devise_g5_authenticatable 0.3.0 → 1.0.0.pre.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.rspec +1 -0
- data/.ruby-version +1 -1
- data/.travis.yml +29 -7
- data/Appraisals +21 -0
- data/CHANGELOG.md +24 -0
- data/Gemfile +11 -7
- data/README.md +6 -6
- data/Rakefile +6 -5
- data/app/controllers/devise_g5_authenticatable/registrations_controller.rb +3 -0
- data/app/controllers/devise_g5_authenticatable/sessions_controller.rb +9 -5
- data/config/initializers/devise_g5_authenticatable.rb +2 -0
- data/devise_g5_authenticatable.gemspec +6 -5
- data/gemfiles/rails_4.1.gemfile +26 -0
- data/gemfiles/rails_4.2.gemfile +26 -0
- data/gemfiles/rails_5.0.gemfile +26 -0
- data/gemfiles/rails_5.1.gemfile +26 -0
- data/lib/devise_g5_authenticatable/controllers/helpers.rb +5 -0
- data/lib/devise_g5_authenticatable/controllers/url_helpers.rb +3 -0
- data/lib/devise_g5_authenticatable/engine.rb +4 -1
- data/lib/devise_g5_authenticatable/g5/auth_password_validator.rb +6 -1
- data/lib/devise_g5_authenticatable/g5/auth_user_creator.rb +16 -15
- data/lib/devise_g5_authenticatable/g5/auth_user_updater.rb +11 -5
- data/lib/devise_g5_authenticatable/g5/user_exporter.rb +11 -6
- data/lib/devise_g5_authenticatable/g5.rb +2 -0
- data/lib/devise_g5_authenticatable/hooks/g5_authenticatable.rb +8 -3
- data/lib/devise_g5_authenticatable/models/g5_authenticatable.rb +38 -26
- data/lib/devise_g5_authenticatable/models/protected_attributes.rb +11 -2
- data/lib/devise_g5_authenticatable/omniauth.rb +8 -2
- data/lib/devise_g5_authenticatable/routes.rb +48 -35
- data/lib/devise_g5_authenticatable/version.rb +3 -1
- data/lib/devise_g5_authenticatable.rb +4 -1
- data/spec/controllers/helpers_spec.rb +54 -49
- data/spec/controllers/sessions_controller_spec.rb +67 -39
- data/spec/controllers/url_helpers_spec.rb +78 -78
- data/spec/dummy/app/views/{anonymous → devise}/new.html.erb +0 -0
- data/spec/dummy/config/environments/test.rb +20 -4
- data/spec/dummy/config/initializers/devise.rb +5 -1
- data/spec/dummy/config/initializers/rails_compatibility.rb +10 -0
- data/spec/dummy/db/migrate/20131230235849_devise_create_users.rb +3 -1
- data/spec/dummy/db/migrate/20140102213131_drop_database_authenticatable.rb +3 -1
- data/spec/dummy/db/migrate/20140103032308_drop_recoverable.rb +3 -1
- data/spec/dummy/db/migrate/20140103042329_drop_rememberable.rb +3 -1
- data/spec/dummy/db/migrate/20140103174810_add_omniauth_columns_to_users.rb +3 -1
- data/spec/dummy/db/migrate/20140103191601_add_email_back_to_user.rb +3 -1
- data/spec/dummy/db/migrate/20140113202948_devise_create_admins.rb +3 -1
- data/spec/dummy/db/migrate/20140113233821_add_provider_and_uid_to_admins.rb +3 -1
- data/spec/dummy/db/schema.rb +29 -29
- data/spec/factories/admin.rb +2 -0
- data/spec/factories/user.rb +2 -0
- data/spec/features/edit_registration_spec.rb +22 -13
- data/spec/features/registration_spec.rb +13 -8
- data/spec/features/sign_in_spec.rb +4 -2
- data/spec/features/sign_out_spec.rb +4 -2
- data/spec/features/token_validation_spec.rb +24 -14
- data/spec/g5/auth_password_validator_spec.rb +28 -15
- data/spec/g5/auth_user_creator_spec.rb +29 -22
