Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

2.1.1 breaks functional tests. #1928

Closed
sreid99 opened this Issue · 9 comments

4 participants

@sreid99

2.1.1 has broken several of my apps functional tests (fine with 2.1.0, and identical app code).

The tests check that a logged in user can't access another users records. The controller tries to access the record by id for the user, gets ActiveRecord::RecordNotFound, then redirects the user to the home page, and displays a notice.

With 2.1.1, this still happens ok when I manually try it in the browser, but in my functional tests, I'm now redirected to the sign in page (new_user_session_path) instead, and no notice is shown.

Perhaps related top 2.1.1 change "Redirect to sign in page when trying to access password#edit without a token" ?

Using rails 3.2.6, and ruby 1.9.3.

@josevalim
Owner

Thanks for reporting. The change you mention only affects the reset password page. Are you using a custom Devise strategy (or a Devise plugin)?

@josevalim
Owner

Another possible option, can you confirm forgery check is disabled in your test environment:

config.action_controller.allow_forgery_protection    = false

?

@josevalim
Owner

Ah, if you are inheriting from Devise::PasswordsController to add custom behavior, it may also cause the issue.

@sreid99

I'm not even sure what a custom devise strategy is. I don't use any devise plugins. I only customize the devise views.

I already have allow_forgery_protection = false for test.

I don't override Devise::PasswordsController`.

@josevalim
Owner

Can you provide more information to reproduce? Maybe isolating it in an application? I have run it in my apps, but it works fine. Thanks.

@ejfinneran

I've run into the same issue. I wrote a devise unit test to reproduce.

test "does not redirect with valid user after failed first attempt" do
    get :index
    assert_response :redirect

    user = create_user
    user.confirm!

    sign_in user
    get :index
    assert_response :success
  end 

I added that to the test/test_helpers_test.rb. It fails on 2.1.2 but passes on 2.1.0.

@josevalim
Owner

This issue has been fixed in master. It was a regression introduced by warden but that's now fixed. Could you guys please try Devise master out and let me know how it goes? Thanks for reporting and thansk to @ejfinneran for providing a test case!

@NARKOZ

Yes, it's fixed. Thanks.

@sreid99

That's fixed it for me - thanks.

@josevalim josevalim closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.