ultra-max-kit 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (114) hide show
  1. checksums.yaml +7 -0
  2. data/devise-5.0.4/CHANGELOG.md +88 -0
  3. data/devise-5.0.4/MIT-LICENSE +21 -0
  4. data/devise-5.0.4/README.md +776 -0
  5. data/devise-5.0.4/app/controllers/devise/confirmations_controller.rb +54 -0
  6. data/devise-5.0.4/app/controllers/devise/omniauth_callbacks_controller.rb +36 -0
  7. data/devise-5.0.4/app/controllers/devise/passwords_controller.rb +88 -0
  8. data/devise-5.0.4/app/controllers/devise/registrations_controller.rb +169 -0
  9. data/devise-5.0.4/app/controllers/devise/sessions_controller.rb +83 -0
  10. data/devise-5.0.4/app/controllers/devise/unlocks_controller.rb +52 -0
  11. data/devise-5.0.4/app/controllers/devise_controller.rb +226 -0
  12. data/devise-5.0.4/app/helpers/devise_helper.rb +5 -0
  13. data/devise-5.0.4/app/mailers/devise/mailer.rb +30 -0
  14. data/devise-5.0.4/app/views/devise/confirmations/new.html.erb +16 -0
  15. data/devise-5.0.4/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  16. data/devise-5.0.4/app/views/devise/mailer/email_changed.html.erb +7 -0
  17. data/devise-5.0.4/app/views/devise/mailer/password_change.html.erb +3 -0
  18. data/devise-5.0.4/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  19. data/devise-5.0.4/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  20. data/devise-5.0.4/app/views/devise/passwords/edit.html.erb +25 -0
  21. data/devise-5.0.4/app/views/devise/passwords/new.html.erb +16 -0
  22. data/devise-5.0.4/app/views/devise/registrations/edit.html.erb +42 -0
  23. data/devise-5.0.4/app/views/devise/registrations/new.html.erb +29 -0
  24. data/devise-5.0.4/app/views/devise/sessions/new.html.erb +26 -0
  25. data/devise-5.0.4/app/views/devise/shared/_error_messages.html.erb +15 -0
  26. data/devise-5.0.4/app/views/devise/shared/_links.html.erb +25 -0
  27. data/devise-5.0.4/app/views/devise/unlocks/new.html.erb +16 -0
  28. data/devise-5.0.4/config/locales/en.yml +65 -0
  29. data/devise-5.0.4/lib/devise/controllers/helpers.rb +295 -0
  30. data/devise-5.0.4/lib/devise/controllers/rememberable.rb +56 -0
  31. data/devise-5.0.4/lib/devise/controllers/responder.rb +35 -0
  32. data/devise-5.0.4/lib/devise/controllers/scoped_views.rb +19 -0
  33. data/devise-5.0.4/lib/devise/controllers/sign_in_out.rb +106 -0
  34. data/devise-5.0.4/lib/devise/controllers/store_location.rb +76 -0
  35. data/devise-5.0.4/lib/devise/controllers/url_helpers.rb +69 -0
  36. data/devise-5.0.4/lib/devise/delegator.rb +18 -0
  37. data/devise-5.0.4/lib/devise/encryptor.rb +24 -0
  38. data/devise-5.0.4/lib/devise/failure_app.rb +287 -0
  39. data/devise-5.0.4/lib/devise/hooks/activatable.rb +12 -0
  40. data/devise-5.0.4/lib/devise/hooks/csrf_cleaner.rb +14 -0
  41. data/devise-5.0.4/lib/devise/hooks/forgetable.rb +11 -0
  42. data/devise-5.0.4/lib/devise/hooks/lockable.rb +9 -0
  43. data/devise-5.0.4/lib/devise/hooks/proxy.rb +23 -0
  44. data/devise-5.0.4/lib/devise/hooks/rememberable.rb +9 -0
  45. data/devise-5.0.4/lib/devise/hooks/timeoutable.rb +35 -0
  46. data/devise-5.0.4/lib/devise/hooks/trackable.rb +11 -0
  47. data/devise-5.0.4/lib/devise/mailers/helpers.rb +87 -0
  48. data/devise-5.0.4/lib/devise/mapping.rb +178 -0
  49. data/devise-5.0.4/lib/devise/models/authenticatable.rb +302 -0
  50. data/devise-5.0.4/lib/devise/models/confirmable.rb +371 -0
  51. data/devise-5.0.4/lib/devise/models/database_authenticatable.rb +204 -0
