Merge pull request #3011 from dwhenry/make-devise-more-engine-friendly

Make devise more engine friendly

test/integration/confirmable_test.rb

@@ -47,6 +47,37 @@ class ConfirmationTest < ActionDispatch::IntegrationTest
       assert_have_selector '#error_explanation'
       assert_contain /needs to be confirmed within 3 days/
       assert_not user.reload.confirmed?
+      assert_current_url "/users/confirmation?confirmation_token=#{user.raw_confirmation_token}"
+    end
+  end
+
+  test 'user with valid confirmation token where the token has expired and with application router_name set to a different engine it should raise an error' do
+    user = create_user(confirm: false, confirmation_sent_at: 4.days.ago)
+
+    swap Devise, confirm_within: 3.days, router_name: :fake_engine do
+      assert_raise ActionView::Template::Error do
+        visit_user_confirmation_with_token(user.raw_confirmation_token)
+      end
+    end
+  end
+
+  test 'user with valid confirmation token where the token has expired and with application router_name set to a different engine and route overrides back to main it shows the path' do
+    user = create_user(confirm: false, confirmation_sent_at: 4.days.ago)
+
+    swap Devise, confirm_within: 3.days, router_name: :fake_engine do
+      visit user_on_main_app_confirmation_path(confirmation_token: user.raw_confirmation_token)
+
+      assert_current_url "/user_on_main_apps/confirmation?confirmation_token=#{user.raw_confirmation_token}"
+    end
+  end
+
+  test 'user with valid confirmation token where the token has expired with router overrides different engine it shows the path' do
+    user = create_user(confirm: false, confirmation_sent_at: 4.days.ago)
+
+    swap Devise, confirm_within: 3.days do
+      visit user_on_engine_confirmation_path(confirmation_token: user.raw_confirmation_token)
+
+      assert_current_url "/user_on_engines/confirmation?confirmation_token=#{user.raw_confirmation_token}"
     end
   end
 

test/rails_app/app/active_record/user_on_engine.rb

@@ -0,0 +1,7 @@
+require 'shared_user_without_omniauth'
+
+class UserOnEngine < ActiveRecord::Base
+  self.table_name = 'users'
+  include Shim
+  include SharedUserWithoutOmniauth
+end

test/rails_app/app/active_record/user_on_main_app.rb

@@ -0,0 +1,7 @@
+require 'shared_user_without_omniauth'
+
+class UserOnMainApp < ActiveRecord::Base
+  self.table_name = 'users'
+  include Shim
+  include SharedUserWithoutOmniauth
+end

test/rails_app/app/controllers/application_controller.rb

@@ -7,3 +7,4 @@ class ApplicationController < ActionController::Base
   before_filter :authenticate_user!, if: :devise_controller?
   respond_to *Mime::SET.map(&:to_sym)
 end
+

test/rails_app/app/controllers/application_with_fake_engine.rb

@@ -0,0 +1,30 @@
+class ApplicationWithFakeEngine < ApplicationController
+  private
+
+  helper_method :fake_engine
+  def fake_engine
+    @fake_engine ||= FakeEngine.new
+  end
+end
+
+class FakeEngine
+  def user_on_engine_confirmation_path
+    '/user_on_engine/confirmation'
+  end
+
+  def new_user_on_engine_session_path
+    '/user_on_engine/confirmation/new'
+  end
+
+  def new_user_on_engine_registration_path
+    '/user_on_engine/registration/new'
+  end
+
+  def new_user_on_engine_password_path
+    '/user_on_engine/password/new'
+  end
+
+  def new_user_on_engine_unlock_path
+    '/user_on_engine/unlock/new'
+  end
+end

