devise.rb +4 -0
- data/test/integration/authenticatable_test.rb +6 -12
- data/test/integration/http_authenticatable_test.rb +6 -0
- data/test/integration/omniauthable_test.rb +11 -0
- data/test/integration/rememberable_test.rb +1 -1
- data/test/integration/trackable_test.rb +5 -0
- data/test/models/trackable_test.rb +11 -1
- data/test/orm/active_record.rb +6 -1
- data/test/rails_app/app/active_record/user.rb +9 -0
- data/test/rails_app/app/mongoid/user.rb +9 -0
- data/test/rails_app/config/application.rb +4 -2
- data/test/rails_app/config/boot.rb +6 -1
- data/test/support/integration.rb +1 -0
- data/test/test/controller_helpers_test.rb +6 -1
- metadata +7 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 60bd05360518797bb4629043a79443df1cda69f8ecf6a9e5c438965633a2fc5d
|
4
|
+
data.tar.gz: c88ccfabc928715741dd7a1a578f3141bb4efc735ccbf3eab632bb5bb54fff6b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 86ca92c1d39d9637275094019bb4e501813d230d713f0561e71375a43ccf037b1738c2ff109dcb1734ed566b18ce43a7af0324ae5ba3714551a7eec895bba9a1
|
7
|
+
data.tar.gz: 81aa8a1bf2681f1968c6ffb925c33012ccd9bc276ecfe8369942b40a64a9952e5bacec08295237be3d48e9193e06fe7e6ab68b821a0b4a2e65bf0175de0d9172
|
data/.travis.yml
CHANGED
@@ -10,6 +10,7 @@ rvm:
|
|
10
10
|
|
11
11
|
gemfile:
|
12
12
|
- Gemfile
|
13
|
+
- gemfiles/Gemfile.rails-5.2-rc1
|
13
14
|
- gemfiles/Gemfile.rails-5.0-stable
|
14
15
|
- gemfiles/Gemfile.rails-4.2-stable
|
15
16
|
- gemfiles/Gemfile.rails-4.1-stable
|
@@ -18,6 +19,8 @@ matrix:
|
|
18
19
|
exclude:
|
19
20
|
- rvm: 2.1.10
|
20
21
|
gemfile: Gemfile
|
22
|
+
- rvm: 2.1.10
|
23
|
+
gemfile: gemfiles/Gemfile.rails-5.2-rc1
|
21
24
|
- rvm: 2.5.0
|
22
25
|
gemfile: gemfiles/Gemfile.rails-4.1-stable
|
23
26
|
- rvm: 2.4.2
|
@@ -32,6 +35,8 @@ matrix:
|
|
32
35
|
gemfile: Gemfile
|
33
36
|
- env: DEVISE_ORM=mongoid
|
34
37
|
gemfile: gemfiles/Gemfile.rails-5.0-stable
|
38
|
+
- env: DEVISE_ORM=mongoid
|
39
|
+
gemfile: gemfiles/Gemfile.rails-5.2-rc1
|
35
40
|
allow_failures:
|
36
41
|
- rvm: ruby-head
|
37
42
|
services:
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,19 @@
|
|
1
1
|
### Unreleased
|
2
2
|
|
3
|
+
### 4.4.2 - 2018-03-15
|
4
|
+
|
5
|
+
* enhancements
|
6
|
+
* Support for :credentials on Rails v5.2.x. (by @gencer)
|
7
|
+
* Improve documentation about the test suite. (by @tegon)
|
8
|
+
* Test with Rails 5.2.rc1 on Travis. (by @jcoyne)
|
9
|
+
* Allow test with Rails 6. (by @Fudoshiki)
|
10
|
+
* Creating a new section for controller configuration on `devise.rb` template (by @Danilo-Araujo-Silva)
|
11
|
+
|
12
|
+
* bug fixes
|
13
|
+
* Preserve content_type for unauthenticated tests (by @gmcnaughton)
|
14
|
+
* Check if the resource is persisted in `update_tracked_fields!` instead of performing validations (by @tegon)
|
15
|
+
* Revert "Replace log_process_action to append_info_to_payload" (by @tegon)
|
16
|
+
|
3
17
|
### 4.4.1 - 2018-01-23
|
4
18
|
|
5
19
|
* bug fixes
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -123,7 +123,36 @@ We hope that you will consider contributing to Devise. Please read this short ov
|
|
123
123
|
|
124
124
|
https://github.com/plataformatec/devise/wiki/Contributing
|
125
125
|
|
126
|
-
You will usually want to write tests for your changes. To run the test suite, go into Devise's top-level directory and run
|
126
|
+
You will usually want to write tests for your changes. To run the test suite, go into Devise's top-level directory and run `bundle install` and `bin/test`.