- data/spec/g5/auth_user_updater_spec.rb +23 -16
- data/spec/g5/user_exporter_spec.rb +36 -31
- data/spec/models/g5_authenticatable_spec.rb +78 -38
- data/spec/models/protected_attributes_spec.rb +24 -19
- data/spec/rails_helper.rb +46 -0
- data/spec/routing/registrations_routing_spec.rb +43 -27
- data/spec/routing/sessions_routing_spec.rb +46 -29
- data/spec/spec_helper.rb +93 -27
- data/spec/support/controller_test_helpers.rb +15 -0
- data/spec/support/devise.rb +9 -1
- data/spec/support/shared_contexts/custom_router.rb +16 -0
- data/spec/support/shared_contexts/oauth_error.rb +4 -2
- data/spec/support/shared_contexts/rake.rb +10 -4
- data/spec/support/shared_examples/registration_error.rb +3 -1
- data/spec/support/{user_feature_methods.rb → user_omniauth_methods.rb} +9 -5
- data/spec/tasks/export_users_spec.rb +5 -3
- metadata +30 -26
- data/circle.yml +0 -4
- data/spec/support/omniauth.rb +0 -3
|
@@ -1,12 +1,17 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
Warden::Manager.after_set_user only: :fetch do |record, warden, options|
|
|
2
4
|
if Devise.g5_strict_token_validation
|
|
3
5
|
scope = options[:scope]
|
|
4
6
|
|
|
5
|
-
auth_client = G5AuthenticationClient::Client.new(
|
|
6
|
-
|
|
7
|
+
auth_client = G5AuthenticationClient::Client.new(
|
|
8
|
+
allow_password_credentials: 'false',
|
|
9
|
+
access_token: record.g5_access_token
|
|
10
|
+
)
|
|
11
|
+
|
|
7
12
|
begin
|
|
8
13
|
auth_client.token_info
|
|
9
|
-
rescue StandardError
|
|
14
|
+
rescue StandardError
|
|
10
15
|
proxy = Devise::Hooks::Proxy.new(warden)
|
|
11
16
|
proxy.sign_out(record)
|
|
12
17
|
record.revoke_g5_credentials!
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'devise_g5_authenticatable/g5'
|
|
2
4
|
require 'devise_g5_authenticatable/hooks/g5_authenticatable'
|
|
3
5
|
|
|
@@ -22,19 +24,13 @@ module Devise
|
|
|
22
24
|
end
|
|
23
25
|
|
|
24
26
|
def auth_user
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
logger.error("Couldn't save user credentials because: #{e}")
|
|
33
|
-
raise ActiveRecord::RecordNotSaved.new(e.code)
|
|
34
|
-
rescue StandardError => e
|
|
35
|
-
logger.error("Couldn't save user credentials because: #{e}")
|
|
36
|
-
raise ActiveRecord::RecordNotSaved.new(e.message)
|
|
37
|
-
end
|
|
27
|
+
sync_auth_data
|
|
28
|
+
rescue OAuth2::Error => e
|
|
29
|
+
logger.error("Couldn't save user credentials because: #{e}")
|
|
30
|
+
raise ActiveRecord::RecordNotSaved, e.code
|
|
31
|
+
rescue StandardError => e
|
|
32
|
+
logger.error("Couldn't save user credentials because: #{e}")
|
|
33
|
+
raise ActiveRecord::RecordNotSaved, e.message
|
|
38
34
|
end
|
|
39
35
|
|
|
40
36
|
def clean_up_passwords
|
|
@@ -47,18 +43,14 @@ module Devise
|
|
|
47
43
|
end
|
|
48
44
|
|
|
49
45
|
def update_with_password(params)
|
|
50
|
-
updated_attributes = params.reject
|
|
46
|
+
updated_attributes = params.reject do |k, v|
|
|
47
|
+
k =~ /password/ && v.blank?
|
|
48
|
+
end
|
|
51
49
|
current_password = updated_attributes.delete(:current_password)
|
|
52
50
|
|
|
53
|
-
if
|
|
54
|
-
|
|
55
|
-
elsif current_password.blank?
