github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-13 00:38:08 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: github:v4.7.3
Branches Tags
github:main github:update-rack-unprocessable_content github:ca-devise-locale-throw github:password-length-dynamic github:4-stable github:mf-issue-5140 github:mf-check-for-devise-parent-mailer github:5-rc github:3-stable github:let-unsafe-redirect github:test-mongoid github:drv-improve-reset-token github:lm-jruby github:4-0-stable github:4-1-stable github:gh-pages github:v3.2 github:v2.2 github:v3.0 github:v3.1 github:v2.0 github:v2.1 github:v1.5 github:v1.0 github:v1.4 github:v1.3 github:v1.2 github:v1.1
github:v5.0.0.rc github:v4.9.4 github:v4.9.3 github:v4.9.2 github:v4.9.1 github:v4.9.0 github:v4.8.1 github:v4.8.0 github:v4.7.3 github:v4.7.2 github:v4.7.1 github:v4.7.0 github:v4.6.2 github:v4.6.1 github:v4.6.0 github:v4.5.0 github:v4.4.3 github:v4.4.2 github:v4.4.1 github:v4.4.0 github:v4.3.0 github:v4.2.1 github:v4.2.0 github:v3.5.10 github:v4.0.3 github:v4.1.1 github:v4.1.0 github:v3.5.9 github:v4.0.2 github:v4.0.1 github:v3.5.8 github:v3.5.7 github:v4.0.0 github:v4.0.0.rc2 github:v4.0.0.rc1 github:v3.5.6 github:v3.5.5 github:v3.5.4 github:v3.5.3 github:v3.5.2 github:v3.5.1 github:v3.5.0 github:v3.4.1 github:v3.4.0 github:v3.3.0 github:v3.2.4 github:v3.2.3 github:v3.2.2 github:v3.2.1 github:v2.2.8 github:v3.0.4 github:v3.1.2 github:v3.2.0 github:v3.1.1 github:v3.1.0 github:v2.0.6 github:v2.1.4 github:v2.2.7 github:v3.0.3 github:v3.1.0.rc2 github:v3.1.0.rc github:v2.2.6 github:v3.0.2 github:v3.0.1 github:v2.2.5 github:v3.0.0 github:v3.0.0.rc github:v2.2.4 github:v2.2.3 github:v2.2.2 github:v2.2.1 github:v2.2.0 github:v2.2.0.rc github:v2.1.2 github:v2.1.1 github:v2.1.0 github:v2.1.0.rc2 github:v2.1.0.rc github:v2.0.4 github:v2.0.3 github:v2.0.2 github:v2.0.1 github:v2.0.0 github:v2.0.0.rc2 github:v2.0.0.rc github:v1.5.3 github:v1.5.2 github:v1.5.1 github:v1.5.0 github:v1.5.0.rc1 github:v1.5.0.rc github:v1.4.9 github:v1.4.8 github:v1.4.7 github:v1.4.6 github:v1.4.5 github:v1.4.4 github:v1.4.3 github:v1.4.2 github:v1.4.1 github:v1.4.0 github:v1.3.4 github:v1.3.3 github:v1.3.2 github:v1.3.1 github:v1.3.0 github:v1.2.1 github:v1.2.0 github:v1.1.9 github:v1.0.11 github:v1.1.8 github:v1.2.rc2 github:v1.1.7 github:v1.1.6 github:v1.1.5 github:v1.0.9 github:v1.1.4 github:v1.2.rc github:v1.1.3 github:v1.1.2 github:v1.1.1 github:v1.1.0 github:v1.1.rc2 github:v1.0.8 github:v1.0.7 github:v1.1.rc1 github:v1.0.6 github:v1.1.rc0 github:v1.0.5 github:v1.0.4 github:v1.1.pre4 github:v1.1.pre3 github:v1.0.3 github:v1.1.pre2 github:v1.0.2 github:v1.1.pre github:v1.0.1 github:v1.0.0 github:v0.9.2 github:v0.9.1 github:v0.9.0 github:v0.8.2 github:v0.8.1 github:v0.8.0 github:v0.7.5
..
compare: github:v4.8.0
Branches Tags
github:main github:update-rack-unprocessable_content github:ca-devise-locale-throw github:password-length-dynamic github:4-stable github:mf-issue-5140 github:mf-check-for-devise-parent-mailer github:5-rc github:3-stable github:let-unsafe-redirect github:test-mongoid github:drv-improve-reset-token github:lm-jruby github:4-0-stable github:4-1-stable github:gh-pages github:v3.2 github:v2.2 github:v3.0 github:v3.1 github:v2.0 github:v2.1 github:v1.5 github:v1.0 github:v1.4 github:v1.3 github:v1.2 github:v1.1
github:v5.0.0.rc github:v4.9.4 github:v4.9.3 github:v4.9.2 github:v4.9.1 github:v4.9.0 github:v4.8.1 github:v4.8.0 github:v4.7.3 github:v4.7.2 github:v4.7.1 github:v4.7.0 github:v4.6.2 github:v4.6.1 github:v4.6.0 github:v4.5.0 github:v4.4.3 github:v4.4.2 github:v4.4.1 github:v4.4.0 github:v4.3.0 github:v4.2.1 github:v4.2.0 github:v3.5.10 github:v4.0.3 github:v4.1.1 github:v4.1.0 github:v3.5.9 github:v4.0.2 github:v4.0.1 github:v3.5.8 github:v3.5.7 github:v4.0.0 github:v4.0.0.rc2 github:v4.0.0.rc1 github:v3.5.6 github:v3.5.5 github:v3.5.4 github:v3.5.3 github:v3.5.2 github:v3.5.1 github:v3.5.0 github:v3.4.1 github:v3.4.0 github:v3.3.0 github:v3.2.4 github:v3.2.3 github:v3.2.2 github:v3.2.1 github:v2.2.8 github:v3.0.4 github:v3.1.2 github:v3.2.0 github:v3.1.1 github:v3.1.0 github:v2.0.6 github:v2.1.4 github:v2.2.7 github:v3.0.3 github:v3.1.0.rc2 github:v3.1.0.rc github:v2.2.6 github:v3.0.2 github:v3.0.1 github:v2.2.5 github:v3.0.0 github:v3.0.0.rc github:v2.2.4 github:v2.2.3 github:v2.2.2 github:v2.2.1 github:v2.2.0 github:v2.2.0.rc github:v2.1.2 github:v2.1.1 github:v2.1.0 github:v2.1.0.rc2 github:v2.1.0.rc github:v2.0.4 github:v2.0.3 github:v2.0.2 github:v2.0.1 github:v2.0.0 github:v2.0.0.rc2 github:v2.0.0.rc github:v1.5.3 github:v1.5.2 github:v1.5.1 github:v1.5.0 github:v1.5.0.rc1 github:v1.5.0.rc github:v1.4.9 github:v1.4.8 github:v1.4.7 github:v1.4.6 github:v1.4.5 github:v1.4.4 github:v1.4.3 github:v1.4.2 github:v1.4.1 github:v1.4.0 github:v1.3.4 github:v1.3.3 github:v1.3.2 github:v1.3.1 github:v1.3.0 github:v1.2.1 github:v1.2.0 github:v1.1.9 github:v1.0.11 github:v1.1.8 github:v1.2.rc2 github:v1.1.7 github:v1.1.6 github:v1.1.5 github:v1.0.9 github:v1.1.4 github:v1.2.rc github:v1.1.3 github:v1.1.2 github:v1.1.1 github:v1.1.0 github:v1.1.rc2 github:v1.0.8 github:v1.0.7 github:v1.1.rc1 github:v1.0.6 github:v1.1.rc0 github:v1.0.5 github:v1.0.4 github:v1.1.pre4 github:v1.1.pre3 github:v1.0.3 github:v1.1.pre2 github:v1.0.2 github:v1.1.pre github:v1.0.1 github:v1.0.0 github:v0.9.2 github:v0.9.1 github:v0.9.0 github:v0.8.2 github:v0.8.1 github:v0.8.0 github:v0.7.5

43 Commits
v4.7.3 ... v4.8.0

Author SHA1 Message Date
Carlos Antonio da Silva
57d1a1d381 Release v4.8.0 2021-04-29 08:52:33 -03:00
Carlos Antonio da Silva
5d5636f03a Merge pull request #5369 from heartcombo/ca-lockable-reset-attempts 
Create a model hook around the lockable warden hook to reset attempts
 2021-04-02 15:52:43 -03:00
Carlos Antonio da Silva
a3ae35e9c9 Create a model hook around the lockable warden hook to reset attempts 
Resetting failed attempts after sign in happened inside a warden hook
specific for the lockable module, but that was hidden inside the hook
implementation and didn't allow any user customization.

One such customization needed for example is to direct these updates to
a write DB when using a multi-DB setup. With the logic hidden in the
warden hook this wasn't possible, now that it's exposed in a model
method much like trackable, we can override the model method to wrap it
in a connection switch block for example, point to a write DB, and
simply call `super`.

Closes #5310
Related to #5264 and #5133
 2021-04-02 15:45:25 -03:00
Carlos Antonio da Silva
e8e0c27599 Revert "Lock bundler to 2.2.9 instead of latest" 
This reverts commit 1ba53dc369.

Let's give the latest bundler (2.2.15 as of today) a try again.
 2021-03-30 21:53:57 -03:00
Carlos Antonio da Silva
429afcbe8a Bundle update 2021-03-30 21:53:56 -03:00
Carlos Antonio da Silva
ef9a2f4104 Use minitest helpers to check if objects respond to certain methods 2021-03-22 18:43:19 -03:00
Carlos Antonio da Silva
0cd72a56f9 Merge pull request #5347 from heartcombo/ca-build 
Support Ruby 3+ officially, remove final Rails 6.1 deprecations, drop test dependency for XML serialization
 2021-02-16 17:35:19 -03:00
Carlos Antonio da Silva
1ba53dc369 Lock bundler to 2.2.9 instead of latest 
2.2.10 is causing the dependency resolution on Rails 6-0-stable to fail:

```
  Bundler could not find compatible versions for gem "railties":
    In Gemfile-rails-6-0:
      devise was resolved to 4.7.3, which depends on
        railties (>= 4.1.0)

      rails was resolved to 6.0.3.5, which depends on
        railties (= 6.0.3.5)

      responders (~> 3.0) was resolved to 3.0.1, which depends on
        railties (>= 5.0)
  Took  27.49 seconds
```

https://github.com/heartcombo/devise/runs/1905780158?check_suite_focus=true#step:5:23

The `railties` version 6.0.3.5 should work, given the other two are
using >= declarations, but it fails in 2.2.10.

Downgrading to 2.2.9 works.
 2021-02-15 16:33:14 -03:00
Carlos Antonio da Silva
faef12cf2b Use the 6-0-stable version of Rails to fix issue with JSON responses 
The test suite was failing on Rails 6.0 + Ruby 3 with errors like:

    Expected "{\"errors\":\"#<ActiveModel::Errors:0x000055f2e6cb8188>\"}"
    to include "{\"errors\":{".

The ActiveModel::Errors object wasn't being serialized to JSON as
expected, and this only happened with that combination of Ruby/Rails.

Upon further investigation, this was caused by a change in Ruby and
fixed in Rails in this PR: https://github.com/rails/rails/pull/39697
(which describes in more details the exact same problem and links to the
Ruby bug tracker with more information).

That fix was backported to 6-0-stable in June 2020, but hasn't been
officially released in a stable version yet: (there have been only
security fixes since then for 6.0)
75f6539d0e

Since the branch contains the fix, I'm pointing directly to it to get
the tests passing. We can't tell if there'll be a new stable 6.0 release
at this point, but hopefully yes, in which case we can go back at
pointing to it.
 2021-02-15 16:33:03 -03:00
Carlos Antonio da Silva
c82a381f29 Bundle update 2021-02-15 14:45:04 -03:00
Carlos Antonio da Silva
a793472a3e Replace XML with JSON serialization across the test suite 
This allows us to remove the dependency on the XML serializer provided
by the external `activemodel-serializers-xml` gem, and eliminates the
following deprecation warning:

    DEPRECATION WARNING: ActiveModel::Errors#to_xml is deprecated and
    will be removed in Rails 6.2.