test/rails_app/app/mongoid/user_on_engine.rb

@@ -0,0 +1,39 @@
+require 'shared_user_without_omniauth'
+
+class UserOnEngine
+  include Mongoid::Document
+  include Shim
+  include SharedUserWithoutOmniauth
+
+  field :username, type: String
+  field :facebook_token, type: String
+
+  ## Database authenticatable
+  field :email, type: String, default: ""
+  field :encrypted_password, type: String, default: ""
+
+  ## Recoverable
+  field :reset_password_token, type: String
+  field :reset_password_sent_at, type: Time
+
+  ## Rememberable
+  field :remember_created_at, type: Time
+
+  ## Trackable
+  field :sign_in_count, type: Integer, default: 0
+  field :current_sign_in_at, type: Time
+  field :last_sign_in_at, type: Time
+  field :current_sign_in_ip, type: String
+  field :last_sign_in_ip, type: String
+
+  ## Confirmable
+  field :confirmation_token, type: String
+  field :confirmed_at, type: Time
+  field :confirmation_sent_at, type: Time
+  # field :unconfirmed_email,    type: String # Only if using reconfirmable
+
+  ## Lockable
+  field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
+  field :unlock_token, type: String # Only if unlock strategy is :email or :both
+  field :locked_at, type: Time
+end

test/rails_app/app/mongoid/user_on_main_app.rb

@@ -0,0 +1,39 @@
+require 'shared_user_without_omniauth'
+
+class UserOnMainApp
+  include Mongoid::Document
+  include Shim
+  include SharedUserWithoutOmniauth
+
+  field :username, type: String
+  field :facebook_token, type: String
+
+  ## Database authenticatable
+  field :email, type: String, default: ""
+  field :encrypted_password, type: String, default: ""
+
+  ## Recoverable
+  field :reset_password_token, type: String
+  field :reset_password_sent_at, type: Time
+
+  ## Rememberable
+  field :remember_created_at, type: Time
+
+  ## Trackable
+  field :sign_in_count, type: Integer, default: 0
+  field :current_sign_in_at, type: Time
+  field :last_sign_in_at, type: Time
+  field :current_sign_in_ip, type: String
+  field :last_sign_in_ip, type: String
+
+  ## Confirmable
+  field :confirmation_token, type: String
+  field :confirmed_at, type: Time
+  field :confirmation_sent_at, type: Time
+  # field :unconfirmed_email,    type: String # Only if using reconfirmable
+
+  ## Lockable
+  field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
+  field :unlock_token, type: String # Only if unlock strategy is :email or :both
+  field :locked_at, type: Time
+end

test/rails_app/config/initializers/devise.rb

@@ -12,6 +12,8 @@ Devise.setup do |config|
   # note that it will be overwritten if you use your own mailer class with default "from" parameter.
   config.mailer_sender = "please-change-me@config-initializers-devise.com"
 
+
+  config.parent_controller = "ApplicationWithFakeEngine"
   # Configure the class responsible to send e-mails.
   # config.mailer = "Devise::Mailer"
 

test/rails_app/config/routes.rb

@@ -20,6 +20,16 @@ Rails.application.routes.draw do
   # Users scope
   devise_for :users, controllers: { omniauth_callbacks: "users/omniauth_callbacks" }
 
+  devise_for :user_on_main_apps,
+    class_name: 'UserOnMainApp',
+    router_name: :main_app,
+    module: :devise
+
+  devise_for :user_on_engines,
+    class_name: 'UserOnEngine',
+    router_name: :fake_engine,
+    module: :devise
+
   as :user do
     get "/as/sign_in", to: "devise/sessions#new"
   end

test/rails_app/lib/shared_user_without_omniauth.rb

@@ -0,0 +1,13 @@
+module SharedUserWithoutOmniauth
+  extend ActiveSupport::Concern
+
+  included do
+    devise :database_authenticatable, :confirmable, :lockable, :recoverable,
+      :registerable, :rememberable, :timeoutable,
+      :trackable, :validatable
+  end
+
+  def raw_confirmation_token
+    @raw_confirmation_token
+  end
+end