Rework previous commit to clean up the instance variable dynamically.

2022-11-09 12:18:31 -05:00 · 2011-11-09 17:00:42 -02:00 · 2011-11-09 17:00:42 -02:00 · 16208f7ad7
commit 16208f7ad7
parent cc822e08aa
4 changed files with 9 additions and 24 deletions
--- a/CHANGELOG.rdoc
+++ b/CHANGELOG.rdoc
@ -11,12 +11,11 @@
  * Fix bug where logs did not show 401 as status code
  * Change paranoid settings to behave as success instead of as failure
  * Fix bug where activation messages were shown first than the credentials error message
-  * Be sure to expire cached devise data after sign in
+  * Instance variables are expired after sign out

 * deprecation
  * redirect_location is deprecated, please use after_sign_in_path_for
  * after_sign_in_path_for now redirects to session[scope_return_to] if any value is stored in it
-  * expire_session_data_after_sign_in! is deprecated in favor of expire_devise_cached_data!

 == 1.4.9

--- a/app/controllers/devise/registrations_controller.rb
+++ b/app/controllers/devise/registrations_controller.rb
@ -20,7 +20,7 @@ class Devise::RegistrationsController < ApplicationController
        respond_with resource, :location => after_sign_up_path_for(resource)
      else
        set_flash_message :notice, :inactive_signed_up, :reason => inactive_reason(resource) if is_navigational_format?
-        expire_devise_cached_data!
+        expire_session_data_after_sign_in!
        respond_with resource, :location => after_inactive_sign_up_path_for(resource)
      end
    else
@ -64,7 +64,7 @@ class Devise::RegistrationsController < ApplicationController
  # cancel oauth signing in/up in the middle of the process,
  # removing all OAuth session data.
  def cancel
-    expire_devise_cached_data!
+    expire_session_data_after_sign_in!
    redirect_to new_registration_path(resource_name)
  end

--- a/lib/devise/controllers/helpers.rb
+++ b/lib/devise/controllers/helpers.rb
@ -113,7 +113,7 @@ module Devise
        scope    = Devise::Mapping.find_scope!(resource_or_scope)
        resource = args.last || resource_or_scope

-        expire_devise_cached_data!
+        expire_session_data_after_sign_in!

        if options[:bypass]
          warden.session_serializer.store(resource, scope)
@ -139,7 +139,7 @@ module Devise
        warden.user(scope) # Without loading user here, before_logout hook is not called
        warden.raw_session.inspect # Without this inspect here. The session does not clear.
        warden.logout(scope)
-        @current_user = nil
+        instance_variable_set(:"@current_#{scope}", nil)
      end

      # Sign out all active users or scopes. This helper is useful for signing out all roles
@ -148,7 +148,7 @@ module Devise
        Devise.mappings.keys.each { |s| warden.user(s) }
        warden.raw_session.inspect
        warden.logout
-        @current_user = nil
+        expire_devise_cached_variables!
      end

      # Returns and delete the url stored in the session for the given scope. Useful
@ -229,8 +229,7 @@ module Devise
      end

      def expire_session_data_after_sign_in!
-        ActiveSupport::Deprecation.warn "expire_session_data_after_sign_in! is deprecated. Please use expire_devise_cached_data! instead which also clears up cached instance variables.", caller
-        expire_devise_cached_data!
+        session.keys.grep(/^devise\./).each { |k| session.delete(k) }
      end

      # Sign out a user and tries to redirect to the url specified by
@ -250,12 +249,6 @@ module Devise
        super # call the default behaviour which resets the session
      end

-      # A hook called to expire data after sign in.
-      def expire_devise_cached_data!
-        session.keys.grep(/^devise\./).each { |k| session.delete(k) }
-        expire_devise_cached_variables!
-      end
-
      private

      def expire_devise_cached_variables!
--- a/test/controllers/helpers_test.rb
+++ b/test/controllers/helpers_test.rb
@ -114,15 +114,6 @@ class ControllerAuthenticatableTest < ActionController::TestCase
    assert @controller.sign_in(user)
  end

-  test 'sign in clears up any signed in user' do
-    @controller.instance_variable_set(:@current_user, :example)
-    user = User.new
-    @mock_warden.expects(:user).returns(user)
-    @mock_warden.expects(:set_user).never
-    @controller.sign_in(user)
-    assert_equal nil, @controller.instance_variable_get(:@current_user)
-  end
-
  test 'sign in again when the user is already in only if force is given' do
    user = User.new
    @mock_warden.expects(:user).returns(user)
@ -142,8 +133,10 @@ class ControllerAuthenticatableTest < ActionController::TestCase
    @mock_warden.expects(:user).times(Devise.mappings.size)
    @mock_warden.expects(:logout).with().returns(true)
    @controller.instance_variable_set(:@current_user, user)
+    @controller.instance_variable_set(:@current_admin, user)
    @controller.sign_out
    assert_equal nil, @controller.instance_variable_get(:@current_user)
+    assert_equal nil, @controller.instance_variable_get(:@current_admin)
  end

  test 'sign out clears up any signed in user by scope' do