  52. data/devise-5.0.4/lib/devise/models/lockable.rb +214 -0
  53. data/devise-5.0.4/lib/devise/models/omniauthable.rb +29 -0
  54. data/devise-5.0.4/lib/devise/models/recoverable.rb +156 -0
  55. data/devise-5.0.4/lib/devise/models/registerable.rb +29 -0
  56. data/devise-5.0.4/lib/devise/models/rememberable.rb +158 -0
  57. data/devise-5.0.4/lib/devise/models/timeoutable.rb +45 -0
  58. data/devise-5.0.4/lib/devise/models/trackable.rb +51 -0
  59. data/devise-5.0.4/lib/devise/models/validatable.rb +70 -0
  60. data/devise-5.0.4/lib/devise/models.rb +122 -0
  61. data/devise-5.0.4/lib/devise/modules.rb +30 -0
  62. data/devise-5.0.4/lib/devise/omniauth/config.rb +47 -0
  63. data/devise-5.0.4/lib/devise/omniauth/url_helpers.rb +27 -0
  64. data/devise-5.0.4/lib/devise/omniauth.rb +27 -0
  65. data/devise-5.0.4/lib/devise/orm/active_record.rb +7 -0
  66. data/devise-5.0.4/lib/devise/orm/mongoid.rb +7 -0
  67. data/devise-5.0.4/lib/devise/orm.rb +80 -0
  68. data/devise-5.0.4/lib/devise/parameter_filter.rb +44 -0
  69. data/devise-5.0.4/lib/devise/parameter_sanitizer.rb +172 -0
  70. data/devise-5.0.4/lib/devise/rails/routes.rb +514 -0
  71. data/devise-5.0.4/lib/devise/rails/warden_compat.rb +15 -0
  72. data/devise-5.0.4/lib/devise/rails.rb +57 -0
  73. data/devise-5.0.4/lib/devise/strategies/authenticatable.rb +178 -0
  74. data/devise-5.0.4/lib/devise/strategies/base.rb +22 -0
  75. data/devise-5.0.4/lib/devise/strategies/database_authenticatable.rb +31 -0
  76. data/devise-5.0.4/lib/devise/strategies/rememberable.rb +67 -0
  77. data/devise-5.0.4/lib/devise/test/controller_helpers.rb +156 -0
  78. data/devise-5.0.4/lib/devise/test/integration_helpers.rb +63 -0
  79. data/devise-5.0.4/lib/devise/time_inflector.rb +16 -0
  80. data/devise-5.0.4/lib/devise/token_generator.rb +32 -0
  81. data/devise-5.0.4/lib/devise/version.rb +5 -0
  82. data/devise-5.0.4/lib/devise.rb +533 -0
  83. data/devise-5.0.4/lib/generators/active_record/devise_generator.rb +119 -0
  84. data/devise-5.0.4/lib/generators/active_record/templates/migration.rb +20 -0
  85. data/devise-5.0.4/lib/generators/active_record/templates/migration_existing.rb +27 -0
  86. data/devise-5.0.4/lib/generators/devise/controllers_generator.rb +46 -0
  87. data/devise-5.0.4/lib/generators/devise/devise_generator.rb +28 -0
  88. data/devise-5.0.4/lib/generators/devise/install_generator.rb +42 -0
  89. data/devise-5.0.4/lib/generators/devise/orm_helpers.rb +36 -0
  90. data/devise-5.0.4/lib/generators/devise/views_generator.rb +145 -0
  91. data/devise-5.0.4/lib/generators/mongoid/devise_generator.rb +57 -0
  92. data/devise-5.0.4/lib/generators/templates/README +36 -0
  93. data/devise-5.0.4/lib/generators/templates/controllers/README +14 -0
  94. data/devise-5.0.4/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
  95. data/devise-5.0.4/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
  96. data/devise-5.0.4/lib/generators/templates/controllers/passwords_controller.rb +34 -0
  97. data/devise-5.0.4/lib/generators/templates/controllers/registrations_controller.rb +62 -0
  98. data/devise-5.0.4/lib/generators/templates/controllers/sessions_controller.rb +27 -0
  99. data/devise-5.0.4/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
  100. data/devise-5.0.4/lib/generators/templates/devise.rb +316 -0
  101. data/devise-5.0.4/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
  102. data/devise-5.0.4/lib/generators/templates/markerb/email_changed.markerb +7 -0
