Add support for non-navigational formats in UnlocksController

Signed-off-by: José Valim <jose.valim@gmail.com>
2022-11-09 12:18:31 -05:00 · 2011-01-16 19:20:19 +07:00 · 2011-01-16 19:20:19 +07:00 · 210bc6aa66
commit 210bc6aa66
parent 8170d5e340
2 changed files with 48 additions and 7 deletions
--- a/app/controllers/devise/unlocks_controller.rb
+++ b/app/controllers/devise/unlocks_controller.rb
@ -13,10 +13,12 @@ class Devise::UnlocksController < ApplicationController
    self.resource = resource_class.send_unlock_instructions(params[resource_name])

    if resource.errors.empty?
-      set_flash_message :notice, :send_instructions
-      redirect_to new_session_path(resource_name)
+      set_flash_message :notice, :send_instructions if is_navigational_format?
+      respond_with resource, :location => new_session_path(resource_name)
    else
-      render_with_scope :new
+      respond_with(resource) do |format|
+        format.any(*navigational_formats) { render_with_scope :new }
+      end
    end
  end

@ -25,10 +27,15 @@ class Devise::UnlocksController < ApplicationController
    self.resource = resource_class.unlock_access_by_token(params[:unlock_token])

    if resource.errors.empty?
-      set_flash_message :notice, :unlocked
-      sign_in_and_redirect(resource_name, resource)
+      set_flash_message :notice, :unlocked if is_navigational_format?
+      sign_in(resource_name, resource)
+      respond_with(resource) do |format|
+        format.any(*navigational_formats) { redirect_to redirect_location(resource_name, resource) }
+      end
    else
-      render_with_scope :new
+      respond_with(resource.errors, :status => :unprocessable_entity) do |format|
+        format.any(*navigational_formats) { render_with_scope :new }
+      end
    end
  end
 end
--- a/test/integration/lockable_test.rb
+++ b/test/integration/lockable_test.rb
@ -1,7 +1,7 @@
 require 'test_helper'

 class LockTest < ActionController::IntegrationTest
-  
+
  def visit_user_unlock_with_token(unlock_token)
    visit user_unlock_path(:unlock_token => unlock_token)
  end
@ -106,4 +106,38 @@ class LockTest < ActionController::IntegrationTest
    end
  end

+  test 'user should be able to request a new unlock token via XML request' do
+    user = create_user(:locked => true)
+    ActionMailer::Base.deliveries.clear
+
+    post user_unlock_path(:format => 'xml'), :user => {:email => user.email}
+    assert_response :success
+    assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
+    assert_equal 1, ActionMailer::Base.deliveries.size
+  end
+
+  test 'unlocked user should not be able to request a unlock token via XML request' do
+    user = create_user(:locked => false)
+    ActionMailer::Base.deliveries.clear
+
+    post user_unlock_path(:format => 'xml'), :user => {:email => user.email}
+    assert_response :unprocessable_entity
+    assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
+    assert_equal 0, ActionMailer::Base.deliveries.size
+  end
+
+  test 'user with valid unlock token should be able to unlock account via XML request' do
+    user = create_user(:locked => true)
+    assert user.access_locked?
+    get user_unlock_path(:format => 'xml', :unlock_token => user.unlock_token)
+    assert_response :success
+    assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
+  end
+
+
+  test 'user with invalid unlock token should not be able to unlock the account via XML request' do
+    get user_unlock_path(:format => 'xml', :unlock_token => 'invalid_token')
+    assert_response :unprocessable_entity
+    assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
+  end
 end