loyal_devise 2.1.2 → 2.1.3

data/test/controllers/url_helpers_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 
 class RoutesTest < ActionController::TestCase

data/test/delegator_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 
 class DelegatorTest < ActiveSupport::TestCase

data/test/devise_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 
 module Devise
@@ -69,5 +68,16 @@ class DeviseTest < ActiveSupport::TestCase
     end
     assert_not Devise.secure_compare("size_1", "size_four")
   end
-  
+
+  test 'Devise.email_regexp should match valid email addresses' do
+    valid_emails = ["test@example.com", "jo@jo.co", "f4$_m@you.com", "testing.example@example.com.ua"]
+    non_valid_emails = ["rex", "test@go,com", "test user@example.com", "test_user@example server.com"]
+
+    valid_emails.each do |email|
+      assert_match Devise.email_regexp, email
+    end
+    non_valid_emails.each do |email|
+      assert_no_match Devise.email_regexp, email
+    end
+  end
 end

data/test/failure_app_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 require 'ostruct'
 
@@ -81,9 +80,9 @@ class FailureTest < ActiveSupport::TestCase
 
     test 'setup a default message' do
       call_failure
-      assert_match /You are being/, @response.last.body
-      assert_match /redirected/, @response.last.body
-      assert_match /users\/sign_in/, @response.last.body
+      assert_match(/You are being/, @response.last.body)
+      assert_match(/redirected/, @response.last.body)
+      assert_match(/users\/sign_in/, @response.last.body)
     end
 
     test 'works for any navigational format' do

data/test/generators/active_record_generator_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require "test_helper"
 
 if DEVISE_ORM == :active_record
@@ -11,13 +10,11 @@ if DEVISE_ORM == :active_record
 
     test "all files are properly created with rails31 migration syntax" do
       run_generator %w(monster)
-      assert_file "app/models/monster.rb", /devise/, /attr_accessible (:[a-z_]+(, )?)+/
       assert_migration "db/migrate/devise_create_monsters.rb", /def change/
     end
 
     test "all files for namespaced model are properly created" do
       run_generator %w(admin/monster)
-      assert_file "app/models/admin/monster.rb", /devise/, /attr_accessible (:[a-z_]+(, )?)+/
       assert_migration "db/migrate/devise_create_admin_monsters.rb", /def change/
     end
 
@@ -69,7 +66,7 @@ if DEVISE_ORM == :active_record
       simulate_inside_engine(RailsEngine::Engine, RailsEngine) do
         run_generator ["monster"]
 
-        assert_file "app/models/rails_engine/monster.rb", /devise/,/attr_accessible (:[a-z_]+(, )?)+/
+        assert_file "app/models/rails_engine/monster.rb", /devise/
       end
     end
   end

data/test/generators/devise_generator_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 
 require "generators/devise/devise_generator"

data/test/generators/install_generator_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require "test_helper"
 
 class InstallGeneratorTest < Rails::Generators::TestCase

data/test/generators/mongoid_generator_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require "test_helper"
 
 if DEVISE_ORM == :mongoid

data/test/generators/views_generator_test.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require "test_helper"
 
 class ViewsGeneratorTest < Rails::Generators::TestCase
@@ -9,14 +8,17 @@ class ViewsGeneratorTest < Rails::Generators::TestCase
   test "Assert all views are properly created with no params" do
     run_generator
     assert_files
+    assert_shared_links
   end
 
-  test "Assert all views are properly created with scope param param" do
+  test "Assert all views are properly created with scope param" do
     run_generator %w(users)
     assert_files "users"
+    assert_shared_links "users"
 
     run_generator %w(admins)
     assert_files "admins"
+    assert_shared_links "admins"
   end
 
   test "Assert views with simple form" do
@@ -50,4 +52,16 @@ class ViewsGeneratorTest < Rails::Generators::TestCase
     assert_file "app/views/#{scope}/shared/_links.erb"
     assert_file "app/views/#{scope}/unlocks/new.html.erb"
   end
+
+  def assert_shared_links(scope = nil)
+    scope = "devise" if scope.nil?
+    link = /<%= render \"#{scope}\/shared\/links\" %>/
+
+    assert_file "app/views/#{scope}/passwords/edit.html.erb", link
+    assert_file "app/views/#{scope}/passwords/new.html.erb", link
+    assert_file "app/views/#{scope}/confirmations/new.html.erb", link
+    assert_file "app/views/#{scope}/registrations/new.html.erb", link
+    assert_file "app/views/#{scope}/sessions/new.html.erb", link
+    assert_file "app/views/#{scope}/unlocks/new.html.erb", link
+  end
 end

