Add a test for when a recoverable resource has a non-AR email field

test/models/recoverable_test.rb

@@ -65,6 +65,18 @@ class RecoverableTest < ActiveSupport::TestCase
     assert_nil user.reset_password_token
   end
 
+  test 'should clear reset password successfully even if there is no email' do
+    user = create_user_without_email
+    assert_nil user.reset_password_token
+
+    user.send_reset_password_instructions
+    assert_present user.reset_password_token
+    user.password = "123456678"
+    user.password_confirmation = "123456678"
+    user.save!
+    assert_nil user.reset_password_token
+  end
+
   test 'should not clear reset password token if record is invalid' do
     user = create_user
     user.send_reset_password_instructions

test/rails_app/app/active_record/user_without_email.rb

@@ -0,0 +1,8 @@
+require "shared_user_without_email"
+
+class UserWithoutEmail < ActiveRecord::Base
+  self.table_name = 'users'
+  include Shim
+  include SharedUserWithoutEmail
+end
+

test/rails_app/app/mongoid/user_without_email.rb

@@ -0,0 +1,33 @@
+require "shared_user_without_email"
+
+class UserWithoutEmail
+  include Mongoid::Document
+  include Shim
+  include SharedUserWithoutEmail
+
+  field :username, type: String
+  field :facebook_token, type: String
+
+  ## Database authenticatable
+  field :email, type: String, default: ""
+  field :encrypted_password, type: String, default: ""
+
+  ## Recoverable
+  field :reset_password_token, type: String
+  field :reset_password_sent_at, type: Time
+
+  ## Rememberable
+  field :remember_created_at, type: Time
+
+  ## Trackable
+  field :sign_in_count, type: Integer, default: 0
+  field :current_sign_in_at, type: Time
+  field :last_sign_in_at, type: Time
+  field :current_sign_in_ip, type: String
+  field :last_sign_in_ip, type: String
+
+  ## Lockable
+  field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
+  field :unlock_token, type: String # Only if unlock strategy is :email or :both
+  field :locked_at, type: Time
+end

test/rails_app/config/routes.rb

@@ -28,6 +28,11 @@ Rails.application.routes.draw do
     router_name: :fake_engine,
     module: :devise
 
+  devise_for :user_without_email,
+    class_name: 'UserWithoutEmail',
+    router_name: :main_app,
+    module: :devise
+
   as :user do
     get "/as/sign_in", to: "devise/sessions#new"
   end

test/rails_app/lib/shared_user_without_email.rb

@@ -0,0 +1,26 @@
+module SharedUserWithoutEmail
+  extend ActiveSupport::Concern
+
+  included do
+    # NOTE: This is missing :validatable and :confirmable, as they both require
+    # an email field at the moment. It is also missing :omniauthable because that
+    # adds unnecessary complexity to the setup
+    devise :database_authenticatable, :lockable, :recoverable,
+           :registerable, :rememberable, :timeoutable,
+           :trackable
+  end
+
+  # This test stub is a bit rubbish because it's tied very closely to the
+  # implementation where we care about this one case. However, completely
+  # removing the email field breaks "recoverable" tests completely, so we are
+  # just taking the approach here that "email" is something that is a not an
+  # ActiveRecord field.
+  def email_changed?
+    raise NoMethodError
+  end
+
+  def respond_to?(method_name, include_all=false)
+    return false if method_name.to_sym == :email_changed?
+    super(method_name, include_all)
+  end
+end

test/support/helpers.rb

@@ -46,6 +46,10 @@ class ActiveSupport::TestCase
     Admin.create!(valid_attributes)
   end
 
+  def create_user_without_email(attributes={})
+    UserWithoutEmail.create!(valid_attributes(attributes))
+  end
+
   # Execute the block setting the given values and restoring old values after
   # the block is executed.
   def swap(object, new_values)