|
127
|
+
Devise works with multiple Ruby and Rails versions, and ActiveRecord and Mongoid ORMs, which means you can run the test suite with some modifiers: `DEVISE_ORM` and `BUNDLE_GEMFILE`.
|
128
|
+
|
129
|
+
### DEVISE_ORM
|
130
|
+
Since Devise support both Mongoid and ActiveRecord, we rely on this variable to run specific code for each ORM.
|
131
|
+
The default value of `DEVISE_ORM` is `active_record`. To run the tests for mongoid, you can pass `mongoid`:
|
132
|
+
```
|
133
|
+
DEVISE_ORM=mongoid bin/test
|
134
|
+
|
135
|
+
==> Devise.orm = :mongoid
|
136
|
+
```
|
137
|
+
When running the tests for Mongoid, you will need to have a MongoDB server (version 2.0 or newer) running on your system.
|
138
|
+
|
139
|
+
Please note that the command output will show the variable value being used.
|
140
|
+
|
141
|
+
### BUNDLE_GEMFILE
|
142
|
+
We can use this variable to tell bundler what Gemfile it should use (instead of the one in the current directory).
|
143
|
+
Inside the [gemfiles](https://github.com/plataformatec/devise/tree/master/gemfiles) directory, we have one for each version of Rails we support. When you send us a pull request, it may happen that the test suite brakes on Travis using some of them. If that's the case, you can simulate the same environment using the `BUNDLE_GEMFILE` variable.
|
144
|
+
For example, if the tests broke using Ruby 2.4.2 and Rails 4.1, you can do the following:
|
145
|
+
```bash
|
146
|
+
rbenv shell 2.4.2 # or rvm use 2.4.2
|
147
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bundle install
|
148
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bin/test
|
149
|
+
```
|
150
|
+
|
151
|
+
You can also combine both of them if the tests broke for Mongoid:
|
152
|
+
```bash
|
153
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bundle install
|
154
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable DEVISE_ORM=mongoid bin/test
|
155
|
+
```
|
127
156
|
|
128
157
|
## Starting with Rails?
|
129
158
|
|
data/devise.gemspec
CHANGED
@@ -23,6 +23,6 @@ Gem::Specification.new do |s|
|
|
23
23
|
s.add_dependency("warden", "~> 1.2.3")
|
24
24
|
s.add_dependency("orm_adapter", "~> 0.1")
|
25
25
|
s.add_dependency("bcrypt", "~> 3.0")
|
26
|
-
s.add_dependency("railties", ">= 4.1.0", "<
|
26
|
+
s.add_dependency("railties", ">= 4.1.0", "< 6.0")
|
27
27
|
s.add_dependency("responders")
|
28
28
|
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
source "https://rubygems.org"
|
2
|
+
|
3
|
+
gemspec path: ".."
|
4
|
+
|
5
|
+
gem "rails", '~> 5.2.0.rc1'
|
6
|
+
gem "omniauth"
|
7
|
+
gem "omniauth-oauth2"
|
8
|
+
gem "rdoc"
|
9
|
+
|
10
|
+
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
|
11
|
+
|
12
|
+
gem "rails-controller-testing"
|
13
|
+
|
14
|
+
gem "responders", "~> 2.1"
|
15
|
+
|
16
|
+
group :test do
|
17
|
+
gem "omniauth-facebook"
|
18
|
+
gem "omniauth-openid"
|
19
|
+
gem "webrat", "0.7.3", require: false
|
20
|
+
gem "mocha", "~> 1.1", require: false
|
21
|
+
gem 'test_after_commit', require: false
|
22
|
+
end
|
23
|
+
|
24
|
+
platforms :ruby do
|
25
|
+
gem "sqlite3"
|
26
|
+
end
|
@@ -0,0 +1,201 @@
|
|
1
|
+
GIT
|
2
|
+
remote: git://github.com/rails/activemodel-serializers-xml.git
|
3
|
+
revision: 356edf4dfc38fb1fbfee90c87856e4fe5b73c5e1
|
4
|
+
specs:
|
5
|
+
activemodel-serializers-xml (1.0.2)
|
6
|
+
activemodel (> 5.x)
|
7
|
+
activesupport (> 5.x)
|
8
|
+
builder (~> 3.1)
|
9
|
+
|
10
|
+
PATH
|
11
|
+
remote: ..