data/test/helpers/devise_helper_test.rb

@@ -1,7 +1,6 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 
-class DeviseHelperTest < ActionController::IntegrationTest
+class DeviseHelperTest < ActionDispatch::IntegrationTest
   setup do
     model_labels = { :models => { :user => "utilisateur" } }
 

data/test/integration/authenticatable_test.rb

@@ -1,7 +1,6 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 
-class AuthenticationSanityTest < ActionController::IntegrationTest
+class AuthenticationSanityTest < ActionDispatch::IntegrationTest
   test 'home should be accessible without sign in' do
     visit '/'
     assert_response :success
@@ -135,7 +134,7 @@ class AuthenticationSanityTest < ActionController::IntegrationTest
   end
 end
 
-class AuthenticationRoutesRestrictions < ActionController::IntegrationTest
+class AuthenticationRoutesRestrictions < ActionDispatch::IntegrationTest
   test 'not signed in should not be able to access private route (authenticate denied)' do
     get private_path
     assert_redirected_to new_admin_session_path
@@ -192,7 +191,7 @@ class AuthenticationRoutesRestrictions < ActionController::IntegrationTest
     get dashboard_path
 
     assert_response :success
-    assert_template 'home/admin'
+    assert_template 'home/admin_dashboard'
     assert_contain 'Admin dashboard'
   end
 
@@ -204,7 +203,7 @@ class AuthenticationRoutesRestrictions < ActionController::IntegrationTest
     get dashboard_path
 
     assert_response :success
-    assert_template 'home/user'
+    assert_template 'home/user_dashboard'
     assert_contain 'User dashboard'
   end
 
@@ -255,7 +254,7 @@ class AuthenticationRoutesRestrictions < ActionController::IntegrationTest
   end
 end
 
-class AuthenticationRedirectTest < ActionController::IntegrationTest
+class AuthenticationRedirectTest < ActionDispatch::IntegrationTest
   test 'redirect from warden shows sign in or sign up message' do
     get admins_path
 
@@ -318,7 +317,7 @@ class AuthenticationRedirectTest < ActionController::IntegrationTest
   end
 end
 
-class AuthenticationSessionTest < ActionController::IntegrationTest
+class AuthenticationSessionTest < ActionDispatch::IntegrationTest
   test 'destroyed account is signed out' do
     sign_in_as_user
     get '/users'
@@ -334,22 +333,34 @@ class AuthenticationSessionTest < ActionController::IntegrationTest
     assert_equal "Cart", @controller.user_session[:cart]
   end
 
-  test 'does not explode when invalid user class is stored in session' do
-    klass = User
-    paths = ActiveSupport::Dependencies.autoload_paths.dup
-
+  test 'does not explode when class name is still stored in session' do
+    # In order to test that old sessions do not break with the new scoped
+    # deserialization, we need to serialize the session the old way. This is
+    # done by removing the newly used scoped serialization method
+    # (#user_serialize) and bringing back the old uncsoped #serialize method
+    # that includes the record's class name in the serialization.
     begin
+      Warden::SessionSerializer.class_eval do
+        alias_method :original_serialize, :serialize
+        alias_method :original_user_serialize, :user_serialize
+        remove_method :user_serialize
+
+        def serialize(record)
+          klass = record.class
+          array = klass.serialize_into_session(record)
+          array.unshift(klass.name)
+        end
+      end
+
       sign_in_as_user
       assert warden.authenticated?(:user)
-
-      Object.send :remove_const, :User
-      ActiveSupport::Dependencies.autoload_paths.clear
-
-      visit "/users"
-      assert_not warden.authenticated?(:user)
     ensure
-      Object.const_set(:User, klass)
-      ActiveSupport::Dependencies.autoload_paths.replace(paths)
+      Warden::SessionSerializer.class_eval do
+        alias_method :serialize, :original_serialize
+        remove_method :original_serialize
+        alias_method :user_serialize, :original_user_serialize
+        remove_method :original_user_serialize
+      end
     end
   end
 
@@ -365,7 +376,7 @@ class AuthenticationSessionTest < ActionController::IntegrationTest
   end
 end
 
