Release 2.2.2

uUe click_button for canceling account in integration specs

.travis.yml

@@ -34,8 +34,9 @@ gemfile:
 services:
   - mongodb
 notifications:
-  recipients:
-    - jose.valim@plataformatec.com.br
-    - carlos@plataformatec.com.br
-    - rodrigo.flores@plataformatec.com.br
-    - rafael.franca@plataformatec.com.br
+  email: false
+  campfire:
+    on_success: change
+    on_failure: always
+    rooms:
+      - secure: "TRiqvuM4i/QmRDWjUSNitE5/P91BOzDkNl53+bZjjtxcISCswZtmECWBR7n9\n3xwqCOU1o2lfohxZ32OHOj/Nj7o+90zWJfWxcv+if0hIXRiil62M5pg0lZUd\nyJ4M5VQ0lSWo5he1OUrXhSabPJeaK3B8yT/tdh+qO5yzR+vb/jc="

CHANGELOG.rdoc

@@ -1,13 +1,26 @@
-== 2.2.0.rc
+== 2.2.2
 
-* important changes
+* bug fix
+  * Fix bug when checking for reconfirmable in templates
+
+== 2.2.1
+
+* bug fix
+  * Fix regression with case_insensitive_keys
+  * Fix regression when password is blank when it is invalid
+
+== 2.2.0
+
+* backwards incompatible changes
+  * `headers_for` is deprecated, customize the mailer directly instead
+  * All mailer methods now expect a second argument with delivery options
   * Default minimum password length is now 8 (by @carlosgaldino)
-  * Support alternate sign in error message when email record does not exist (this adds a new I18n key to the locale file) (@gabetax)
+  * Support alternate sign in error message when email record does not exist (this adds a new I18n key to the locale file) (by @gabetax)
   * DeviseController responds only to HTML requests by default (call `DeviseController.respond_to` or `ApplicationController.respond_to` to add new formats)
   * Support Mongoid 3 onwards (by @durran)
-  * Fix unlockable which could leak account existence on paranoid mode (by @latortuga)
 
 * enhancements
+  * Fix unlockable which could leak account existence on paranoid mode (by @latortuga)
   * Confirmable now has a confirm_within option to set a period while the confirmation token is still valid (by @promisedlandt)
   * Flash messages in controller now respects `resource_name` (by @latortuga)
   * Separate `sign_in` and `sign_up` on RegistrationsController (by @rubynortheast)

Gemfile

@@ -22,8 +22,11 @@ end
 
 platforms :ruby do
   gem "sqlite3"
+end
 
+
+platforms :mri_19 do
   group :mongoid do
     gem "mongoid", "~> 3.0"
   end
-end
+end