|
12
|
+
specs:
|
13
|
+
devise (4.4.1)
|
14
|
+
bcrypt (~> 3.0)
|
15
|
+
orm_adapter (~> 0.1)
|
16
|
+
railties (>= 4.1.0, < 5.2)
|
17
|
+
responders
|
18
|
+
warden (~> 1.2.3)
|
19
|
+
|
20
|
+
GEM
|
21
|
+
remote: https://rubygems.org/
|
22
|
+
specs:
|
23
|
+
actioncable (5.2.0.rc1)
|
24
|
+
actionpack (= 5.2.0.rc1)
|
25
|
+
nio4r (~> 2.0)
|
26
|
+
websocket-driver (>= 0.6.1)
|
27
|
+
actionmailer (5.2.0.rc1)
|
28
|
+
actionpack (= 5.2.0.rc1)
|
29
|
+
actionview (= 5.2.0.rc1)
|
30
|
+
activejob (= 5.2.0.rc1)
|
31
|
+
mail (~> 2.5, >= 2.5.4)
|
32
|
+
rails-dom-testing (~> 2.0)
|
33
|
+
actionpack (5.2.0.rc1)
|
34
|
+
actionview (= 5.2.0.rc1)
|
35
|
+
activesupport (= 5.2.0.rc1)
|
36
|
+
rack (~> 2.0)
|
37
|
+
rack-test (>= 0.6.3)
|
38
|
+
rails-dom-testing (~> 2.0)
|
39
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
40
|
+
actionview (5.2.0.rc1)
|
41
|
+
activesupport (= 5.2.0.rc1)
|
42
|
+
builder (~> 3.1)
|
43
|
+
erubi (~> 1.4)
|
44
|
+
rails-dom-testing (~> 2.0)
|
45
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
46
|
+
activejob (5.2.0.rc1)
|
47
|
+
activesupport (= 5.2.0.rc1)
|
48
|
+
globalid (>= 0.3.6)
|
49
|
+
activemodel (5.2.0.rc1)
|
50
|
+
activesupport (= 5.2.0.rc1)
|
51
|
+
activerecord (5.2.0.rc1)
|
52
|
+
activemodel (= 5.2.0.rc1)
|
53
|
+
activesupport (= 5.2.0.rc1)
|
54
|
+
arel (>= 9.0)
|
55
|
+
activestorage (5.2.0.rc1)
|
56
|
+
actionpack (= 5.2.0.rc1)
|
57
|
+
activerecord (= 5.2.0.rc1)
|
58
|
+
marcel (~> 0.3.1)
|
59
|
+
activesupport (5.2.0.rc1)
|
60
|
+
concurrent-ruby (~> 1.0, >= 1.0.2)
|
61
|
+
i18n (~> 0.7)
|
62
|
+
minitest (~> 5.1)
|
63
|
+
tzinfo (~> 1.1)
|
64
|
+
arel (9.0.0)
|
65
|
+
bcrypt (3.1.11)
|
66
|
+
builder (3.2.3)
|
67
|
+
concurrent-ruby (1.0.5)
|
68
|
+
crass (1.0.3)
|
69
|
+
erubi (1.7.0)
|
70
|
+
faraday (0.12.2)
|
71
|
+
multipart-post (>= 1.2, < 3)
|
72
|
+
globalid (0.4.1)
|
73
|
+
activesupport (>= 4.2.0)
|
74
|
+
hashie (3.5.7)
|
75
|
+
i18n (0.9.3)
|
76
|
+
concurrent-ruby (~> 1.0)
|
77
|
+
jwt (1.5.6)
|
78
|
+
loofah (2.1.1)
|
79
|
+
crass (~> 1.0.2)
|
80
|
+
nokogiri (>= 1.5.9)
|
81
|
+
mail (2.7.0)
|
82
|
+
mini_mime (>= 0.1.1)
|
83
|
+
marcel (0.3.1)
|
84
|
+
mimemagic (~> 0.3.2)
|
85
|
+
metaclass (0.0.4)
|
86
|
+
method_source (0.9.0)
|
87
|
+
mimemagic (0.3.2)
|
88
|
+
mini_mime (1.0.0)
|
89
|
+
mini_portile2 (2.3.0)
|
90
|
+
minitest (5.11.3)
|
91
|
+
mocha (1.3.0)
|
92
|
+
metaclass (~> 0.0.1)
|
93
|
+
multi_json (1.13.1)
|
94
|
+
multi_xml (0.6.0)
|
95
|
+
multipart-post (2.0.0)
|
96
|
+
nio4r (2.2.0)
|
97
|
+
nokogiri (1.8.2)
|
98
|
+
mini_portile2 (~> 2.3.0)
|
99
|
+
oauth2 (1.4.0)
|
100
|
+