-class AuthenticationWithScopedViewsTest < ActionController::IntegrationTest
+class AuthenticationWithScopedViewsTest < ActionDispatch::IntegrationTest
   test 'renders the scoped view if turned on and view is available' do
     swap Devise, :scoped_views => true do
       assert_raise Webrat::NotFoundError do
@@ -406,7 +417,7 @@ class AuthenticationWithScopedViewsTest < ActionController::IntegrationTest
   end
 end
 
-class AuthenticationOthersTest < ActionController::IntegrationTest
+class AuthenticationOthersTest < ActionDispatch::IntegrationTest
   test 'handles unverified requests gets rid of caches' do
     swap UsersController, :allow_forgery_protection => true do
       post exhibit_user_url(1)
@@ -457,7 +468,7 @@ class AuthenticationOthersTest < ActionController::IntegrationTest
     assert_match '<?xml version="1.0" encoding="UTF-8"?>', response.body
     assert_match /<user>.*<\/user>/m, response.body
     assert_match '<email></email>', response.body
-    assert_match '<password nil="true"></password>', response.body
+    assert_match '<password nil="true"', response.body
   end
 
   test 'sign in stub in json format' do
@@ -505,22 +516,53 @@ class AuthenticationOthersTest < ActionController::IntegrationTest
     assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
   end
 
-  test 'sign out with xml format returns ok response' do
+  test 'sign out with html redirects' do
+    sign_in_as_user
+    get destroy_user_session_path
+    assert_response :redirect
+    assert_current_url '/'
+
+    sign_in_as_user
+    get destroy_user_session_path(:format => 'html')
+    assert_response :redirect
+    assert_current_url '/'
+  end
+
+  test 'sign out with xml format returns no content' do
     sign_in_as_user
     get destroy_user_session_path(:format => 'xml')
     assert_response :no_content
     assert_not warden.authenticated?(:user)
   end
 
-  test 'sign out with json format returns empty json response' do
+  test 'sign out with json format returns no content' do
     sign_in_as_user
     get destroy_user_session_path(:format => 'json')
     assert_response :no_content
     assert_not warden.authenticated?(:user)
   end
+
+  test 'sign out with non-navigational format via XHR does not redirect' do
+    swap Devise, :navigational_formats => ['*/*', :html] do
+      sign_in_as_user
+      xml_http_request :get, destroy_user_session_path, {}, { "HTTP_ACCEPT" => "application/json,text/javascript,*/*" } # NOTE: Bug is triggered by combination of XHR and */*.
+      assert_response :no_content
+      assert_not warden.authenticated?(:user)
+    end
+  end
+
+  # Belt and braces ... Perhaps this test is not necessary?
+  test 'sign out with navigational format via XHR does redirect' do
+    swap Devise, :navigational_formats => ['*/*', :html] do
+      sign_in_as_user
+      xml_http_request :get, destroy_user_session_path, {}, { "HTTP_ACCEPT" => "text/html,*/*" }
+      assert_response :redirect
+      assert_not warden.authenticated?(:user)
+    end
+  end
 end
 
-class AuthenticationKeysTest < ActionController::IntegrationTest
+class AuthenticationKeysTest < ActionDispatch::IntegrationTest
   test 'missing authentication keys cause authentication to abort' do
     swap Devise, :authentication_keys => [:subdomain] do
       sign_in_as_user
@@ -537,7 +579,7 @@ class AuthenticationKeysTest < ActionController::IntegrationTest
   end
 end
 
-class AuthenticationRequestKeysTest < ActionController::IntegrationTest
+class AuthenticationRequestKeysTest < ActionDispatch::IntegrationTest
   test 'request keys are used on authentication' do
     host! 'foo.bar.baz'
 
@@ -578,7 +620,7 @@ class AuthenticationRequestKeysTest < ActionController::IntegrationTest
   end
 end
 
-class AuthenticationSignOutViaTest < ActionController::IntegrationTest
+class AuthenticationSignOutViaTest < ActionDispatch::IntegrationTest
   def sign_in!(scope)
     sign_in_as_admin(:visit => send("new_#{scope}_session_path"))
     assert warden.authenticated?(scope)
@@ -632,3 +674,26 @@ class AuthenticationSignOutViaTest < ActionController::IntegrationTest
     assert warden.authenticated?(:sign_out_via_delete_or_post)
   end
 end
+
+class DoubleAuthenticationRedirectTest < ActionDispatch::IntegrationTest
+  test 'signed in as user redirects when visiting user sign in page' do
+    sign_in_as_user
+    get new_user_session_path(:format => :html)
+    assert_redirected_to '/'
+  end
+
+  test 'signed in as admin redirects when visiting admin sign in page' do
+    sign_in_as_admin
+    get new_admin_session_path(:format => :html)
+    assert_redirected_to '/admin_area/home'
+  end
+
+  test 'signed in as both user and admin redirects when visiting admin sign in page' do
+    sign_in_as_user
+    sign_in_as_admin
+    get new_user_session_path(:format => :html)
+    assert_redirected_to '/'
+    get new_admin_session_path(:format => :html)
+    assert_redirected_to '/admin_area/home'
+  end
+end

