kotovalexarian-likes-github/heartcombo--devise
1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00
Code Releases Activity

Clean up lockable and class methods API.

Browse source
This commit is contained in:
José Valim 2010-03-10 16:13:54 +01:00
parent cd17099401
commit ac742e3271
12 changed files with 71 additions and 79 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/devise/confirmations_controller.rb
View file

@ -21,7 +21,7 @@ class Devise::ConfirmationsController < ApplicationController
# GET /resource/confirmation?confirmation_token=abcdef
def show
self.resource = resource_class.confirm!(:confirmation_token => params[:confirmation_token])
self.resource = resource_class.confirm_by_token(params[:confirmation_token])
if resource.errors.empty?
set_flash_message :notice, :confirmed

2
app/controllers/devise/passwords_controller.rb
View file

@ -30,7 +30,7 @@ class Devise::PasswordsController < ApplicationController
# PUT /resource/password
def update
self.resource = resource_class.reset_password!(params[resource_name])
self.resource = resource_class.reset_password_by_token(params[resource_name])
if resource.errors.empty?
set_flash_message :notice, :updated

2
app/controllers/devise/unlocks_controller.rb
View file

@ -21,7 +21,7 @@ class Devise::UnlocksController < ApplicationController
# GET /resource/unlock?unlock_token=abcdef
def show
self.resource = resource_class.unlock!(:unlock_token => params[:unlock_token])
self.resource = resource_class.unlock_access_by_token(params[:unlock_token])
if resource.errors.empty?
set_flash_message :notice, :unlocked

14
lib/devise/models/confirmable.rb
View file

@ -60,7 +60,7 @@ module Devise
# Remove confirmation date and send confirmation instructions, to ensure
# after sending these instructions the user won't be able to sign in without
# confirming it's account
def resend_confirmation!
def resend_confirmation_token
unless_confirmed do
generate_confirmation_token
save(:validate => false)
@ -78,11 +78,7 @@ module Devise
# The message to be shown if the account is inactive.
def inactive_message
if !confirmed?
:unconfirmed
else
super
end
!confirmed? ? :unconfirmed : super
end
# If you don't want confirmation to be sent on create, neither a code
@ -148,7 +144,7 @@ module Devise
# Options must contain the user email
def send_confirmation_instructions(attributes={})
confirmable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found)
confirmable.resend_confirmation! unless confirmable.new_record?
confirmable.resend_confirmation_token unless confirmable.new_record?
confirmable
end
@ -156,8 +152,8 @@ module Devise
# If no user is found, returns a new user with an error.
# If the user is already confirmed, create an error for the user
# Options must have the confirmation_token
def confirm!(attributes={})
confirmable = find_or_initialize_with_error_by(:confirmation_token, attributes[:confirmation_token])
def confirm_by_token(confirmation_token)
confirmable = find_or_initialize_with_error_by(:confirmation_token, confirmation_token)
confirmable.confirm! unless confirmable.new_record?
confirmable
end

