github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-06 03:01:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Unit test for Lockable#unauthenticated_message not leaking account existence

Browse Source 
This is another failing test for #1994, a unit test for Lockable. Lockable's
#uanauthenticated_message should not return :locked if paranoid mode is on
and instead should return the generic :invalid response.
This commit is contained in:
Drew Ulmer
2012-10-25 16:51:02 -05:00
parent f79bb31ee6
commit 00e8841e93
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
test/models/lockable_test.rb
View File

@@ -260,4 +260,14 @@ class LockableTest < ActiveSupport::TestCase
end
end
end
test 'should not return a locked unauthenticated message if in paranoid mode' do
swap Devise, :paranoid => :true do
user = create_user
user.failed_attempts = Devise.maximum_attempts + 1
user.lock_access!
assert_equal :invalid, user.unauthenticated_message
end
end
end