kotovalexarian-likes-github
/
heartcombo--devise
mirror of https://github.com/heartcombo/devise.git
1
0
Fork 0
Code Releases Activity

Replace XML with JSON serialization across the test suite 

This allows us to remove the dependency on the XML serializer provided
by the external `activemodel-serializers-xml` gem, and eliminates the
following deprecation warning:

    DEPRECATION WARNING: ActiveModel::Errors#to_xml is deprecated and
    will be removed in Rails 6.2.

Please note: this does not mean Devise doesn't support XML, it simply
means our test suite will use JSON to test non-navigatable formats
instead of XML, for simplicity. Devise's job is not to test object
serialization, so as long as your objects properly serialize to
XML/JSON/any other format, it should work out of the box.
This commit is contained in:
Carlos Antonio da Silva 2021-02-10 17:17:29 -03:00
parent ad91686b62
commit a793472a3e
18 changed files with 104 additions and 187 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile
View File

@ -9,8 +9,6 @@ gem "omniauth"
gem "omniauth-oauth2" gem "omniauth-oauth2"
gem "rdoc" gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing", github: "rails/rails-controller-testing" gem "rails-controller-testing", github: "rails/rails-controller-testing"
gem "responders", "~> 3.0" gem "responders", "~> 3.0"

10
Gemfile.lock
View File

@ -1,12 +1,3 @@
GIT
remote: https://github.com/rails/activemodel-serializers-xml.git
revision: 694f4071c6b16e4c8597cc323c241b5f787b3ea8
specs:
activemodel-serializers-xml (1.0.2)
activemodel (>= 5.0.0.a)
activesupport (>= 5.0.0.a)
builder (~> 3.1)
GIT GIT
remote: https://github.com/rails/rails-controller-testing.git remote: https://github.com/rails/rails-controller-testing.git
revision: 4b15c86e82ee380f2a7cc009e470368f7520560a revision: 4b15c86e82ee380f2a7cc009e470368f7520560a
@ -213,7 +204,6 @@ PLATFORMS
ruby ruby
DEPENDENCIES DEPENDENCIES
activemodel-serializers-xml!
devise! devise!
mocha (~> 1.1) mocha (~> 1.1)
omniauth omniauth

2
gemfiles/Gemfile-rails-5-0
View File

@ -9,8 +9,6 @@ gem "omniauth"
gem "omniauth-oauth2" gem "omniauth-oauth2"
gem "rdoc" gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing" gem "rails-controller-testing"
gem "responders", "~> 2.1" gem "responders", "~> 2.1"

2
gemfiles/Gemfile-rails-5-1
View File

@ -7,8 +7,6 @@ gem "omniauth"
gem "omniauth-oauth2" gem "omniauth-oauth2"
gem "rdoc" gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing" gem "rails-controller-testing"
gem "responders", "~> 2.1" gem "responders", "~> 2.1"

2
gemfiles/Gemfile-rails-5-2
View File

@ -7,8 +7,6 @@ gem "omniauth"
gem "omniauth-oauth2" gem "omniauth-oauth2"
gem "rdoc" gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing" gem "rails-controller-testing"
gem "responders", "~> 2.1" gem "responders", "~> 2.1"

2
gemfiles/Gemfile-rails-6-0
View File

@ -7,8 +7,6 @@ gem "omniauth"
gem "omniauth-oauth2" gem "omniauth-oauth2"
gem "rdoc" gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing", github: "rails/rails-controller-testing" gem "rails-controller-testing", github: "rails/rails-controller-testing"
gem "responders", "~> 3.0" gem "responders", "~> 3.0"