  103. data/devise-5.0.4/lib/generators/templates/markerb/password_change.markerb +3 -0
  104. data/devise-5.0.4/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
  105. data/devise-5.0.4/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
  106. data/devise-5.0.4/lib/generators/templates/simple_form_for/confirmations/new.html.erb +20 -0
  107. data/devise-5.0.4/lib/generators/templates/simple_form_for/passwords/edit.html.erb +27 -0
  108. data/devise-5.0.4/lib/generators/templates/simple_form_for/passwords/new.html.erb +18 -0
  109. data/devise-5.0.4/lib/generators/templates/simple_form_for/registrations/edit.html.erb +35 -0
  110. data/devise-5.0.4/lib/generators/templates/simple_form_for/registrations/new.html.erb +25 -0
  111. data/devise-5.0.4/lib/generators/templates/simple_form_for/sessions/new.html.erb +20 -0
  112. data/devise-5.0.4/lib/generators/templates/simple_form_for/unlocks/new.html.erb +19 -0
  113. data/ultra-max-kit.gemspec +12 -0
  114. metadata +153 -0
@@ -0,0 +1,70 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Devise
4
+ module Models
5
+ # Validatable creates all needed validations for a user email and password.
6
+ # It's optional, given you may want to create the validations by yourself.
7
+ # Automatically validate if the email is present, unique and its format is
8
+ # valid. Also tests presence of password, confirmation and length.
9
+ #
10
+ # == Options
11
+ #
12
+ # Validatable adds the following options to +devise+:
13
+ #
14
+ # * +email_regexp+: the regular expression used to validate e-mails;
15
+ # * +password_length+: a range expressing password length. Defaults to 6..128.
16
+ #
17
+ # Since +password_length+ is applied in a proc within `validates_length_of` it can be overridden
18
+ # at runtime.
19
+ module Validatable
20
+ # All validations used by this module.
21
+ VALIDATIONS = [:validates_presence_of, :validates_uniqueness_of, :validates_format_of,
22
+ :validates_confirmation_of, :validates_length_of].freeze
23
+
24
+ def self.required_fields(klass)
25
+ []
26
+ end
27
+
28
+ def self.included(base)
29
+ base.extend ClassMethods
30
+ assert_validations_api!(base)
31
+
32
+ base.class_eval do
33
+ validates_presence_of :email, if: :email_required?
34
+ validates_uniqueness_of :email, allow_blank: true, case_sensitive: true, if: :devise_will_save_change_to_email?
35
+ validates_format_of :email, with: email_regexp, allow_blank: true, if: :devise_will_save_change_to_email?
36
+
37
+ validates_presence_of :password, if: :password_required?
38
+ validates_confirmation_of :password, if: :password_required?
39
+ validates_length_of :password, minimum: proc { password_length.min }, maximum: proc { password_length.max }, allow_blank: true
40
+ end
41
+ end
42
+
43
+ def self.assert_validations_api!(base) #:nodoc:
44
+ unavailable_validations = VALIDATIONS.select { |v| !base.respond_to?(v) }
45
+
46
+ unless unavailable_validations.empty?
47
+ raise "Could not use :validatable module since #{base} does not respond " \
48
+ "to the following methods: #{unavailable_validations.to_sentence}."
49
+ end
50
+ end
51
+
52
+ protected
53
+
54
+ # Checks whether a password is needed or not. For validations only.
55
+ # Passwords are always required if it's a new record, or if the password
56
+ # or confirmation are being set somewhere.
57
+ def password_required?
58
+ !persisted? || !password.nil? || !password_confirmation.nil?
