Release 4.0.2

Extract list of both strategies into class constant
🪲 Fix strategy checking in #unlock_strategy_enabled? for :none and undefined strategies
2026-01-10 16:18:04 -05:00 · 2016-05-02 23:41:42 -03:00 · 2016-05-02 23:38:51 -03:00 · 2016-05-02 23:38:39 -03:00
5 changed files with 36 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 ### Unreleased

+### 4.0.2 - 2016-04-25
+
+* bug fixes
+  * Fix strategy checking in `Lockable#unlock_strategy_enabled?` for `:none`
+  and `:undefined` strategies. (by @f3ndot)
+
 ### 4.0.1 - 2016-04-25

 * bug fixes
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
  remote: .
  specs:
-    devise (4.0.1)
+    devise (4.0.2)
      bcrypt (~> 3.0)
      orm_adapter (~> 0.1)
      railties (>= 4.1.0, < 5.1)
@@ -134,7 +134,7 @@ GEM
    rake (11.0.1)
    rdoc (4.2.2)
      json (~> 1.4)
-    responders (2.1.2)
+    responders (2.2.0)
      railties (>= 4.2.0, < 5.1)
    ruby-openid (2.7.0)
    sprockets (3.5.2)
--- a/lib/devise/models/lockable.rb
+++ b/lib/devise/models/lockable.rb
@@ -155,6 +155,9 @@ module Devise
        end

      module ClassMethods
+        # List of strategies that are enabled/supported if :both is used.
+        BOTH_STRATEGIES = [:time, :email]
+
        # Attempt to find a user by its unlock keys. If a record is found, send new
        # unlock instructions to it. If not user is found, returns a new user
        # with an email not found error.
@@ -181,7 +184,8 @@ module Devise

        # Is the unlock enabled for the given unlock strategy?
        def unlock_strategy_enabled?(strategy)
-          [:both, strategy].include?(self.unlock_strategy)
+          self.unlock_strategy == strategy ||
+            (self.unlock_strategy == :both && BOTH_STRATEGIES.include?(strategy))
        end

        # Is the lock enabled for the given lock strategy?
--- a/lib/devise/version.rb
+++ b/lib/devise/version.rb
@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "4.0.1".freeze
+  VERSION = "4.0.2".freeze
 end
--- a/test/models/lockable_test.rb
+++ b/test/models/lockable_test.rb
@@ -325,4 +325,26 @@ class LockableTest < ActiveSupport::TestCase
    user.lock_access!
    assert_equal :locked, user.unauthenticated_message
  end
+
+  test 'unlock_strategy_enabled? should return true for both, email, and time strategies if :both is used' do
+    swap Devise, unlock_strategy: :both do
+      user = create_user
+      assert_equal true, user.unlock_strategy_enabled?(:both)
+      assert_equal true, user.unlock_strategy_enabled?(:time)
+      assert_equal true, user.unlock_strategy_enabled?(:email)
+      assert_equal false, user.unlock_strategy_enabled?(:none)
+      assert_equal false, user.unlock_strategy_enabled?(:an_undefined_strategy)
+    end
+  end
+
+  test 'unlock_strategy_enabled? should return true only for the configured strategy' do
+    swap Devise, unlock_strategy: :email do
+      user = create_user
+      assert_equal false, user.unlock_strategy_enabled?(:both)
+      assert_equal false, user.unlock_strategy_enabled?(:time)
+      assert_equal true, user.unlock_strategy_enabled?(:email)
+      assert_equal false, user.unlock_strategy_enabled?(:none)
+      assert_equal false, user.unlock_strategy_enabled?(:an_undefined_strategy)
+    end
+  end
 end
Author	SHA1	Message	Date
Ulisses Almeida	b8e496a33d	Release 4.0.2	2016-05-02 23:41:42 -03:00
Justin Bull	0813debb0b	Extract list of both strategies into class constant	2016-05-02 23:38:51 -03:00
Justin Bull	d7d9b9e258	🪲 Fix strategy checking in #unlock_strategy_enabled? for :none and undefined strategies A bug that if the unlock strategy was set to `:both`, it would return true for all & any inputs See #4072	2016-05-02 23:38:39 -03:00