Browse Source

Switch to original devise gem (#1610)

# Context

- We're currently using a custom fork of devise

# Changes

- Switch back to original devise gem
- This gives us the benefit of being able to more easily upgrade when the time comes
- Minor fixes to validation copy during password reset process which were not correct
pull/1648/head
Phil Lee 2 years ago committed by GitHub
parent
commit
d7b15b2025
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 3
      Gemfile
  2. 20
      Gemfile.lock
  3. 2
      app/mailers/devise_notify_mailer.rb
  4. 7
      config/locales/en.yml
  5. 15
      spec/features/auth/sign_in_spec.rb
  6. 2
      spec/features/auth/user_lockout_spec.rb
  7. 6
      spec/models/user_spec.rb

3
Gemfile

@ -32,8 +32,7 @@ gem "roo"
# Json Schema # Json Schema
gem "json-schema" gem "json-schema"
# Authentication # Authentication
# Point at branch until devise is compatible with Turbo, see https://github.com/heartcombo/devise/pull/5340 gem "devise"
gem "devise", github: "baarkerlounger/devise", branch: "dluhc-fixes"
# Two-factor Authentication for devise models. # Two-factor Authentication for devise models.
gem "devise_two_factor_authentication" gem "devise_two_factor_authentication"
# UK postcode parsing and validation # UK postcode parsing and validation

20
Gemfile.lock

@ -1,15 +1,3 @@
GIT
remote: https://github.com/baarkerlounger/devise.git
revision: 9b93eff1be452683b9fed61ec8c350fbc8387e7f
branch: dluhc-fixes
specs:
devise (4.8.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM GEM
remote: https://rubygems.org/ remote: https://rubygems.org/
specs: specs:
@ -140,6 +128,12 @@ GEM
rexml rexml
crass (1.0.6) crass (1.0.6)
date (3.3.3) date (3.3.3)
devise (4.8.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
devise_two_factor_authentication (3.0.0) devise_two_factor_authentication (3.0.0)
devise devise
encryptor encryptor
@ -457,7 +451,7 @@ DEPENDENCIES
capybara capybara
capybara-lockstep capybara-lockstep
capybara-screenshot capybara-screenshot
devise! devise
devise_two_factor_authentication devise_two_factor_authentication
dotenv-rails dotenv-rails
erb_lint erb_lint

2
app/mailers/devise_notify_mailer.rb

@ -51,7 +51,7 @@ class DeviseNotifyMailer < Devise::Mailer
end end
def email_allowlist def email_allowlist
Rails.application.credentials[:email_allowlist] Rails.application.credentials[:email_allowlist] || []
end end
private private

7
config/locales/en.yml

@ -94,6 +94,9 @@ en:
activerecord: activerecord:
attributes:
user:
email: email
errors: errors:
models: models:
scheme: scheme:
@ -142,6 +145,9 @@ en:
role: role:
invalid: "Role must be data accessor, data provider or data coordinator" invalid: "Role must be data accessor, data provider or data coordinator"
blank: "Select role" blank: "Select role"
password:
blank: Enter a password
too_short: Password is too short (minimum is %{count} characters)
merge_request: merge_request:
attributes: attributes:
absorbing_organisation_id: absorbing_organisation_id:
@ -157,7 +163,6 @@ en:
new_organisation_telephone_number: new_organisation_telephone_number:
blank: "Enter a valid telephone number" blank: "Enter a valid telephone number"
validations: validations:
organisation: organisation:
name_missing: "Enter the name of the organisation" name_missing: "Enter the name of the organisation"

15
spec/features/auth/sign_in_spec.rb

@ -0,0 +1,15 @@
require "rails_helper"
RSpec.describe "User sign in" do
let(:user) { FactoryBot.create(:user) }
context "when wrong credentials" do
it "shows correct error message" do
visit("/account/sign-in")
fill_in("user[email]", with: user.email)
fill_in("user[password]", with: "wrong_password")
click_button("Sign in")
expect(page).to have_content("Incorrect email or password")
end
end
end

2
spec/features/auth/user_lockout_spec.rb

@ -21,7 +21,7 @@ RSpec.describe "User Lockout" do
fill_in("user[email]", with: user.email) fill_in("user[email]", with: user.email)
fill_in("user[password]", with: user.password) fill_in("user[password]", with: user.password)
click_button("Sign in") click_button("Sign in")
expect(page).to have_http_status(:unprocessable_entity) expect(page).to have_http_status(:ok)
expect(page).to have_content(I18n.t("devise.failure.locked")) expect(page).to have_content(I18n.t("devise.failure.locked"))
end end
end end

6
spec/models/user_spec.rb

@ -268,7 +268,7 @@ RSpec.describe User, type: :model do
context "when a too short password is entered" do context "when a too short password is entered" do
let(:password) { "123" } let(:password) { "123" }
let(:error_message) { "Validation failed: Password #{I18n.t('errors.messages.too_short', count: 8)}" } let(:error_message) { "Validation failed: Password #{I18n.t('activerecord.errors.models.user.attributes.password.too_short', count: 8)}" }
it "validates password length" do it "validates password length" do
expect { FactoryBot.create(:user, password:) } expect { FactoryBot.create(:user, password:) }
@ -278,7 +278,7 @@ RSpec.describe User, type: :model do
context "when an invalid email is entered" do context "when an invalid email is entered" do
let(:invalid_email) { "not_an_email" } let(:invalid_email) { "not_an_email" }
let(:error_message) { "Validation failed: Email #{I18n.t('activerecord.errors.models.user.attributes.email.invalid')}" } let(:error_message) { "Validation failed: email #{I18n.t('activerecord.errors.models.user.attributes.email.invalid')}" }
it "validates email format" do it "validates email format" do
expect { FactoryBot.create(:user, email: invalid_email) } expect { FactoryBot.create(:user, email: invalid_email) }
@ -288,7 +288,7 @@ RSpec.describe User, type: :model do
context "when the email entered has already been used" do context "when the email entered has already been used" do
let(:user) { FactoryBot.create(:user) } let(:user) { FactoryBot.create(:user) }
let(:error_message) { "Validation failed: Email #{I18n.t('activerecord.errors.models.user.attributes.email.taken')}" } let(:error_message) { "Validation failed: email #{I18n.t('activerecord.errors.models.user.attributes.email.taken')}" }
it "validates email uniqueness" do it "validates email uniqueness" do
expect { FactoryBot.create(:user, email: user.email) } expect { FactoryBot.create(:user, email: user.email) }

Loading…
Cancel
Save