test/integration/authenticatable_test.rb in devise-4.0.3 vs test/integration/authenticatable_test.rb in devise-4.1.0
- old
+ new
@@ -28,44 +28,44 @@
test 'sign out as user should not touch admin authentication if sign_out_all_scopes is false' do
swap Devise, sign_out_all_scopes: false do
sign_in_as_user
sign_in_as_admin
- get destroy_user_session_path
+ delete destroy_user_session_path
assert_not warden.authenticated?(:user)
assert warden.authenticated?(:admin)
end
end
test 'sign out as admin should not touch user authentication if sign_out_all_scopes is false' do
swap Devise, sign_out_all_scopes: false do
sign_in_as_user
sign_in_as_admin
- get destroy_admin_session_path
+ delete destroy_admin_session_path
assert_not warden.authenticated?(:admin)
assert warden.authenticated?(:user)
end
end
test 'sign out as user should also sign out admin if sign_out_all_scopes is true' do
swap Devise, sign_out_all_scopes: true do
sign_in_as_user
sign_in_as_admin
- get destroy_user_session_path
+ delete destroy_user_session_path
assert_not warden.authenticated?(:user)
assert_not warden.authenticated?(:admin)
end
end
test 'sign out as admin should also sign out user if sign_out_all_scopes is true' do
swap Devise, sign_out_all_scopes: true do
sign_in_as_user
sign_in_as_admin
- get destroy_admin_session_path
+ delete destroy_admin_session_path
assert_not warden.authenticated?(:admin)
assert_not warden.authenticated?(:user)
end
end
@@ -107,21 +107,21 @@
test 'authenticated admin should be able to sign out' do
sign_in_as_admin
assert warden.authenticated?(:admin)
- get destroy_admin_session_path
+ delete destroy_admin_session_path
assert_response :redirect
assert_redirected_to root_path
get root_path
assert_contain 'Signed out successfully'
assert_not warden.authenticated?(:admin)
end
test 'unauthenticated admin set message on sign out' do
- get destroy_admin_session_path
+ delete destroy_admin_session_path
assert_response :redirect
assert_redirected_to root_path
get root_path
assert_contain 'Signed out successfully'
@@ -345,41 +345,10 @@
sign_in_as_user
get '/users'
assert_equal "Cart", @controller.user_session[:cart]
end
- test 'does not explode when class name is still stored in session' do
- # In order to test that old sessions do not break with the new scoped
- # deserialization, we need to serialize the session the old way. This is
- # done by removing the newly used scoped serialization method
- # (#user_serialize) and bringing back the old uncsoped #serialize method
- # that includes the record's class name in the serialization.
- begin
- Warden::SessionSerializer.class_eval do
- alias_method :original_serialize, :serialize
- alias_method :original_user_serialize, :user_serialize
- remove_method :user_serialize
-
- def serialize(record)
- klass = record.class
- array = klass.serialize_into_session(record)
- array.unshift(klass.name)
- end
- end
-
- sign_in_as_user
- assert warden.authenticated?(:user)
- ensure
- Warden::SessionSerializer.class_eval do
- alias_method :serialize, :original_serialize
- remove_method :original_serialize
- alias_method :user_serialize, :original_user_serialize
- remove_method :original_user_serialize
- end
- end
- end
-
test 'session id is changed on sign in' do
get '/users'
session_id = request.session["session_id"]
get '/users'
@@ -394,22 +363,22 @@
test 'renders the scoped view if turned on and view is available' do
swap Devise, scoped_views: true do
assert_raise Webrat::NotFoundError do
sign_in_as_user
end
- assert_match /Special user view/, response.body
+ assert_match %r{Special user view}, response.body
end
end
test 'renders the scoped view if turned on in an specific controller' do
begin
Devise::SessionsController.scoped_views = true
assert_raise Webrat::NotFoundError do
sign_in_as_user
end
- assert_match /Special user view/, response.body
+ assert_match %r{Special user view}, response.body
assert !Devise::PasswordsController.scoped_views?
ensure
Devise::SessionsController.send :remove_instance_variable, :@scoped_views
end
end
@@ -478,11 +447,11 @@
end
test 'sign in stub in xml format' do
get new_user_session_path(format: 'xml')
assert_match '<?xml version="1.0" encoding="UTF-8"?>', response.body
- assert_match /<user>.*<\/user>/m, response.body
+ assert_match %r{<user>.*</user>}m, response.body
assert_match '<email></email>', response.body
assert_match '<password nil="true"', response.body
end
test 'sign in stub in json format' do
@@ -530,59 +499,59 @@
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
end
test 'sign out with html redirects' do
sign_in_as_user
- get destroy_user_session_path
+ delete destroy_user_session_path
assert_response :redirect
assert_current_url '/'
sign_in_as_user
- get destroy_user_session_path(format: 'html')
+ delete destroy_user_session_path(format: 'html')
assert_response :redirect
assert_current_url '/'
end
test 'sign out with xml format returns no content' do
sign_in_as_user
- get destroy_user_session_path(format: 'xml')
+ delete destroy_user_session_path(format: 'xml')
assert_response :no_content
assert_not warden.authenticated?(:user)
end
test 'sign out with json format returns no content' do
sign_in_as_user
- get destroy_user_session_path(format: 'json')
+ delete destroy_user_session_path(format: 'json')
assert_response :no_content
assert_not warden.authenticated?(:user)
end
test 'sign out with non-navigational format via XHR does not redirect' do
swap Devise, navigational_formats: ['*/*', :html] do
- sign_in_as_user
- get destroy_user_session_path, xhr: true, headers: { "HTTP_ACCEPT" => "application/json,text/javascript,*/*" } # NOTE: Bug is triggered by combination of XHR and */*.
+ sign_in_as_admin
+ get destroy_sign_out_via_get_session_path, xhr: true, headers: { "HTTP_ACCEPT" => "application/json,text/javascript,*/*" } # NOTE: Bug is triggered by combination of XHR and */*.
assert_response :no_content
assert_not warden.authenticated?(:user)
end
end
# Belt and braces ... Perhaps this test is not necessary?
test 'sign out with navigational format via XHR does redirect' do
swap Devise, navigational_formats: ['*/*', :html] do
sign_in_as_user
- get destroy_user_session_path, xhr: true, headers: { "HTTP_ACCEPT" => "text/html,*/*" }
+ delete destroy_user_session_path, xhr: true, headers: { "HTTP_ACCEPT" => "text/html,*/*" }
assert_response :redirect
assert_not warden.authenticated?(:user)
end
end
end
class AuthenticationKeysTest < Devise::IntegrationTest
test 'missing authentication keys cause authentication to abort' do
swap Devise, authentication_keys: [:subdomain] do
sign_in_as_user
- assert_contain "Invalid subdomain or password."
+ assert_contain "Invalid Subdomain or password."
assert_not warden.authenticated?(:user)
end
end
test 'missing authentication keys cause authentication to abort unless marked as not required' do
@@ -617,10 +586,10 @@
test 'blank request keys cause authentication to abort' do
host! 'test.com'
swap Devise, request_keys: [:subdomain] do
sign_in_as_user
- assert_contain "Invalid email or password."
+ assert_contain "Invalid Email or password."
assert_not warden.authenticated?(:user)
end
end
test 'blank request keys cause authentication to abort unless if marked as not required' do