Please note: this does not mean Devise doesn't support XML, it simply
means our test suite will use JSON to test non-navigatable formats
instead of XML, for simplicity. Devise's job is not to test object
serialization, so as long as your objects properly serialize to
XML/JSON/any other format, it should work out of the box.
 2021-02-15 14:40:05 -03:00
Carlos Antonio da Silva
ad91686b62 Test on Ruby 3+ with Rails 6+ 
And remove dupe entry in the exclude matrix.

In order to get Ruby 3 working we needed to install `rexml` as part of
the test dependencies, only done on the main Gemfile (Rails 6.1) and the
6.0 versions. (which are the only ones supported by Ruby 3.)

Devise itself doesn't require `rexml` as it does nothing with it, but a
dependency we use during tests seem to require it. I was able to track
it down to omniauth-openid -> rack-openid -> ruby-openid requiring it:

    13a88ad644/lib/openid/yadis/xrds.rb (L1)

So while we have tests using omniauth-openid, we'll need this require in
place as well. Ideally that upstream version of ruby-openid should have
it, but it seems that one isn't updated in a while.
 2021-02-15 14:34:36 -03:00
Carlos Antonio da Silva
1bb5fcbbec Merge pull request #5339 from ghiculescu/rails-deprecation 
Fix deprecation warning on Rails 6.1

Related changes in Rails:
https://github.com/rails/rails/pull/38256
https://github.com/rails/rails/pull/38536
 2021-02-02 21:27:31 -03:00
Alex Ghiculescu
80423c8f01 Fix deprecation warning on Rails 6.1 2021-02-02 15:37:45 -07:00
Carlos Antonio da Silva
743b6937e2 Merge pull request #5327 from heartcombo/ca-omniauth-2 
Improve OmniAuth version check to allow anything from 1.0 forward
 2021-02-01 17:30:37 -03:00
Carlos Antonio da Silva
e16d60d0fe Expand the release notes with more info about the OmniAuth v2 upgrade 
I'm sure more people will hit issues so I'm trying to add more guidance
here about how to upgrade... maybe that should be in its own wiki but
I'll keep it all in the changelog for now.
 2021-02-01 12:01:24 -03:00
Carlos Antonio da Silva
9d16f33c7b Revert "Explicitly set OmniAuth to 1.x in the Gemfiles for now" 
This reverts commit 628f2fb2be.

We should be run green on OmniAuth 2.x now.
 2021-02-01 11:51:23 -03:00
Carlos Antonio da Silva
c9a0f896cc Merge branch 'master' into ca-omniauth-2 2021-02-01 11:50:38 -03:00
Carlos Antonio da Silva
aa8d89579a Merge pull request #5338 from heartcombo/ca-build 
Move build to GitHub Actions
 2021-02-01 11:49:36 -03:00
Carlos Antonio da Silva
210c62af38 Add changelog about moving to GitHub Actions 2021-02-01 11:44:42 -03:00
Carlos Antonio da Silva
3048fe0960 Prevent Bundler 2.x. with Rails 4.x versions 2021-02-01 10:10:26 -03:00
Carlos Antonio da Silva
628f2fb2be Explicitly set OmniAuth to 1.x in the Gemfiles for now 
The build is breaking with 2.x (which is expected), so this is a step to
get it to green on GA.
 2021-01-31 10:19:06 -03:00
Carlos Antonio da Silva
13ba27497b Use the latest 2.x patch version for each Ruby, remove ruby-head 
ruby-head was always in allowed failures with travis anyway, and we
never really paid much attention to it, so let's just remove it entirely
for now.
 2021-01-31 10:08:57 -03:00
Carlos Antonio da Silva
7386f419e3 Use latest bundler on Gemfile.lock 
Bundler 1.x uses git instead of https by default and we don't have that
github source setting in the Gemfile, but this should work.
 2021-01-31 10:05:03 -03:00
Carlos Antonio da Silva
e07932c181 Rename gemfiles to keep consistency 2021-01-31 09:54:47 -03:00
Carlos Antonio da Silva
d0eafe70dc Remove the lock gemfiles from the previous versions 
Keep only the lock for the main Gemfile to keep Devise consistent with
the other heartcombo libs.
 2021-01-31 09:51:20 -03:00
Carlos Antonio da Silva
7e6da424e2 Move from Travis to GitHub Actions 2021-01-29 16:59:14 -03:00
AsbahIshaq
81bf3ad8c1 changed support to supports (#5334) 
Co-authored-by: Asbah Ishaq <asbahishaq>
 2021-01-24 08:51:09 -03:00
Carlos Antonio da Silva
51c05a5b21 Add changelog entry for OmniAuth 2 support 
And a note/warning about how it might break apps that don't update their
integration accordingly as OmniAuth now expects.
 2021-01-22 09:28:05 -03:00
Carlos Antonio da Silva
1d138dd40c Simplify OmniAuth version check by trying to load the gem with the necessary version 2021-01-22 09:16:58 -03:00
Carlos Antonio da Silva
c43ae8cb47 Merge branch 'master' into ca-omniauth-2 2021-01-19 15:22:57 -03:00
Carlos Antonio da Silva
cd60c747cc Update to latest released omniauth* gems 
omniauth-openid v2.0.1 was just released opening support for omniauth
v2, so we can bundle update everything from the released gems now.
 2021-01-19 15:21:26 -03:00
Jordan Owens
837baaf2e1 Update omniauthable tests for OmniAuth 2.0 (#5331) 2021-01-19 15:19:55 -03:00
Carlos Antonio da Silva
e0395367e4 Merge pull request #5333 from ghiculescu/patch-1 
Fix Rails default log level in Readme
 2021-01-18 21:53:46 -03:00
Carlos Antonio da Silva
fb17e2755f Move Rails 6.1 to the main Gemfile instead of an extra one 
We have the gemfiles/* to test other versions of Rails, but keep the
most recent one in the main Gemfile.
 2021-01-18 21:52:07 -03:00
Alex Ghiculescu
f4462cd85e Fix Rails default log level 
This changed in 229fd2a02f - the advice about changing your log level still stands though.
 2021-01-18 16:51:23 -06:00
Carlos Antonio da Silva
8bb358cf80 Improve OmniAuth version check to allow anything from 1.0 forward 
This should enable people to try OmniAuth 2 currently in pre-release.
 2021-01-07 09:21:15 -03:00
Ryunosuke Sato
98fc5e8e39 Test on rails 6.1 (#5323) 
* Make test for validation to be Rails 6.1 compatible

The `ActiveModel::Errors` has been changed in Rails 6.1.
https://github.com/rails/rails/pull/32313

* Add gemfile for Rails 6.1

* Add CI matrix for Rails 6.1
 2021-01-04 20:17:58 -03:00
Carlos Antonio da Silva
dfbed22cee Merge pull request #5315 from bipashant/master 
Add missing period to devise.registrations.updated_but_not_signed_in
 2020-11-23 08:10:22 -03:00
Bibek Sharma Chapagain
fd03f9e353 Added missing full stop "." on registrations.updated_but_not_signed_in. 2020-11-23 12:21:22 +11:00
Carlos Antonio da Silva
a19e78cdb4 Merge pull request #5306 from janz93/cleanup 
Add to-do to cleanup rack/rails session bug fix when supporting Rails 5.2+ only
 2020-11-22 21:42:48 -03:00
Jan Zaydowicz
b88af5d65e chore: add expiry note for old rack/rails session bug fix 
Seven year ago rails `session.keys` could be empty if the session was
not loaded yet.

To prevent an error the removed code was introduced
https://github.com/heartcombo/devise/issues/2660

Since then rails changed the behaviour and makes sure that the session
is loaded before someone wants to access any session keys
3498aacbbe

Which means the `session.empty?` is not needed anymore once Rails 5.2+
and upwards only supported.
 2020-11-22 12:33:30 +01:00
Carlos Antonio da Silva
45b831c4ea Release 4.7.3 2020-09-20 21:24:01 -03:00
46 changed files with 485 additions and 1603 deletions
Expand all files Collapse all files

106
.github/workflows/test.yml vendored Normal file
View File

@@ -0,0 +1,106 @@
name: Test
on: [push, pull_request]
jobs:
test:
strategy:
fail-fast: false
matrix:
gemfile:
- Gemfile
- gemfiles/Gemfile-rails-6-0
- gemfiles/Gemfile-rails-5-2
- gemfiles/Gemfile-rails-5-1
- gemfiles/Gemfile-rails-5-0
- gemfiles/Gemfile-rails-4-2
- gemfiles/Gemfile-rails-4-1
ruby:
- 2.1
- 2.2
- 2.3
- 2.4
- 2.5
- 2.6
- 2.7
- 3.0
env:
- DEVISE_ORM=active_record
- DEVISE_ORM=mongoid
exclude:
- ruby: 2.1
gemfile: Gemfile
- ruby: 2.1
gemfile: gemfiles/Gemfile-rails-6-0
- ruby: 2.1
gemfile: gemfiles/Gemfile-rails-5-2
- ruby: 2.1
gemfile: gemfiles/Gemfile-rails-5-1
- ruby: 2.1
gemfile: gemfiles/Gemfile-rails-5-0
- ruby: 2.2
gemfile: Gemfile
- ruby: 2.2
gemfile: gemfiles/Gemfile-rails-6-0
- ruby: 2.2
gemfile: gemfiles/Gemfile-rails-5-2
- ruby: 2.3
gemfile: Gemfile
- ruby: 2.3
gemfile: gemfiles/Gemfile-rails-6-0
- ruby: 2.4
gemfile: Gemfile
- ruby: 2.4
gemfile: gemfiles/Gemfile-rails-6-0
- ruby: 2.4
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 2.5
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 2.6
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 2.6
gemfile: gemfiles/Gemfile-rails-4-2
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-4-2
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-5-0
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-5-1
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-5-2
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-4-2
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-5-0
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-5-1
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-5-2
- env: DEVISE_ORM=mongoid
gemfile: Gemfile
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile-rails-5-0
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile-rails-5-1
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile-rails-5-2
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile-rails-6-0
runs-on: ubuntu-latest
env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps
BUNDLE_GEMFILE: ${{ matrix.gemfile }}
steps:
- uses: actions/checkout@v2
- name: Setup Bundler 1.x for Rails 4.x
if: ${{ matrix.gemfile == 'gemfiles/Gemfile-rails-4-1' || matrix.gemfile == 'gemfiles/Gemfile-rails-4-2' }}
run: echo "BUNDLER_VERSION=1.17.3" >> $GITHUB_ENV
- uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
bundler-cache: true # runs bundle install and caches installed gems automatically
bundler: ${{ env.BUNDLER_VERSION || 'latest' }}
- uses: supercharge/mongodb-github-action@1.3.0
if: ${{ matrix.env == 'DEVISE_ORM=mongoid' }}
- run: bundle exec rake