10
test/failure_app_test.rb
View File

@ -220,8 +220,8 @@ class FailureTest < ActiveSupport::TestCase
end end
test 'works for any navigational format' do test 'works for any navigational format' do
swap Devise, navigational_formats: [:xml] do swap Devise, navigational_formats: [:json] do
call_failure('formats' => Mime[:xml]) call_failure('formats' => Mime[:json])
assert_equal 302, @response.first assert_equal 302, @response.first
end end
end end
@ -236,7 +236,7 @@ class FailureTest < ActiveSupport::TestCase
context 'For HTTP request' do context 'For HTTP request' do
test 'return 401 status' do test 'return 401 status' do
call_failure('formats' => Mime[:xml]) call_failure('formats' => Mime[:json])
assert_equal 401, @response.first assert_equal 401, @response.first
end end
@ -258,13 +258,13 @@ class FailureTest < ActiveSupport::TestCase
end end
test 'return WWW-authenticate headers if model allows' do test 'return WWW-authenticate headers if model allows' do
call_failure('formats' => Mime[:xml]) call_failure('formats' => Mime[:json])
assert_equal 'Basic realm="Application"', @response.second["WWW-Authenticate"] assert_equal 'Basic realm="Application"', @response.second["WWW-Authenticate"]
end end
test 'does not return WWW-authenticate headers if model does not allow' do test 'does not return WWW-authenticate headers if model does not allow' do
swap Devise, http_authenticatable: false do swap Devise, http_authenticatable: false do
call_failure('formats' => Mime[:xml]) call_failure('formats' => Mime[:json])
assert_nil @response.second["WWW-Authenticate"] assert_nil @response.second["WWW-Authenticate"]
end end
end end

33
test/integration/authenticatable_test.rb
View File

@ -462,14 +462,6 @@ class AuthenticationOthersTest < Devise::IntegrationTest
end end
end end
test 'sign in stub in xml format' do
get new_user_session_path(format: 'xml')
assert_match '<?xml version="1.0" encoding="UTF-8"?>', response.body
assert_match %r{<user>.*</user>}m, response.body
assert_match '<email></email>', response.body
assert_match '<password nil="true"', response.body
end
test 'sign in stub in json format' do test 'sign in stub in json format' do
get new_user_session_path(format: 'json') get new_user_session_path(format: 'json')
assert_match '{"user":{', response.body assert_match '{"user":{', response.body
@ -492,27 +484,27 @@ class AuthenticationOthersTest < Devise::IntegrationTest
refute warden.authenticated?(:admin) refute warden.authenticated?(:admin)
end end
test 'sign in with xml format returns xml response' do test 'sign in with json format returns json response' do
create_user create_user
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} } post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>) assert_includes response.body, '{"user":{'
end end
test 'sign in with xml format is idempotent' do test 'sign in with json format is idempotent' do
get new_user_session_path(format: 'xml') get new_user_session_path(format: 'json')
assert_response :success assert_response :success
create_user create_user
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} } post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success assert_response :success
get new_user_session_path(format: 'xml') get new_user_session_path(format: 'json')
assert_response :success assert_response :success
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} } post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>) assert_includes response.body, '{"user":{'
end end
test 'sign out with html redirects' do test 'sign out with html redirects' do
@ -527,13 +519,6 @@ class AuthenticationOthersTest < Devise::IntegrationTest
assert_current_url '/' assert_current_url '/'
end end
test 'sign out with xml format returns no content' do
sign_in_as_user
delete destroy_user_session_path(format: 'xml')
assert_response :no_content
refute warden.authenticated?(:user)
end
test 'sign out with json format returns no content' do test 'sign out with json format returns no content' do
sign_in_as_user sign_in_as_user
delete destroy_user_session_path(format: 'json') delete destroy_user_session_path(format: 'json')