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    devise (2.2.0.rc)
+    devise (2.2.1)
       bcrypt-ruby (~> 3.0)
       orm_adapter (~> 0.1)
       railties (~> 3.1)
@@ -10,12 +10,12 @@ PATH
 GEM
   remote: http://rubygems.org/
   specs:
-    actionmailer (3.2.9)
-      actionpack (= 3.2.9)
+    actionmailer (3.2.11)
+      actionpack (= 3.2.11)
       mail (~> 2.4.4)
-    actionpack (3.2.9)
-      activemodel (= 3.2.9)
-      activesupport (= 3.2.9)
+    actionpack (3.2.11)
+      activemodel (= 3.2.11)
+      activesupport (= 3.2.11)
       builder (~> 3.0.0)
       erubis (~> 2.7.0)
       journey (~> 1.0.4)
@@ -23,18 +23,18 @@ GEM
       rack-cache (~> 1.2)
       rack-test (~> 0.6.1)
       sprockets (~> 2.2.1)
-    activemodel (3.2.9)
-      activesupport (= 3.2.9)
+    activemodel (3.2.11)
+      activesupport (= 3.2.11)
       builder (~> 3.0.0)
-    activerecord (3.2.9)
-      activemodel (= 3.2.9)
-      activesupport (= 3.2.9)
+    activerecord (3.2.11)
+      activemodel (= 3.2.11)
+      activesupport (= 3.2.11)
       arel (~> 3.0.2)
       tzinfo (~> 0.3.29)
-    activeresource (3.2.9)
-      activemodel (= 3.2.9)
-      activesupport (= 3.2.9)
-    activesupport (3.2.9)
+    activeresource (3.2.11)
+      activemodel (= 3.2.11)
+      activesupport (= 3.2.11)
+    activesupport (3.2.11)
       i18n (~> 0.6)
       multi_json (~> 1.0)
     arel (3.0.2)
@@ -48,7 +48,7 @@ GEM
     httpauth (0.2.0)
     i18n (0.6.1)
     journey (1.0.4)
-    json (1.7.5)
+    json (1.7.6)
     jwt (0.1.5)
       multi_json (>= 1.0)
     mail (2.4.4)
@@ -59,13 +59,13 @@ GEM
     mime-types (1.19)
     mocha (0.10.0)
       metaclass (~> 0.0.1)
-    mongoid (3.0.14)
+    mongoid (3.0.16)
       activemodel (~> 3.1)
       moped (~> 1.1)
       origin (~> 1.0)
       tzinfo (~> 0.3.22)
-    moped (1.3.1)
-    multi_json (1.4.0)
+    moped (1.3.2)
+    multi_json (1.5.0)
     multipart-post (1.1.5)
     nokogiri (1.5.5)
     oauth2 (0.8.0)
@@ -88,7 +88,7 @@ GEM
     origin (1.0.11)
     orm_adapter (0.4.0)
     polyglot (0.3.3)
-    rack (1.4.1)
+    rack (1.4.3)
     rack-cache (1.2)
       rack (>= 0.4)
     rack-openid (1.3.1)
@@ -98,22 +98,22 @@ GEM
       rack
     rack-test (0.6.2)
       rack (>= 1.0)
-    rails (3.2.9)
-      actionmailer (= 3.2.9)
-      actionpack (= 3.2.9)
-      activerecord (= 3.2.9)
-      activeresource (= 3.2.9)
-      activesupport (= 3.2.9)
+    rails (3.2.11)
+      actionmailer (= 3.2.11)
+      actionpack (= 3.2.11)
+      activerecord (= 3.2.11)
+      activeresource (= 3.2.11)
+      activesupport (= 3.2.11)
       bundler (~> 1.0)
-      railties (= 3.2.9)
-    railties (3.2.9)
-      actionpack (= 3.2.9)
-      activesupport (= 3.2.9)
+      railties (= 3.2.11)
+    railties (3.2.11)
+      actionpack (= 3.2.11)
+      activesupport (= 3.2.11)
       rack-ssl (~> 1.3.2)
       rake (>= 0.8.7)
       rdoc (~> 3.4)
       thor (>= 0.14.6, < 2.0)
-    rake (10.0.2)
+    rake (10.0.3)
     rdoc (3.12)
       json (~> 1.4)
     ruby-openid (2.2.2)

MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2009-2012 Plataformatec. http://plataformatec.com.br
+Copyright 2009-2013 Plataformatec. http://plataformatec.com.br
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

README.md

@@ -393,4 +393,4 @@ https://github.com/plataformatec/devise/contributors
 
 ## License
 
-MIT License. Copyright 2012 Plataformatec. http://plataformatec.com.br
+MIT License. Copyright 2009-2013 Plataformatec. http://plataformatec.com.br

app/controllers/devise/sessions_controller.rb

@@ -27,10 +27,8 @@ class Devise::SessionsController < DeviseController
     # We actually need to hardcode this as Rails default responder doesn't
     # support returning empty response on GET request
     respond_to do |format|
+      format.all { head :no_content }
       format.any(*navigational_formats) { redirect_to redirect_path }
-      format.all do
-        head :no_content
-      end
     end
   end
 

app/mailers/devise/mailer.rb

@@ -1,15 +1,15 @@
 class Devise::Mailer < ::ActionMailer::Base
   include Devise::Mailers::Helpers
 
-  def confirmation_instructions(record)
-    devise_mail(record, :confirmation_instructions)
+  def confirmation_instructions(record, opts={})
+    devise_mail(record, :confirmation_instructions, opts)
   end
 
-  def reset_password_instructions(record)
-    devise_mail(record, :reset_password_instructions)
+  def reset_password_instructions(record, opts={})
+    devise_mail(record, :reset_password_instructions, opts)
   end
 
-  def unlock_instructions(record)
-    devise_mail(record, :unlock_instructions)
+  def unlock_instructions(record, opts={})
+    devise_mail(record, :unlock_instructions, opts)
   end
 end

app/views/devise/mailer/reset_password_instructions.html.erb

@@ -1,6 +1,6 @@
 <p>Hello <%= @resource.email %>!</p>
 
-<p>Someone has requested a link to change your password, and you can do this through the link below.</p>
+<p>Someone has requested a link to change your password. You can do this through the link below.</p>
 
 <p><%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token) %></p>
 

app/views/devise/registrations/edit.html.erb

@@ -6,7 +6,7 @@
   <div><%= f.label :email %><br />
   <%= f.email_field :email, :autofocus => true %></div>
 
-  <% if resource.class.reconfirmable && resource.unconfirmed_email.present? %>
+  <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
     <div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
   <% end %>
 
@@ -24,6 +24,6 @@
 
 <h3>Cancel my account</h3>
 
-<p>Unhappy? <%= link_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete %>.</p>
+<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete %>.</p>
 
 <%= link_to "Back", :back %>

gemfiles/Gemfile.rails-3.1.x

@@ -11,7 +11,7 @@ group :test do
   gem "omniauth-facebook"
   gem "omniauth-openid", "~> 1.0.1"
   gem "webrat", "0.7.2", :require => false
-  gem "mocha", :require => false
+  gem "mocha", "0.10.0", :require => false
 
   platforms :mri_18 do
     gem "ruby-debug", ">= 0.10.3"
@@ -26,8 +26,10 @@ end
 
 platforms :ruby do
   gem "sqlite3"
+end
 
+platforms :mri_19 do
   group :mongoid do
     gem "mongoid", "~> 3.0"
   end
-end
+end