faraday (>= 0.8, < 0.13)
|
101
|
+
jwt (~> 1.0)
|
102
|
+
multi_json (~> 1.3)
|
103
|
+
multi_xml (~> 0.5)
|
104
|
+
rack (>= 1.2, < 3)
|
105
|
+
omniauth (1.8.1)
|
106
|
+
hashie (>= 3.4.6, < 3.6.0)
|
107
|
+
rack (>= 1.6.2, < 3)
|
108
|
+
omniauth-facebook (4.0.0)
|
109
|
+
omniauth-oauth2 (~> 1.2)
|
110
|
+
omniauth-oauth2 (1.5.0)
|
111
|
+
oauth2 (~> 1.1)
|
112
|
+
omniauth (~> 1.2)
|
113
|
+
omniauth-openid (1.0.1)
|
114
|
+
omniauth (~> 1.0)
|
115
|
+
rack-openid (~> 1.3.1)
|
116
|
+
orm_adapter (0.5.0)
|
117
|
+
rack (2.0.4)
|
118
|
+
rack-openid (1.3.1)
|
119
|
+
rack (>= 1.1.0)
|
120
|
+
ruby-openid (>= 2.1.8)
|
121
|
+
rack-test (0.8.2)
|
122
|
+
rack (>= 1.0, < 3)
|
123
|
+
rails (5.2.0.rc1)
|
124
|
+
actioncable (= 5.2.0.rc1)
|
125
|
+
actionmailer (= 5.2.0.rc1)
|
126
|
+
actionpack (= 5.2.0.rc1)
|
127
|
+
actionview (= 5.2.0.rc1)
|
128
|
+
activejob (= 5.2.0.rc1)
|
129
|
+
activemodel (= 5.2.0.rc1)
|
130
|
+
activerecord (= 5.2.0.rc1)
|
131
|
+
activestorage (= 5.2.0.rc1)
|
132
|
+
activesupport (= 5.2.0.rc1)
|
133
|
+
bundler (>= 1.3.0)
|
134
|
+
railties (= 5.2.0.rc1)
|
135
|
+
sprockets-rails (>= 2.0.0)
|
136
|
+
rails-controller-testing (1.0.2)
|
137
|
+
actionpack (~> 5.x, >= 5.0.1)
|
138
|
+
actionview (~> 5.x, >= 5.0.1)
|
139
|
+
activesupport (~> 5.x)
|
140
|
+
rails-dom-testing (2.0.3)
|
141
|
+
activesupport (>= 4.2.0)
|
142
|
+
nokogiri (>= 1.6)
|
143
|
+
rails-html-sanitizer (1.0.3)
|
144
|
+
loofah (~> 2.0)
|
145
|
+
railties (5.2.0.rc1)
|
146
|
+
actionpack (= 5.2.0.rc1)
|
147
|
+
activesupport (= 5.2.0.rc1)
|
148
|
+
method_source
|
149
|
+
rake (>= 0.8.7)
|
150
|
+
thor (>= 0.18.1, < 2.0)
|
151
|
+
rake (12.3.0)
|
152
|
+
rdoc (6.0.1)
|
153
|
+
responders (2.4.0)
|
154
|
+
actionpack (>= 4.2.0, < 5.3)
|
155
|
+
railties (>= 4.2.0, < 5.3)
|
156
|
+
ruby-openid (2.7.0)
|
157
|
+
sprockets (3.7.1)
|
158
|
+
concurrent-ruby (~> 1.0)
|
159
|
+
rack (> 1, < 3)
|
160
|
+
sprockets-rails (3.2.1)
|
161
|
+
actionpack (>= 4.0)
|
162
|
+
activesupport (>= 4.0)
|
163
|
+
sprockets (>= 3.0.0)
|
164
|
+
sqlite3 (1.3.13)
|
165
|
+
test_after_commit (1.1.0)
|
166
|
+
activerecord (>= 3.2)
|
167
|
+
thor (0.20.0)
|
168
|
+
thread_safe (0.3.6)
|
169
|
+
tzinfo (1.2.5)
|
170
|
+
thread_safe (~> 0.1)
|
171
|
+
warden (1.2.7)
|
172
|
+
rack (>= 1.0)
|
173
|
+
webrat (0.7.3)
|
174
|
+
nokogiri (>= 1.2.0)
|
175
|
+
rack (>= 1.0)
|
176
|
+
rack-test (>= 0.5.3)
|
177
|
+
websocket-driver (0.7.0)
|
178
|
+
websocket-extensions (>= 0.1.0)
|
179
|
+
websocket-extensions (0.1.3)
|
180
|
+
|
181
|
+
PLATFORMS
|
182
|
+
ruby
|
183
|
+
|
184
|
+
DEPENDENCIES
|
185
|
+
activemodel-serializers-xml!