42
lib/devise/models/lockable.rb
View file

@ -22,23 +22,20 @@ module Devise
include Devise::Models::Activatable
# Lock an user setting it's locked_at to actual time.
def lock
def lock_access!
self.locked_at = Time.now
if unlock_strategy_enabled?(:email)
generate_unlock_token
send_unlock_instructions
end
end
# Lock an user also saving the record.
def lock!
lock
save(:validate => false)
end
# Unlock an user by cleaning locket_at and failed_attempts.
def unlock!
if_locked do
def unlock_access!
if_access_locked do
self.locked_at = nil
self.failed_attempts = 0
self.unlock_token = nil
@ -47,7 +44,7 @@ module Devise
end
# Verifies whether a user is locked or not.
def locked?
def access_locked?
locked_at && !lock_expired?
end
@ -57,8 +54,8 @@ module Devise
end
# Resend the unlock instructions if the user is locked.
def resend_unlock!
if_locked do
def resend_unlock_token
if_access_locked do
generate_unlock_token unless unlock_token.present?
save(:validate => false)
send_unlock_instructions
@ -68,17 +65,13 @@ module Devise
# Overwrites active? from Devise::Models::Activatable for locking purposes
# by verifying whether an user is active to sign in or not based on locked?
def active?
super && !locked?
super && !access_locked?
end
# Overwrites invalid_message from Devise::Models::Authenticatable to define
# the correct reason for blocking the sign in.
def inactive_message
if locked?
:locked
else
super
end
access_locked? ? :locked : super
end
# Overwrites valid_for_authentication? from Devise::Models::Authenticatable
@ -89,7 +82,10 @@ module Devise
self.failed_attempts = 0
else
self.failed_attempts += 1
lock if failed_attempts > self.class.maximum_attempts
if failed_attempts > self.class.maximum_attempts
lock_access!
return false
end
end
save(:validate => false) if changed?
result
@ -113,8 +109,8 @@ module Devise
# Checks whether the record is locked or not, yielding to the block
# if it's locked, otherwise adds an error to email.
def if_locked
if locked?
def if_access_locked
if access_locked?
yield
else
self.errors.add(:email, :not_locked)
@ -134,7 +130,7 @@ module Devise
# Options must contain the user email
def send_unlock_instructions(attributes={})
lockable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found)
lockable.resend_unlock! unless lockable.new_record?
lockable.resend_unlock_token unless lockable.new_record?
lockable
end
@ -142,9 +138,9 @@ module Devise
# If no user is found, returns a new user with an error.
# If the user is not locked, creates an error for the user
# Options must have the unlock_token
def unlock!(attributes={})
lockable = find_or_initialize_with_error_by(:unlock_token, attributes[:unlock_token])
lockable.unlock! unless lockable.new_record?
def unlock_access_by_token(unlock_token)
lockable = find_or_initialize_with_error_by(:unlock_token, unlock_token)
lockable.unlock_access! unless lockable.new_record?
lockable
end

2
lib/devise/models/recoverable.rb
View file

@ -65,7 +65,7 @@ module Devise
# try saving the record. If not user is found, returns a new user
# containing an error in reset_password_token attribute.
# Attributes must contain reset_password_token, password and confirmation
def reset_password!(attributes={})
def reset_password_by_token(attributes={})
recoverable = find_or_initialize_with_error_by(:reset_password_token, attributes[:reset_password_token])
recoverable.reset_password!(attributes[:password], attributes[:password_confirmation]) unless recoverable.new_record?
recoverable

4
test/integration/lockable_test.rb
View file

@ -47,14 +47,14 @@ class LockTest < ActionController::IntegrationTest
test "locked user should be able to unlock account" do
user = create_user(:locked => true)
assert user.locked?
assert user.access_locked?
visit_user_unlock_with_token(user.unlock_token)
assert_template 'home/index'
assert_contain 'Your account was successfully unlocked.'
assert_not user.reload.locked?
assert_not user.reload.access_locked?
end
test "sign in user automatically after unlocking it's account" do

2
test/mailers/unlock_instructions_test.rb
View file

@ -10,7 +10,7 @@ class UnlockInstructionsTest < ActionMailer::TestCase
def user
@user ||= begin
user = create_user
user.lock!
user.lock_access!
user
end
end

