From 17e85aa79dcbf3293e10a6e2346856c450e033e7 Mon Sep 17 00:00:00 2001
From: Kramer Campbell <kramer@kramerc.com>
Date: Wed, 22 May 2013 19:48:06 -0700
Subject: [PATCH] Avoid sending confirmations to blank emails.

At times, validations may be skipped and no email address may be
provided. Such an instance comes when testing uniqueness validations of
specific attributes in a Devise model with confirmable, especially when
using Shoulda matchers.
---
 lib/devise/models/confirmable.rb |  6 +++---
 test/models/confirmable_test.rb  | 17 +++++++++++++++++
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/lib/devise/models/confirmable.rb b/lib/devise/models/confirmable.rb
index 2c10ab08..e4412c39 100644
--- a/lib/devise/models/confirmable.rb
+++ b/lib/devise/models/confirmable.rb
@@ -227,17 +227,17 @@ module Devise
         end
 
         def postpone_email_change?
-          postpone = self.class.reconfirmable && email_changed? && !@bypass_postpone
+          postpone = self.class.reconfirmable && email_changed? && !@bypass_postpone && !self.email.blank?
           @bypass_postpone = false
           postpone
         end
 
         def reconfirmation_required?
-          self.class.reconfirmable && @reconfirmation_required
+          self.class.reconfirmable && @reconfirmation_required && !self.email.blank?
         end
 
         def send_confirmation_notification?
-          confirmation_required? && !@skip_confirmation_notification
+          confirmation_required? && !@skip_confirmation_notification && !self.email.blank?
         end
 
       module ClassMethods
diff --git a/test/models/confirmable_test.rb b/test/models/confirmable_test.rb
index 51e8fee2..4c6c9f04 100644
--- a/test/models/confirmable_test.rb
+++ b/test/models/confirmable_test.rb
@@ -114,6 +114,14 @@ class ConfirmableTest < ActiveSupport::TestCase
     end
   end
 
+  test 'should not send confirmation when no email is provided' do
+    assert_email_not_sent do
+      user = new_user
+      user.email = ''
+      user.save(:validate => false)
+    end
+  end
+
   test 'should find a user to send confirmation instructions' do
     user = create_user
     confirmation_user = User.send_confirmation_instructions(:email => user.email)
@@ -337,6 +345,15 @@ class ReconfirmableTest < ActiveSupport::TestCase
     end
   end
 
+  test 'should not send confirmation by email after changing to a blank email' do
+    admin = create_admin
+    assert admin.confirm!
+    assert_email_not_sent do
+      admin.email = ''
+      admin.save(:validate => false)
+    end
+  end
+
   test 'should stay confirmed when email is changed' do
     admin = create_admin
     assert admin.confirm!