1
.gitignore vendored
View File

@@ -8,3 +8,4 @@ rdoc/*
pkg
log
test/tmp/*
gemfiles/*.lock

110
.travis.yml
View File

@@ -1,110 +0,0 @@
language: ruby
rvm:
- 2.1.10
- 2.2.10
- 2.3.8
- 2.4.10
- 2.5.8
- 2.6.6
- 2.7.1
- ruby-head
gemfile:
- Gemfile
- gemfiles/Gemfile.rails-6.0-stable
- gemfiles/Gemfile.rails-5.2-stable
- gemfiles/Gemfile.rails-5.1-stable
- gemfiles/Gemfile.rails-5.0-stable
- gemfiles/Gemfile.rails-4.2-stable
- gemfiles/Gemfile.rails-4.1-stable
matrix:
exclude:
- rvm: 2.1.10
gemfile: Gemfile
- rvm: 2.1.10
gemfile: gemfiles/Gemfile.rails-6.0-stable
- rvm: 2.1.10
gemfile: gemfiles/Gemfile.rails-5.2-stable
- rvm: 2.1.10
gemfile: gemfiles/Gemfile.rails-5.1-stable
- rvm: 2.1.10
gemfile: gemfiles/Gemfile.rails-5.0-stable
- rvm: 2.2.10
gemfile: Gemfile
- rvm: 2.2.10
gemfile: gemfiles/Gemfile.rails-6.0-stable
- rvm: 2.2.10
gemfile: gemfiles/Gemfile.rails-5.2-stable
- rvm: 2.3.8
gemfile: Gemfile
- rvm: 2.3.8
gemfile: gemfiles/Gemfile.rails-6.0-stable
- rvm: 2.4.10
gemfile: Gemfile
- rvm: 2.4.10
gemfile: gemfiles/Gemfile.rails-6.0-stable
- rvm: 2.4.10
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: 2.5.8
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: 2.6.6
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: 2.6.6
gemfile: gemfiles/Gemfile.rails-4.2-stable
- rvm: 2.7.1
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: 2.7.1
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: 2.7.1
gemfile: gemfiles/Gemfile.rails-4.2-stable
- rvm: 2.7.1
gemfile: gemfiles/Gemfile.rails-5.0-stable
- rvm: 2.7.1
gemfile: gemfiles/Gemfile.rails-5.1-stable
- rvm: 2.7.1
gemfile: gemfiles/Gemfile.rails-5.2-stable
- rvm: ruby-head
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: ruby-head
gemfile: gemfiles/Gemfile.rails-4.2-stable
- env: DEVISE_ORM=mongoid
gemfile: Gemfile
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile.rails-5.0-stable
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile.rails-5.1-stable
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile.rails-5.2-stable
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile.rails-6.0-stable
allow_failures:
- rvm: ruby-head
services:
- mongodb
cache: bundler
env:
matrix:
- DEVISE_ORM=active_record
- DEVISE_ORM=mongoid
before_install:
- gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true
- gem install bundler -v '< 2'
- "rm ${BUNDLE_GEMFILE}.lock"
before_script: "bundle update"
script: "bin/test"
notifications:
email: false
slack:
on_pull_requests: false
on_success: change
on_failure: always
secure: Q3M+kmude3FjisibEeeGe0wSMXgvwLH+vL7Zrx9//q4QtkfnrQ/BBMvY9KXxPEsNF+eys4YopYjTkJ8uRmeboUATW/oQ4Jrv3+u3zkIHK2sFn/Q2cQWpK5w+CbgEnHPjKYnUu34b09njXTgDlr/mqtbPqrKeZ1dLlpKXCB/q4GY=

17
CHANGELOG.md
View File

@@ -1,3 +1,20 @@
### unreleased
### 4.8.0 - 2021-04-29
* enhancements
* Devise now enables the upgrade of OmniAuth 2+. Previously Devise would raise an error if you'd try to upgrade. Please note that OmniAuth 2 is considered a security upgrade and recommended to everyone. You can read more about the details (and possible necessary changes to your app as part of the upgrade) in [their release notes](https://github.com/omniauth/omniauth/releases/tag/v2.0.0). [Devise's OmniAuth Overview wiki](https://github.com/heartcombo/devise/wiki/OmniAuth:-Overview) was also updated to cover OmniAuth 2.0 requirements.
- Note that the upgrade required Devise shared links that initiate the OmniAuth flow to be changed to `method: :post`, which is now a requirement for OmniAuth, part of the security improvement. If you have copied and customized the Devise shared links partial to your app, or if you have other links in your app that initiate the OmniAuth flow, they will have to be updated to use `method: :post`, or changed to use buttons (e.g. `button_to`) to work with OmniAuth 2. (if you're using links with `method: :post`, make sure your app has `rails-ujs` or `jquery-ujs` included in order for these links to work properly.)
- As part of the OmniAuth 2.0 upgrade you might also need to add the [`omniauth-rails_csrf_protection`](https://github.com/cookpad/omniauth-rails_csrf_protection) gem to your app if you don't have it already. (and you don't want to roll your own code to verify requests.) Check the OmniAuth v2 release notes for more info.
* Introduce `Lockable#reset_failed_attempts!` model method to reset failed attempts counter to 0 after the user signs in.
- This logic existed inside the lockable warden hook and is triggered automatically after the user signs in. The new model method is an extraction to allow you to override it in the application to implement things like switching to a write database if you're using the new multi-DB infrastructure from Rails for example, similar to how it's already possible with `Trackable#update_tracked_fields!`.
* Add support for Ruby 3.
* Add support for Rails 6.1.
* Move CI to GitHub Actions.
* deprecations
* `Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION` is deprecated in favor of `Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION` (@hanachin)
### 4.7.3 - 2020-09-20
* bug fixes

5
Gemfile
View File

@@ -4,13 +4,11 @@ source "https://rubygems.org"
gemspec
gem "rails", "~> 6.0.0"
gem "rails", "~> 6.1.0"
gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing", github: "rails/rails-controller-testing"
gem "responders", "~> 3.0"
@@ -18,6 +16,7 @@ gem "responders", "~> 3.0"
group :test do
gem "omniauth-facebook"
gem "omniauth-openid"
gem "rexml"
gem "timecop"
gem "webrat", "0.7.3", require: false
gem "mocha", "~> 1.1", require: false

210
Gemfile.lock
View File

@@ -1,15 +1,6 @@
GIT
remote: https://github.com/rails/activemodel-serializers-xml.git
revision: 694f4071c6b16e4c8597cc323c241b5f787b3ea8
specs:
activemodel-serializers-xml (1.0.2)
activemodel (>= 5.0.0.a)
activesupport (>= 5.0.0.a)
builder (~> 3.1)
GIT
remote: https://github.com/rails/rails-controller-testing.git
revision: 4b15c86e82ee380f2a7cc009e470368f7520560a
revision: bc6f3356803d7c5d373f89a44625d59953dc0cef
specs:
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
@@ -19,7 +10,7 @@ GIT
PATH
remote: .
specs:
devise (4.7.3)
devise (4.8.0)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
@@ -29,149 +20,161 @@ PATH
GEM
remote: https://rubygems.org/
specs:
actioncable (6.0.3.3)
actionpack (= 6.0.3.3)
actioncable (6.1.3.1)
actionpack (= 6.1.3.1)
activesupport (= 6.1.3.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (6.0.3.3)
actionpack (= 6.0.3.3)
activejob (= 6.0.3.3)
activerecord (= 6.0.3.3)
activestorage (= 6.0.3.3)
activesupport (= 6.0.3.3)
actionmailbox (6.1.3.1)
actionpack (= 6.1.3.1)
activejob (= 6.1.3.1)
activerecord (= 6.1.3.1)
activestorage (= 6.1.3.1)
activesupport (= 6.1.3.1)
mail (>= 2.7.1)
actionmailer (6.0.3.3)
actionpack (= 6.0.3.3)
actionview (= 6.0.3.3)
activejob (= 6.0.3.3)
actionmailer (6.1.3.1)
actionpack (= 6.1.3.1)
actionview (= 6.1.3.1)
activejob (= 6.1.3.1)
activesupport (= 6.1.3.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (6.0.3.3)
actionview (= 6.0.3.3)
activesupport (= 6.0.3.3)
rack (~> 2.0, >= 2.0.8)
actionpack (6.1.3.1)
actionview (= 6.1.3.1)
activesupport (= 6.1.3.1)
rack (~> 2.0, >= 2.0.9)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.0.3.3)
actionpack (= 6.0.3.3)
activerecord (= 6.0.3.3)
activestorage (= 6.0.3.3)
activesupport (= 6.0.3.3)
actiontext (6.1.3.1)
actionpack (= 6.1.3.1)
activerecord (= 6.1.3.1)
activestorage (= 6.1.3.1)
activesupport (= 6.1.3.1)
nokogiri (>= 1.8.5)
actionview (6.0.3.3)
activesupport (= 6.0.3.3)
actionview (6.1.3.1)
activesupport (= 6.1.3.1)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.0.3.3)
activesupport (= 6.0.3.3)
activejob (6.1.3.1)
activesupport (= 6.1.3.1)
globalid (>= 0.3.6)
activemodel (6.0.3.3)
activesupport (= 6.0.3.3)
activerecord (6.0.3.3)
activemodel (= 6.0.3.3)
activesupport (= 6.0.3.3)
activestorage (6.0.3.3)
actionpack (= 6.0.3.3)
activejob (= 6.0.3.3)
activerecord (= 6.0.3.3)
marcel (~> 0.3.1)
activesupport (6.0.3.3)
activemodel (6.1.3.1)
activesupport (= 6.1.3.1)
activerecord (6.1.3.1)
activemodel (= 6.1.3.1)
activesupport (= 6.1.3.1)
activestorage (6.1.3.1)
actionpack (= 6.1.3.1)
activejob (= 6.1.3.1)
activerecord (= 6.1.3.1)
activesupport (= 6.1.3.1)
marcel (~> 1.0.0)
mini_mime (~> 1.0.2)
activesupport (6.1.3.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
zeitwerk (~> 2.2, >= 2.2.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
zeitwerk (~> 2.3)
bcrypt (3.1.16)
builder (3.2.4)
concurrent-ruby (1.1.7)
concurrent-ruby (1.1.8)
crass (1.0.6)
erubi (1.9.0)
faraday (1.0.1)
erubi (1.10.0)
faraday (1.3.0)
faraday-net_http (~> 1.0)
multipart-post (>= 1.2, < 3)
ruby2_keywords
faraday-net_http (1.0.1)
globalid (0.4.2)
activesupport (>= 4.2.0)
hashie (4.1.0)
i18n (1.8.5)
i18n (1.8.10)
concurrent-ruby (~> 1.0)
jwt (2.2.2)
loofah (2.7.0)
loofah (2.9.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
marcel (0.3.3)
mimemagic (~> 0.3.2)
marcel (1.0.0)
method_source (1.0.0)
mimemagic (0.3.5)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.14.2)
mocha (1.11.2)
mini_mime (1.0.3)
mini_portile2 (2.5.0)
minitest (5.14.4)
mocha (1.12.0)
multi_json (1.15.0)
multi_xml (0.6.0)
multipart-post (2.1.1)
nio4r (2.5.4)
nokogiri (1.10.10)
mini_portile2 (~> 2.4.0)
oauth2 (1.4.4)
nio4r (2.5.7)
nokogiri (1.11.2)
mini_portile2 (~> 2.5.0)
racc (~> 1.4)
oauth2 (1.4.7)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.9.1)
omniauth (2.0.3)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-facebook (7.0.0)
rack-protection
omniauth-facebook (8.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.7.0)
omniauth-oauth2 (1.7.1)
oauth2 (~> 1.4)
omniauth (~> 1.9)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
omniauth (>= 1.9, < 3)
omniauth-openid (2.0.1)
omniauth (>= 1.0, < 3.0)
rack-openid (~> 1.4.0)
orm_adapter (0.5.0)
racc (1.5.2)
rack (2.2.3)
rack-openid (1.3.1)
rack-openid (1.4.2)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-protection (2.1.0)
rack
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (6.0.3.3)
actioncable (= 6.0.3.3)
actionmailbox (= 6.0.3.3)
actionmailer (= 6.0.3.3)
actionpack (= 6.0.3.3)
actiontext (= 6.0.3.3)
actionview (= 6.0.3.3)
activejob (= 6.0.3.3)
activemodel (= 6.0.3.3)
activerecord (= 6.0.3.3)
activestorage (= 6.0.3.3)
activesupport (= 6.0.3.3)
bundler (>= 1.3.0)
railties (= 6.0.3.3)
rails (6.1.3.1)
actioncable (= 6.1.3.1)
actionmailbox (= 6.1.3.1)
actionmailer (= 6.1.3.1)
actionpack (= 6.1.3.1)
actiontext (= 6.1.3.1)
actionview (= 6.1.3.1)
activejob (= 6.1.3.1)
activemodel (= 6.1.3.1)
activerecord (= 6.1.3.1)
activestorage (= 6.1.3.1)
activesupport (= 6.1.3.1)
bundler (>= 1.15.0)
railties (= 6.1.3.1)
sprockets-rails (>= 2.0.0)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
railties (6.0.3.3)
actionpack (= 6.0.3.3)
activesupport (= 6.0.3.3)
railties (6.1.3.1)
actionpack (= 6.1.3.1)
activesupport (= 6.1.3.1)
method_source
rake (>= 0.8.7)
thor (>= 0.20.3, < 2.0)
rake (13.0.1)
rdoc (6.2.1)
thor (~> 1.0)
rake (13.0.3)
rdoc (6.3.0)
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
rexml (3.2.4)
ruby-openid (2.9.2)
ruby2_keywords (0.0.4)
sprockets (4.0.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
@@ -180,11 +183,10 @@ GEM
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.4.2)
thor (1.0.1)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.7)
thread_safe (~> 0.1)
thor (1.1.0)
timecop (0.9.4)
tzinfo (2.0.4)
concurrent-ruby (~> 1.0)
warden (1.2.9)
rack (>= 2.0.9)
webrat (0.7.3)
@@ -194,26 +196,26 @@ GEM
websocket-driver (0.7.3)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
zeitwerk (2.4.0)
zeitwerk (2.4.2)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
devise!
mocha (~> 1.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 6.0.0)
rails (~> 6.1.0)
rails-controller-testing!
rdoc
responders (~> 3.0)
rexml
sqlite3 (~> 1.4)
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3
2.2.7

