TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
44,955 Commits 2 Branches 0 Tags 294 MiB
10adc2ee90
Commit Graph

32 Commits

Author SHA1 Message Date
Akshay Vishnoi
9bc91260ac Use @existing_user while updating existing user, fixing - #ee4e86 2014-06-14 14:42:52 +05:30
Godfrey Chan
ee4e86fa4b Cleaned up the has_secure_password test cases 
* Grouped the valid test cases in one place
* Make the length of the generated password obvious
* Removed two wrong (copy-and-pasted) test cases
 2014-06-14 00:43:47 -07:00
Akshay Vishnoi
cabbc8f6a5 SecurePassword - Validate password must be less than or equal to 72 
See #14591, Reason - BCrypt hash function can handle maximum 72 characters.
 2014-06-14 12:35:31 +05:30
Yves Senn
6868265fe3 comment why we are modifying global state. [ci skip] 2014-03-11 08:34:51 +01:00
Zuhao Wan
cc6bc1cc46 Completely remove potential global state leaks in ActiveModel tests. 
ActiveModel tests can now be run in random order.
 2014-03-11 00:48:25 +08:00
Zuhao Wan
9ffeb36265 Run ActiveModel test suites in random order. 
This gets the whole ActiveModel test suites working even if
`self.i_suck_and_my_tests_are_order_dependent!` is disabled
in `ActiveSupport::TestCase`.

Two places are found that potentially leak global state. This patch
makes sure states are restored so that none of the changes happen in
a single test will be carried over to subsequence tests.
 2014-03-10 03:52:51 +08:00
Godfrey Chan
98705d88cd Some minor fixes 2014-01-24 20:06:31 -08:00
Godfrey Chan
b6ddbfb158 Removed old tests 2014-01-24 19:49:31 -08:00
Guillermo Iguaran
87e1e86640 Merge pull request #13273 from robertomiranda/test-remove-require 
Remove require 'models/administrator', Administrator is not used in secure password test
 2013-12-11 05:39:14 -08:00
robertomiranda
df7e5b69de Remove require 'models/administrator', Administrator is not used in secure password test 2013-12-11 08:34:28 -05:00
T.J. Schuck
5d7b413d84 Use bcrypt's public cost attr, not internal constant 
See:

- https://github.com/codahale/bcrypt-ruby/pull/63
- https://github.com/codahale/bcrypt-ruby/pull/64
- https://github.com/codahale/bcrypt-ruby/pull/65
 2013-10-10 11:46:59 -04:00
Vladimir Kiselev
3be0cdfa55 Fix secure_password password_confirmation validations 2013-07-24 03:14:15 +04:00
Phil Calvin
5d93ef8f45 Fix regression in has_secure_password. 
If the confirmation was blank, but the password wasn't, it would still save.
 2013-05-30 11:18:43 -07:00
Yves Senn
8c1687bbf8 has_secure_password is not invalid when assigning empty Strings. 
Closes #9535.

With 692b3b6 the `password=` setter does no longer set blank passwords.
This triggered validation errors when assigning empty Strings to `password`
and `password_confirmation`.

This patch only sets the confirmation if it is not `blank?`.
 2013-03-04 18:56:05 +01:00
Carlos Antonio da Silva
c2c1ecb05e Use secure password min cost option in its own tests for a speed up 
Around 0.564359s => 0.092244s speed up in my machine.
 2012-11-21 19:34:55 -02:00
Trevor Turk
06faa6da80 Use BCrypt's MIN_COST in the test environment for speedier tests 2012-11-14 09:42:54 -06:00
dfens
ab9140ff02 Cleanup trailing whitespaces 2012-10-12 09:56:39 +02:00
Guillermo Iguaran
f8c9a4d3e8 Remove MassAssignmentSecurity from ActiveModel 
This will be moved out to protected_attributes gem
 2012-09-16 23:58:19 -05:00
Robby Grossman
ad7f9cdf00 has_secure_password should not raise a 'digest missing' error if the calling class has specified for validations to be skipped. 2012-07-31 16:16:21 -04:00
Erich Menge
f021377358 Updated tests for has_secure_password. 2012-05-08 18:08:55 -05:00
Oscar Del Ben
692b3b6b6a Fix secure_password setter 2012-04-24 19:16:01 +02:00
Vijay Dev
8dffc62a9b use variables from test setup 2011-10-17 19:15:24 +05:30
Josh Kalderimis
1054ebd613 AM mass assignment security attr_accessible and attr_protected now allow for scopes using :as => scope eg. 
attr_accessible :name
    attr_accessible :name, :admin, :as => :admin
 2011-04-24 09:53:18 +02:00
Aaron Patterson
3e23752236 bcrypt will encrypt anything, so validate_presence_of would not catch nil / blank passwords. Thank you to Aleksander Kamil Modzelewski for reporting this 2011-04-14 14:54:25 -07:00
Tsutomu Kuroda
ad31549ab3 Override attributes_protected_by_default when has_secure_password is called. 
attr_protected should not be called, because it nullifies the
mass assignment protection that has been set by attr_accessible.

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-09 18:35:15 -02:00
Santiago Pastorino
08ccd29b5b Remove weak_passwords list and the length/strong password validator, leave that up to the programmer 2010-12-19 15:01:29 -02:00
Mikel Lindsaar
6c217f98db Add set_weak_passwords call in alignment with set_table_name. 2010-12-19 21:36:47 +11:00
Mikel Lindsaar
a39a333769 Added ability to specify which passwords you want as weak passwords 2010-12-19 20:39:54 +11:00
José Valim
432556b923 Make password messages translatable. 2010-12-19 09:34:31 +01:00
José Valim
d592fa946d Avoid warnings and fix small typo on SecurePassword. 2010-12-19 09:28:15 +01:00
David Heinemeier Hansson
bd9dc4ff23 BCrypt does its own salting, lovely! 2010-12-18 19:09:07 -08:00
David Heinemeier Hansson
bcf4e4f2b0 Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 13:38:05 -08:00