59
+ end
60
+
61
+ def email_required?
62
+ true
63
+ end
64
+
65
+ module ClassMethods
66
+ Devise::Models.config(self, :email_regexp, :password_length)
67
+ end
68
+ end
69
+ end
70
+ end
@@ -0,0 +1,122 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Devise
4
+ module Models
5
+ class MissingAttribute < StandardError
6
+ def initialize(attributes)
7
+ @attributes = attributes
8
+ end
9
+
10
+ def message
11
+ "The following attribute(s) is (are) missing on your model: #{@attributes.join(", ")}"
12
+ end
13
+ end
14
+
15
+ # Creates configuration values for Devise and for the given module.
16
+ #
17
+ # Devise::Models.config(Devise::Models::DatabaseAuthenticatable, :stretches)
18
+ #
19
+ # The line above creates:
20
+ #
21
+ # 1) An accessor called Devise.stretches, which value is used by default;
22
+ #
23
+ # 2) Some class methods for your model Model.stretches and Model.stretches=
24
+ # which have higher priority than Devise.stretches;
25
+ #
26
+ # 3) And an instance method stretches.
27
+ #
28
+ # To add the class methods you need to have a module ClassMethods defined
29
+ # inside the given class.
30
+ #
31
+ def self.config(mod, *accessors) #:nodoc:
32
+ class << mod; attr_accessor :available_configs; end
33
+ mod.available_configs = accessors
34
+
35
+ accessors.each do |accessor|
36
+ mod.class_eval <<-METHOD, __FILE__, __LINE__ + 1
37
+ def #{accessor}
38
+ if defined?(@#{accessor})
39
+ @#{accessor}
40
+ elsif superclass.respond_to?(:#{accessor})
41
+ superclass.#{accessor}
42
+ else
43
+ Devise.#{accessor}
44
+ end
45
+ end
46
+
47
+ def #{accessor}=(value)
48
+ @#{accessor} = value
49
+ end
50
+ METHOD
51
+ end
52
+ end
53
+
54
+ def self.check_fields!(klass)
55
+ failed_attributes = []
56
+ instance = klass.new
57
+
58
+ klass.devise_modules.each do |mod|
59
+ constant = const_get(mod.to_s.classify)
60
+
61
+ constant.required_fields(klass).each do |field|
62
+ failed_attributes << field unless instance.respond_to?(field)
63
+ end
64
+ end
65
+
66
+ if failed_attributes.any?
67
+ fail Devise::Models::MissingAttribute.new(failed_attributes)
68
+ end
69
+ end
70
+
71
+ # Include the chosen devise modules in your model:
72
+ #
73
+ # devise :database_authenticatable, :confirmable, :recoverable
74
+ #
75
+ # You can also give any of the devise configuration values in form of a hash,
76
+ # with specific values for this model. Please check your Devise initializer
77
+ # for a complete description on those values.
78
+ #
79
+ def devise(*modules)
80
+ options = modules.extract_options!.dup
81
+
82
+ selected_modules = modules.map(&:to_sym).uniq.sort_by do |s|
83
+ Devise::ALL.index(s) || -1 # follow Devise::ALL order
84
+ end
85
+
86
+ devise_modules_hook! do
87
+ include Devise::Orm
88
+ include Devise::Models::Authenticatable
89
+
90
+ selected_modules.each do |m|
91
+ mod = Devise::Models.const_get(m.to_s.classify)
92
+
93
+ if mod.const_defined?("ClassMethods")
94
+ class_mod = mod.const_get("ClassMethods")
95
+ extend class_mod
96
+
97
+ if class_mod.respond_to?(:available_configs)
98
+ available_configs = class_mod.available_configs
99
+ available_configs.each do |config|
100
+ next unless options.key?(config)
101
+ send(:"#{config}=", options.delete(config))
102
+ end
103
+ end
104
+ end
105
+
106
+ include mod
107
+ end
108
+
109
+ self.devise_modules |= selected_modules
110
+ options.each { |key, value| send(:"#{key}=", value) }
111
+ end
112
+ end
113
+
114
+ # The hook which is called inside devise.
115
+ # So your ORM can include devise compatibility stuff.