7
README.md
View File

@@ -1,6 +1,5 @@
![Devise Logo](https://raw.github.com/heartcombo/devise/master/devise.png)
[![Build Status](https://api.travis-ci.org/heartcombo/devise.svg?branch=master)](http://travis-ci.org/heartcombo/devise)
[![Code Climate](https://codeclimate.com/github/heartcombo/devise.svg)](https://codeclimate.com/github/heartcombo/devise)
Devise is a flexible authentication solution for Rails based on Warden. It:
@@ -118,7 +117,7 @@ You will usually want to write tests for your changes. To run the test suite, g
Devise works with multiple Ruby and Rails versions, and ActiveRecord and Mongoid ORMs, which means you can run the test suite with some modifiers: `DEVISE_ORM` and `BUNDLE_GEMFILE`.
### DEVISE_ORM
Since Devise support both Mongoid and ActiveRecord, we rely on this variable to run specific code for each ORM.
Since Devise supports both Mongoid and ActiveRecord, we rely on this variable to run specific code for each ORM.
The default value of `DEVISE_ORM` is `active_record`. To run the tests for Mongoid, you can pass `mongoid`:
```
DEVISE_ORM=mongoid bin/test
@@ -131,7 +130,7 @@ Please note that the command output will show the variable value being used.
### BUNDLE_GEMFILE
We can use this variable to tell bundler what Gemfile it should use (instead of the one in the current directory).
Inside the [gemfiles](https://github.com/heartcombo/devise/tree/master/gemfiles) directory, we have one for each version of Rails we support. When you send us a pull request, it may happen that the test suite breaks on Travis using some of them. If that's the case, you can simulate the same environment using the `BUNDLE_GEMFILE` variable.
Inside the [gemfiles](https://github.com/heartcombo/devise/tree/master/gemfiles) directory, we have one for each version of Rails we support. When you send us a pull request, it may happen that the test suite breaks using some of them. If that's the case, you can simulate the same environment using the `BUNDLE_GEMFILE` variable.
For example, if the tests broke using Ruby 2.4.2 and Rails 4.1, you can do the following:
```bash
rbenv shell 2.4.2 # or rvm use 2.4.2
@@ -685,7 +684,7 @@ If you enable the [Recoverable](http://rubydoc.info/github/heartcombo/devise/mas
1. Action Mailer logs the entire contents of all outgoing emails to the DEBUG level. Password reset tokens delivered to users in email will be leaked.
2. Active Job logs all arguments to every enqueued job at the INFO level. If you configure Devise to use `deliver_later` to send password reset emails, password reset tokens will be leaked.
Rails sets the production logger level to DEBUG by default. Consider changing your production logger level to WARN if you wish to prevent tokens from being leaked into your logs. In `config/environments/production.rb`:
Rails sets the production logger level to INFO by default. Consider changing your production logger level to WARN if you wish to prevent tokens from being leaked into your logs. In `config/environments/production.rb`:
```ruby
config.log_level = :warn

2
app/views/devise/shared/_links.html.erb
View File

@@ -20,6 +20,6 @@
<%- if devise_mapping.omniauthable? %>
<%- resource_class.omniauth_providers.each do |provider| %>
<%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider) %><br />
<%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), method: :post %><br />
<% end %>
<% end %>

2
config/locales/en.yml
View File

@@ -44,7 +44,7 @@ en:
signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address."
updated: "Your account has been updated successfully."
updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again"
updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again."
sessions:
signed_in: "Signed in successfully."
signed_out: "Signed out successfully."

0
gemfiles/Gemfile.rails-4.1-stable → gemfiles/Gemfile-rails-4-1
View File

0
gemfiles/Gemfile.rails-4.2-stable → gemfiles/Gemfile-rails-4-2
View File

2
gemfiles/Gemfile.rails-5.0-stable → gemfiles/Gemfile-rails-5-0
View File

@@ -9,8 +9,6 @@ gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing"
gem "responders", "~> 2.1"

2
gemfiles/Gemfile.rails-5.1-stable → gemfiles/Gemfile-rails-5-1
View File

@@ -7,8 +7,6 @@ gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing"
gem "responders", "~> 2.1"

2
gemfiles/Gemfile.rails-5.2-stable → gemfiles/Gemfile-rails-5-2
View File

@@ -7,8 +7,6 @@ gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing"
gem "responders", "~> 2.1"

5
gemfiles/Gemfile.rails-6.0-stable → gemfiles/Gemfile-rails-6-0
View File

@@ -2,13 +2,11 @@ source "https://rubygems.org"
gemspec path: ".."
gem "rails", '~> 6.0.0'
gem "rails", '~> 6.0.0', github: 'rails/rails', branch: '6-0-stable'
gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing", github: "rails/rails-controller-testing"
gem "responders", "~> 3.0"
@@ -16,6 +14,7 @@ gem "responders", "~> 3.0"
group :test do
gem "omniauth-facebook"
gem "omniauth-openid"
gem "rexml"
gem "timecop"
gem "webrat", "0.7.3", require: false
gem "mocha", "~> 1.1", require: false

171
gemfiles/Gemfile.rails-4.1-stable.lock
View File

@@ -1,171 +0,0 @@
GIT
remote: https://github.com/rails/rails.git
revision: 0cad778c2605a5204a05a9f1dbd3344e39f248d8
branch: 4-1-stable
specs:
actionmailer (4.1.16)
actionpack (= 4.1.16)
actionview (= 4.1.16)
mail (~> 2.5, >= 2.5.4)
actionpack (4.1.16)
actionview (= 4.1.16)
activesupport (= 4.1.16)
rack (~> 1.5.2)
rack-test (~> 0.6.2)
actionview (4.1.16)
activesupport (= 4.1.16)
builder (~> 3.1)
erubis (~> 2.7.0)
activemodel (4.1.16)
activesupport (= 4.1.16)
builder (~> 3.1)
activerecord (4.1.16)
activemodel (= 4.1.16)
activesupport (= 4.1.16)
arel (~> 5.0.0)
activesupport (4.1.16)
i18n (~> 0.6, >= 0.6.9)
json (~> 1.7, >= 1.7.7)
minitest (~> 5.1)
thread_safe (~> 0.1)
tzinfo (~> 1.1)
rails (4.1.16)
actionmailer (= 4.1.16)
actionpack (= 4.1.16)
actionview (= 4.1.16)
activemodel (= 4.1.16)
activerecord (= 4.1.16)
activesupport (= 4.1.16)
bundler (>= 1.3.0, < 2.0)
railties (= 4.1.16)
sprockets-rails (~> 2.0)
railties (4.1.16)
actionpack (= 4.1.16)
activesupport (= 4.1.16)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
PATH
remote: ..
specs:
devise (4.7.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
arel (5.0.1.20140414130214)
bcrypt (3.1.13)
bson (3.2.7)
builder (3.2.4)
concurrent-ruby (1.1.6)
connection_pool (2.2.3)
erubis (2.7.0)
faraday (1.0.1)
multipart-post (>= 1.2, < 3)
hashie (3.6.0)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
json (1.8.6)
jwt (2.2.1)
mail (2.7.1)
mini_mime (>= 0.1.1)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.14.1)
mocha (1.11.2)
mongoid (4.0.2)
activemodel (~> 4.0)
moped (~> 2.0.0)
origin (~> 2.1)
tzinfo (>= 0.3.37)
moped (2.0.7)
bson (~> 3.0)
connection_pool (~> 2.0)
optionable (~> 0.2.0)
multi_json (1.14.1)
multi_xml (0.6.0)
multipart-post (2.1.1)
nokogiri (1.9.1)
mini_portile2 (~> 2.4.0)
oauth2 (1.4.4)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.4.2)
hashie (>= 1.2, < 4)
rack (>= 1.0, < 3)
omniauth-facebook (6.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.5.0)
oauth2 (~> 1.1)
omniauth (~> 1.2)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
optionable (0.2.0)
origin (2.3.1)
orm_adapter (0.5.0)
rack (1.5.5)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (0.6.3)
rack (>= 1.0)
rake (13.0.1)
rdoc (5.1.0)
responders (1.1.2)
railties (>= 3.2, < 4.2)
ruby-openid (2.9.2)
sprockets (3.7.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (2.3.3)
actionpack (>= 3.0)
activesupport (>= 3.0)
sprockets (>= 2.8, < 4.0)
sqlite3 (1.3.13)
test_after_commit (1.2.2)
activerecord (>= 3.2, < 5.0)
thor (1.0.1)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.7)
thread_safe (~> 0.1)
warden (1.2.7)
rack (>= 1.0)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
PLATFORMS
ruby
DEPENDENCIES
activerecord-jdbc-adapter
activerecord-jdbcsqlite3-adapter
devise!
jruby-openssl
mocha (~> 1.1)
mongoid (~> 4.0)
nokogiri (= 1.9.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails!
rdoc (~> 5.1)
sqlite3 (~> 1.3.6)
test_after_commit
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

194
gemfiles/Gemfile.rails-4.2-stable.lock
View File

@@ -1,194 +0,0 @@
GIT
remote: https://github.com/rails/rails.git
revision: c0cb0cbf976a3cf8ad1b0e2d0f813602a712e997
branch: 4-2-stable
specs:
actionmailer (4.2.11.3)
actionpack (= 4.2.11.3)
actionview (= 4.2.11.3)
activejob (= 4.2.11.3)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 1.0, >= 1.0.5)
actionpack (4.2.11.3)
actionview (= 4.2.11.3)
activesupport (= 4.2.11.3)
rack (~> 1.6)
rack-test (~> 0.6.2)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (4.2.11.3)
activesupport (= 4.2.11.3)
builder (~> 3.1)
erubis (~> 2.7.0)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (4.2.11.3)
activesupport (= 4.2.11.3)
globalid (>= 0.3.0)
activemodel (4.2.11.3)
activesupport (= 4.2.11.3)
builder (~> 3.1)
activerecord (4.2.11.3)
activemodel (= 4.2.11.3)
activesupport (= 4.2.11.3)
arel (~> 6.0)
activesupport (4.2.11.3)
i18n (~> 0.7)
minitest (~> 5.1)
thread_safe (~> 0.3, >= 0.3.4)
tzinfo (~> 1.1)
rails (4.2.11.3)
actionmailer (= 4.2.11.3)
actionpack (= 4.2.11.3)
actionview (= 4.2.11.3)
activejob (= 4.2.11.3)
activemodel (= 4.2.11.3)
activerecord (= 4.2.11.3)
activesupport (= 4.2.11.3)
bundler (>= 1.3.0, < 2.0)
railties (= 4.2.11.3)
sprockets-rails
railties (4.2.11.3)
actionpack (= 4.2.11.3)
activesupport (= 4.2.11.3)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
PATH
remote: ..
specs:
devise (4.7.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
arel (6.0.4)
bcrypt (3.1.13)
bson (3.2.7)
builder (3.2.4)
concurrent-ruby (1.1.6)
connection_pool (2.2.3)
crass (1.0.6)
erubis (2.7.0)
faraday (1.0.1)
multipart-post (>= 1.2, < 3)
globalid (0.4.2)
activesupport (>= 4.2.0)
hashie (4.1.0)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
jwt (2.2.1)
loofah (2.5.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.14.1)
mocha (1.11.2)
mongoid (4.0.2)
activemodel (~> 4.0)
moped (~> 2.0.0)
origin (~> 2.1)
tzinfo (>= 0.3.37)
moped (2.0.7)
bson (~> 3.0)
connection_pool (~> 2.0)
optionable (~> 0.2.0)
multi_json (1.14.1)
multi_xml (0.6.0)
multipart-post (2.1.1)
nokogiri (1.9.1)
mini_portile2 (~> 2.4.0)
oauth2 (1.4.4)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.9.1)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-facebook (6.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.6.0)
oauth2 (~> 1.1)
omniauth (~> 1.9)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
optionable (0.2.0)
origin (2.3.1)
orm_adapter (0.5.0)
rack (1.6.13)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (0.6.3)
rack (>= 1.0)
rails-deprecated_sanitizer (1.0.3)
activesupport (>= 4.2.0.alpha)
rails-dom-testing (1.0.9)
activesupport (>= 4.2.0, < 5.0)
nokogiri (~> 1.6)
rails-deprecated_sanitizer (>= 1.0.1)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
rake (13.0.1)
rdoc (5.1.0)
responders (2.4.1)
actionpack (>= 4.2.0, < 6.0)
railties (>= 4.2.0, < 6.0)
ruby-openid (2.9.2)
sprockets (4.0.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
test_after_commit (1.2.2)
activerecord (>= 3.2, < 5.0)
thor (1.0.1)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.7)
thread_safe (~> 0.1)
warden (1.2.7)
rack (>= 1.0)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
PLATFORMS
ruby
DEPENDENCIES
activerecord-jdbc-adapter
activerecord-jdbcsqlite3-adapter
devise!
jruby-openssl
mocha (~> 1.1)
mongoid (~> 4.0)
nokogiri (= 1.9.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails!
rdoc (~> 5.1)
sqlite3 (~> 1.3.6)
test_after_commit
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

190
gemfiles/Gemfile.rails-5.0-stable.lock
View File

@@ -1,190 +0,0 @@
GIT
remote: https://github.com/rails/activemodel-serializers-xml.git
revision: 93689638c28525acc65afb638fce866826532641
specs:
activemodel-serializers-xml (1.0.2)
activemodel (>= 5.0.0.a)
activesupport (>= 5.0.0.a)
builder (~> 3.1)
PATH
remote: ..
specs:
devise (4.7.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
