From 95618806c4c27de38296dd84bfa73bfe2b27bffe Mon Sep 17 00:00:00 2001 From: Carlos Antonio da Silva Date: Fri, 14 Nov 2025 11:24:30 -0300 Subject: [PATCH] Remove no longer relevant test for mass assignment sanitization This is no longer in Rails since v5, it's been extracted to `protected_attributes`, and we're dropping support to older versions of Rails in main. https://github.com/rails/protected_attributes --- test/controllers/sessions_controller_test.rb | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/test/controllers/sessions_controller_test.rb b/test/controllers/sessions_controller_test.rb index e88cf7e9..21b3c09f 100644 --- a/test/controllers/sessions_controller_test.rb +++ b/test/controllers/sessions_controller_test.rb @@ -87,22 +87,4 @@ class SessionsControllerTest < Devise::ControllerTestCase assert flash[:notice].blank?, "flash[:notice] should be blank, not #{flash[:notice].inspect}" assert_equal 204, @response.status end - - if defined?(ActiveRecord) && ActiveRecord::Base.respond_to?(:mass_assignment_sanitizer) - test "#new doesn't raise mass-assignment exception even if sign-in key is attr_protected" do - request.env["devise.mapping"] = Devise.mappings[:user] - - ActiveRecord::Base.mass_assignment_sanitizer = :strict - User.class_eval { attr_protected :email } - - begin - assert_nothing_raised do - get :new, user: { email: "allez viens!" } - end - ensure - ActiveRecord::Base.mass_assignment_sanitizer = :logger - User.class_eval { attr_accessible :email } - end - end - end end