kotovalexarian-likes-github/heartcombo--devise
1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00
Code Releases Activity

Unit test for Lockable#unauthenticated_message not leaking account existence

Browse source 
This is another failing test for #1994, a unit test for Lockable. Lockable's
#uanauthenticated_message should not return :locked if paranoid mode is on
and instead should return the generic :invalid response.
This commit is contained in:
Drew Ulmer 2012-10-25 16:51:02 -05:00
parent f79bb31ee6
commit 00e8841e93
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
test/models/lockable_test.rb
View file

@ -260,4 +260,14 @@ class LockableTest < ActiveSupport::TestCase
end
end
end
test 'should not return a locked unauthenticated message if in paranoid mode' do
swap Devise, :paranoid => :true do
user = create_user
user.failed_attempts = Devise.maximum_attempts + 1
user.lock_access!
assert_equal :invalid, user.unauthenticated_message
end
end
end