gemfiles/Gemfile.rails-3.1.x.lock

@@ -1,7 +1,7 @@
 PATH
   remote: ..
   specs:
-    devise (2.1.2)
+    devise (2.2.0)
       bcrypt-ruby (~> 3.0)
       orm_adapter (~> 0.1)
       railties (~> 3.1)
@@ -10,48 +10,48 @@ PATH
 GEM
   remote: http://rubygems.org/
   specs:
-    actionmailer (3.1.4)
-      actionpack (= 3.1.4)
-      mail (~> 2.3.0)
-    actionpack (3.1.4)
-      activemodel (= 3.1.4)
-      activesupport (= 3.1.4)
+    actionmailer (3.1.10)
+      actionpack (= 3.1.10)
+      mail (~> 2.3.3)
+    actionpack (3.1.10)
+      activemodel (= 3.1.10)
+      activesupport (= 3.1.10)
       builder (~> 3.0.0)
       erubis (~> 2.7.0)
       i18n (~> 0.6)
       rack (~> 1.3.6)
-      rack-cache (~> 1.1)
+      rack-cache (~> 1.2)
       rack-mount (~> 0.8.2)
       rack-test (~> 0.6.1)
-      sprockets (~> 2.0.3)
-    activemodel (3.1.4)
-      activesupport (= 3.1.4)
+      sprockets (~> 2.0.4)
+    activemodel (3.1.10)
+      activesupport (= 3.1.10)
       builder (~> 3.0.0)
       i18n (~> 0.6)
-    activerecord (3.1.4)
-      activemodel (= 3.1.4)
-      activesupport (= 3.1.4)
+    activerecord (3.1.10)
+      activemodel (= 3.1.10)
+      activesupport (= 3.1.10)
       arel (~> 2.2.3)
       tzinfo (~> 0.3.29)
-    activeresource (3.1.4)
-      activemodel (= 3.1.4)
-      activesupport (= 3.1.4)
-    activesupport (3.1.4)
-      multi_json (~> 1.0)
-    addressable (2.2.7)
+    activeresource (3.1.10)
+      activemodel (= 3.1.10)
+      activesupport (= 3.1.10)
+    activesupport (3.1.10)
+      multi_json (>= 1.0, < 1.3)
     arel (2.2.3)
     bcrypt-ruby (3.0.1)
-    builder (3.0.0)
+    builder (3.0.4)
     columnize (0.3.6)
     erubis (2.7.0)
-    faraday (0.7.6)
-      addressable (~> 2.2)
+    faraday (0.8.4)
       multipart-post (~> 1.1)
-      rack (~> 1.1)
     hashie (1.2.0)
     hike (1.2.1)
-    i18n (0.6.0)
-    json (1.7.0)
+    httpauth (0.2.0)
+    i18n (0.6.1)
+    json (1.7.6)
+    jwt (0.1.5)
+      multi_json (>= 1.0)
     linecache (0.46)
       rbx-require-relative (> 0.0.4)
     mail (2.3.3)
@@ -59,36 +59,39 @@ GEM
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     metaclass (0.0.1)
-    mime-types (1.18)
-    mocha (0.10.4)
+    mime-types (1.19)
+    mocha (0.10.0)
       metaclass (~> 0.0.1)
-    mongoid (3.0.12)
+    mongoid (3.0.16)
       activemodel (~> 3.1)
       moped (~> 1.1)
       origin (~> 1.0)
       tzinfo (~> 0.3.22)
-    moped (1.2.9)
-    multi_json (1.3.4)
+    moped (1.3.2)
+    multi_json (1.2.0)
     multipart-post (1.1.5)
-    nokogiri (1.5.0)
-    oauth2 (0.5.2)
-      faraday (~> 0.7)
+    nokogiri (1.5.6)
+    oauth2 (0.8.0)
+      faraday (~> 0.8)
+      httpauth (~> 0.1)
+      jwt (~> 0.1.4)
       multi_json (~> 1.0)
-    omniauth (1.0.2)
+      rack (~> 1.2)
+    omniauth (1.0.3)
       hashie (~> 1.2)
       rack
-    omniauth-facebook (1.2.0)
-      omniauth-oauth2 (~> 1.0.0)
-    omniauth-oauth2 (1.0.0)
-      oauth2 (~> 0.5.0)
+    omniauth-facebook (1.4.0)
+      omniauth-oauth2 (~> 1.0.2)
+    omniauth-oauth2 (1.0.3)
+      oauth2 (~> 0.8.0)
       omniauth (~> 1.0)
     omniauth-openid (1.0.1)
       omniauth (~> 1.0)
       rack-openid (~> 1.3.1)
-    origin (1.0.10)
+    origin (1.0.11)
     orm_adapter (0.4.0)
     polyglot (0.3.3)
-    rack (1.3.6)
+    rack (1.3.8)
     rack-cache (1.2)
       rack (>= 0.4)
     rack-mount (0.8.3)
@@ -98,25 +101,25 @@ GEM
       ruby-openid (>= 2.1.8)
     rack-ssl (1.3.2)
       rack
-    rack-test (0.6.1)
+    rack-test (0.6.2)
       rack (>= 1.0)
-    rails (3.1.4)
-      actionmailer (= 3.1.4)
-      actionpack (= 3.1.4)
-      activerecord (= 3.1.4)
-      activeresource (= 3.1.4)
-      activesupport (= 3.1.4)
+    rails (3.1.10)
+      actionmailer (= 3.1.10)
+      actionpack (= 3.1.10)
+      activerecord (= 3.1.10)
+      activeresource (= 3.1.10)
+      activesupport (= 3.1.10)
       bundler (~> 1.0)
-      railties (= 3.1.4)
-    railties (3.1.4)
-      actionpack (= 3.1.4)
-      activesupport (= 3.1.4)
+      railties (= 3.1.10)
+    railties (3.1.10)
+      actionpack (= 3.1.10)
+      activesupport (= 3.1.10)
       rack-ssl (~> 1.3.2)
       rake (>= 0.8.7)
       rdoc (~> 3.4)
       thor (~> 0.14.6)
-    rake (0.9.2.2)
-    rbx-require-relative (0.0.5)
+    rake (10.0.3)
+    rbx-require-relative (0.0.9)
     rdoc (3.12)
       json (~> 1.4)
     ruby-debug (0.10.4)
@@ -124,18 +127,18 @@ GEM
       ruby-debug-base (~> 0.10.4.0)
     ruby-debug-base (0.10.4)
       linecache (>= 0.3)
-    ruby-openid (2.1.8)
+    ruby-openid (2.2.2)
     sprockets (2.0.4)
       hike (~> 1.2)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
-    sqlite3 (1.3.5)
+    sqlite3 (1.3.6)
     thor (0.14.6)
     tilt (1.3.3)
-    treetop (1.4.10)
+    treetop (1.4.12)
       polyglot
       polyglot (>= 0.3.1)
-    tzinfo (0.3.33)
+    tzinfo (0.3.35)
     warden (1.2.1)
       rack (>= 1.0)
     webrat (0.7.2)
@@ -151,7 +154,7 @@ DEPENDENCIES
   activerecord-jdbcsqlite3-adapter
   devise!
   jruby-openssl
-  mocha
+  mocha (= 0.10.0)
   mongoid (~> 3.0)
   omniauth (~> 1.0.0)
   omniauth-facebook