12
test/models/confirmable_test.rb
View file

@ -15,7 +15,7 @@ class ConfirmableTest < ActiveSupport::TestCase
user = create_user
3.times do
token = user.confirmation_token
user.resend_confirmation!
user.resend_confirmation_token
assert_not_equal token, user.confirmation_token
end
end
@ -62,19 +62,19 @@ class ConfirmableTest < ActiveSupport::TestCase
test 'should find and confirm an user automatically' do
user = create_user
confirmed_user = User.confirm!(:confirmation_token => user.confirmation_token)
confirmed_user = User.confirm_by_token(user.confirmation_token)
assert_equal confirmed_user, user
assert user.reload.confirmed?
end
test 'should return a new record with errors when a invalid token is given' do
confirmed_user = User.confirm!(:confirmation_token => 'invalid_confirmation_token')
confirmed_user = User.confirm_by_token('invalid_confirmation_token')
assert confirmed_user.new_record?
assert_equal "is invalid", confirmed_user.errors[:confirmation_token].join
end
test 'should return a new record with errors when a blank token is given' do
confirmed_user = User.confirm!(:confirmation_token => '')
confirmed_user = User.confirm_by_token('')
assert confirmed_user.new_record?
assert_equal "can't be blank", confirmed_user.errors[:confirmation_token].join
end
@ -83,7 +83,7 @@ class ConfirmableTest < ActiveSupport::TestCase
user = create_user
user.confirmed_at = Time.now
user.save
confirmed_user = User.confirm!(:confirmation_token => user.confirmation_token)
confirmed_user = User.confirm_by_token(user.confirmation_token)
assert confirmed_user.confirmed?
assert_equal "was already confirmed", confirmed_user.errors[:email].join
end
@ -173,7 +173,7 @@ class ConfirmableTest < ActiveSupport::TestCase
test 'should not be able to send instructions if the user is already confirmed' do
user = create_user
user.confirm!
assert_not user.resend_confirmation!
assert_not user.resend_confirmation_token
assert user.confirmed?
assert_equal 'was already confirmed', user.errors[:email].join
end

58
test/models/lockable_test.rb
View file

@ -18,14 +18,14 @@ class LockableTest < ActiveSupport::TestCase
user = create_user
attempts = Devise.maximum_attempts + 1
attempts.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
assert user.reload.locked?
assert user.reload.access_locked?
end
test "should respect maximum attempts configuration" do
user = create_user
swap Devise, :maximum_attempts => 2 do
3.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
assert user.reload.locked?
assert user.reload.access_locked?
end
end
@ -39,26 +39,26 @@ class LockableTest < ActiveSupport::TestCase
test "should verify wheter a user is locked or not" do
user = create_user
assert_not user.locked?
user.lock!
assert user.locked?
assert_not user.access_locked?
user.lock_access!
assert user.access_locked?
end
test "active? should be the opposite of locked?" do
user = create_user
user.confirm!
assert user.active?
user.lock!
user.lock_access!
assert_not user.active?
end
test "should unlock an user by cleaning locked_at, falied_attempts and unlock_token" do
user = create_user
user.lock!
user.lock_access!
assert_not_nil user.reload.locked_at
assert_not_nil user.reload.unlock_token
user.unlock!
user.unlock_access!
assert_nil user.reload.locked_at
assert_nil user.reload.unlock_token
assert 0, user.reload.failed_attempts
@ -66,12 +66,12 @@ class LockableTest < ActiveSupport::TestCase
test 'should not unlock an unlocked user' do
user = create_user
assert_not user.unlock!
assert_not user.unlock_access!
assert_match "was not locked", user.errors[:email].join
end
test "new user should not be locked and should have zero failed_attempts" do
assert_not new_user.locked?
assert_not new_user.access_locked?
assert_equal 0, create_user.failed_attempts
end
@ -79,10 +79,10 @@ class LockableTest < ActiveSupport::TestCase
swap Devise, :unlock_in => 3.hours do
user = new_user
user.locked_at = 2.hours.ago
assert user.locked?
assert user.access_locked?
Devise.unlock_in = 1.hour
assert_not user.locked?
assert_not user.access_locked?
end
end
@ -90,14 +90,14 @@ class LockableTest < ActiveSupport::TestCase
swap Devise, :unlock_strategy => :email do
user = new_user
user.locked_at = 2.hours.ago
assert user.locked?
assert user.access_locked?
end
end
test "should set unlock_token when locking" do
user = create_user
assert_nil user.unlock_token
user.lock!
user.lock_access!
assert_not_nil user.unlock_token
end
@ -106,7 +106,7 @@ class LockableTest < ActiveSupport::TestCase
user.lock!
3.times do
token = user.unlock_token
user.resend_unlock!
user.resend_unlock_token
assert_equal token, user.unlock_token
end
end
@ -115,7 +115,7 @@ class LockableTest < ActiveSupport::TestCase
unlock_tokens = []
3.times do
user = create_user
user.lock!
user.lock_access!
token = user.unlock_token
assert !unlock_tokens.include?(token)
unlock_tokens << token
@ -125,7 +125,7 @@ class LockableTest < ActiveSupport::TestCase
test "should not generate unlock_token when :email is not an unlock strategy" do
swap Devise, :unlock_strategy => :time do
user = create_user
user.lock!
user.lock_access!
assert_nil user.unlock_token
end
end
@ -134,7 +134,7 @@ class LockableTest < ActiveSupport::TestCase
swap Devise, :unlock_strategy => :email do
user = create_user
assert_email_sent do
user.lock!
user.lock_access!
end
end
end
@ -143,42 +143,42 @@ class LockableTest < ActiveSupport::TestCase
swap Devise, :unlock_strategy => :time do
user = create_user
assert_email_not_sent do
user.lock!
user.lock_access!
end
end
end
test 'should find and unlock an user automatically' do
user = create_user
user.lock!
locked_user = User.unlock!(:unlock_token => user.unlock_token)
user.lock_access!
locked_user = User.unlock_access_by_token(user.unlock_token)
assert_equal locked_user, user
assert_not user.reload.locked?
assert_not user.reload.access_locked?
end
test 'should return a new record with errors when a invalid token is given' do
locked_user = User.unlock!(:unlock_token => 'invalid_token')
locked_user = User.unlock_access_by_token('invalid_token')
assert locked_user.new_record?
assert_equal "is invalid", locked_user.errors[:unlock_token].join
end
test 'should return a new record with errors when a blank token is given' do
locked_user = User.unlock!(:unlock_token => '')
locked_user = User.unlock_access_by_token('')
assert locked_user.new_record?
assert_equal "can't be blank", locked_user.errors[:unlock_token].join
end
test 'should authenticate a unlocked user' do
user = create_user
user.lock!
user.unlock!
user.lock_access!
user.unlock_access!
authenticated_user = User.authenticate(:email => user.email, :password => user.password)
assert_equal authenticated_user, user
end
test 'should find a user to send unlock instructions' do
user = create_user
user.lock!
user.lock_access!
unlock_user = User.send_unlock_instructions(:email => user.email)
assert_equal unlock_user, user
end
@ -195,8 +195,8 @@ class LockableTest < ActiveSupport::TestCase
test 'should not be able to send instructions if the user is not locked' do
user = create_user
assert_not user.resend_unlock!
assert_not user.locked?
assert_not user.resend_unlock_token
assert_not user.access_locked?
assert_equal 'was not locked', user.errors[:email].join
end