|
186
|
+
devise!
|
187
|
+
mocha (~> 1.1)
|
188
|
+
omniauth
|
189
|
+
omniauth-facebook
|
190
|
+
omniauth-oauth2
|
191
|
+
omniauth-openid
|
192
|
+
rails (~> 5.2.0.rc1)
|
193
|
+
rails-controller-testing
|
194
|
+
rdoc
|
195
|
+
responders (~> 2.1)
|
196
|
+
sqlite3
|
197
|
+
test_after_commit
|
198
|
+
webrat (= 0.7.3)
|
199
|
+
|
200
|
+
BUNDLED WITH
|
201
|
+
1.16.0
|
@@ -12,11 +12,6 @@ module Devise
|
|
12
12
|
if respond_to?(:helper_method)
|
13
13
|
helper_method :warden, :signed_in?, :devise_controller?
|
14
14
|
end
|
15
|
-
|
16
|
-
def append_info_to_payload(payload)
|
17
|
-
super
|
18
|
-
payload[:status] ||= 401 unless payload[:exception]
|
19
|
-
end
|
20
15
|
end
|
21
16
|
|
22
17
|
module ClassMethods
|
@@ -83,6 +78,11 @@ module Devise
|
|
83
78
|
end
|
84
79
|
METHODS
|
85
80
|
end
|
81
|
+
|
82
|
+
def log_process_action(payload)
|
83
|
+
payload[:status] ||= 401 unless payload[:exception]
|
84
|
+
super
|
85
|
+
end
|
86
86
|
end
|
87
87
|
|
88
88
|
# Define authentication filters and accessor helpers based on mappings.
|
@@ -31,8 +31,13 @@ module Devise
|
|
31
31
|
end
|
32
32
|
|
33
33
|
def update_tracked_fields!(request)
|
34
|
+
# We have to check if the user is already persisted before running
|
35
|
+
# `save` here because invalid users can be saved if we don't.
|
36
|
+
# See https://github.com/plataformatec/devise/issues/4673 for more details.
|
37
|
+
return if new_record?
|
38
|
+
|
34
39
|
update_tracked_fields(request)
|
35
|
-
save
|
40
|
+
save(validate: false)
|
36
41
|
end
|
37
42
|
end
|
38
43
|
end
|
data/lib/devise/rails.rb
CHANGED
@@ -34,7 +34,9 @@ module Devise
|
|
34
34
|
end
|
35
35
|
|
36
36
|
initializer "devise.secret_key" do |app|
|
37
|
-
if app.respond_to?(:
|
37
|
+
if app.respond_to?(:credentials)
|
38
|
+
Devise.secret_key ||= app.credentials.secret_key_base
|
39
|
+
elsif app.respond_to?(:secrets)
|
38
40
|
Devise.secret_key ||= app.secrets.secret_key_base
|
39
41
|
elsif app.config.respond_to?(:secret_key_base)
|
40
42
|
Devise.secret_key ||= app.config.secret_key_base
|
@@ -139,6 +139,7 @@ module Devise
|
|
139
139
|
|
140
140
|
status, headers, response = Devise.warden_config[:failure_app].call(env).to_a
|
141
141
|
@controller.response.headers.merge!(headers)
|
142
|
+
@controller.response.content_type = headers["Content-Type"] unless Devise::Test.rails5?
