mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
Change all paranoid settings to behave as success instead of as failure, closes #1375.
This commit is contained in:
parent
b98720d324
commit
2a5ad4664b
6 changed files with 17 additions and 29 deletions
|
@ -3,6 +3,7 @@
|
||||||
* bug fix
|
* bug fix
|
||||||
* Allow idempotent API requests
|
* Allow idempotent API requests
|
||||||
* Fix bug where logs did not show 401 as status code
|
* Fix bug where logs did not show 401 as status code
|
||||||
|
* Change paranoid settings to behave as success instead of as failure
|
||||||
|
|
||||||
* deprecation
|
* deprecation
|
||||||
* redirect_location is deprecated, please use after_sign_in_path_for
|
* redirect_location is deprecated, please use after_sign_in_path_for
|
||||||
|
|
|
@ -11,8 +11,7 @@ class Devise::ConfirmationsController < ApplicationController
|
||||||
def create
|
def create
|
||||||
self.resource = resource_class.send_confirmation_instructions(params[resource_name])
|
self.resource = resource_class.send_confirmation_instructions(params[resource_name])
|
||||||
|
|
||||||
if successful_and_sane?(resource)
|
if successfully_sent?(resource)
|
||||||
set_flash_message(:notice, :send_instructions) if is_navigational_format?
|
|
||||||
respond_with({}, :location => after_resending_confirmation_instructions_path_for(resource_name))
|
respond_with({}, :location => after_resending_confirmation_instructions_path_for(resource_name))
|
||||||
else
|
else
|
||||||
respond_with_navigational(resource){ render_with_scope :new }
|
respond_with_navigational(resource){ render_with_scope :new }
|
||||||
|
|
|
@ -12,8 +12,7 @@ class Devise::UnlocksController < ApplicationController
|
||||||
def create
|
def create
|
||||||
self.resource = resource_class.send_unlock_instructions(params[resource_name])
|
self.resource = resource_class.send_unlock_instructions(params[resource_name])
|
||||||
|
|
||||||
if successful_and_sane?(resource)
|
if successfully_sent?(resource)
|
||||||
set_flash_message :notice, :send_instructions if is_navigational_format?
|
|
||||||
respond_with({}, :location => new_session_path(resource_name))
|
respond_with({}, :location => new_session_path(resource_name))
|
||||||
else
|
else
|
||||||
respond_with_navigational(resource){ render_with_scope :new }
|
respond_with_navigational(resource){ render_with_scope :new }
|
||||||
|
|
|
@ -101,29 +101,20 @@ MESSAGE
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
# Helper for use to validate if an resource is errorless. If we are on paranoid mode, we always should assume it is
|
# Helper for use after calling send_*_instructions methods on a resource.
|
||||||
# and return false.
|
# If we are in paranoid mode, we always act as if the resource was valid
|
||||||
def successful_and_sane?(resource)
|
# and instructions were sent.
|
||||||
if Devise.paranoid
|
|
||||||
set_flash_message :notice, :send_paranoid_instructions if is_navigational_format?
|
|
||||||
resource.errors.clear
|
|
||||||
false
|
|
||||||
else
|
|
||||||
resource.errors.empty?
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
# Helper for use after calling send_*_instructions methods on a resource. If we are in paranoid mode, we always
|
|
||||||
# act as if the resource was valid and instructions were sent.
|
|
||||||
def successfully_sent?(resource)
|
def successfully_sent?(resource)
|
||||||
notice = if Devise.paranoid
|
notice = if Devise.paranoid
|
||||||
|
resource.errors.clear
|
||||||
:send_paranoid_instructions
|
:send_paranoid_instructions
|
||||||
elsif resource.errors.empty?
|
elsif resource.errors.empty?
|
||||||
:send_instructions
|
:send_instructions
|
||||||
end
|
end
|
||||||
|
|
||||||
notice.present?.tap do |success|
|
if notice
|
||||||
set_flash_message :notice, notice if success && is_navigational_format?
|
set_flash_message :notice, notice if is_navigational_format?
|
||||||
|
true
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -157,7 +157,7 @@ class ConfirmationTest < ActionController::IntegrationTest
|
||||||
click_button 'Resend confirmation instructions'
|
click_button 'Resend confirmation instructions'
|
||||||
|
|
||||||
assert_contain "If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes."
|
assert_contain "If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes."
|
||||||
assert_current_url "/users/confirmation"
|
assert_current_url "/users/sign_in"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -173,7 +173,7 @@ class ConfirmationTest < ActionController::IntegrationTest
|
||||||
assert_not_contain "Email not found"
|
assert_not_contain "Email not found"
|
||||||
|
|
||||||
assert_contain "If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes."
|
assert_contain "If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes."
|
||||||
assert_current_url "/users/confirmation"
|
assert_current_url "/users/sign_in"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -159,8 +159,7 @@ class LockTest < ActionController::IntegrationTest
|
||||||
fill_in 'email', :with => user.email
|
fill_in 'email', :with => user.email
|
||||||
click_button 'Resend unlock instructions'
|
click_button 'Resend unlock instructions'
|
||||||
|
|
||||||
assert_current_url "/users/unlock"
|
assert_current_url "/users/sign_in"
|
||||||
|
|
||||||
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -175,8 +174,7 @@ class LockTest < ActionController::IntegrationTest
|
||||||
fill_in 'email', :with => user.email
|
fill_in 'email', :with => user.email
|
||||||
click_button 'Resend unlock instructions'
|
click_button 'Resend unlock instructions'
|
||||||
|
|
||||||
assert_current_url "/users/unlock"
|
assert_current_url "/users/sign_in"
|
||||||
|
|
||||||
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -191,7 +189,7 @@ class LockTest < ActionController::IntegrationTest
|
||||||
|
|
||||||
assert_not_contain "1 error prohibited this user from being saved:"
|
assert_not_contain "1 error prohibited this user from being saved:"
|
||||||
assert_not_contain "Email not found"
|
assert_not_contain "Email not found"
|
||||||
assert_current_url "/users/unlock"
|
assert_current_url "/users/sign_in"
|
||||||
|
|
||||||
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue