github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-14 09:17:55 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,518 Commits 28 Branches 145 Tags
v3.2
Commit Graph

31 Commits

Author SHA1 Message Date
Anshul Sharma
dc1b399a8b Updated ruby 1.9 hash syntax 2014-02-25 22:12:55 +05:30
Kaworu
c87809a0f5 Separate redirects and flash messages in navigational_formats and flashing_formats 2013-11-01 21:47:40 +01:00
Benoit Bénézech
04e47687b2 remove respond_to in favor of an implementation that returns options 2013-10-24 17:29:53 +02:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
José Valim
8a93c34080 Clean up Devise parameter sanitizer 2013-04-13 23:21:46 -07:00
Drew Ulmer
d20fdf87b6 Introduce BaseSanitizer null sanitizer and controller-specific callbacks 
This updates Devise's StrongParameter support to feature:

- A Null base sanitizer to support existing Rails 3.x installations that
  don't want to use StrongParameters yet
- A new, simpler API for ParameterSanitizer: #permit, #permit!, and #forbid
- Overrideable callbacks on a controller-basis, e.g. #create_sessions_params
  for passing the current scope's parameters through StrongParameters and
  a helper method, whitelisted_params, for rolling your own implementations
  of #create_x_params in your own controllers.
- Lots of tests!
 2013-04-10 10:33:50 -05:00
Łukasz Niemier
95f56258d7 Rename get_message to find_message and fix set_flash_message 2013-04-07 08:52:11 +02:00
Łukasz Niemier
8e9ad4626e Extract get_message 2013-04-06 18:46:21 +02:00
Drew Ulmer
77203e3d97 Change parameter sanitizer instance method to scope to devise 
This way it's very explicit that this method is for devise and it won't
run into any naming collisions with user code.
 2013-04-01 09:46:46 -05:00
Drew Ulmer
78f137368c Add support for Rails 4 strong_parameters 
This brings support for Rails 4 StrongParameters changes.

- Parameter sanitizing is setup for Devise controllers via
  resource_params except Omniauth Callbacks which doesn't use
  resource_params.

- Change #build_resource to not call resource_params for get requests.
  Parameter sanitizing is only needed when params are posted to the
  server so there's no need to try to construct resource params on get
  requests (new, edit).
 2013-03-31 21:31:48 -05:00
Carlos Antonio da Silva
af37800c1d Change match routes to get / post 
match without a verb is deprecated in Rails master.
 2013-01-28 20:23:13 -02:00
José Valim
30ab6f923d Release 2.2.0.rc 2012-12-13 09:20:46 +01:00
Vasiliy Ermolovich
5d86327e4d move is_navigational_format? and request_format methods to helpers 2012-11-05 09:54:22 +03:00
José Valim
18c377e0d7 Merge pull request #2112 from latortuga/patch-1 
Make #set_flash_message respect i18n-set resource_name
 2012-10-26 02:05:42 -07:00
Drew Ulmer
b853871667 Make #set_flash_message respect i18n-set resource_name 
Using #devise_i18n_options allows overriding any i18n keys but the
resulting call to I18n.t does not respect an override of resource_name.
 2012-10-24 11:50:26 -05:00
Andrey Koleshko
972ac3b5f0 refactor is_navigational_format? method 2012-06-26 17:58:50 +03:00
José Valim
215fdf119e Better error message when mapping can't be found 2012-06-07 14:34:13 +03:00
José Valim
2b7328535d Check for the request before checking for the mapping, closes #1859 2012-05-25 09:39:50 +02:00
Adam Meehan
7ec4c1424d Add resource_params internal helper to param filtering 
In light of recent discussions around mass assignment security and
the alternate solution of using the controller to filter params, not the model,
a hook/helper is needed to be able to override how the params are filtered
before they are used to build the resource.
 2012-05-15 18:07:02 +10:00
José Valim
6846014def Do not make _prefixes private. 2012-04-05 09:15:48 -03:00
David FRANCOIS
885d8836d1 Ability to use attr_protected attributes as sign-in keys without triggering ActiveModel::MassAssignmentSecurity::Error when ActiveRecord::Base.mass_assignment_sanitizer is set to :strict. Fixes #1729. 2012-03-21 11:48:00 +01:00
Rodrigo Flores
ecfc7d752a Deprecation warning on module doesn't have a required_fields method 2012-03-03 14:30:59 -03:00
José Valim
2f6ecc1328 Do not call after sign in hook without resource, closes #1666. 2012-03-03 12:09:26 +01:00
José Valim
fb8e093389 Accept devise_i18n_options to handle custom i18n values, closes #1633 2012-02-15 16:58:23 +01:00
José Valim
4b47c3ab73 Clean up devise_controller? related code. 2012-02-15 16:58:23 +01:00
José Valim
b88524027c Get rid of deprecation warning. 2012-01-24 13:41:19 +01:00
José Valim
dada404a6b Support 3.2 as well. 2012-01-02 22:19:05 +01:00
José Valim
d9df632671 Get rid of InternalHelpers, refactor scoped views for more performant behavior. 2012-01-02 22:01:28 +01:00
José Valim
c3f864f2b6 Allow parent controller to be customizable. 2012-01-02 20:39:22 +01:00
José Valim
a29a30effc Move InternalHelpers to parent controller. 2012-01-02 20:30:56 +01:00
Samuel Cochran
2b64c6d951 Make all controllers inherit from a single DeviseController 2011-06-25 03:34:13 +08:00