lib/devise/mailers/helpers.rb

@@ -11,9 +11,9 @@ module Devise
       protected
 
       # Configure default email options
-      def devise_mail(record, action)
+      def devise_mail(record, action, opts={})
         initialize_from_record(record)
-        mail headers_for(action)
+        mail headers_for(action, opts)
       end
 
       def initialize_from_record(record)
@@ -25,16 +25,19 @@ module Devise
         @devise_mapping ||= Devise.mappings[scope_name]
       end
 
-      def headers_for(action)
+      def headers_for(action, opts)
         headers = {
-          :subject       => translate(devise_mapping, action),
+          :subject       => subject_for(action),
           :to            => resource.email,
           :from          => mailer_sender(devise_mapping),
           :reply_to      => mailer_reply_to(devise_mapping),
-          :template_path => template_paths
-        }
+          :template_path => template_paths,
+          :template_name => action
+        }.merge(opts)
 
         if resource.respond_to?(:headers_for)
+          ActiveSupport::Deprecation.warn "Calling headers_for in the model is no longer supported. " <<
+            "Please customize your mailer instead."
           headers.merge!(resource.headers_for(action))
         end
 
@@ -83,8 +86,8 @@ module Devise
       #         confirmation_instructions:
       #           subject: '...'
       #
-      def translate(mapping, key)
-        I18n.t(:"#{mapping.name}_subject", :scope => [:devise, :mailer, key],
+      def subject_for(key)
+        I18n.t(:"#{devise_mapping.name}_subject", :scope => [:devise, :mailer, key],
           :default => [:subject, key.to_s.humanize])
       end
     end

lib/devise/models/authenticatable.rb

@@ -93,10 +93,6 @@ module Devise
       def authenticatable_salt
       end
 
-      def headers_for(name)
-        {}
-      end
-
       array = %w(serializable_hash)
       # to_xml does not call serializable_hash on 3.1
       array << "to_xml" if Rails::VERSION::STRING[0,3] == "3.1"
@@ -159,8 +155,8 @@ module Devise
       #       end
       #     end
       #
-      def send_devise_notification(notification)
-        devise_mailer.send(notification, self).deliver
+      def send_devise_notification(notification, opts={})
+        devise_mailer.send(notification, self, opts).deliver
       end
 
       def downcase_keys
@@ -172,7 +168,16 @@ module Devise
       end
 
       def apply_to_attribute_or_variable(attr, method)
-        (self[attr] || send(attr)).try(method)
+        if self[attr]
+          self[attr].try(method)
+
+        # Use respond_to? here to avoid a regression where globally
+        # configured strip_whitespace_keys or case_insensitive_keys were
+        # attempting to strip! or downcase! when a model didn't have the
+        # globally configured key.
+        elsif respond_to?(attr)
+          send(attr).try(method)
+        end
       end
 
       module ClassMethods

lib/devise/models/confirmable.rb

@@ -87,7 +87,9 @@ module Devise
         @reconfirmation_required = false
 
         generate_confirmation_token! if self.confirmation_token.blank?
-        send_devise_notification(:confirmation_instructions)
+
+        opts = pending_reconfirmation? ? { :to => unconfirmed_email } : { }
+        send_devise_notification(:confirmation_instructions, opts)
       end
 
       # Resend confirmation token. This method does not need to generate a new token.
@@ -123,14 +125,6 @@ module Devise
         @bypass_postpone = true
       end
 
