github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,518 Commits 33 Branches 149 Tags
v3.2
Commit Graph

932 Commits

Author SHA1 Message Date
Carlos Antonio da Silva
f75352a373 Merge branch 'master' into rails4 2013-04-13 11:37:48 -03:00
Carlos Antonio da Silva
ac2ebdfb11 Fix session store changed in Rails master 
There's no encrypted cookie store anymore, by default the cookie store
will be encrypted.
 2013-04-13 11:16:11 -03:00
Carlos Antonio da Silva
d89dad5728 Bundle update for both Rails 3.1 and 3.2, update mocha, fix failing tests 2013-04-13 11:08:27 -03:00
Carlos Antonio da Silva
32a141d2a9 Fix typo in test descriptions 2013-04-13 10:54:52 -03:00
Tomas Varneckas
1acd3d1790 Fix devise sender bug with custom devise mailers. 
The devise sender detection must take into account that the default
sender set in the custom devise mailer can be a proc.
 2013-04-12 16:48:48 +03:00
Drew Ulmer
d20fdf87b6 Introduce BaseSanitizer null sanitizer and controller-specific callbacks 
This updates Devise's StrongParameter support to feature:

- A Null base sanitizer to support existing Rails 3.x installations that
  don't want to use StrongParameters yet
- A new, simpler API for ParameterSanitizer: #permit, #permit!, and #forbid
- Overrideable callbacks on a controller-basis, e.g. #create_sessions_params
  for passing the current scope's parameters through StrongParameters and
  a helper method, whitelisted_params, for rolling your own implementations
  of #create_x_params in your own controllers.
- Lots of tests!
 2013-04-10 10:33:50 -05:00
Drew Ulmer
b151d2cfe2 Remove MassAssignment security from Mongoid test shim 2013-04-01 09:00:36 -05:00
Drew Ulmer
e0ffe8f85f Fix internal helper test referencing resource_params 2013-03-31 21:31:54 -05:00
Drew Ulmer
78f137368c Add support for Rails 4 strong_parameters 
This brings support for Rails 4 StrongParameters changes.

- Parameter sanitizing is setup for Devise controllers via
  resource_params except Omniauth Callbacks which doesn't use
  resource_params.