|
142
143
|
@controller.status = status
|
143
144
|
@controller.response.body = response.body
|
144
145
|
nil # causes process return @response
|
data/lib/devise/version.rb
CHANGED
@@ -9,6 +9,10 @@ Devise.setup do |config|
|
|
9
9
|
# Devise will use the `secret_key_base` as its `secret_key`
|
10
10
|
# by default. You can change it below and use your own secret key.
|
11
11
|
# config.secret_key = '<%= SecureRandom.hex(64) %>'
|
12
|
+
|
13
|
+
# ==> Controller configuration
|
14
|
+
# Configure the parent class to the devise controllers.
|
15
|
+
# config.parent_controller = 'DeviseController'
|
12
16
|
|
13
17
|
# ==> Mailer Configuration
|
14
18
|
# Configure the e-mail address which will be shown in Devise::Mailer,
|
@@ -3,6 +3,12 @@
|
|
3
3
|
require 'test_helper'
|
4
4
|
|
5
5
|
class AuthenticationSanityTest < Devise::IntegrationTest
|
6
|
+
test 'sign in should not run model validations' do
|
7
|
+
sign_in_as_user
|
8
|
+
|
9
|
+
refute User.validations_performed
|
10
|
+
end
|
11
|
+
|
6
12
|
test 'home should be accessible without sign in' do
|
7
13
|
visit '/'
|
8
14
|
assert_response :success
|
@@ -545,18 +551,6 @@ class AuthenticationOthersTest < Devise::IntegrationTest
|
|
545
551
|
refute warden.authenticated?(:user)
|
546
552
|
end
|
547
553
|
end
|
548
|
-
|
549
|
-
test 'not signed in should return notification payload with 401 status' do
|
550
|
-
begin
|
551
|
-
subscriber = ActiveSupport::Notifications.subscribe /process_action.action_controller/ do |_name, _start, _finish, _id, payload|
|
552
|
-
assert_equal 401, payload[:status]
|
553
|
-
end
|
554
|
-
|
555
|
-
get admins_path
|
556
|
-
ensure
|
557
|
-
ActiveSupport::Notifications.unsubscribe(subscriber)
|
558
|
-
end
|
559
|
-
end
|
560
554
|
end
|
561
555
|
|
562
556
|
class AuthenticationKeysTest < Devise::IntegrationTest
|
@@ -3,6 +3,12 @@
|
|
3
3
|
require 'test_helper'
|
4
4
|
|
5
5
|
class HttpAuthenticationTest < Devise::IntegrationTest
|
6
|
+
test 'sign in with HTTP should not run model validations' do
|
7
|
+
sign_in_as_new_user_with_http
|
8
|
+
|
9
|
+
refute User.validations_performed
|
10
|
+
end
|
11
|
+
|
6
12
|
test 'handles unverified requests gets rid of caches but continues signed in' do
|
7
13
|
swap ApplicationController, allow_forgery_protection: true do
|
8
14
|
create_user
|
@@ -42,6 +42,17 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
|
|
42
42
|
end
|
43
43
|
end
|
44
44
|
|
45
|
+
test "omniauth sign in should not run model validations" do
|
46
|
+
stub_action!(:sign_in_facebook) do
|
47
|
+
create_user
|
48
|
+
visit "/users/sign_in"
|
49
|
+
click_link "Sign in with FaceBook"
|
50
|
+
assert warden.authenticated?(:user)
|
51
|
+
|
52
|
+
refute User.validations_performed
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
45
56
|
test "can access omniauth.auth in the env hash" do
|
46
57
|
visit "/users/sign_in"
|
47
58
|
click_link "Sign in with FaceBook"
|
@@ -12,7 +12,7 @@ class RememberMeTest < Devise::IntegrationTest
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def generate_signed_cookie(raw_cookie)
|
15
|
-
request = if Devise::Test.rails51?
|
15
|
+
request = if Devise::Test.rails51? || Devise::Test.rails52?
|
16
16
|
ActionController::TestRequest.create(Class.new) # needs a "controller class"
|
17
17
|
elsif Devise::Test.rails5?