|
|
56
|
-
errors.add(:current_password, :blank)
|
|
57
|
-
else
|
|
58
|
-
errors.add(:current_password, :invalid)
|
|
51
|
+
if valid_current_password?(current_password)
|
|
52
|
+
update_attributes(updated_attributes)
|
|
59
53
|
end
|
|
60
|
-
|
|
61
|
-
valid
|
|
62
54
|
end
|
|
63
55
|
|
|
64
56
|
def update_g5_credentials(oauth_data)
|
|
@@ -78,8 +70,7 @@ module Devise
|
|
|
78
70
|
}.with_indifferent_access
|
|
79
71
|
end
|
|
80
72
|
|
|
81
|
-
def update_roles_from_auth(auth_data)
|
|
82
|
-
end
|
|
73
|
+
def update_roles_from_auth(auth_data); end
|
|
83
74
|
|
|
84
75
|
def update_from_auth(auth_data)
|
|
85
76
|
assign_attributes(attributes_from_auth(auth_data))
|
|
@@ -87,11 +78,31 @@ module Devise
|
|
|
87
78
|
update_roles_from_auth(auth_data)
|
|
88
79
|
end
|
|
89
80
|
|
|
81
|
+
private
|
|
82
|
+
|
|
83
|
+
def sync_auth_data
|
|
84
|
+
if new_record?
|
|
85
|
+
G5::AuthUserCreator.new(self).create
|
|
86
|
+
else
|
|
87
|
+
G5::AuthUserUpdater.new(self).update
|
|
88
|
+
end
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
def valid_current_password?(current_password)
|
|
92
|
+
return true if valid_password?(current_password)
|
|
93
|
+
error = current_password.blank? ? :blank : :invalid
|
|
94
|
+
errors.add(:current_password, error)
|
|
95
|
+
false
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
# Finders and creation methods based on auth user data
|
|
90
99
|
module ClassMethods
|
|
91
100
|
def find_for_g5_oauth(oauth_data)
|
|
92
|
-
found_user = find_by_provider_and_uid(oauth_data.provider.to_s,
|
|
101
|
+
found_user = find_by_provider_and_uid(oauth_data.provider.to_s,
|
|
102
|
+
oauth_data.uid.to_s)
|
|
93
103
|
return found_user if found_user.present?
|
|
94
|
-
find_by_email_and_provider(oauth_data.info.email,
|
|
104
|
+
find_by_email_and_provider(oauth_data.info.email,
|
|
105
|
+
oauth_data.provider.to_s)
|
|
95
106
|
end
|
|
96
107
|
|
|
97
108
|
def find_and_update_for_g5_oauth(auth_data)
|
|
@@ -114,6 +125,7 @@ module Devise
|
|
|
114
125
|
end
|
|
115
126
|
|
|
116
127
|
private
|
|
128
|
+
|
|
117
129
|
def without_auth_callback
|
|
118
130
|
skip_callback :save, :before, :auth_user
|
|
119
131
|
yield
|
|
@@ -1,5 +1,8 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module DeviseG5Authenticatable
|
|
2
4
|
module Models
|
|
5
|
+
# Support protected attributes for users in apps that require it
|
|
3
6
|
module ProtectedAttributes
|
|
4
7
|
extend ActiveSupport::Concern
|
|
5
8
|
|
|
@@ -11,6 +14,12 @@ module DeviseG5Authenticatable
|
|
|
11
14
|
end
|
|
12
15
|
end
|
|
13
16
|
|
|
14
|
-
module Devise
|
|
15
|
-
|
|
17
|
+
module Devise
|
|
