Create a model hook around the lockable warden hook to reset attempts

Resetting failed attempts after sign in happened inside a warden hook specific for the lockable module, but that was hidden inside the hook implementation and didn't allow any user customization. One such customization needed for example is to direct these updates to a write DB when using a multi-DB setup. With the logic hidden in the warden hook this wasn't possible, now that it's exposed in a model method much like trackable, we can override the model method to wrap it in a connection switch block for example, point to a write DB, and simply call `super`. Closes #5310 Related to #5264 and #5133
2026-01-09 14:58:05 -05:00 · 2021-03-22 18:26:17 -03:00
parent e8e0c27599
commit a3ae35e9c9
4 changed files with 39 additions and 6 deletions
--- a/test/models/lockable_test.rb
+++ b/test/models/lockable_test.rb
@@ -50,6 +50,32 @@ class LockableTest < ActiveSupport::TestCase
    assert_equal initial_failed_attempts + 2, user.reload.failed_attempts
  end

+  test "reset_failed_attempts! updates the failed attempts counter back to 0" do
+    user = create_user(failed_attempts: 3)
+    assert_equal 3, user.failed_attempts
+
+    user.reset_failed_attempts!
+    assert_equal 0, user.failed_attempts
+
+    user.reset_failed_attempts!
+    assert_equal 0, user.failed_attempts
+  end
+
+  test "reset_failed_attempts! does not run model validations" do
+    user = create_user(failed_attempts: 1)
+    user.expects(:after_validation_callback).never
+
+    assert user.reset_failed_attempts!
+    assert_equal 0, user.failed_attempts
+  end
+
+  test "reset_failed_attempts! does not try to reset if not using failed attempts strategy" do
+    admin = create_admin
+
+    refute_respond_to admin, :failed_attempts
+    refute admin.reset_failed_attempts!
+  end
+
  test 'should be valid for authentication with a unlocked user' do
    user = create_user
    user.lock_access!