|
18
18
|
ActionController::TestRequest.create
|
@@ -3,6 +3,11 @@
|
|
3
3
|
require 'test_helper'
|
4
4
|
|
5
5
|
class TrackableHooksTest < Devise::IntegrationTest
|
6
|
+
test "trackable should not run model validations" do
|
7
|
+
sign_in_as_user
|
8
|
+
|
9
|
+
refute User.validations_performed
|
10
|
+
end
|
6
11
|
|
7
12
|
test "current and last sign in timestamps are updated on each sign in" do
|
8
13
|
user = create_user
|
@@ -41,7 +41,7 @@ class TrackableTest < ActiveSupport::TestCase
|
|
41
41
|
assert_equal 0, user.sign_in_count
|
42
42
|
end
|
43
43
|
|
44
|
-
test
|
44
|
+
test "update_tracked_fields! should not persist invalid records" do
|
45
45
|
user = UserWithValidations.new
|
46
46
|
request = mock
|
47
47
|
request.stubs(:remote_ip).returns("127.0.0.1")
|
@@ -49,4 +49,14 @@ class TrackableTest < ActiveSupport::TestCase
|
|
49
49
|
assert_not user.update_tracked_fields!(request)
|
50
50
|
assert_not user.persisted?
|
51
51
|
end
|
52
|
+
|
53
|
+
test "update_tracked_fields! should not run model validations" do
|
54
|
+
user = User.new
|
55
|
+
request = mock
|
56
|
+
request.stubs(:remote_ip).returns("127.0.0.1")
|
57
|
+
|
58
|
+
user.expects(:after_validation_callback).never
|
59
|
+
|
60
|
+
assert_not user.update_tracked_fields!(request)
|
61
|
+
end
|
52
62
|
end
|
data/test/orm/active_record.rb
CHANGED
@@ -4,7 +4,12 @@ ActiveRecord::Migration.verbose = false
|
|
4
4
|
ActiveRecord::Base.logger = Logger.new(nil)
|
5
5
|
ActiveRecord::Base.include_root_in_json = true
|
6
6
|
|
7
|
-
|
7
|
+
migrate_path = File.expand_path("../../rails_app/db/migrate/", __FILE__)
|
8
|
+
if Devise::Test.rails52?
|
9
|
+
ActiveRecord::MigrationContext.new(migrate_path).migrate
|
10
|
+
else
|
11
|
+
ActiveRecord::Migrator.migrate(migrate_path)
|
12
|
+
end
|
8
13
|
|
9
14
|
class ActiveSupport::TestCase
|
10
15
|
if Devise::Test.rails5?
|
@@ -8,4 +8,13 @@ class User < ActiveRecord::Base
|
|
8
8
|
include ActiveModel::Serializers::Xml if Devise::Test.rails5?
|
9
9
|
|
10
10
|
validates :sign_in_count, presence: true
|
11
|
+
|
12
|
+
cattr_accessor :validations_performed
|
13
|
+
|
14
|
+
after_validation :after_validation_callback
|
15
|
+
|
16
|
+
def after_validation_callback
|
17
|
+
# used to check in our test if the validations were called
|
18
|
+
@@validations_performed = true
|
19
|
+
end
|
11
20
|
end
|
@@ -38,4 +38,13 @@ class User
|
|
38
38
|
field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
|
39
39
|
field :unlock_token, type: String # Only if unlock strategy is :email or :both
|
40
40
|
field :locked_at, type: Time
|
41
|
+
|
42
|
+
cattr_accessor :validations_performed
|
43
|
+
|
44
|
+
after_validation :after_validation_callback
|
45
|
+
|
46
|
+
def after_validation_callback
|
47
|
+
# used to check in our test if the validations were called
|
48
|
+
@@validations_performed = true
|
49
|
+
end
|
41
50
|
end
|
@@ -33,8 +33,10 @@ module RailsApp
|
|
33
33
|
# config.assets.enabled = false
|
34
34
|
|
35
35
|
config.action_mailer.default_url_options = { host: "localhost", port: 3000 }
|
36
|
-
|
37
|
-
if DEVISE_ORM == :active_record &&
|
36
|
+
rails_version = Gem::Version.new(Rails.version)
|
37
|
+
if DEVISE_ORM == :active_record &&
|
38
|
+
rails_version >= Gem::Version.new('4.2.0') &&
|
39
|
+
rails_version < Gem::Version.new('5.1.0')
|
38
40
|
config.active_record.raise_in_transactional_callbacks = true
|
39
41
|
end
|
40
42
|
|
@@ -6,7 +6,12 @@ end
|
|
6
6
|
|
7
7
|
module Devise
|
8
8
|
module Test
|
9
|
-
# Detection for minor differences between Rails 4 and 5, and 5.
|
9
|
+
# Detection for minor differences between Rails 4 and 5, 5.1, and 5.2 in tests.
|
10
|
+
|
11
|
+
def self.rails52?