116
+ def devise_modules_hook!
117
+ yield
118
+ end
119
+ end
120
+ end
121
+
122
+ require 'devise/models/authenticatable'
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'active_support/core_ext/object/with_options'
4
+
5
+ Devise.with_options model: true do |d|
6
+ # Strategies first
7
+ d.with_options strategy: true do |s|
8
+ routes = [nil, :new, :destroy]
9
+ s.add_module :database_authenticatable, controller: :sessions, route: { session: routes }
10
+ s.add_module :rememberable, no_input: true
11
+ end
12
+
13
+ # Other authentications
14
+ d.add_module :omniauthable, controller: :omniauth_callbacks, route: :omniauth_callback
15
+
16
+ # Misc after
17
+ routes = [nil, :new, :edit]
18
+ d.add_module :recoverable, controller: :passwords, route: { password: routes }
19
+ d.add_module :registerable, controller: :registrations, route: { registration: (routes << :cancel) }
20
+ d.add_module :validatable
21
+
22
+ # The ones which can sign out after
23
+ routes = [nil, :new]
24
+ d.add_module :confirmable, controller: :confirmations, route: { confirmation: routes }
25
+ d.add_module :lockable, controller: :unlocks, route: { unlock: routes }
26
+ d.add_module :timeoutable
27
+
28
+ # Stats for last, so we make sure the user is really signed in
29
+ d.add_module :trackable
30
+ end
@@ -0,0 +1,47 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Devise
4
+ module OmniAuth
5
+ class StrategyNotFound < NameError
6
+ def initialize(strategy)
7
+ @strategy = strategy
8
+ super("Could not find a strategy with name `#{strategy}'. " \
9
+ "Please ensure it is required or explicitly set it using the :strategy_class option.")
10
+ end
11
+ end
12
+
13
+ class Config
14
+ attr_accessor :strategy
15
+ attr_reader :args, :options, :provider, :strategy_name
16
+
17
+ def initialize(provider, args)
18
+ @provider = provider
19
+ @args = args
20
+ @options = @args.last.is_a?(Hash) ? @args.last : {}
21
+ @strategy = nil
22
+ @strategy_name = options[:name] || @provider
23
+ @strategy_class = options.delete(:strategy_class)
24
+ end
25
+
26
+ def strategy_class
27
+ @strategy_class ||= find_strategy || autoload_strategy
28
+ end
29
+
30
+ def find_strategy
31
+ ::OmniAuth.strategies.find do |strategy_class|
32
+ strategy_class.to_s =~ /#{::OmniAuth::Utils.camelize(strategy_name)}$/ ||
33
+ strategy_class.default_options[:name] == strategy_name
34
+ end
35
+ end
36
+
37
+ def autoload_strategy
38
+ name = ::OmniAuth::Utils.camelize(provider.to_s)
39
+ if ::OmniAuth::Strategies.const_defined?(name)
40
+ ::OmniAuth::Strategies.const_get(name)
41
+ else
42
+ raise StrategyNotFound, name
43
+ end
44
+ end
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Devise
4
+ module OmniAuth
5
+ module UrlHelpers
6
+ def omniauth_authorize_path(resource_or_scope, provider, *args)
7
+ scope = Devise::Mapping.find_scope!(resource_or_scope)
8
+ _devise_route_context.send("#{scope}_#{provider}_omniauth_authorize_path", *args)
9
+ end
10
+
11
+ def omniauth_authorize_url(resource_or_scope, provider, *args)
12
+ scope = Devise::Mapping.find_scope!(resource_or_scope)
13
+ _devise_route_context.send("#{scope}_#{provider}_omniauth_authorize_url", *args)
14
+ end
15
+
16
+ def omniauth_callback_path(resource_or_scope, provider, *args)
17
+ scope = Devise::Mapping.find_scope!(resource_or_scope)
18
+ _devise_route_context.send("#{scope}_#{provider}_omniauth_callback_path", *args)
19
+ end
20
+
21
+ def omniauth_callback_url(resource_or_scope, provider, *args)
22
+ scope = Devise::Mapping.find_scope!(resource_or_scope)
23
+ _devise_route_context.send("#{scope}_#{provider}_omniauth_callback_url", *args)
24
+ end
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ begin
4
+ gem "omniauth", ">= 1.0.0"
5
+
6
+ require "omniauth"
7
+ rescue LoadError
8
+ warn "Could not load 'omniauth'. Please ensure you have the omniauth gem >= 1.0.0 installed and listed in your Gemfile."