data/test/integration/confirmable_test.rb

@@ -1,7 +1,6 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 
-class ConfirmationTest < ActionController::IntegrationTest
+class ConfirmationTest < ActionDispatch::IntegrationTest
 
   def visit_user_confirmation_with_token(confirmation_token)
     visit user_confirmation_path(:confirmation_token => confirmation_token)
@@ -168,7 +167,7 @@ class ConfirmationTest < ActionController::IntegrationTest
   end
 
   test 'resent confirmation token with invalid E-Mail in XML format should return invalid response' do
-    user = create_user(:confirm => false)
+    create_user(:confirm => false)
     post user_confirmation_path(:format => 'xml'), :user => { :email => 'invalid.test@test.com' }
     assert_response :unprocessable_entity
     assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
@@ -182,7 +181,7 @@ class ConfirmationTest < ActionController::IntegrationTest
   end
 
   test 'confirm account with invalid confirmation token in XML format should return invalid response' do
-    user = create_user(:confirm => false)
+    create_user(:confirm => false)
     get user_confirmation_path(:confirmation_token => 'invalid_confirmation', :format => 'xml')
     assert_response :unprocessable_entity
     assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
@@ -227,7 +226,7 @@ class ConfirmationTest < ActionController::IntegrationTest
   end
 end
 
-class ConfirmationOnChangeTest < ActionController::IntegrationTest
+class ConfirmationOnChangeTest < ActionDispatch::IntegrationTest
   def create_second_admin(options={})
     @admin = nil
     create_admin(options)
@@ -269,13 +268,14 @@ class ConfirmationOnChangeTest < ActionController::IntegrationTest
     admin = create_admin
     admin.update_attributes(:email => 'first_test@example.com')
     assert_equal 'first_test@example.com', admin.unconfirmed_email
+
     confirmation_token = admin.confirmation_token
     admin.update_attributes(:email => 'second_test@example.com')
     assert_equal 'second_test@example.com', admin.unconfirmed_email
 
     visit_admin_confirmation_with_token(confirmation_token)
     assert_have_selector '#error_explanation'
-    assert_contain /Confirmation token(.*)invalid/
+    assert_contain(/Confirmation token(.*)invalid/)
 
     visit_admin_confirmation_with_token(admin.confirmation_token)
     assert_contain 'Your account was successfully confirmed.'
@@ -293,7 +293,7 @@ class ConfirmationOnChangeTest < ActionController::IntegrationTest
 
     visit_admin_confirmation_with_token(admin.confirmation_token)
     assert_have_selector '#error_explanation'
-    assert_contain /Email.*already.*taken/
+    assert_contain(/Email.*already.*taken/)
     assert admin.reload.pending_reconfirmation?
   end
 end

data/test/integration/database_authenticatable_test.rb

@@ -1,7 +1,6 @@
-# -*- encoding : utf-8 -*-
 require 'test_helper'
 
-class DatabaseAuthenticationTest < ActionController::IntegrationTest
+class DatabaseAuthenticationTest < ActionDispatch::IntegrationTest
   test 'sign in with email of different case should succeed when email is in the list of case insensitive keys' do
     create_user(:email => 'Foo@Bar.com')
 
@@ -54,12 +53,14 @@ class DatabaseAuthenticationTest < ActionController::IntegrationTest
   end
 
   test 'sign in with invalid email should return to sign in form with error message' do
-    sign_in_as_admin do
-      fill_in 'email', :with => 'wrongemail@test.com'
-    end
+    store_translations :en, :devise => { :failure => { :admin => { :not_found_in_database => 'Invalid email address' } } } do
+      sign_in_as_admin do
+        fill_in 'email', :with => 'wrongemail@test.com'
+      end
 
-    assert_contain 'Invalid email or password'
-    assert_not warden.authenticated?(:admin)
+      assert_contain 'Invalid email address'
+      assert_not warden.authenticated?(:admin)
+    end
   end
 
   test 'sign in with invalid pasword should return to sign in form with error message' do