18
|
+
module Models
|
|
19
|
+
# If this file is required, then protected attributes will be automatically
|
|
20
|
+
# mixed in to the g5 authenticatable model(s)
|
|
21
|
+
module G5Authenticatable
|
|
22
|
+
include DeviseG5Authenticatable::Models::ProtectedAttributes
|
|
23
|
+
end
|
|
24
|
+
end
|
|
16
25
|
end
|
|
@@ -1,9 +1,15 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'devise/omniauth'
|
|
2
4
|
require 'omniauth-g5'
|
|
3
5
|
|
|
4
6
|
OmniAuth.config.on_failure do |env|
|
|
5
7
|
env['devise.mapping'] = Devise::Mapping.find_by_path!(env['PATH_INFO'], :path)
|
|
6
|
-
controller_name
|
|
7
|
-
|
|
8
|
+
controller_name = ActiveSupport::Inflector.camelize(
|
|
9
|
+
env['devise.mapping'].controllers[:sessions]
|
|
10
|
+
)
|
|
11
|
+
controller_klass = ActiveSupport::Inflector.constantize(
|
|
12
|
+
"#{controller_name}Controller"
|
|
13
|
+
)
|
|
8
14
|
controller_klass.action(:failure).call(env)
|
|
9
15
|
end
|
|
@@ -1,58 +1,71 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Devise
|
|
4
|
+
# Add custom G5 controllers to default routing options
|
|
2
5
|
class Mapping
|
|
3
|
-
alias
|
|
6
|
+
alias original_initialize initialize
|
|
4
7
|
|
|
5
8
|
def initialize(name, options)
|
|
6
|
-
|
|
9
|
+
setup_default_g5_controllers(options)
|
|
7
10
|
original_initialize(name, options)
|
|
8
11
|
end
|
|
9
12
|
|
|
10
13
|
private
|
|
11
|
-
|
|
14
|
+
|
|
15
|
+
def setup_default_g5_controllers(options)
|
|
12
16
|
options[:controllers] ||= {}
|
|
13
|
-
options[:controllers].reverse_merge!(
|
|
17
|
+
options[:controllers].reverse_merge!(
|
|
14
18
|
registrations: 'devise_g5_authenticatable/registrations',
|
|
15
19
|
sessions: 'devise_g5_authenticatable/sessions'
|
|
16
|
-
|
|
20
|
+
)
|
|
17
21
|
options
|
|
18
22
|
end
|
|
19
23
|
end
|
|
20
24
|
end
|
|
21
25
|
|
|
22
|
-
module ActionDispatch
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
build_session_routes(mapping, controllers)
|
|
28
|
-
build_g5_omniauth_routes(mapping, controllers)
|
|
29
|
-
end
|
|
26
|
+
module ActionDispatch
|
|
27
|
+
module Routing
|
|
28
|
+
# Add G5 omniauth callbacks to set of routes
|
|
29
|
+
class Mapper
|
|
30
|
+
protected
|
|
30
31
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
32
|
+
def devise_session(mapping, controllers)
|
|
33
|
+
setup_omniauth_path_prefix(mapping)
|
|
34
|
+
build_session_routes(mapping, controllers)
|
|
35
|
+
build_g5_omniauth_routes(mapping, controllers)
|
|
36
|
+
end
|
|
35
37
|
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
38
|
+
def setup_omniauth_path_prefix(mapping)
|
|
39
|
+
return if ::OmniAuth.config.path_prefix.present?