54
test/integration/confirmable_test.rb
View File

@ -214,42 +214,34 @@ class ConfirmationTest < Devise::IntegrationTest
end end
end end
test 'resent confirmation token with valid E-Mail in XML format should return valid response' do test 'resent confirmation token with valid e-mail in JSON format should return empty and valid response' do
user = create_user(confirm: false) user = create_user(confirm: false)
post user_confirmation_path(format: 'xml'), params: { user: { email: user.email } } post user_confirmation_path(format: 'json'), params: { user: { email: user.email } }
assert_response :success
assert_equal({}.to_xml, response.body)
end
test 'resent confirmation token with invalid E-Mail in XML format should return invalid response' do
create_user(confirm: false)
post user_confirmation_path(format: 'xml'), params: { user: { email: 'invalid.test@test.com' } }
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test 'confirm account with valid confirmation token in XML format should return valid response' do
user = create_user(confirm: false)
get user_confirmation_path(confirmation_token: user.raw_confirmation_token, format: 'xml')
assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
end
test 'confirm account with invalid confirmation token in XML format should return invalid response' do
create_user(confirm: false)
get user_confirmation_path(confirmation_token: 'invalid_confirmation', format: 'xml')
assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test 'request an account confirmation account with JSON, should return an empty JSON' do
user = create_user(confirm: false)
post user_confirmation_path, params: { user: { email: user.email }, format: :json }
assert_response :success assert_response :success
assert_equal({}.to_json, response.body) assert_equal({}.to_json, response.body)
end end
test 'resent confirmation token with invalid e-mail in JSON format should return invalid response' do
create_user(confirm: false)
post user_confirmation_path(format: 'json'), params: { user: { email: 'invalid.test@test.com' } }
assert_response :unprocessable_entity
assert_includes response.body, '{"errors":{'
end
test 'confirm account with valid confirmation token in JSON format should return valid response' do
user = create_user(confirm: false)
get user_confirmation_path(confirmation_token: user.raw_confirmation_token, format: 'json')
assert_response :success
assert_includes response.body, '{"user":{'
end
test 'confirm account with invalid confirmation token in JSON format should return invalid response' do
create_user(confirm: false)
get user_confirmation_path(confirmation_token: 'invalid_confirmation', format: 'json')
assert_response :unprocessable_entity
assert_includes response.body, '{"confirmation_token":['
end
test "when in paranoid mode and with a valid e-mail, should not say that the e-mail is valid" do test "when in paranoid mode and with a valid e-mail, should not say that the e-mail is valid" do
swap Devise, paranoid: true do swap Devise, paranoid: true do
user = create_user(confirm: false) user = create_user(confirm: false)

23
test/integration/http_authenticatable_test.rb
View File

@ -22,10 +22,10 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, skip_session_storage: [] do swap Devise, skip_session_storage: [] do
sign_in_as_new_user_with_http sign_in_as_new_user_with_http
assert_response 200 assert_response 200
assert_match '<email>user@test.com</email>', response.body assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user) assert warden.authenticated?(:user)
get users_path(format: :xml) get users_path(format: :json)
assert_response 200 assert_response 200
end end
end end
@ -34,10 +34,10 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, skip_session_storage: [:http_auth] do swap Devise, skip_session_storage: [:http_auth] do
sign_in_as_new_user_with_http sign_in_as_new_user_with_http
assert_response 200 assert_response 200
assert_match '<email>user@test.com</email>', response.body assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user) assert warden.authenticated?(:user)
get users_path(format: :xml) get users_path(format: :json)
assert_response 401 assert_response 401
end end
end end
@ -51,8 +51,8 @@ class HttpAuthenticationTest < Devise::IntegrationTest
test 'uses the request format as response content type' do test 'uses the request format as response content type' do
sign_in_as_new_user_with_http("unknown") sign_in_as_new_user_with_http("unknown")
assert_equal 401, status assert_equal 401, status
assert_equal "application/xml; charset=utf-8", headers["Content-Type"] assert_equal "application/json; charset=utf-8", headers["Content-Type"]
assert_match "<error>Invalid Email or password.</error>", response.body assert_match '"error":"Invalid Email or password."', response.body
end end
test 'returns a custom response with www-authenticate and chosen realm' do test 'returns a custom response with www-authenticate and chosen realm' do
@ -67,7 +67,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: [:username] do swap Devise, authentication_keys: [:username] do
sign_in_as_new_user_with_http("usertest") sign_in_as_new_user_with_http("usertest")
assert_response :success assert_response :success
assert_match '<email>user@test.com</email>', response.body assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user) assert warden.authenticated?(:user)
end end
end end
@ -76,7 +76,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: { username: false, email: false } do swap Devise, authentication_keys: { username: false, email: false } do
sign_in_as_new_user_with_http("usertest") sign_in_as_new_user_with_http("usertest")
assert_response :success assert_response :success
assert_match '<email>user@test.com</email>', response.body assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user) assert warden.authenticated?(:user)
end end
end end
@ -85,7 +85,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: { email: false, username: false }, http_authentication_key: :username do swap Devise, authentication_keys: { email: false, username: false }, http_authentication_key: :username do
sign_in_as_new_user_with_http("usertest") sign_in_as_new_user_with_http("usertest")
assert_response :success assert_response :success
assert_match '<email>user@test.com</email>', response.body assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user) assert warden.authenticated?(:user)
end end
end end
@ -101,14 +101,13 @@ class HttpAuthenticationTest < Devise::IntegrationTest
private private
def sign_in_as_new_user_with_http(username = "user@test.com", password = "12345678") def sign_in_as_new_user_with_http(username = "user@test.com", password = "12345678")
user = create_user user = create_user
get users_path(format: :xml), headers: { "HTTP_AUTHORIZATION" => "Basic #{Base64.encode64("#{username}:#{password}")}" } get users_path(format: :json), headers: { "HTTP_AUTHORIZATION" => "Basic #{Base64.encode64("#{username}:#{password}")}" }
user user
end end
# Sign in with oauth2 token. This is just to test that it isn't misinterpreted as basic authentication # Sign in with oauth2 token. This is just to test that it isn't misinterpreted as basic authentication
def add_oauth2_header def add_oauth2_header
user = create_user user = create_user
get users_path(format: :xml), headers: { "HTTP_AUTHORIZATION" => "OAuth #{Base64.encode64("#{user.email}:12345678")}" } get users_path(format: :json), headers: { "HTTP_AUTHORIZATION" => "OAuth #{Base64.encode64("#{user.email}:12345678")}" }
end end
end end