9
+ raise
10
+ end
11
+
12
+ # Clean up the default path_prefix. It will be automatically set by Devise.
13
+ OmniAuth.config.path_prefix = nil
14
+
15
+ OmniAuth.config.on_failure = Proc.new do |env|
16
+ env['devise.mapping'] = Devise::Mapping.find_by_path!(env['PATH_INFO'], :path)
17
+ controller_name = ActiveSupport::Inflector.camelize(env['devise.mapping'].controllers[:omniauth_callbacks])
18
+ controller_klass = ActiveSupport::Inflector.constantize("#{controller_name}Controller")
19
+ controller_klass.action(:failure).call(env)
20
+ end
21
+
22
+ module Devise
23
+ module OmniAuth
24
+ autoload :Config, "devise/omniauth/config"
25
+ autoload :UrlHelpers, "devise/omniauth/url_helpers"
26
+ end
27
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'orm_adapter/adapters/active_record'
4
+
5
+ ActiveSupport.on_load(:active_record) do
6
+ extend Devise::Models
7
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ ActiveSupport.on_load(:mongoid) do
4
+ require 'orm_adapter/adapters/mongoid'
5
+
6
+ Mongoid::Document::ClassMethods.send :include, Devise::Models
7
+ end
@@ -0,0 +1,80 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Devise
4
+ module Orm # :nodoc:
5
+ def self.active_record?(model)
6
+ defined?(ActiveRecord) && model < ActiveRecord::Base
7
+ end
8
+
9
+ def self.included(model)
10
+ if Devise::Orm.active_record?(model)
11
+ model.include DirtyTrackingActiveRecordMethods
12
+ else
13
+ model.include DirtyTrackingMongoidMethods
14
+ end
15
+ end
16
+
17
+ module DirtyTrackingActiveRecordMethods
18
+ def devise_email_before_last_save
19
+ email_before_last_save
20
+ end
21
+
22
+ def devise_email_in_database
23
+ email_in_database
24
+ end
25
+
26
+ def devise_saved_change_to_email?
27
+ saved_change_to_email?
28
+ end
29
+
30
+ def devise_saved_change_to_encrypted_password?
31
+ saved_change_to_encrypted_password?
32
+ end
33
+
34
+ def devise_will_save_change_to_email?
35
+ will_save_change_to_email?
36
+ end
37
+
38
+ def devise_unconfirmed_email_will_change!
39
+ unconfirmed_email_will_change!
40
+ end
41
+
42
+ def devise_respond_to_and_will_save_change_to_attribute?(attribute)
43
+ respond_to?("will_save_change_to_#{attribute}?") && send("will_save_change_to_#{attribute}?")
44
+ end
45
+ end
46
+
47
+ module DirtyTrackingMongoidMethods
48
+ def devise_email_before_last_save
49
+ respond_to?(:email_previously_was) ? email_previously_was : email_was
50
+ end
51
+
52
+ def devise_email_in_database
53
+ email_was
54
+ end
55
+
56
+ def devise_saved_change_to_email?
57
+ respond_to?(:email_previously_changed?) ? email_previously_changed? : email_changed?
58
+ end
59
+
60
+ def devise_saved_change_to_encrypted_password?
61
+ respond_to?(:encrypted_password_previously_changed?) ? encrypted_password_previously_changed? : encrypted_password_changed?
62
+ end
63
+
64
+ def devise_will_save_change_to_email?
65
+ email_changed?
66
+ end
67
+
68
+ def devise_unconfirmed_email_will_change!
69
+ # Mongoid's will_change! doesn't force unchanged attributes into updates,
70
+ # so we override changed_attributes to make it see a difference.
71
+ unconfirmed_email_will_change!