- Change #build_resource to not call resource_params for get requests.
  Parameter sanitizing is only needed when params are posted to the
  server so there's no need to try to construct resource params on get
  requests (new, edit).
 2013-03-31 21:31:48 -05:00
Drew Ulmer
af4a582300 Remove mass-assignment role-based tests, no longer supported in Rails 4 
Mass-assignment security roles are removed in Rails 4 so there's no need
to test :as => :role behavior.
 2013-03-31 15:21:49 -05:00
Drew Ulmer
2f88f7c0ed Remove protected_attributes gem and all whitelisting 2013-03-31 15:21:49 -05:00
Lucas Mazza
bd14589fe4 Ensure that include_root_in_json is true since our test suite depends on that. 2013-03-31 17:18:41 -03:00
Rafael Mendonça França
335a6af861 Merge branch 'master' into rails4 2013-03-28 13:51:12 -03:00
Matt Jones + Tony Schneider
f4ceecece4 Allow explicit configuration of http auth key 
- Fix basic auth case in which authorized_keys is configured as hash
- Duplicate existing functionality when http_auth_key is not explicitly
  set
 2013-03-04 12:23:05 -05:00
Carlos Antonio da Silva
e79ebe8aec Fix last mongoid tests since it does not have the order method 2013-02-25 22:13:36 -03:00
Santiago Pastorino
10f93129c3 Rails 4 now raises ActionController::UrlGenerationError 
This is the commit in Rails
https://github.com/rails/rails/commit/db06d128
 2013-02-25 22:12:21 -03:00
Santiago Pastorino
135c8da390 To be able to post to root via is now needed 2013-02-25 22:12:20 -03:00
Carlos Antonio da Silva
aca7e5d162 Run tests with mongoid 2013-02-25 22:12:20 -03:00
Carlos Antonio da Silva
02298117a0 Do not remove app/mailers from autoloaded paths 2013-02-25 22:12:06 -03:00
Carlos Antonio da Silva
7998d6f878 Match full template name 2013-02-25 22:12:06 -03:00
Vasiliy Ermolovich
ed6e232756 assert_recognizes rises Assertion instead of RoutingError 2013-02-25 22:12:06 -03:00
Carlos Antonio da Silva
567fabbbc6 Disable forcing whitelist attributes from protected attributes 
This was the previous functionality since we didn't set anything in the
application configuration. Now when using protected attributes gem, it
sets whitelist to true, forcing us to always declare the accessible
attributes, and this is not the case for the Admin model.
 2013-02-25 22:12:06 -03:00
Carlos Antonio da Silva
d77a956276 Remove AR deprecated finder warnings 2013-02-25 22:12:06 -03:00
Carlos Antonio da Silva
3c885e043d Fix changed error messages from confirmation validation 2013-02-25 22:12:06 -03:00
Carlos Antonio da Silva
9ae013ae3c Updating test app running rake rails:update, tests running with failures 2013-02-25 22:12:06 -03:00
Carlos Antonio da Silva
f8792c8cf0 Update to Rails 3-2-stable and fix failing tests 2013-02-25 22:06:10 -03:00
Lucas Mazza
198bfff2de Merge pull request #2300 from fphilipe/scoped-serialization 
Make use of warden's scoped serialization
 2013-02-25 15:32:43 -08:00
Philipe Fatio
c22d755cf4 Make use of warden's scoped serialization 2013-02-25 07:38:42 +01:00
Greg Gates
72cfaad618 Add #skip_confirmation_notification to Confirmable 2013-02-22 12:43:01 -05:00
Vasiliy Ermolovich
395a69b4ef allow_unconfirmed_access_for set to nil means unconfirmed access for unlimited time 
closes #2275
 2013-02-13 21:17:38 +03:00
Rob
547439d94c renaming devise option "allow_authorization_to_set_auth_token" to "allow_token_authenticatable_via_headers" 2013-02-10 12:50:52 -05:00
Rob
84f743c4ef adding http token auth options to env[devise.token_options] 2013-02-10 12:48:02 -05:00
Rob
3025b7e2f7 Allow http token authorization to set token_authentication_key in place of passing it in via params 
It will not override existing token_authentication_key params if they are present.
 2013-02-09 15:12:36 -05:00
Vasiliy Ermolovich
f822f92321 use scoped path to shared views if scope is present 
closes #2253
 2013-02-09 02:35:06 +03:00
Drew Ulmer
c9c1e13743 Add test for Issue #2190 
Seems to be passing for me.
 2013-01-31 10:05:53 -06:00
José Valim
25296d8c6f Add tests for sign out with redirect, related to #2249 2013-01-30 08:28:51 -07:00
Carlos Antonio da Silva
83ad67bd51 Fix inheriting mailer templates from Devise::Mailer 
Previously inheriting from Devise::Mailer would not render default views
from devise when the inheriting mailer didn't have the view. Now it'll
correctly pick the default one from Devise::Mailer.
 2013-01-29 00:08:26 -02:00
Carlos Antonio da Silva
72be1f1289 Match against string value, no need to create regexps 2013-01-28 23:59:15 -02:00
Carlos Antonio da Silva
0285565322 Actually fix this test by forcing to_s on the id 2013-01-28 21:40:11 -02:00
Carlos Antonio da Silva
acc3adb2c1 Use #next instead of calculating id + 1 
The id attribute is not Integer in Mongo, so it fails with something like:

    NoMethodError: undefined method `+' for "5106fc06ee6da1ee44000002":Moped::BSON::ObjectId'`

With #next, it will work with both Integer and String ids, for both AR
and Mongo, returning a different id to test for filtered conditions.
 2013-01-28 20:46:21 -02:00
Carlos Antonio da Silva
af37800c1d Change match routes to get / post 
match without a verb is deprecated in Rails master.
 2013-01-28 20:23:13 -02:00
Carlos Antonio da Silva
86eecc6606 Change "ActionController::IntegrationTest" to "ActionDispatch::IntegrationTest" 2013-01-28 19:58:21 -02:00
Rafael Mendonça França
bfa65dde70 Use the Ruby 1.8 hash syntax. 
Yes we still support Ruby 1.8 😢
 2013-01-28 13:21:44 -02:00
José Valim
5190f52857 Require string conversion for all values 2013-01-26 11:42:42 -07:00
Carlos Antonio da Silva
0061f113db Fix indent [ci skip] 2013-01-20 21:49:45 -02:00
Vasiliy Ermolovich
d3f8bd6cae add key option to rememberable_options 
closes #2218
 2013-01-20 23:16:25 +03:00
Vasiliy Ermolovich
9913fde749 use click_button for canceling account in integration specs 2013-01-12 14:12:05 +03:00
José Valim
33fb89340a Revert "update_with_password doesn't change encrypted password when it is invalid" 
This reverts commit 10235f9d72.
 2013-01-11 19:12:53 +01:00
Drew Ulmer
c768366240 Add failing tests for Issue #2204 
For a point release upgrade, Devise should not throw an exception when trying
to downcase or strip globally configured keys. This would be a breaking
change in functionality and this test demonstrates the issue.
 2013-01-09 11:41:20 -06:00
Alan Larkin
84b8188db9 Added failing integration test for XHR invocation of SessionsController#destroy with */*' in the Accept' header. 2013-01-06 03:49:59 +00:00