31
test/integration/lockable_test.rb
View File

@ -130,46 +130,39 @@ class LockTest < Devise::IntegrationTest
end end
end end
test 'user should be able to request a new unlock token via XML request' do test 'user should be able to request a new unlock token via JSON request and should return empty and valid response' do
user = create_user(locked: true) user = create_user(locked: true)
ActionMailer::Base.deliveries.clear ActionMailer::Base.deliveries.clear
post user_unlock_path(format: 'xml'), params: { user: {email: user.email} } post user_unlock_path(format: 'json'), params: { user: {email: user.email} }
assert_response :success assert_response :success
assert_equal({}.to_xml, response.body) assert_equal({}.to_json, response.body)
assert_equal 1, ActionMailer::Base.deliveries.size assert_equal 1, ActionMailer::Base.deliveries.size
end end
test 'unlocked user should not be able to request a unlock token via XML request' do test 'unlocked user should not be able to request a unlock token via JSON request' do
user = create_user(locked: false) user = create_user(locked: false)
ActionMailer::Base.deliveries.clear ActionMailer::Base.deliveries.clear
post user_unlock_path(format: 'xml'), params: { user: {email: user.email} } post user_unlock_path(format: 'json'), params: { user: {email: user.email} }
assert_response :unprocessable_entity assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>) assert_includes response.body, '{"errors":{'
assert_equal 0, ActionMailer::Base.deliveries.size assert_equal 0, ActionMailer::Base.deliveries.size
end end
test 'user with valid unlock token should be able to unlock account via XML request' do test 'user with valid unlock token should be able to unlock account via JSON request' do
user = create_user() user = create_user()
raw = user.lock_access! raw = user.lock_access!
assert user.access_locked? assert user.access_locked?
get user_unlock_path(format: 'xml', unlock_token: raw) get user_unlock_path(format: 'json', unlock_token: raw)
assert_response :success assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>) assert_includes response.body, '{"user":{'
end end
test 'user with invalid unlock token should not be able to unlock the account via XML request' do test 'user with invalid unlock token should not be able to unlock the account via JSON request' do
get user_unlock_path(format: 'xml', unlock_token: 'invalid_token') get user_unlock_path(format: 'json', unlock_token: 'invalid_token')
assert_response :unprocessable_entity assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>) assert_includes response.body, '{"unlock_token":['
end
test "when using json to ask a unlock request, should not return the user" do
user = create_user(locked: true)
post user_unlock_path(format: "json", user: {email: user.email})
assert_response :success
assert_equal({}.to_json, response.body)
end end
test "in paranoid mode, when trying to unlock a user that exists it should not say that it exists if it is locked" do test "in paranoid mode, when trying to unlock a user that exists it should not say that it exists if it is locked" do