|
|
40
|
+
path_prefix = Devise.omniauth_path_prefix ||
|
|
41
|
+
"/#{mapping.fullpath}/auth".squeeze('/')
|
|
42
|
+
set_omniauth_path_prefix!(path_prefix)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def build_session_routes(mapping, controllers)
|
|
46
|
+
resource(:session, only: [],
|
|
47
|
+
controller: controllers[:sessions],
|
|
48
|
+
path: '') do
|
|
49
|
+
get :new, path: mapping.path_names[:sign_in],
|
|
50
|
+
as: :new
|
|
51
|
+
post :create, path: mapping.path_names[:sign_in]
|
|
52
|
+
match :destroy, path: mapping.path_names[:sign_out],
|
|
53
|
+
as: :destroy,
|
|
54
|
+
via: mapping.sign_out_via
|
|
55
|
+
end
|
|
41
56
|
end
|
|
42
|
-
end
|
|
43
57
|
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
via: [:get, :post]
|
|
58
|
+
def build_g5_omniauth_routes(_mapping, controllers)
|
|
59
|
+
match 'auth/g5', controller: controllers[:sessions],
|
|
60
|
+
action: 'omniauth_passthru',
|
|
61
|
+
as: :g5_authorize,
|
|
62
|
+
via: %i[get post]
|
|
63
|
+
|
|
64
|
+
match 'auth/g5/callback', controller: controllers[:sessions],
|
|
65
|
+
action: 'create',
|
|
66
|
+
as: :g5_callback,
|
|
67
|
+
via: %i[get post]
|
|
68
|
+
end
|
|
56
69
|
end
|
|
57
70
|
end
|
|
58
71
|
end
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'devise_g5_authenticatable/version'
|
|
2
4
|
|
|
3
5
|
require 'devise'
|
|
@@ -9,6 +11,7 @@ require 'devise_g5_authenticatable/controllers/url_helpers'
|
|
|
9
11
|
|
|
10
12
|
require 'devise_g5_authenticatable/engine'
|
|
11
13
|
|
|
14
|
+
# Custom devise configuration options
|
|
12
15
|
module Devise
|
|
13
16
|
# Should devise_g5_authenticatable validate the user's access token
|
|
14
17
|
# against the auth server for every request? Default is false
|
|
@@ -19,6 +22,6 @@ end
|
|
|
19
22
|
|
|
20
23
|
Devise.add_module(:g5_authenticatable,
|
|
21
24
|
strategy: false,
|
|
22
|
-
route: {session: [nil, :new, :destroy]},
|
|
25
|
+
route: { session: [nil, :new, :destroy] },
|
|
23
26
|
controller: :sessions,
|
|
24
27
|
model: 'devise_g5_authenticatable/models/g5_authenticatable')
|
|
@@ -1,20 +1,22 @@
|
|
|
1
|
-
|
|
1
|
+
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
require 'rails_helper'
|
|
4
|
+
|
|
5
|
+
RSpec.describe DeviseG5Authenticatable::Helpers do
|
|
4
6
|
controller(ActionController::Base) do
|
|
5
7
|
include Devise::Controllers::Helpers
|
|
6
8
|
include DeviseG5Authenticatable::Helpers
|
|
7
9
|
end
|
|
8
10
|
|
|
9
11
|
describe '#clear_blank_passwords' do
|
|
10
|
-
subject(:clear_passwords) { get
|
|
12
|
+
subject(:clear_passwords) { get(:index, build_params(password_params)) }
|
|
11
13
|
before { clear_passwords }
|
|
12
14
|
|
|
13
15
|
controller do
|
|
14
|
-
|
|
16
|
+
before_action :clear_blank_passwords, only: :index
|
|
15
17
|
|
|
16
18
|
def index
|
|
17
|
-
render status: 200,
|
|
19
|
+
render status: 200, plain: 'Index'
|
|
18
20
|
end
|
|
19
21
|
end
|
|
20
22
|
|
|
@@ -36,24 +38,27 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
36
38
|
let(:password_confirmation) { 'some_other_secret' }
|
|
37
39
|
let(:current_password) { 'current_secret' }
|
|
38
40
|
|
|
41
|
+
let(:scope_params) { controller.params[scope] }
|
|
42
|
+
|
|
39
43
|
context 'with user scope' do
|
|
40
44
|
let(:scope) { :user }
|
|
41
45
|
|
|
42
46
|
context 'with non-blank password params' do
|
|
43
47
|
it 'should not change the password param' do
|
|
44
|
-
expect(
|
|
48
|
+
expect(scope_params[:password]).to eq(password)
|
|
45
49
|
end
|
|
46
50
|
|
|
47
51
|
it 'should not change the password_confirmation param' do
|
|
48
|
-
expect(
|
|
52
|
+
expect(scope_params[:password_confirmation])
|
|
53
|
+
.to eq(password_confirmation)
|
|
49
54
|
end
|
|
50
55
|
|
|
51
56
|
it 'should not change the current_password param' do
|
|
52
|
-
expect(
|
|
57
|
+
expect(scope_params[:current_password]).to eq(current_password)
|
|
53
58
|
end
|
|
54
59
|
|
|
55
60
|
it 'should not change the non-password param' do
|
|
56
|
-
expect(
|
|
61
|
+
expect(scope_params[:email]).to eq(password_params[:user][:email])
|
|
57
62
|
end
|
|
58
63
|
end
|
|
59
64
|
|
|
@@ -61,15 +66,16 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
61
66
|
let(:password) {}
|
|
62
67
|
|
|
63
68
|
it 'should set the password param to nil' do
|
|
64
|
-
expect(
|
|
69
|
+
expect(scope_params[:password]).to be_nil
|
|
65
70
|
end
|
|
66
71
|
|
|
67
72
|
it 'should not change the password confirmation param' do
|
|
68
|
-
expect(
|
|
73
|
+
expect(scope_params[:password_confirmation])
|
|
74
|
+
.to eq(password_confirmation)
|
|
69
75
|
end
|
|
70
76
|
|
|
71
77
|
it 'should not change the current_password param' do
|
|
72
|
-
expect(
|
|
78
|
+
expect(scope_params[:current_password]).to eq(current_password)
|
|
73
79
|
end
|
|
74
80
|
end
|
|
75
81
|
|
|
@@ -77,15 +83,16 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
77
83
|
let(:password) { ' ' }
|
|
78
84
|
|
|
79
85
|
it 'should set the password param to nil' do
|
|
80
|
-
expect(
|
|
86
|
+
expect(scope_params[:password]).to be_nil
|
|
81
87
|
end
|
|
82
88
|
|
|
83
89
|
it 'should not change the password confirmation param' do
|
|
84
|
-
expect(
|
|
90
|
+
expect(scope_params[:password_confirmation])
|
|
91
|
+
.to eq(password_confirmation)
|
|
85
92
|
end
|
|
86
93
|
|
|
87
94
|
it 'should not change the current_password param' do
|
|
88
|
-
expect(
|
|
95
|
+
expect(scope_params[:current_password]).to eq(current_password)
|
|
89
96
|
end
|
|
90
97
|
end
|
|
91
98
|
|
|
@@ -93,15 +100,15 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
93
100
|
let(:password_confirmation) {}
|
|
94
101
|
|
|
95
102
|
it 'should not change the password param' do
|
|
96
|
-
expect(
|
|
103
|
+
expect(scope_params[:password]).to eq(password)
|
|
97
104
|
end
|
|
98
105
|
|
|
99
106
|
it 'should set the password_confirmation param to nil' do
|
|
100
|
-
expect(
|
|
107
|
+
expect(scope_params[:password_confirmation]).to be_nil
|
|
101
108
|
end
|
|
102
109
|
|
|
103
110
|
it 'should not change the current_password param' do
|
|
104
|
-
expect(
|
|
111
|
+
expect(scope_params[:current_password]).to eq(current_password)
|
|
105
112
|
end
|
|
106
113
|
end
|
|
107
114
|
|
|
@@ -109,15 +116,15 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
109
116
|
let(:password_confirmation) { ' ' }
|
|
110
117
|
|
|
111
118
|
it 'should not change the password param' do
|
|
112
|
-
expect(
|
|
119
|
+
expect(scope_params[:password]).to eq(password)
|
|
113
120
|
end
|
|
114
121
|
|
|
115
122
|
it 'should set the password_confirmation param to nil' do
|
|
116
|
-
expect(
|
|
123
|
+
expect(scope_params[:password_confirmation]).to be_nil
|
|
117
124
|
end
|
|
118
125
|
|
|
119
126
|
it 'should not change the current_password param' do
|
|
120
|
-
expect(
|
|
127
|
+
expect(scope_params[:current_password]).to eq(current_password)
|
|
121
128
|
end
|
|
122
129
|
end
|
|
123
130
|
|
|
@@ -125,15 +132,16 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
125
132
|
