Skip to content

2.1.1 breaks functional tests. #1928

Closed
sreid99 opened this Issue Jun 18, 2012 · 9 comments

4 participants

@sreid99
sreid99 commented Jun 18, 2012

2.1.1 has broken several of my apps functional tests (fine with 2.1.0, and identical app code).

The tests check that a logged in user can't access another users records. The controller tries to access the record by id for the user, gets ActiveRecord::RecordNotFound, then redirects the user to the home page, and displays a notice.

With 2.1.1, this still happens ok when I manually try it in the browser, but in my functional tests, I'm now redirected to the sign in page (new_user_session_path) instead, and no notice is shown.

Perhaps related top 2.1.1 change "Redirect to sign in page when trying to access password#edit without a token" ?

Using rails 3.2.6, and ruby 1.9.3.

@josevalim
Plataformatec member

Thanks for reporting. The change you mention only affects the reset password page. Are you using a custom Devise strategy (or a Devise plugin)?

@josevalim
Plataformatec member

Another possible option, can you confirm forgery check is disabled in your test environment:

config.action_controller.allow_forgery_protection    = false

?

@josevalim
Plataformatec member

Ah, if you are inheriting from Devise::PasswordsController to add custom behavior, it may also cause the issue.

@sreid99
sreid99 commented Jun 18, 2012

I'm not even sure what a custom devise strategy is. I don't use any devise plugins. I only customize the devise views.

I already have allow_forgery_protection = false for test.

I don't override Devise::PasswordsController`.

@josevalim
Plataformatec member

Can you provide more information to reproduce? Maybe isolating it in an application? I have run it in my apps, but it works fine. Thanks.

@ejfinneran

I've run into the same issue. I wrote a devise unit test to reproduce.

test "does not redirect with valid user after failed first attempt" do
    get :index
    assert_response :redirect

    user = create_user
    user.confirm!

    sign_in user
    get :index
    assert_response :success
  end 

I added that to the test/test_helpers_test.rb. It fails on 2.1.2 but passes on 2.1.0.

@josevalim
Plataformatec member

This issue has been fixed in master. It was a regression introduced by warden but that's now fixed. Could you guys please try Devise master out and let me know how it goes? Thanks for reporting and thansk to @ejfinneran for providing a test case!

@NARKOZ
NARKOZ commented Jun 28, 2012

Yes, it's fixed. Thanks.

@sreid99
sreid99 commented Jun 28, 2012

That's fixed it for me - thanks.

@josevalim josevalim closed this Sep 13, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.