46
test/integration/recoverable_test.rb
View File

@ -261,63 +261,53 @@ class PasswordTest < Devise::IntegrationTest
end end
end end
test 'reset password request with valid E-Mail in XML format should return valid response' do test 'reset password request with valid e-mail in JSON format should return empty and valid response' do
create_user create_user
post user_password_path(format: 'xml'), params: { user: {email: "user@test.com"} } post user_password_path(format: 'json'), params: { user: {email: "user@test.com"} }
assert_response :success assert_response :success
assert_equal({}.to_xml, response.body) assert_equal({}.to_json, response.body)
end end
test 'reset password request with invalid E-Mail in XML format should return valid response' do test 'reset password request with invalid e-mail in JSON format should return valid response' do
create_user create_user
post user_password_path(format: 'xml'), params: { user: {email: "invalid.test@test.com"} } post user_password_path(format: 'json'), params: { user: {email: "invalid.test@test.com"} }
assert_response :unprocessable_entity assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>) assert_includes response.body, '{"errors":{'
end end
test 'reset password request with invalid E-Mail in XML format should return empty and valid response' do test 'reset password request with invalid e-mail in JSON format should return empty and valid response in paranoid mode' do
swap Devise, paranoid: true do swap Devise, paranoid: true do
create_user create_user
post user_password_path(format: 'xml'), params: { user: {email: "invalid@test.com"} } post user_password_path(format: 'json'), params: { user: {email: "invalid@test.com"} }
assert_response :success assert_response :success
assert_equal({}.to_xml, response.body) assert_equal({}.to_json, response.body)
end end
end end
test 'change password with valid parameters in XML format should return valid response' do test 'change password with valid parameters in JSON format should return valid response' do
create_user create_user
request_forgot_password request_forgot_password
put user_password_path(format: 'xml'), params: { user: { put user_password_path(format: 'json'), params: { user: {
reset_password_token: 'abcdef', password: '987654321', password_confirmation: '987654321' reset_password_token: 'abcdef', password: '987654321', password_confirmation: '987654321'
} } }
}
assert_response :success assert_response :success
assert warden.authenticated?(:user) assert warden.authenticated?(:user)
end end
test 'change password with invalid token in XML format should return invalid response' do test 'change password with invalid token in JSON format should return invalid response' do
create_user create_user
request_forgot_password request_forgot_password
put user_password_path(format: 'xml'), params: { user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'} } put user_password_path(format: 'json'), params: { user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'} }
assert_response :unprocessable_entity assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>) assert_includes response.body, '{"errors":{'
end end
test 'change password with invalid new password in XML format should return invalid response' do test 'change password with invalid new password in JSON format should return invalid response' do
user = create_user user = create_user
request_forgot_password request_forgot_password
put user_password_path(format: 'xml'), params: { user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'} } put user_password_path(format: 'json'), params: { user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'} }
assert_response :unprocessable_entity assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>) assert_includes response.body, '{"errors":{'
end
test "when using json requests to ask a confirmable request, should not return the object" do
user = create_user(confirm: false)
post user_password_path(format: :json), params: { user: { email: user.email } }
assert_response :success
assert_equal "{}", response.body
end end
test "when in paranoid mode and with an invalid e-mail, asking to reset a password should display a message that does not indicates that the e-mail does not exists in the database" do test "when in paranoid mode and with an invalid e-mail, asking to reset a password should display a message that does not indicates that the e-mail does not exists in the database" do