actioncable (5.0.7.2)
actionpack (= 5.0.7.2)
nio4r (>= 1.2, < 3.0)
websocket-driver (~> 0.6.1)
actionmailer (5.0.7.2)
actionpack (= 5.0.7.2)
actionview (= 5.0.7.2)
activejob (= 5.0.7.2)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.0.7.2)
actionview (= 5.0.7.2)
activesupport (= 5.0.7.2)
rack (~> 2.0)
rack-test (~> 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.0.7.2)
activesupport (= 5.0.7.2)
builder (~> 3.1)
erubis (~> 2.7.0)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.0.7.2)
activesupport (= 5.0.7.2)
globalid (>= 0.3.6)
activemodel (5.0.7.2)
activesupport (= 5.0.7.2)
activerecord (5.0.7.2)
activemodel (= 5.0.7.2)
activesupport (= 5.0.7.2)
arel (~> 7.0)
activesupport (5.0.7.2)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
arel (7.1.4)
bcrypt (3.1.13)
builder (3.2.4)
concurrent-ruby (1.1.6)
crass (1.0.6)
erubis (2.7.0)
faraday (1.0.1)
multipart-post (>= 1.2, < 3)
globalid (0.4.2)
activesupport (>= 4.2.0)
hashie (4.1.0)
i18n (1.8.3)
concurrent-ruby (~> 1.0)
jwt (2.2.1)
loofah (2.5.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
method_source (1.0.0)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.14.1)
mocha (1.11.2)
multi_json (1.14.1)
multi_xml (0.6.0)
multipart-post (2.1.1)
nio4r (2.5.2)
nokogiri (1.10.9)
mini_portile2 (~> 2.4.0)
oauth2 (1.4.4)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.9.1)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-facebook (6.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.6.0)
oauth2 (~> 1.1)
omniauth (~> 1.9)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
orm_adapter (0.5.0)
rack (2.2.2)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (0.6.3)
rack (>= 1.0)
rails (5.0.7.2)
actioncable (= 5.0.7.2)
actionmailer (= 5.0.7.2)
actionpack (= 5.0.7.2)
actionview (= 5.0.7.2)
activejob (= 5.0.7.2)
activemodel (= 5.0.7.2)
activerecord (= 5.0.7.2)
activesupport (= 5.0.7.2)
bundler (>= 1.3.0)
railties (= 5.0.7.2)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
actionview (>= 5.0.1.x)
activesupport (>= 5.0.1.x)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
railties (5.0.7.2)
actionpack (= 5.0.7.2)
activesupport (= 5.0.7.2)
method_source
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rake (13.0.1)
rdoc (6.2.1)
responders (2.4.1)
actionpack (>= 4.2.0, < 6.0)
railties (>= 4.2.0, < 6.0)
ruby-openid (2.9.2)
sprockets (4.0.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
thor (1.0.1)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.7)
thread_safe (~> 0.1)
warden (1.2.8)
rack (>= 2.0.6)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
websocket-driver (0.6.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
devise!
mocha (~> 1.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 5.0.0)
rails-controller-testing
rdoc
responders (~> 2.1)
sqlite3 (~> 1.3.6)
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

190
gemfiles/Gemfile.rails-5.1-stable.lock
View File

@@ -1,190 +0,0 @@
GIT
remote: https://github.com/rails/activemodel-serializers-xml.git
revision: 93689638c28525acc65afb638fce866826532641
specs:
activemodel-serializers-xml (1.0.2)
activemodel (>= 5.0.0.a)
activesupport (>= 5.0.0.a)
builder (~> 3.1)
PATH
remote: ..
specs:
devise (4.7.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
actioncable (5.1.7)
actionpack (= 5.1.7)
nio4r (~> 2.0)
websocket-driver (~> 0.6.1)
actionmailer (5.1.7)
actionpack (= 5.1.7)
actionview (= 5.1.7)
activejob (= 5.1.7)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.1.7)
actionview (= 5.1.7)
activesupport (= 5.1.7)
rack (~> 2.0)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.1.7)
activesupport (= 5.1.7)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.1.7)
activesupport (= 5.1.7)
globalid (>= 0.3.6)
activemodel (5.1.7)
activesupport (= 5.1.7)
activerecord (5.1.7)
activemodel (= 5.1.7)
activesupport (= 5.1.7)
arel (~> 8.0)
activesupport (5.1.7)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
arel (8.0.0)
bcrypt (3.1.13)
builder (3.2.4)
concurrent-ruby (1.1.6)
crass (1.0.6)
erubi (1.9.0)
faraday (1.0.1)
multipart-post (>= 1.2, < 3)
globalid (0.4.2)
activesupport (>= 4.2.0)
hashie (4.1.0)
i18n (1.8.3)
concurrent-ruby (~> 1.0)
jwt (2.2.1)
loofah (2.5.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
method_source (1.0.0)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.14.1)
mocha (1.11.2)
multi_json (1.14.1)
multi_xml (0.6.0)
multipart-post (2.1.1)
nio4r (2.5.2)
nokogiri (1.10.9)
mini_portile2 (~> 2.4.0)
oauth2 (1.4.4)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.9.1)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-facebook (6.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.6.0)
oauth2 (~> 1.1)
omniauth (~> 1.9)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
orm_adapter (0.5.0)
rack (2.2.2)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (5.1.7)
actioncable (= 5.1.7)
actionmailer (= 5.1.7)
actionpack (= 5.1.7)
actionview (= 5.1.7)
activejob (= 5.1.7)
activemodel (= 5.1.7)
activerecord (= 5.1.7)
activesupport (= 5.1.7)
bundler (>= 1.3.0)
railties (= 5.1.7)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
actionview (>= 5.0.1.x)
activesupport (>= 5.0.1.x)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
railties (5.1.7)
actionpack (= 5.1.7)
activesupport (= 5.1.7)
method_source
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rake (13.0.1)
rdoc (6.2.1)
responders (2.4.1)
actionpack (>= 4.2.0, < 6.0)
railties (>= 4.2.0, < 6.0)
ruby-openid (2.9.2)
sprockets (4.0.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
thor (1.0.1)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.7)
thread_safe (~> 0.1)
warden (1.2.8)
rack (>= 2.0.6)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
websocket-driver (0.6.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
devise!
mocha (~> 1.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 5.1.0)
rails-controller-testing
rdoc
responders (~> 2.1)
sqlite3 (~> 1.3.6)
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

198
gemfiles/Gemfile.rails-5.2-stable.lock
View File

@@ -1,198 +0,0 @@
GIT
remote: https://github.com/rails/activemodel-serializers-xml.git
revision: 93689638c28525acc65afb638fce866826532641
specs:
activemodel-serializers-xml (1.0.2)
activemodel (>= 5.0.0.a)
activesupport (>= 5.0.0.a)
builder (~> 3.1)
PATH
remote: ..
specs:
devise (4.7.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
actioncable (5.2.4.3)
actionpack (= 5.2.4.3)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailer (5.2.4.3)
actionpack (= 5.2.4.3)
actionview (= 5.2.4.3)
activejob (= 5.2.4.3)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.2.4.3)
actionview (= 5.2.4.3)
activesupport (= 5.2.4.3)
rack (~> 2.0, >= 2.0.8)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.2.4.3)
activesupport (= 5.2.4.3)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.2.4.3)
activesupport (= 5.2.4.3)
globalid (>= 0.3.6)
activemodel (5.2.4.3)
activesupport (= 5.2.4.3)
activerecord (5.2.4.3)
activemodel (= 5.2.4.3)
activesupport (= 5.2.4.3)
arel (>= 9.0)
activestorage (5.2.4.3)
actionpack (= 5.2.4.3)
activerecord (= 5.2.4.3)
marcel (~> 0.3.1)
activesupport (5.2.4.3)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
arel (9.0.0)
bcrypt (3.1.13)
builder (3.2.4)
concurrent-ruby (1.1.6)
crass (1.0.6)
erubi (1.9.0)
faraday (1.0.1)
multipart-post (>= 1.2, < 3)
globalid (0.4.2)
activesupport (>= 4.2.0)
hashie (4.1.0)
i18n (1.8.3)
concurrent-ruby (~> 1.0)
jwt (2.2.1)
loofah (2.5.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
marcel (0.3.3)
mimemagic (~> 0.3.2)
method_source (1.0.0)
mimemagic (0.3.5)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.14.1)
mocha (1.11.2)
multi_json (1.14.1)
multi_xml (0.6.0)
multipart-post (2.1.1)
nio4r (2.5.2)
nokogiri (1.10.9)
mini_portile2 (~> 2.4.0)
oauth2 (1.4.4)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.9.1)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-facebook (6.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.6.0)
oauth2 (~> 1.1)
omniauth (~> 1.9)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
orm_adapter (0.5.0)
rack (2.2.2)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (5.2.4.3)
actioncable (= 5.2.4.3)
actionmailer (= 5.2.4.3)
actionpack (= 5.2.4.3)
actionview (= 5.2.4.3)
activejob (= 5.2.4.3)
activemodel (= 5.2.4.3)
activerecord (= 5.2.4.3)
activestorage (= 5.2.4.3)
activesupport (= 5.2.4.3)
bundler (>= 1.3.0)
railties (= 5.2.4.3)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
actionview (>= 5.0.1.x)
activesupport (>= 5.0.1.x)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
railties (5.2.4.3)
actionpack (= 5.2.4.3)
activesupport (= 5.2.4.3)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
rake (13.0.1)
rdoc (6.2.1)
responders (2.4.1)
actionpack (>= 4.2.0, < 6.0)
railties (>= 4.2.0, < 6.0)
ruby-openid (2.9.2)
sprockets (4.0.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
thor (1.0.1)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.7)
thread_safe (~> 0.1)
warden (1.2.8)
rack (>= 2.0.6)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
websocket-driver (0.7.2)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
devise!
mocha (~> 1.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 5.2.0)
rails-controller-testing
rdoc
responders (~> 2.1)
sqlite3 (~> 1.3.6)
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

219
gemfiles/Gemfile.rails-6.0-stable.lock
View File

@@ -1,219 +0,0 @@
GIT
remote: https://github.com/rails/activemodel-serializers-xml.git
revision: 93689638c28525acc65afb638fce866826532641
specs:
activemodel-serializers-xml (1.0.2)
activemodel (>= 5.0.0.a)
activesupport (>= 5.0.0.a)
builder (~> 3.1)
GIT
remote: https://github.com/rails/rails-controller-testing.git
revision: 4b15c86e82ee380f2a7cc009e470368f7520560a
specs:
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
actionview (>= 5.0.1.rc1)
activesupport (>= 5.0.1.rc1)
PATH
remote: ..
specs:
devise (4.7.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
actioncable (6.0.3.2)
actionpack (= 6.0.3.2)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (6.0.3.2)
actionpack (= 6.0.3.2)
activejob (= 6.0.3.2)
activerecord (= 6.0.3.2)
activestorage (= 6.0.3.2)
activesupport (= 6.0.3.2)
mail (>= 2.7.1)
actionmailer (6.0.3.2)
actionpack (= 6.0.3.2)
actionview (= 6.0.3.2)
activejob (= 6.0.3.2)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (6.0.3.2)
actionview (= 6.0.3.2)
activesupport (= 6.0.3.2)
rack (~> 2.0, >= 2.0.8)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.0.3.2)
actionpack (= 6.0.3.2)
activerecord (= 6.0.3.2)
activestorage (= 6.0.3.2)
activesupport (= 6.0.3.2)
nokogiri (>= 1.8.5)
actionview (6.0.3.2)
activesupport (= 6.0.3.2)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.0.3.2)
activesupport (= 6.0.3.2)
globalid (>= 0.3.6)
activemodel (6.0.3.2)
activesupport (= 6.0.3.2)
activerecord (6.0.3.2)
activemodel (= 6.0.3.2)
activesupport (= 6.0.3.2)
activestorage (6.0.3.2)
actionpack (= 6.0.3.2)
activejob (= 6.0.3.2)
activerecord (= 6.0.3.2)
marcel (~> 0.3.1)
activesupport (6.0.3.2)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
zeitwerk (~> 2.2, >= 2.2.2)
bcrypt (3.1.15)
builder (3.2.4)
concurrent-ruby (1.1.7)
crass (1.0.6)
erubi (1.9.0)
faraday (1.0.1)
multipart-post (>= 1.2, < 3)
globalid (0.4.2)
activesupport (>= 4.2.0)
hashie (4.1.0)
i18n (1.8.5)
concurrent-ruby (~> 1.0)
jwt (2.2.1)
loofah (2.6.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
marcel (0.3.3)
mimemagic (~> 0.3.2)
method_source (1.0.0)
mimemagic (0.3.5)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.14.1)
mocha (1.11.2)
multi_json (1.15.0)
multi_xml (0.6.0)
multipart-post (2.1.1)
nio4r (2.5.2)
nokogiri (1.10.10)
mini_portile2 (~> 2.4.0)
oauth2 (1.4.4)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.9.1)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-facebook (6.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.6.0)
oauth2 (~> 1.1)
omniauth (~> 1.9)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