72
+ changed_attributes["unconfirmed_email"] = nil
73
+ end
74
+
75
+ def devise_respond_to_and_will_save_change_to_attribute?(attribute)
76
+ respond_to?("#{attribute}_changed?") && send("#{attribute}_changed?")
77
+ end
78
+ end
79
+ end
80
+ end
@@ -0,0 +1,44 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Devise
4
+ class ParameterFilter
5
+ def initialize(case_insensitive_keys, strip_whitespace_keys)
6
+ @case_insensitive_keys = case_insensitive_keys || []
7
+ @strip_whitespace_keys = strip_whitespace_keys || []
8
+ end
9
+
10
+ def filter(conditions)
11
+ conditions = stringify_params(conditions.dup)
12
+
13
+ conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :downcase, @case_insensitive_keys))
14
+ conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :strip, @strip_whitespace_keys))
15
+
16
+ conditions
17
+ end
18
+
19
+ def filtered_hash_by_method_for_given_keys(conditions, method, condition_keys)
20
+ condition_keys.each do |k|
21
+ next unless conditions.key?(k)
22
+
23
+ value = conditions[k]
24
+ conditions[k] = value.send(method) if value.respond_to?(method)
25
+ end
26
+
27
+ conditions
28
+ end
29
+
30
+ # Force keys to be string to avoid injection on mongoid related database.
31
+ def stringify_params(conditions)
32
+ return conditions unless conditions.is_a?(Hash)
33
+ conditions.each do |k, v|
34
+ conditions[k] = v.to_s if param_requires_string_conversion?(v)
35
+ end
36
+ end
37
+
38
+ private
39
+
40
+ def param_requires_string_conversion?(value)
41
+ true
42
+ end
43
+ end
44
+ end
@@ -0,0 +1,172 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Devise
4
+ # The +ParameterSanitizer+ deals with permitting specific parameters values
5
+ # for each +Devise+ scope in the application.
6
+ #
7
+ # The sanitizer knows about Devise default parameters (like +password+ and
8
+ # +password_confirmation+ for the `RegistrationsController`), and you can
9
+ # extend or change the permitted parameters list on your controllers.
10
+ #
11
+ # === Permitting new parameters
12
+ #
13
+ # You can add new parameters to the permitted list using the +permit+ method
14
+ # in a +before_action+ method, for instance.
15
+ #
16
+ # class ApplicationController < ActionController::Base
17
+ # before_action :configure_permitted_parameters, if: :devise_controller?
18
+ #
19
+ # protected
20
+ #
21
+ # def configure_permitted_parameters
22
+ # # Permit the `subscribe_newsletter` parameter along with the other
23
+ # # sign up parameters.
24
+ # devise_parameter_sanitizer.permit(:sign_up, keys: [:subscribe_newsletter])
25
+ # end
26
+ # end
27
+ #
28
+ # Using a block yields an +ActionController::Parameters+ object so you can
29
+ # permit nested parameters and have more control over how the parameters are
30
+ # permitted in your controller.
31
+ #
32
+ # def configure_permitted_parameters
33
+ # devise_parameter_sanitizer.permit(:sign_up) do |user|
34
+ # user.permit(newsletter_preferences: [])
35
+ # end
36
+ # end
37
+ class ParameterSanitizer
38
+ DEFAULT_PERMITTED_ATTRIBUTES = {
39
+ sign_in: [:password, :remember_me],
40
+ sign_up: [:password, :password_confirmation],
41
+ account_update: [:password, :password_confirmation, :current_password]
42
+ }
43
+
44
+ def initialize(resource_class, resource_name, params)
45
+ @auth_keys = extract_auth_keys(resource_class)
46
+ @params = params
47
+ @resource_name = resource_name
48
+ @permitted = {}
49
+
50
+ DEFAULT_PERMITTED_ATTRIBUTES.each_pair do |action, keys|
51
+ permit(action, keys: keys)
52
+ end
53
+ end
54
+
55
+ # Sanitize the parameters for a specific +action+.
56
+ #
57
+ # === Arguments
58
+ #
59
+ # * +action+ - A +Symbol+ with the action that the controller is
60
+ # performing, like +sign_up+, +sign_in+, etc.