37
test/integration/registerable_test.rb
View File

@ -283,13 +283,6 @@ class RegistrationTest < Devise::IntegrationTest
assert_redirected_to new_user_registration_path assert_redirected_to new_user_registration_path
end end
test 'a user with XML sign up stub' do
get new_user_registration_path(format: 'xml')
assert_response :success
assert_match %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>), response.body
assert_no_match(/<confirmation-token/, response.body)
end
test 'a user with JSON sign up stub' do test 'a user with JSON sign up stub' do
get new_user_registration_path(format: 'json') get new_user_registration_path(format: 'json')
assert_response :success assert_response :success
@ -297,47 +290,47 @@ class RegistrationTest < Devise::IntegrationTest
assert_no_match(/"confirmation_token"/, response.body) assert_no_match(/"confirmation_token"/, response.body)
end end
test 'an admin sign up with valid information in XML format should return valid response' do test 'an admin sign up with valid information in JSON format should return valid response' do
post admin_registration_path(format: 'xml'), params: { admin: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } } post admin_registration_path(format: 'json'), params: { admin: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
assert_response :success assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<admin>) assert_includes response.body, '{"admin":{'
admin = Admin.to_adapter.find_first(order: [:id, :desc]) admin = Admin.to_adapter.find_first(order: [:id, :desc])
assert_equal 'new_user@test.com', admin.email assert_equal 'new_user@test.com', admin.email
end end
test 'a user sign up with valid information in XML format should return valid response' do test 'a user sign up with valid information in JSON format should return valid response' do
post user_registration_path(format: 'xml'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } } post user_registration_path(format: 'json'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
assert_response :success assert_response :success
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>) assert_includes response.body, '{"user":{'
user = User.to_adapter.find_first(order: [:id, :desc]) user = User.to_adapter.find_first(order: [:id, :desc])
assert_equal 'new_user@test.com', user.email assert_equal 'new_user@test.com', user.email
end end
test 'a user sign up with invalid information in XML format should return invalid response' do test 'a user sign up with invalid information in JSON format should return invalid response' do
post user_registration_path(format: 'xml'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'invalid' } } post user_registration_path(format: 'json'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'invalid' } }
assert_response :unprocessable_entity assert_response :unprocessable_entity
assert_includes response.body, %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>) assert_includes response.body, '{"errors":{'
end end
test 'a user update information with valid data in XML format should return valid response' do test 'a user update information with valid data in JSON format should return valid response' do
user = sign_in_as_user user = sign_in_as_user
put user_registration_path(format: 'xml'), params: { user: { current_password: '12345678', email: 'user.new@test.com' } } put user_registration_path(format: 'json'), params: { user: { current_password: '12345678', email: 'user.new@test.com' } }
assert_response :success assert_response :success
assert_equal 'user.new@test.com', user.reload.email assert_equal 'user.new@test.com', user.reload.email
end end
test 'a user update information with invalid data in XML format should return invalid response' do test 'a user update information with invalid data in JSON format should return invalid response' do
user = sign_in_as_user user = sign_in_as_user
put user_registration_path(format: 'xml'), params: { user: { current_password: 'invalid', email: 'user.new@test.com' } } put user_registration_path(format: 'json'), params: { user: { current_password: 'invalid', email: 'user.new@test.com' } }
assert_response :unprocessable_entity assert_response :unprocessable_entity
assert_equal 'user@test.com', user.reload.email assert_equal 'user@test.com', user.reload.email
end end
test 'a user cancel their account in XML format should return valid response' do test 'a user cancel their account in JSON format should return valid response' do
sign_in_as_user sign_in_as_user
delete user_registration_path(format: 'xml') delete user_registration_path(format: 'json')
assert_response :success assert_response :success
assert_equal 0, User.to_adapter.find_all.size assert_equal 0, User.to_adapter.find_all.size
end end