orm_adapter (0.5.0)
rack (2.2.3)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (6.0.3.2)
actioncable (= 6.0.3.2)
actionmailbox (= 6.0.3.2)
actionmailer (= 6.0.3.2)
actionpack (= 6.0.3.2)
actiontext (= 6.0.3.2)
actionview (= 6.0.3.2)
activejob (= 6.0.3.2)
activemodel (= 6.0.3.2)
activerecord (= 6.0.3.2)
activestorage (= 6.0.3.2)
activesupport (= 6.0.3.2)
bundler (>= 1.3.0)
railties (= 6.0.3.2)
sprockets-rails (>= 2.0.0)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
railties (6.0.3.2)
actionpack (= 6.0.3.2)
activesupport (= 6.0.3.2)
method_source
rake (>= 0.8.7)
thor (>= 0.20.3, < 2.0)
rake (13.0.1)
rdoc (6.2.1)
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
ruby-openid (2.9.2)
sprockets (4.0.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.4.2)
thor (1.0.1)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.7)
thread_safe (~> 0.1)
warden (1.2.8)
rack (>= 2.0.6)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
websocket-driver (0.7.3)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
zeitwerk (2.4.0)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
devise!
mocha (~> 1.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 6.0.0)
rails-controller-testing!
rdoc
responders (~> 3.0)
sqlite3 (~> 1.4)
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

2
lib/devise/controllers/sign_in_out.rb
View File

@@ -106,10 +106,12 @@ module Devise
private
def expire_data_after_sign_in!
# TODO: remove once Rails 5.2+ and forward are only supported.
# session.keys will return an empty array if the session is not yet loaded.
# This is a bug in both Rack and Rails.
# A call to #empty? forces the session to be loaded.
session.empty?
session.keys.grep(/^devise\./).each { |k| session.delete(k) }
end

7
lib/devise/hooks/lockable.rb
View File

@@ -3,10 +3,7 @@
# After each sign in, if resource responds to failed_attempts, sets it to 0
# This is only triggered when the user is explicitly set (with set_user)
Warden::Manager.after_set_user except: :fetch do |record, warden, options|
if record.respond_to?(:failed_attempts) && warden.authenticated?(options[:scope])
unless record.failed_attempts.to_i.zero?
record.failed_attempts = 0
record.save(validate: false)
end
if record.respond_to?(:reset_failed_attempts!) && warden.authenticated?(options[:scope])
record.reset_failed_attempts!
end
end

8
lib/devise/models/authenticatable.rb
View File

@@ -2,6 +2,7 @@
require 'devise/hooks/activatable'
require 'devise/hooks/csrf_cleaner'
require 'devise/rails/deprecated_constant_accessor'
module Devise
module Models
@@ -55,11 +56,14 @@ module Devise
module Authenticatable
extend ActiveSupport::Concern
BLACKLIST_FOR_SERIALIZATION = [:encrypted_password, :reset_password_token, :reset_password_sent_at,
UNSAFE_ATTRIBUTES_FOR_SERIALIZATION = [:encrypted_password, :reset_password_token, :reset_password_sent_at,
:remember_created_at, :sign_in_count, :current_sign_in_at, :last_sign_in_at, :current_sign_in_ip,
:last_sign_in_ip, :password_salt, :confirmation_token, :confirmed_at, :confirmation_sent_at,
:remember_token, :unconfirmed_email, :failed_attempts, :unlock_token, :locked_at]
include Devise::DeprecatedConstantAccessor
deprecate_constant "BLACKLIST_FOR_SERIALIZATION", "Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION"
included do
class_attribute :devise_modules, instance_writer: false
self.devise_modules ||= []
@@ -109,7 +113,7 @@ module Devise
if options[:force_except]
options[:except].concat Array(options[:force_except])
else
options[:except].concat BLACKLIST_FOR_SERIALIZATION
options[:except].concat UNSAFE_ATTRIBUTES_FOR_SERIALIZATION
end
super(options)

10
lib/devise/models/lockable.rb
View File

@@ -57,6 +57,14 @@ module Devise
save(validate: false)
end
# Resets failed attempts counter to 0.
def reset_failed_attempts!
if respond_to?(:failed_attempts) && !failed_attempts.to_i.zero?
self.failed_attempts = 0
save(validate: false)
end
end
# Verifies whether a user is locked or not.
def access_locked?
!!locked_at && !lock_expired?
@@ -110,7 +118,7 @@ module Devise
false
end
end
def increment_failed_attempts
self.class.increment_counter(:failed_attempts, id)
reload

7
lib/devise/omniauth.rb
View File

@@ -1,17 +1,14 @@
# frozen_string_literal: true
begin
gem "omniauth", ">= 1.0.0"
require "omniauth"
require "omniauth/version"
rescue LoadError
warn "Could not load 'omniauth'. Please ensure you have the omniauth gem >= 1.0.0 installed and listed in your Gemfile."
raise
end
unless OmniAuth::VERSION =~ /^1\./
raise "You are using an old OmniAuth version, please ensure you have 1.0.0.pr2 version or later installed."
end
# Clean up the default path_prefix. It will be automatically set by Devise.
OmniAuth.config.path_prefix = nil

39
lib/devise/rails/deprecated_constant_accessor.rb Normal file
View File

@@ -0,0 +1,39 @@
# frozen_string_literal: true
begin
require 'active_support/deprecation/constant_accessor'
module Devise
DeprecatedConstantAccessor = ActiveSupport::Deprecation::DeprecatedConstantAccessor #:nodoc:
end
rescue LoadError
# Copy of constant deprecation module from Rails / Active Support version 6, so we can use it
# with Rails <= 5.0 versions. This can be removed once we support only Rails 5.1 or greater.
module Devise
module DeprecatedConstantAccessor #:nodoc:
def self.included(base)
require "active_support/inflector/methods"
extension = Module.new do
def const_missing(missing_const_name)
if class_variable_defined?(:@@_deprecated_constants)
if (replacement = class_variable_get(:@@_deprecated_constants)[missing_const_name.to_s])
replacement[:deprecator].warn(replacement[:message] || "#{name}::#{missing_const_name} is deprecated! Use #{replacement[:new]} instead.", Rails::VERSION::MAJOR == 4 ? caller : caller_locations)
return ActiveSupport::Inflector.constantize(replacement[:new].to_s)
end
end
super
end
def deprecate_constant(const_name, new_constant, message: nil, deprecator: ActiveSupport::Deprecation.instance)
class_variable_set(:@@_deprecated_constants, {}) unless class_variable_defined?(:@@_deprecated_constants)
class_variable_get(:@@_deprecated_constants)[const_name.to_s] = { new: new_constant, message: message, deprecator: deprecator }
end
end
base.singleton_class.prepend extension
end
end
end
end

2
lib/devise/version.rb
View File

@@ -1,5 +1,5 @@
# frozen_string_literal: true
module Devise
VERSION = "4.7.3".freeze
VERSION = "4.8.0".freeze
end

19
lib/generators/active_record/devise_generator.rb
View File

@@ -86,9 +86,24 @@ RUBY
Rails::VERSION::MAJOR >= 5
end
def rails61_and_up?
Rails::VERSION::MAJOR > 6 || (Rails::VERSION::MAJOR == 6 && Rails::VERSION::MINOR >= 1)
end
def postgresql?
config = ActiveRecord::Base.configurations[Rails.env]
config && config['adapter'] == 'postgresql'
ar_config && ar_config['adapter'] == 'postgresql'
end
def ar_config
if ActiveRecord::Base.configurations.respond_to?(:configs_for)
if rails61_and_up?
ActiveRecord::Base.configurations.configs_for(env_name: Rails.env, name: "primary").configuration_hash
else
ActiveRecord::Base.configurations.configs_for(env_name: Rails.env, spec_name: "primary").config
end
else
ActiveRecord::Base.configurations[Rails.env]
end
end
def migration_version

10
test/failure_app_test.rb
View File

@@ -220,8 +220,8 @@ class FailureTest < ActiveSupport::TestCase
end
test 'works for any navigational format' do
swap Devise, navigational_formats: [:xml] do
call_failure('formats' => Mime[:xml])
swap Devise, navigational_formats: [:json] do
call_failure('formats' => Mime[:json])
assert_equal 302, @response.first
end
end
@@ -236,7 +236,7 @@ class FailureTest < ActiveSupport::TestCase
context 'For HTTP request' do
test 'return 401 status' do
call_failure('formats' => Mime[:xml])
call_failure('formats' => Mime[:json])
assert_equal 401, @response.first
end
@@ -258,13 +258,13 @@ class FailureTest < ActiveSupport::TestCase
end
test 'return WWW-authenticate headers if model allows' do
call_failure('formats' => Mime[:xml])
call_failure('formats' => Mime[:json])
assert_equal 'Basic realm="Application"', @response.second["WWW-Authenticate"]
end
test 'does not return WWW-authenticate headers if model does not allow' do
swap Devise, http_authenticatable: false do
call_failure('formats' => Mime[:xml])
call_failure('formats' => Mime[:json])
assert_nil @response.second["WWW-Authenticate"]
end
end

33
test/integration/authenticatable_test.rb
View File

@@ -462,14 +462,6 @@ class AuthenticationOthersTest < Devise::IntegrationTest
end
end
test 'sign in stub in xml format' do
get new_user_session_path(format: 'xml')
assert_match '<?xml version="1.0" encoding="UTF-8"?>', response.body
assert_match %r{<user>.*</user>}m, response.body
assert_match '<email></email>', response.body
assert_match '<password nil="true"', response.body
end
test 'sign in stub in json format' do
get new_user_session_path(format: 'json')
assert_match '{"user":{', response.body
@@ -492,27 +484,27 @@ class AuthenticationOthersTest < Devise::IntegrationTest
refute warden.authenticated?(:admin)
end
test 'sign in with xml format returns xml response' do
test 'sign in with json format returns json response' do
create_user
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} }
post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
end
test 'sign in with xml format is idempotent' do
get new_user_session_path(format: 'xml')
test 'sign in with json format is idempotent' do
get new_user_session_path(format: 'json')
assert_response :success
create_user
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} }
post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success
get new_user_session_path(format: 'xml')
get new_user_session_path(format: 'json')
assert_response :success
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} }
post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
end
test 'sign out with html redirects' do
@@ -527,13 +519,6 @@ class AuthenticationOthersTest < Devise::IntegrationTest
assert_current_url '/'
end
test 'sign out with xml format returns no content' do
sign_in_as_user
delete destroy_user_session_path(format: 'xml')
assert_response :no_content
refute warden.authenticated?(:user)
end
test 'sign out with json format returns no content' do
sign_in_as_user
delete destroy_user_session_path(format: 'json')

54
test/integration/confirmable_test.rb
View File

@@ -214,42 +214,34 @@ class ConfirmationTest < Devise::IntegrationTest
end
end
test 'resent confirmation token with valid E-Mail in XML format should return valid response' do
test 'resent confirmation token with valid e-mail in JSON format should return empty and valid response' do
user = create_user(confirm: false)
post user_confirmation_path(format: 'xml'), params: { user: { email: user.email } }
assert_response :success
assert_equal({}.to_xml, response.body)
end
test 'resent confirmation token with invalid E-Mail in XML format should return invalid response' do
create_user(confirm: false)
post user_confirmation_path(format: 'xml'), params: { user: { email: 'invalid.test@test.com' } }
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test 'confirm account with valid confirmation token in XML format should return valid response' do
user = create_user(confirm: false)
get user_confirmation_path(confirmation_token: user.raw_confirmation_token, format: 'xml')
assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
end
test 'confirm account with invalid confirmation token in XML format should return invalid response' do
create_user(confirm: false)
get user_confirmation_path(confirmation_token: 'invalid_confirmation', format: 'xml')
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test 'request an account confirmation account with JSON, should return an empty JSON' do
user = create_user(confirm: false)
post user_confirmation_path, params: { user: { email: user.email }, format: :json }
post user_confirmation_path(format: 'json'), params: { user: { email: user.email } }
assert_response :success
assert_equal({}.to_json, response.body)
end