-      def headers_for(action)
-        headers = super
-        if action == :confirmation_instructions && pending_reconfirmation?
-          headers[:to] = unconfirmed_email
-        end
-        headers
-      end
-
       protected
 
         # A callback method used to deliver confirmation

lib/devise/models/database_authenticatable.rb

@@ -64,7 +64,6 @@ module Devise
         result = if valid_password?(current_password)
           update_attributes(params, *options)
         else
-          params.delete(:password)
           self.assign_attributes(params, *options)
           self.valid?
           self.errors.add(:current_password, current_password.blank? ? :blank : :invalid)

lib/devise/version.rb

@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "2.2.0.rc".freeze
+  VERSION = "2.2.2".freeze
 end

lib/generators/templates/simple_form_for/registrations/edit.html.erb

@@ -6,7 +6,7 @@
   <div class="form-inputs">
     <%= f.input :email, :required => true, :autofocus => true %>
 
-    <% if resource.class.reconfirmable && resource.unconfirmed_email.present? %>
+    <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
       <p>Currently waiting confirmation for: <%= resource.unconfirmed_email %></p>
     <% end %>
 

test/integration/authenticatable_test.rb

@@ -517,6 +517,25 @@ class AuthenticationOthersTest < ActionController::IntegrationTest
     assert_response :no_content
     assert_not warden.authenticated?(:user)
   end
+
+  test 'sign out with non-navigational format via XHR does not redirect' do
+    swap Devise, :navigational_formats => ['*/*', :html] do 
+      sign_in_as_user
+      xml_http_request :get, destroy_user_session_path, {}, { "HTTP_ACCEPT" => "application/json,text/javascript,*/*" } # NOTE: Bug is triggered by combination of XHR and */*.
+      assert_response :no_content
+      assert_not warden.authenticated?(:user)
+    end
+  end
+
+  # Belt and braces ... Perhaps this test is not necessary?
+  test 'sign out with navigational format via XHR does redirect' do
+    swap Devise, :navigational_formats => ['*/*', :html] do 
+      sign_in_as_user
+      xml_http_request :get, destroy_user_session_path, {}, { "HTTP_ACCEPT" => "text/html,*/*" }
+      assert_response :redirect
+      assert_not warden.authenticated?(:user)
+    end
+  end
 end
 
 class AuthenticationKeysTest < ActionController::IntegrationTest

test/integration/registerable_test.rb

@@ -214,7 +214,7 @@ class RegistrationTest < ActionController::IntegrationTest
     sign_in_as_user
     get edit_user_registration_path
 
-    click_link "Cancel my account", :method => :delete
+    click_button "Cancel my account"
     assert_contain "Bye! Your account was successfully cancelled. We hope to see you again soon."
 
     assert User.all.empty?
@@ -344,4 +344,4 @@ class ReconfirmableRegistrationTest < ActionController::IntegrationTest
     assert_equal "admin.new@example.com", Admin.first.unconfirmed_email
     assert Admin.first.valid_password?('pas123')
   end
-end
+end

test/models/database_authenticatable_test.rb

@@ -34,6 +34,18 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
     assert_equal email.strip, user.email
   end
 
+  test "doesn't throw exception when globally configured strip_whitespace_keys are not present on a model" do
+    swap Devise, :strip_whitespace_keys => [:fake_key] do
+      assert_nothing_raised { create_user }
+    end
+  end
+
+  test "doesn't throw exception when globally configured case_insensitive_keys are not present on a model" do
+    swap Devise, :case_insensitive_keys => [:fake_key] do
+      assert_nothing_raised { create_user }
+    end
+  end
+
   test "param filter should not convert booleans and integer to strings" do
     conditions = { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }
     conditions = Devise::ParamFilter.new([], []).filter(conditions)
@@ -120,13 +132,6 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
     assert_match "is invalid", user.errors[:current_password].join
   end
 
-  test 'should not change encrypted password when it is invalid' do
-    user = create_user
-    assert_not user.update_with_password(:current_password => 'other',
-      :password => 'pass4321', :password_confirmation => 'pass4321')
-    assert_not user.encrypted_password_changed?
-  end
-
   test 'should add an error to current password when it is blank' do
     user = create_user
     assert_not user.update_with_password(:password => 'pass4321',