15
test/models/serializable_test.rb
View File

@ -7,21 +7,6 @@ class SerializableTest < ActiveSupport::TestCase
@user = create_user @user = create_user
end end
test 'should not include unsafe keys on XML' do
assert_match(/email/, @user.to_xml)
assert_no_match(/confirmation-token/, @user.to_xml)
end
test 'should not include unsafe keys on XML even if a new except is provided' do
assert_no_match(/email/, @user.to_xml(except: :email))
assert_no_match(/confirmation-token/, @user.to_xml(except: :email))
end
test 'should include unsafe keys on XML if a force_except is provided' do
assert_no_match(/<email/, @user.to_xml(force_except: :email))
assert_match(/confirmation-token/, @user.to_xml(force_except: :email))
end
test 'should not include unsafe keys on JSON' do test 'should not include unsafe keys on JSON' do
keys = from_json().keys.select{ |key| !key.include?("id") } keys = from_json().keys.select{ |key| !key.include?("id") }
assert_equal %w(created_at email facebook_token updated_at username), keys.sort assert_equal %w(created_at email facebook_token updated_at username), keys.sort

1
test/rails_app/app/active_record/user.rb
View File

@ -5,7 +5,6 @@ require 'shared_user'
class User < ActiveRecord::Base class User < ActiveRecord::Base
include Shim include Shim
include SharedUser include SharedUser
include ActiveModel::Serializers::Xml if Devise::Test.rails5_and_up?
validates :sign_in_count, presence: true validates :sign_in_count, presence: true

3
test/rails_app/app/controllers/users_controller.rb
View File

@ -3,7 +3,8 @@
class UsersController < ApplicationController class UsersController < ApplicationController
prepend_before_action :current_user, only: :exhibit prepend_before_action :current_user, only: :exhibit
before_action :authenticate_user!, except: [:accept, :exhibit] before_action :authenticate_user!, except: [:accept, :exhibit]
respond_to :html, :xml clear_respond_to
respond_to :html, :json
def index def index
user_session[:cart] = "Cart" user_session[:cart] = "Cart"

12
test/routes_test.rb
View File

@ -209,7 +209,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in', method: :get}) assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in', method: :get})
assert_raise ExpectedRoutingError do assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in.xml', method: :get}) assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in.json', method: :get})
end end
end end
@ -219,7 +219,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/password', method: :post}) assert_recognizes(expected_params, {path: '/htmlonly_admin/password', method: :post})
assert_raise ExpectedRoutingError do assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/password.xml', method: :post}) assert_recognizes(expected_params, {path: '/htmlonly_admin/password.json', method: :post})
end end
end end
@ -229,7 +229,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up', method: :get}) assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up', method: :get})
assert_raise ExpectedRoutingError do assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up.xml', method: :get}) assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up.json', method: :get})
end end
end end
@ -239,7 +239,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation', method: :get}) assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation', method: :get})
assert_raise ExpectedRoutingError do assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation.xml', method: :get}) assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation.json', method: :get})
end end
end end
@ -249,12 +249,12 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_users/unlock', method: :get}) assert_recognizes(expected_params, {path: '/htmlonly_users/unlock', method: :get})
assert_raise ExpectedRoutingError do assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_users/unlock.xml', method: :get}) assert_recognizes(expected_params, {path: '/htmlonly_users/unlock.json', method: :get})
end end
end end
test 'map with format false is not permanent' do test 'map with format false is not permanent' do
assert_equal "/set.xml", @routes.url_helpers.set_path(:xml) assert_equal "/set.json", @routes.url_helpers.set_path(:json)
end end
test 'checks if mapping has proper configuration for omniauth callback' do test 'checks if mapping has proper configuration for omniauth callback' do

6
test/test/controller_helpers_test.rb
View File

@ -101,12 +101,12 @@ class TestControllerHelpersTest < Devise::ControllerTestCase
end end
test "returns the content type of a failure app" do test "returns the content type of a failure app" do
get :index, params: { format: :xml } get :index, params: { format: :json }
if Devise::Test.rails6? if Devise::Test.rails6?
assert_includes response.media_type, 'application/xml' assert_includes response.media_type, 'application/json'
else else
assert_includes response.content_type, 'application/xml' assert_includes response.content_type, 'application/json'
end end
end end