test 'resent confirmation token with invalid e-mail in JSON format should return invalid response' do
create_user(confirm: false)
post user_confirmation_path(format: 'json'), params: { user: { email: 'invalid.test@test.com' } }
assert_response :unprocessable_entity
assert_includes response.body, '{"errors":{'
end
test 'confirm account with valid confirmation token in JSON format should return valid response' do
user = create_user(confirm: false)
get user_confirmation_path(confirmation_token: user.raw_confirmation_token, format: 'json')
assert_response :success
assert_includes response.body, '{"user":{'
end
test 'confirm account with invalid confirmation token in JSON format should return invalid response' do
create_user(confirm: false)
get user_confirmation_path(confirmation_token: 'invalid_confirmation', format: 'json')
assert_response :unprocessable_entity
assert_includes response.body, '{"confirmation_token":['
end
test "when in paranoid mode and with a valid e-mail, should not say that the e-mail is valid" do
swap Devise, paranoid: true do
user = create_user(confirm: false)

23
test/integration/http_authenticatable_test.rb
View File

@@ -22,10 +22,10 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, skip_session_storage: [] do
sign_in_as_new_user_with_http
assert_response 200
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
get users_path(format: :xml)
get users_path(format: :json)
assert_response 200
end
end
@@ -34,10 +34,10 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, skip_session_storage: [:http_auth] do
sign_in_as_new_user_with_http
assert_response 200
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
get users_path(format: :xml)
get users_path(format: :json)
assert_response 401
end
end
@@ -51,8 +51,8 @@ class HttpAuthenticationTest < Devise::IntegrationTest
test 'uses the request format as response content type' do
sign_in_as_new_user_with_http("unknown")
assert_equal 401, status
assert_equal "application/xml; charset=utf-8", headers["Content-Type"]
assert_match "<error>Invalid Email or password.</error>", response.body
assert_equal "application/json; charset=utf-8", headers["Content-Type"]
assert_match '"error":"Invalid Email or password."', response.body
end
test 'returns a custom response with www-authenticate and chosen realm' do
@@ -67,7 +67,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: [:username] do
sign_in_as_new_user_with_http("usertest")
assert_response :success
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
end
end
@@ -76,7 +76,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: { username: false, email: false } do
sign_in_as_new_user_with_http("usertest")
assert_response :success
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
end
end
@@ -85,7 +85,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: { email: false, username: false }, http_authentication_key: :username do
sign_in_as_new_user_with_http("usertest")
assert_response :success
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
end
end
@@ -101,14 +101,13 @@ class HttpAuthenticationTest < Devise::IntegrationTest
private
def sign_in_as_new_user_with_http(username = "user@test.com", password = "12345678")
user = create_user
get users_path(format: :xml), headers: { "HTTP_AUTHORIZATION" => "Basic #{Base64.encode64("#{username}:#{password}")}" }
get users_path(format: :json), headers: { "HTTP_AUTHORIZATION" => "Basic #{Base64.encode64("#{username}:#{password}")}" }
user
end
# Sign in with oauth2 token. This is just to test that it isn't misinterpreted as basic authentication
def add_oauth2_header
user = create_user
get users_path(format: :xml), headers: { "HTTP_AUTHORIZATION" => "OAuth #{Base64.encode64("#{user.email}:12345678")}" }
get users_path(format: :json), headers: { "HTTP_AUTHORIZATION" => "OAuth #{Base64.encode64("#{user.email}:12345678")}" }
end
end

31
test/integration/lockable_test.rb
View File

@@ -130,46 +130,39 @@ class LockTest < Devise::IntegrationTest
end
end
test 'user should be able to request a new unlock token via XML request' do
test 'user should be able to request a new unlock token via JSON request and should return empty and valid response' do
user = create_user(locked: true)
ActionMailer::Base.deliveries.clear
post user_unlock_path(format: 'xml'), params: { user: {email: user.email} }
post user_unlock_path(format: 'json'), params: { user: {email: user.email} }
assert_response :success
assert_equal({}.to_xml, response.body)
assert_equal({}.to_json, response.body)
assert_equal 1, ActionMailer::Base.deliveries.size
end
test 'unlocked user should not be able to request a unlock token via XML request' do
test 'unlocked user should not be able to request a unlock token via JSON request' do
user = create_user(locked: false)
ActionMailer::Base.deliveries.clear
post user_unlock_path(format: 'xml'), params: { user: {email: user.email} }
post user_unlock_path(format: 'json'), params: { user: {email: user.email} }
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
assert_equal 0, ActionMailer::Base.deliveries.size
end
test 'user with valid unlock token should be able to unlock account via XML request' do
test 'user with valid unlock token should be able to unlock account via JSON request' do
user = create_user()
raw = user.lock_access!
assert user.access_locked?
get user_unlock_path(format: 'xml', unlock_token: raw)
get user_unlock_path(format: 'json', unlock_token: raw)
assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
end
test 'user with invalid unlock token should not be able to unlock the account via XML request' do
get user_unlock_path(format: 'xml', unlock_token: 'invalid_token')
test 'user with invalid unlock token should not be able to unlock the account via JSON request' do
get user_unlock_path(format: 'json', unlock_token: 'invalid_token')
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test "when using json to ask a unlock request, should not return the user" do
user = create_user(locked: true)
post user_unlock_path(format: "json", user: {email: user.email})
assert_response :success
assert_equal({}.to_json, response.body)
assert_includes response.body, '{"unlock_token":['
end
test "in paranoid mode, when trying to unlock a user that exists it should not say that it exists if it is locked" do

44
test/integration/omniauthable_test.rb
View File

@@ -23,6 +23,9 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
"extra" => {"user_hash" => FACEBOOK_INFO}
}
OmniAuth.config.add_camelization 'facebook', 'FaceBook'
if OmniAuth.config.respond_to?(:request_validation_phase)
OmniAuth.config.request_validation_phase = ->(env) {}
end
end
teardown do
@@ -45,8 +48,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "omniauth sign in should not run model validations" do
stub_action!(:sign_in_facebook) do
create_user
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
assert warden.authenticated?(:user)
refute User.validations_performed
@@ -54,8 +57,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
end
test "can access omniauth.auth in the env hash" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
json = ActiveSupport::JSON.decode(response.body)
@@ -68,8 +71,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "cleans up session on sign up" do
assert_no_difference "User.count" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
end
assert session["devise.facebook_data"]
@@ -89,8 +92,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "cleans up session on cancel" do
assert_no_difference "User.count" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
end
assert session["devise.facebook_data"]
@@ -100,8 +103,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "cleans up session on sign in" do
assert_no_difference "User.count" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
end
assert session["devise.facebook_data"]
@@ -110,23 +113,28 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
end
test "sign in and send remember token if configured" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
assert_nil warden.cookies["remember_user_token"]
stub_action!(:sign_in_facebook) do
create_user
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
assert warden.authenticated?(:user)
assert warden.cookies["remember_user_token"]
end
end
test "generates a link to authenticate with provider" do
visit "/users/sign_in"
assert_select "a[href=?][data-method='post']", "/users/auth/facebook", text: "Sign in with FaceBook"
end
test "generates a proper link when SCRIPT_NAME is set" do
header 'SCRIPT_NAME', '/q'
visit "/users/sign_in"
assert_select "a", href: "/q/users/auth/facebook"
assert_select "a[href=?][data-method='post']", "/q/users/auth/facebook", text: "Sign in with FaceBook"
end
test "handles callback error parameter according to the specification" do
@@ -139,10 +147,10 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "handles other exceptions from OmniAuth" do
OmniAuth.config.mock_auth[:facebook] = :invalid_credentials
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
follow_redirect!
assert_current_url "/users/sign_in"
assert_contain 'Could not authenticate you from FaceBook because "Invalid credentials".'
end
end

46
test/integration/recoverable_test.rb
View File

@@ -261,63 +261,53 @@ class PasswordTest < Devise::IntegrationTest
end
end
test 'reset password request with valid E-Mail in XML format should return valid response' do
test 'reset password request with valid e-mail in JSON format should return empty and valid response' do
create_user
post user_password_path(format: 'xml'), params: { user: {email: "user@test.com"} }
post user_password_path(format: 'json'), params: { user: {email: "user@test.com"} }
assert_response :success
assert_equal({}.to_xml, response.body)
assert_equal({}.to_json, response.body)
end
test 'reset password request with invalid E-Mail in XML format should return valid response' do
test 'reset password request with invalid e-mail in JSON format should return valid response' do
create_user
post user_password_path(format: 'xml'), params: { user: {email: "invalid.test@test.com"} }
post user_password_path(format: 'json'), params: { user: {email: "invalid.test@test.com"} }
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
end
test 'reset password request with invalid E-Mail in XML format should return empty and valid response' do
test 'reset password request with invalid e-mail in JSON format should return empty and valid response in paranoid mode' do
swap Devise, paranoid: true do
create_user
post user_password_path(format: 'xml'), params: { user: {email: "invalid@test.com"} }
post user_password_path(format: 'json'), params: { user: {email: "invalid@test.com"} }
assert_response :success
assert_equal({}.to_xml, response.body)
assert_equal({}.to_json, response.body)
end
end
test 'change password with valid parameters in XML format should return valid response' do
test 'change password with valid parameters in JSON format should return valid response' do
create_user
request_forgot_password
put user_password_path(format: 'xml'), params: { user: {
put user_password_path(format: 'json'), params: { user: {
reset_password_token: 'abcdef', password: '987654321', password_confirmation: '987654321'
}
}
} }
assert_response :success
assert warden.authenticated?(:user)
end
test 'change password with invalid token in XML format should return invalid response' do
test 'change password with invalid token in JSON format should return invalid response' do
create_user
request_forgot_password
put user_password_path(format: 'xml'), params: { user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'} }
put user_password_path(format: 'json'), params: { user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'} }
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
end
test 'change password with invalid new password in XML format should return invalid response' do
test 'change password with invalid new password in JSON format should return invalid response' do