let(:current_password) {}
|
|
126
133
|
|
|
127
134
|
it 'should not change the password param' do
|
|
128
|
-
expect(
|
|
135
|
+
expect(scope_params[:password]).to eq(password)
|
|
129
136
|
end
|
|
130
137
|
|
|
131
138
|
it 'should not change the password_confirmation param' do
|
|
132
|
-
expect(
|
|
139
|
+
expect(scope_params[:password_confirmation])
|
|
140
|
+
.to eq(password_confirmation)
|
|
133
141
|
end
|
|
134
142
|
|
|
135
143
|
it 'should set the current password param to nil' do
|
|
136
|
-
expect(
|
|
144
|
+
expect(scope_params[:current_password]).to be_nil
|
|
137
145
|
end
|
|
138
146
|
end
|
|
139
147
|
|
|
@@ -141,15 +149,16 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
141
149
|
let(:current_password) { ' ' }
|
|
142
150
|
|
|
143
151
|
it 'should not change the password param' do
|
|
144
|
-
expect(
|
|
152
|
+
expect(scope_params[:password]).to eq(password)
|
|
145
153
|
end
|
|
146
154
|
|
|
147
155
|
it 'should not change the password_confirmation param' do
|
|
148
|
-
expect(
|
|
156
|
+
expect(scope_params[:password_confirmation])
|
|
157
|
+
.to eq(password_confirmation)
|
|
149
158
|
end
|
|
150
159
|
|
|
151
160
|
it 'should set the current password param to nil' do
|
|
152
|
-
expect(
|
|
161
|
+
expect(scope_params[:current_password]).to be_nil
|
|
153
162
|
end
|
|
154
163
|
end
|
|
155
164
|
end
|
|
@@ -161,7 +170,7 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
161
170
|
let(:password) { ' ' }
|
|
162
171
|
|
|
163
172
|
it 'should set the admin password param to nil' do
|
|
164
|
-
expect(
|
|
173
|
+
expect(scope_params[:password]).to be_nil
|
|
165
174
|
end
|
|
166
175
|
end
|
|
167
176
|
|
|
@@ -169,7 +178,7 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
169
178
|
let(:password_confirmation) { ' ' }
|
|
170
179
|
|
|
171
180
|
it 'should set the admin password confirmation to nil' do
|
|
172
|
-
expect(
|
|
181
|
+
expect(scope_params[:password_confirmation]).to be_nil
|
|
173
182
|
end
|
|
174
183
|
end
|
|
175
184
|
|
|
@@ -177,14 +186,14 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
177
186
|
let(:current_password) { ' ' }
|
|
178
187
|
|
|
179
188
|
it 'should set the admin current password param to nil' do
|
|
180
|
-
expect(
|
|
189
|
+
expect(scope_params[:current_password]).to be_nil
|
|
181
190
|
end
|
|
182
191
|
end
|
|
183
192
|
end
|
|
184
193
|
end
|
|
185
194
|
|
|
186
195
|
context 'when there are no password params' do
|
|
187
|
-
let(:password_params) {
|
|
196
|
+
let(:password_params) { {} }
|
|
188
197
|
|
|
189
198
|
it 'should not change any params' do
|
|
190
199
|
expect(controller.params[:user]).to be_nil
|
|
@@ -193,26 +202,26 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
193
202
|
end
|
|
194
203
|
|
|
195
204
|
describe '#set_updated_by_user' do
|
|
196
|
-
subject(:set_updated_by_user) { post
|
|
205
|
+
subject(:set_updated_by_user) { post(:create, build_params(user_params)) }
|
|
197
206
|
|
|
198
207
|
controller do
|
|
199
208
|
define_helpers(:user)
|
|
200
209
|
define_helpers(:admin)
|
|
201
210
|
|
|
202
|
-
|
|
211
|
+
before_action :set_updated_by_user, only: :create
|
|
203
212
|
|
|
204
213
|
def create
|
|
205
|
-
render status: 200,
|
|
214
|
+
render status: 200, plain: 'Create'
|
|
206
215
|
end
|
|
207
216
|
end
|
|
208
217
|
|
|
209
|
-
before { sign_in :user
|
|
218
|
+
before { sign_in(current_user, scope: :user) }
|
|
210
219
|
let(:current_user) { create(:user) }
|
|
211
220
|
|
|
212
221
|