|
12
|
+
Rails.version.start_with? '5.2'
|
13
|
+
end
|
14
|
+
|
10
15
|
def self.rails51?
|
11
16
|
Rails.version.start_with? '5.1'
|
12
17
|
end
|
data/test/support/integration.rb
CHANGED
@@ -19,6 +19,7 @@ class ActionDispatch::IntegrationTest
|
|
19
19
|
user.update_attribute(:confirmation_sent_at, options[:confirmation_sent_at]) if options[:confirmation_sent_at]
|
20
20
|
user.confirm unless options[:confirm] == false
|
21
21
|
user.lock_access! if options[:locked] == true
|
22
|
+
User.validations_performed = false
|
22
23
|
user
|
23
24
|
end
|
24
25
|
end
|
@@ -100,6 +100,11 @@ class TestControllerHelpersTest < Devise::ControllerTestCase
|
|
100
100
|
assert_equal response.body, "<html><body>You are being <a href=\"http://test.host/users/sign_in\">redirected</a>.</body></html>"
|
101
101
|
end
|
102
102
|
|
103
|
+
test "returns the content type of a failure app" do
|
104
|
+
get :index, params: { format: :xml }
|
105
|
+
assert response.content_type.include?('application/xml')
|
106
|
+
end
|
107
|
+
|
103
108
|
test "defined Warden after_authentication callback should not be called when sign_in is called" do
|
104
109
|
begin
|
105
110
|
Warden::Manager.after_authentication do |user, auth, opts|
|
@@ -166,7 +171,7 @@ class TestControllerHelpersTest < Devise::ControllerTestCase
|
|
166
171
|
test "creates a new warden proxy if the request object has changed" do
|
167
172
|
old_warden_proxy = warden
|
168
173
|
|
169
|
-
@request = if Devise::Test.rails51?
|
174
|
+
@request = if Devise::Test.rails51? || Devise::Test.rails52?
|
170
175
|
ActionController::TestRequest.create(Class.new) # needs a "controller class"
|
171
176
|
elsif Devise::Test.rails5?
|
172
177
|
ActionController::TestRequest.create
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.4.
|
4
|
+
version: 4.4.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- José Valim
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2018-
|
12
|
+
date: 2018-03-15 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: warden
|
@@ -62,7 +62,7 @@ dependencies:
|
|
62
62
|
version: 4.1.0
|
63
63
|
- - "<"
|
64
64
|
- !ruby/object:Gem::Version
|
65
|
-
version: '
|
65
|
+
version: '6.0'
|
66
66
|
type: :runtime
|
67
67
|
prerelease: false
|
68
68
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -72,7 +72,7 @@ dependencies:
|
|
72
72
|
version: 4.1.0
|
73
73
|
- - "<"
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: '
|
75
|
+
version: '6.0'
|
76
76
|
- !ruby/object:Gem::Dependency
|
77
77
|
name: responders
|
78
78
|
requirement: !ruby/object:Gem::Requirement
|
@@ -137,6 +137,8 @@ files:
|
|
137
137
|
- gemfiles/Gemfile.rails-4.2-stable.lock
|
138
138
|
- gemfiles/Gemfile.rails-5.0-stable
|
139
139
|
- gemfiles/Gemfile.rails-5.0-stable.lock
|
140
|
+
- gemfiles/Gemfile.rails-5.2-rc1
|
141
|
+
- gemfiles/Gemfile.rails-5.2-rc1.lock
|
140
142
|
- guides/bug_report_templates/integration_test.rb
|
141
143
|
- lib/devise.rb
|
142
144
|
- lib/devise/controllers/helpers.rb
|
@@ -379,7 +381,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
379
381
|
version: '0'
|
380
382
|
requirements: []
|
381
383
|
rubyforge_project:
|
382
|
-
rubygems_version: 2.
|
384
|
+
rubygems_version: 2.7.4
|
383
385
|
signing_key:
|
384
386
|
specification_version: 4
|
385
387
|
summary: Flexible authentication solution for Rails with Warden
|