user = create_user
request_forgot_password
put user_password_path(format: 'xml'), params: { user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'} }
put user_password_path(format: 'json'), params: { user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'} }
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test "when using json requests to ask a confirmable request, should not return the object" do
user = create_user(confirm: false)
post user_password_path(format: :json), params: { user: { email: user.email } }
assert_response :success
assert_equal "{}", response.body
assert_includes response.body, '{"errors":{'
end
test "when in paranoid mode and with an invalid e-mail, asking to reset a password should display a message that does not indicates that the e-mail does not exists in the database" do

39
test/integration/registerable_test.rb
View File

@@ -189,7 +189,7 @@ class RegistrationTest < Devise::IntegrationTest
fill_in 'current password', with: '12345678'
click_button 'Update'
assert_contain 'Your account has been updated successfully, but since your password was changed, you need to sign in again'
assert_contain 'Your account has been updated successfully, but since your password was changed, you need to sign in again.'
assert_equal new_user_session_path, @request.path
refute warden.authenticated?(:user)
end
@@ -283,13 +283,6 @@ class RegistrationTest < Devise::IntegrationTest
assert_redirected_to new_user_registration_path
end
test 'a user with XML sign up stub' do
get new_user_registration_path(format: 'xml')
assert_response :success
assert_match %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>), response.body
assert_no_match(/<confirmation-token/, response.body)
end
test 'a user with JSON sign up stub' do
get new_user_registration_path(format: 'json')
assert_response :success
@@ -297,47 +290,47 @@ class RegistrationTest < Devise::IntegrationTest
assert_no_match(/"confirmation_token"/, response.body)
end
test 'an admin sign up with valid information in XML format should return valid response' do
post admin_registration_path(format: 'xml'), params: { admin: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
test 'an admin sign up with valid information in JSON format should return valid response' do
post admin_registration_path(format: 'json'), params: { admin: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<admin>)
assert_includes response.body, '{"admin":{'
admin = Admin.to_adapter.find_first(order: [:id, :desc])
assert_equal 'new_user@test.com', admin.email
end
test 'a user sign up with valid information in XML format should return valid response' do
post user_registration_path(format: 'xml'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
test 'a user sign up with valid information in JSON format should return valid response' do
post user_registration_path(format: 'json'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
user = User.to_adapter.find_first(order: [:id, :desc])
assert_equal 'new_user@test.com', user.email
end
test 'a user sign up with invalid information in XML format should return invalid response' do
post user_registration_path(format: 'xml'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'invalid' } }
test 'a user sign up with invalid information in JSON format should return invalid response' do
post user_registration_path(format: 'json'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'invalid' } }
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
end
test 'a user update information with valid data in XML format should return valid response' do
test 'a user update information with valid data in JSON format should return valid response' do
user = sign_in_as_user
put user_registration_path(format: 'xml'), params: { user: { current_password: '12345678', email: 'user.new@test.com' } }
put user_registration_path(format: 'json'), params: { user: { current_password: '12345678', email: 'user.new@test.com' } }
assert_response :success
assert_equal 'user.new@test.com', user.reload.email
end
test 'a user update information with invalid data in XML format should return invalid response' do
test 'a user update information with invalid data in JSON format should return invalid response' do
user = sign_in_as_user
put user_registration_path(format: 'xml'), params: { user: { current_password: 'invalid', email: 'user.new@test.com' } }
put user_registration_path(format: 'json'), params: { user: { current_password: 'invalid', email: 'user.new@test.com' } }
assert_response :unprocessable_entity
assert_equal 'user@test.com', user.reload.email
end
test 'a user cancel their account in XML format should return valid response' do
test 'a user cancel their account in JSON format should return valid response' do
sign_in_as_user
delete user_registration_path(format: 'xml')
delete user_registration_path(format: 'json')
assert_response :success
assert_equal 0, User.to_adapter.find_all.size
end

4
test/models/authenticatable_test.rb
View File

@@ -30,12 +30,12 @@ class AuthenticatableTest < ActiveSupport::TestCase
test 'find_or_initialize_with_errors adds blank error' do
user_with_error = User.find_or_initialize_with_errors([:email], { email: "" })
assert_equal [:email, "can't be blank"], user_with_error.errors.first
assert_equal ["Email can't be blank"], user_with_error.errors.full_messages_for(:email)
end
test 'find_or_initialize_with_errors adds invalid error' do
user_with_error = User.find_or_initialize_with_errors([:email], { email: "example@example.com" })
assert_equal [:email, "is invalid"], user_with_error.errors.first
assert_equal ["Email is invalid"], user_with_error.errors.full_messages_for(:email)
end
if defined?(ActionController::Parameters)

6
test/models/database_authenticatable_test.rb
View File

@@ -97,8 +97,8 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
test 'should respond to password and password confirmation' do
user = new_user
assert user.respond_to?(:password)
assert user.respond_to?(:password_confirmation)
assert_respond_to user, :password
assert_respond_to user, :password_confirmation
end
test 'should generate a hashed password while setting password' do
@@ -149,7 +149,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
end
test 'should respond to current password' do
assert new_user.respond_to?(:current_password)
assert_respond_to new_user, :current_password
end
test 'should update password with valid current password' do

26
test/models/lockable_test.rb
View File

@@ -50,6 +50,32 @@ class LockableTest < ActiveSupport::TestCase
assert_equal initial_failed_attempts + 2, user.reload.failed_attempts
end
test "reset_failed_attempts! updates the failed attempts counter back to 0" do
user = create_user(failed_attempts: 3)
assert_equal 3, user.failed_attempts
user.reset_failed_attempts!
assert_equal 0, user.failed_attempts
user.reset_failed_attempts!
assert_equal 0, user.failed_attempts
end
test "reset_failed_attempts! does not run model validations" do
user = create_user(failed_attempts: 1)
user.expects(:after_validation_callback).never
assert user.reset_failed_attempts!
assert_equal 0, user.failed_attempts
end
test "reset_failed_attempts! does not try to reset if not using failed attempts strategy" do
admin = create_admin
refute_respond_to admin, :failed_attempts
refute admin.reset_failed_attempts!
end
test 'should be valid for authentication with a unlocked user' do
user = create_user
user.lock_access!

4
test/models/rememberable_test.rb
View File

@@ -129,8 +129,8 @@ class RememberableTest < ActiveSupport::TestCase
end
test 'should respond to remember_me attribute' do
assert resource_class.new.respond_to?(:remember_me)
assert resource_class.new.respond_to?(:remember_me=)
assert_respond_to resource_class.new, :remember_me
assert_respond_to resource_class.new, :remember_me=
end
test 'forget_me should clear remember_created_at if expire_all_remember_me_on_sign_out is true' do

19
test/models/serializable_test.rb
View File

@@ -7,21 +7,6 @@ class SerializableTest < ActiveSupport::TestCase
@user = create_user
end
test 'should not include unsafe keys on XML' do
assert_match(/email/, @user.to_xml)
assert_no_match(/confirmation-token/, @user.to_xml)
end
test 'should not include unsafe keys on XML even if a new except is provided' do
assert_no_match(/email/, @user.to_xml(except: :email))
assert_no_match(/confirmation-token/, @user.to_xml(except: :email))
end
test 'should include unsafe keys on XML if a force_except is provided' do
assert_no_match(/<email/, @user.to_xml(force_except: :email))
assert_match(/confirmation-token/, @user.to_xml(force_except: :email))
end
test 'should not include unsafe keys on JSON' do
keys = from_json().keys.select{ |key| !key.include?("id") }
assert_equal %w(created_at email facebook_token updated_at username), keys.sort
@@ -46,6 +31,10 @@ class SerializableTest < ActiveSupport::TestCase
assert_key "username", @user.as_json({ only: :username, except: [:email].freeze }.freeze)["user"]
end
test 'constant `BLACKLIST_FOR_SERIALIZATION` is deprecated' do
assert_deprecated { Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION }
end
def assert_key(key, subject)
assert subject.key?(key), "Expected #{subject.inspect} to have key #{key.inspect}"
end

1
test/rails_app/app/active_record/user.rb
View File

@@ -5,7 +5,6 @@ require 'shared_user'
class User < ActiveRecord::Base
include Shim
include SharedUser
include ActiveModel::Serializers::Xml if Devise::Test.rails5_and_up?
validates :sign_in_count, presence: true

3
test/rails_app/app/controllers/users_controller.rb
View File

@@ -3,7 +3,8 @@
class UsersController < ApplicationController
prepend_before_action :current_user, only: :exhibit
before_action :authenticate_user!, except: [:accept, :exhibit]
respond_to :html, :xml
clear_respond_to
respond_to :html, :json
def index
user_session[:cart] = "Cart"

12
test/routes_test.rb
View File

@@ -209,7 +209,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in', method: :get})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in.xml', method: :get})
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in.json', method: :get})
end
end
@@ -219,7 +219,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/password', method: :post})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/password.xml', method: :post})
assert_recognizes(expected_params, {path: '/htmlonly_admin/password.json', method: :post})
end
end
@@ -229,7 +229,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up', method: :get})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up.xml', method: :get})
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up.json', method: :get})
end
end
@@ -239,7 +239,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation', method: :get})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation.xml', method: :get})
assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation.json', method: :get})
end
end
@@ -249,12 +249,12 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_users/unlock', method: :get})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_users/unlock.xml', method: :get})
assert_recognizes(expected_params, {path: '/htmlonly_users/unlock.json', method: :get})
end
end
test 'map with format false is not permanent' do
assert_equal "/set.xml", @routes.url_helpers.set_path(:xml)
assert_equal "/set.json", @routes.url_helpers.set_path(:json)
end
test 'checks if mapping has proper configuration for omniauth callback' do

6
test/test/controller_helpers_test.rb
View File

@@ -101,12 +101,12 @@ class TestControllerHelpersTest < Devise::ControllerTestCase
end
test "returns the content type of a failure app" do
get :index, params: { format: :xml }
get :index, params: { format: :json }
if Devise::Test.rails6?
assert_includes response.media_type, 'application/xml'
assert_includes response.media_type, 'application/json'
else
assert_includes response.content_type, 'application/xml'
assert_includes response.content_type, 'application/json'
end
end