Remove deprecated ParameterSanitizer API.

2026-01-09 23:08:05 -05:00 · 2016-05-03 18:18:56 -03:00
parent a2498074f1
commit e79201aef8
2 changed files with 0 additions and 111 deletions
--- a/lib/devise/parameter_sanitizer.rb
+++ b/lib/devise/parameter_sanitizer.rb
@@ -68,12 +68,6 @@ module Devise
    def sanitize(action)
      permissions = @permitted[action]

-      # DEPRECATED: Remove this branch on Devise 4.2.
-      if respond_to?(action, true)
-        deprecate_instance_method_sanitization(action)
-        return cast_to_hash send(action)
-      end
-
      if permissions.respond_to?(:call)
        cast_to_hash permissions.call(default_params)
      elsif permissions.present?
@@ -127,17 +121,6 @@ module Devise
      end
    end

-    # DEPRECATED: Remove this method on Devise 4.2.
-    def for(action, &block) # :nodoc:
-      if block_given?
-        deprecate_for_with_block(action)
-        permit(action, &block)
-      else
-        deprecate_for_without_block(action)
-        @permitted[action] or unknown_action!(action)
-      end
-    end
-
    private

    # Cast a sanitized +ActionController::Parameters+ to a +HashWithIndifferentAccess+
@@ -172,43 +155,5 @@ module Devise
          devise_parameter_sanitizer.permit(:#{action}, keys: [:param1, :param2, :param3])
      MESSAGE
    end
-
-    def deprecate_for_with_block(action)
-      ActiveSupport::Deprecation.warn(<<-MESSAGE.strip_heredoc)
-        [Devise] Changing the sanitized parameters through "#{self.class.name}#for(#{action}) is deprecated and it will be removed from Devise 4.2.
-        Please use the `permit` method:
-
-          devise_parameter_sanitizer.permit(:#{action}) do |user|
-            # Your block here.
-          end
-      MESSAGE
-    end
-
-    def deprecate_for_without_block(action)
-      ActiveSupport::Deprecation.warn(<<-MESSAGE.strip_heredoc)
-        [Devise] Changing the sanitized parameters through "#{self.class.name}#for(#{action}) is deprecated and it will be removed from Devise 4.2.
-        Please use the `permit` method to add or remove any key:
-
-          To add any new key, use the `keys` keyword argument:
-          devise_parameter_sanitizer.permit(:#{action}, keys: [:param1, :param2, :param3])
-
-          To remove any existing key, use the `except` keyword argument:
-          devise_parameter_sanitizer.permit(:#{action}, except: [:email])
-      MESSAGE
-    end
-
-    def deprecate_instance_method_sanitization(action)
-      ActiveSupport::Deprecation.warn(<<-MESSAGE.strip_heredoc)
-        [Devise] Parameter sanitization through a "#{self.class.name}##{action}" method is deprecated and it will be removed from Devise 4.2.
-        Please use the `permit` method on your sanitizer `initialize` method.
-
-          class #{self.class.name} < Devise::ParameterSanitizer
-            def initialize(*)
-              super
-              permit(:#{action}, keys: [:param1, :param2, :param3])
-            end
-          end
-      MESSAGE
-    end
  end
 end
--- a/test/parameter_sanitizer_test.rb
+++ b/test/parameter_sanitizer_test.rb
@@ -73,59 +73,3 @@ class ParameterSanitizerTest < ActiveSupport::TestCase
    assert_equal({ 'username' => 'jose' }, sanitized)
  end
 end
-
-class DeprecatedParameterSanitizerAPITest < ActiveSupport::TestCase
-  class CustomSanitizer < Devise::ParameterSanitizer
-    def sign_in
-      default_params.permit(:username)
-    end
-  end
-
-  def sanitizer(params)
-    params = ActionController::Parameters.new(params)
-    Devise::ParameterSanitizer.new(User, :user, params)
-  end
-
-  test 'overriding instance methods have precedence over the default sanitized attributes' do
-    assert_deprecated do
-      params =  ActionController::Parameters.new(user: { "username" => "jose", "name" => "Jose" })
-      sanitizer = CustomSanitizer.new(User, :user, params)
-
-      sanitized = sanitizer.sanitize(:sign_in)
-
-      assert_equal({ "username" => "jose" }, sanitized)
-    end
-  end
-
-  test 'adding new parameters by mutating the Array' do
-    assert_deprecated do
-      sanitizer = sanitizer('user' => { 'username' => 'jose' })
-      sanitizer.for(:sign_in) << :username
-      sanitized = sanitizer.sanitize(:sign_in)
-
-      assert_equal({ 'username' => 'jose' }, sanitized)
-    end
-  end
-
-   test 'adding new parameters with a block' do
-     assert_deprecated do
-       sanitizer = sanitizer('user' => { 'username' => 'jose' })
-       sanitizer.for(:sign_in) { |user| user.permit(:username) }
-
-       sanitized = sanitizer.sanitize(:sign_in)
-
-       assert_equal({ 'username' => 'jose' }, sanitized)
-     end
-   end
-
-  test 'removing multiple default parameters' do
-    assert_deprecated do
-      sanitizer = sanitizer('user' => { 'email' => 'jose', 'password' => 'invalid', 'remember_me' => '1' })
-      sanitizer.for(:sign_in).delete(:email)
-      sanitizer.for(:sign_in).delete(:password)
-      sanitized = sanitizer.sanitize(:sign_in)
-
-      assert_equal({ 'remember_me' => '1' }, sanitized)
-    end
-  end
-end