We have an number of conditions due to how dirty tracking changed around
Rails 5.1, that implement methods using one or another method call. I
might need more of this for mongo upgrades based on an initial
investigation, plus this makes the code really hard to reason about
sometimes with these many conditionals.
While I want to drop support for older versions of Rails soon, this
centralization of dirty methods that are used by devise conditionally
simplifies the usage considerably across the board, moves the version
condition to a single place, and will make it easier to refactor later
once we drop older Rails version by simply removing the `devise_*`
versions of the methods, alongside the prefix on the method calls for
the most part, since those methods follow the naming of the newer Rails
versions.
BCrypt has a limit of 72 characters for the password. Anything beyond 72
characters is truncated. This commit updates the validation to limit
passwords to less than 72 characters, keeping within the limitation.
- attr_accessible not set for test user model, making Serializable tests
inaccurate
- Mongoid does not `include_root_in_json` by default, so enable this for
consistency with AR tests
- Mark tests pending for Mongoid < 2.1 that fail there due to known bugs
- Add `:mongoid` key for i18n model labels
- Remove outdated shim of `update_attribute` that caused mass assignment
security to be applied (ugh, that took awhile to find)
The chance of someone to successfully guess a random token in the website is:
(number_of_users / 2388636399360109977557402041718133080829429159844757507642063199359529632522467783435119230976)