61
+ #
62
+ # === Examples
63
+ #
64
+ # # Inside the `RegistrationsController#create` action.
65
+ # resource = build_resource(devise_parameter_sanitizer.sanitize(:sign_up))
66
+ # resource.save
67
+ #
68
+ # Returns an +ActiveSupport::HashWithIndifferentAccess+ with the permitted
69
+ # attributes.
70
+ def sanitize(action)
71
+ permissions = @permitted[action]
72
+
73
+ if permissions.respond_to?(:call)
74
+ cast_to_hash permissions.call(default_params)
75
+ elsif permissions.present?
76
+ cast_to_hash permit_keys(default_params, permissions)
77
+ else
78
+ unknown_action!(action)
79
+ end
80
+ end
81
+
82
+ # Add or remove new parameters to the permitted list of an +action+.
83
+ #
84
+ # === Arguments
85
+ #
86
+ # * +action+ - A +Symbol+ with the action that the controller is
87
+ # performing, like +sign_up+, +sign_in+, etc.
88
+ # * +keys:+ - An +Array+ of keys that also should be permitted.
89
+ # * +except:+ - An +Array+ of keys that shouldn't be permitted.
90
+ # * +block+ - A block that should be used to permit the action
91
+ # parameters instead of the +Array+ based approach. The block will be
92
+ # called with an +ActionController::Parameters+ instance.
93
+ #
94
+ # === Examples
95
+ #
96
+ # # Adding new parameters to be permitted in the `sign_up` action.
97
+ # devise_parameter_sanitizer.permit(:sign_up, keys: [:subscribe_newsletter])
98
+ #
99
+ # # Removing the `password` parameter from the `account_update` action.
100
+ # devise_parameter_sanitizer.permit(:account_update, except: [:password])
101
+ #
102
+ # # Using the block form to completely override how we permit the
103
+ # # parameters for the `sign_up` action.
104
+ # devise_parameter_sanitizer.permit(:sign_up) do |user|
105
+ # user.permit(:email, :password, :password_confirmation)
106
+ # end
107
+ #
108
+ #
109
+ # Returns nothing.
110
+ def permit(action, keys: nil, except: nil, &block)
111
+ if block_given?
112
+ @permitted[action] = block
113
+ end
114
+
115
+ if keys.present?
116
+ @permitted[action] ||= @auth_keys.dup
117
+ @permitted[action].concat(keys)
118
+ end
119
+
120
+ if except.present?
121
+ @permitted[action] ||= @auth_keys.dup
122
+ @permitted[action] = @permitted[action] - except
123
+ end
124
+ end
125
+
126
+ private
127
+
128
+ # Cast a sanitized +ActionController::Parameters+ to a +HashWithIndifferentAccess+
129
+ # that can be used elsewhere.
130
+ #
131
+ # Returns an +ActiveSupport::HashWithIndifferentAccess+.
132
+ def cast_to_hash(params)
133
+ params && params.to_h
134
+ end
135
+
136
+ def default_params
137
+ if hashable_resource_params?
138
+ @params.fetch(@resource_name)
139
+ else
140
+ empty_params
141
+ end
142
+ end
143
+
144
+ def hashable_resource_params?
145
+ @params[@resource_name].respond_to?(:permit)
146
+ end
147
+
148
+ def empty_params
149
+ ActionController::Parameters.new({})
150
+ end
151
+
152
+ def permit_keys(parameters, keys)
153
+ parameters.permit(*keys)
154
+ end
155
+
156
+ def extract_auth_keys(klass)
157
+ auth_keys = klass.authentication_keys
158
+
159
+ auth_keys.respond_to?(:keys) ? auth_keys.keys : auth_keys
160
+ end
161
+
162
+ def unknown_action!(action)
163
+ raise NotImplementedError, <<-MESSAGE.strip_heredoc
164
+ "Devise doesn't know how to sanitize parameters for '#{action}'".
165
+ If you want to define a new set of parameters to be sanitized use the
166
+ `permit` method first:
167
+
168
+ devise_parameter_sanitizer.permit(:#{action}, keys: [:param1, :param2, :param3])
169
+ MESSAGE
170
+ end
171
+ end
172
+ end