before { set_updated_by_user }
|
|
213
222
|
|
|
214
223
|
context 'when there is a user param' do
|
|
215
|
-
let(:user_params) { {user: attributes_for(:user)} }
|
|
224
|
+
let(:user_params) { { user: attributes_for(:user) } }
|
|
216
225
|
|
|
217
226
|
it 'should set the user updated_by' do
|
|
218
227
|
expect(controller.params[:user][:updated_by]).to eq(current_user)
|
|
@@ -220,7 +229,7 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
220
229
|
end
|
|
221
230
|
|
|
222
231
|
context 'when there is no user param' do
|
|
223
|
-
let(:user_params) {
|
|
232
|
+
let(:user_params) { {} }
|
|
224
233
|
|
|
225
234
|
it 'should set the updated_by' do
|
|
226
235
|
expect(controller.params[:updated_by]).to eq(current_user)
|
|
@@ -229,26 +238,26 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
229
238
|
end
|
|
230
239
|
|
|
231
240
|
describe '#set_updated_by_admin' do
|
|
232
|
-
subject(:set_updated_by_admin) { post
|
|
241
|
+
subject(:set_updated_by_admin) { post(:create, build_params(admin_params)) }
|
|
233
242
|
|
|
234
243
|
controller do
|
|
235
244
|
define_helpers(:user)
|
|
236
245
|
define_helpers(:admin)
|
|
237
246
|
|
|
238
|
-
|
|
247
|
+
before_action :set_updated_by_admin, only: :create
|
|
239
248
|
|
|
240
249
|
def create
|
|
241
|
-
render status: 200,
|
|
250
|
+
render status: 200, plain: 'Create'
|
|
242
251
|
end
|
|
243
252
|
end
|
|
244
253
|
|
|
245
|
-
before { sign_in :admin
|
|
254
|
+
before { sign_in(current_admin, scope: :admin) }
|
|
246
255
|
let(:current_admin) { create(:admin) }
|
|
247
256
|
|
|
248
257
|
before { set_updated_by_admin }
|
|
249
258
|
|
|
250
259
|
context 'when there is an admin param' do
|
|
251
|
-
let(:admin_params) { {admin: attributes_for(:admin)} }
|
|
260
|
+
let(:admin_params) { { admin: attributes_for(:admin) } }
|
|
252
261
|
|
|
253
262
|
it 'should set the admin updated_by' do
|
|
254
263
|
expect(controller.params[:admin][:updated_by]).to eq(current_admin)
|
|
@@ -256,7 +265,7 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
256
265
|
end
|
|
257
266
|
|
|
258
267
|
context 'when there is no admin param' do
|
|
259
|
-
let(:admin_params) {
|
|
268
|
+
let(:admin_params) { {} }
|
|
260
269
|
|
|
261
270
|
it 'should set the updated_by' do
|
|
262
271
|
expect(controller.params[:updated_by]).to eq(current_admin)
|
|
@@ -265,7 +274,7 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
265
274
|
end
|
|
266
275
|
|
|
267
276
|
describe '#handle_resource_error' do
|
|
268
|
-
subject(:action_with_error) { post
|
|
277
|
+
subject(:action_with_error) { post(:create) }
|
|
269
278
|
|
|
270
279
|
before { request.env['devise.mapping'] = Devise.mappings[:user] }
|
|
271
280
|
|
|
@@ -274,7 +283,7 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
274
283
|
|
|
275
284
|
def create
|
|
276
285
|
self.resource = resource_class.new
|
|
277
|
-
raise ActiveRecord::RecordNotSaved
|
|
286
|
+
raise ActiveRecord::RecordNotSaved, 'my_error'
|
|
278
287
|
end
|
|
279
288
|
|
|
280
289
|
# Expose protected resource helper for the purposes of this unit test
|
|
@@ -292,9 +301,5 @@ describe DeviseG5Authenticatable::Helpers do
|
|
|
292
301
|
it 'should set the base error on the resource' do
|
|
293
302
|
expect(controller.resource.errors[:base]).to eq(['my_error'])
|
|
294
303
|
end
|
|
295
|
-
|
|
296
|
-
it 'should render the model creation form' do
|
|
297
|
-
expect(response).to render_template('anonymous/new')
|
|
298
|
-
end
|
|
299
304
|
end
|
|
300
305
|
end
|