8
test/models/recoverable_test.rb
View file

@ -104,18 +104,18 @@ class RecoverableTest < ActiveSupport::TestCase
user = create_user
user.send :generate_reset_password_token!
reset_password_user = User.reset_password!(:reset_password_token => user.reset_password_token)
reset_password_user = User.reset_password_by_token(:reset_password_token => user.reset_password_token)
assert_equal reset_password_user, user
end
test 'should a new record with errors if no reset_password_token is found' do
reset_password_user = User.reset_password!(:reset_password_token => 'invalid_token')
reset_password_user = User.reset_password_by_token(:reset_password_token => 'invalid_token')
assert reset_password_user.new_record?
assert_equal "is invalid", reset_password_user.errors[:reset_password_token].join
end
test 'should a new record with errors if reset_password_token is blank' do
reset_password_user = User.reset_password!(:reset_password_token => '')
reset_password_user = User.reset_password_by_token(:reset_password_token => '')
assert reset_password_user.new_record?
assert_match "can't be blank", reset_password_user.errors[:reset_password_token].join
end
@ -125,7 +125,7 @@ class RecoverableTest < ActiveSupport::TestCase
old_password = user.password
user.send :generate_reset_password_token!
reset_password_user = User.reset_password!(
reset_password_user = User.reset_password_by_token(
:reset_password_token => user.reset_password_token,
:password => 'new_password',
:password_confirmation => 'new_password'

2
test/support/integration.rb
View file

@ -14,7 +14,7 @@ class ActionController::IntegrationTest
:created_at => Time.now.utc
)
user.confirm! unless options[:confirm] == false
user.lock! if options[:locked] == true
user.lock_access! if options[:locked] == true
user
end
end