Skip to content
This repository has been archived by the owner on Jan 30, 2024. It is now read-only.

Fix Ruby 2.4 deprecations #216

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Fix Ruby 2.4 deprecations #216

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
50f8cf9
Fix Ruby 2.4 deprecations
dillonwelch Apr 5, 2017
5f070fb
Update gemspec for Ruby 2.4+
dillonwelch Apr 5, 2017
1939fa0
Fix minitest deprecation warning
dillonwelch Apr 5, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ script: bundle exec rake
rvm:
- 2.1.8
- 2.2.4
- 2.3.4
- 2.4.1
- ruby-head
matrix:
allow_failures:
Expand Down
107 changes: 52 additions & 55 deletions Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,58 +3,57 @@ PATH
specs:
devise_security_extension (0.10.0)
devise (>= 3.0.0, < 5.0)
railties (>= 3.2.6, < 6.0)
rails (>= 4.2.8, < 6.0)

GEM
remote: https://rubygems.org/
specs:
actionmailer (4.2.6)
actionpack (= 4.2.6)
actionview (= 4.2.6)
activejob (= 4.2.6)
actionmailer (4.2.8)
actionpack (= 4.2.8)
actionview (= 4.2.8)
activejob (= 4.2.8)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 1.0, >= 1.0.5)
actionpack (4.2.6)
actionview (= 4.2.6)
activesupport (= 4.2.6)
actionpack (4.2.8)
actionview (= 4.2.8)
activesupport (= 4.2.8)
rack (~> 1.6)
rack-test (~> 0.6.2)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (4.2.6)
activesupport (= 4.2.6)
actionview (4.2.8)
activesupport (= 4.2.8)
builder (~> 3.1)
erubis (~> 2.7.0)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
activejob (4.2.6)
activesupport (= 4.2.6)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (4.2.8)
activesupport (= 4.2.8)
globalid (>= 0.3.0)
activemodel (4.2.6)
activesupport (= 4.2.6)
activemodel (4.2.8)
activesupport (= 4.2.8)
builder (~> 3.1)
activerecord (4.2.6)
activemodel (= 4.2.6)
activesupport (= 4.2.6)
activerecord (4.2.8)
activemodel (= 4.2.8)
activesupport (= 4.2.8)
arel (~> 6.0)
activesupport (4.2.6)
activesupport (4.2.8)
i18n (~> 0.7)
json (~> 1.7, >= 1.7.7)
minitest (~> 5.1)
thread_safe (~> 0.3, >= 0.3.4)
tzinfo (~> 1.1)
arel (6.0.3)
arel (6.0.4)
ast (2.3.0)
bcrypt (3.1.11)
builder (3.2.2)
concurrent-ruby (1.0.2)
builder (3.2.3)
concurrent-ruby (1.0.5)
coveralls (0.8.13)
json (~> 1.8)
simplecov (~> 0.11.0)
term-ansicolor (~> 1.3)
thor (~> 0.19.1)
tins (~> 1.6.0)
devise (4.2.0)
devise (4.2.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0, < 5.1)
Expand All @@ -70,10 +69,10 @@ GEM
simplecov (>= 0.3.8)
yard (>= 0.7.0)
erubis (2.7.0)
globalid (0.3.6)
globalid (0.3.7)
activesupport (>= 4.1.0)
i18n (0.7.0)
json (1.8.3)
i18n (0.8.1)
json (1.8.6)
loofah (2.0.3)
nokogiri (>= 1.5.9)
mail (2.6.4)
Expand All @@ -82,47 +81,45 @@ GEM
mime-types-data (~> 3.2015)
mime-types-data (3.2016.0521)
mini_portile2 (2.1.0)
minitest (5.9.0)
nokogiri (1.6.8)
minitest (5.10.1)
nokogiri (1.7.1)
mini_portile2 (~> 2.1.0)
pkg-config (~> 1.1.7)
orm_adapter (0.5.0)
parser (2.3.1.2)
ast (~> 2.2)
pkg-config (1.1.7)
powerpack (0.1.1)
rack (1.6.4)
rack (1.6.5)
rack-test (0.6.3)
rack (>= 1.0)
rails (4.2.6)
actionmailer (= 4.2.6)
actionpack (= 4.2.6)
actionview (= 4.2.6)
activejob (= 4.2.6)
activemodel (= 4.2.6)
activerecord (= 4.2.6)
activesupport (= 4.2.6)
rails (4.2.8)
actionmailer (= 4.2.8)
actionpack (= 4.2.8)
actionview (= 4.2.8)
activejob (= 4.2.8)
activemodel (= 4.2.8)
activerecord (= 4.2.8)
activesupport (= 4.2.8)
bundler (>= 1.3.0, < 2.0)
railties (= 4.2.6)
railties (= 4.2.8)
sprockets-rails
rails-deprecated_sanitizer (1.0.3)
activesupport (>= 4.2.0.alpha)
rails-dom-testing (1.0.7)
rails-dom-testing (1.0.8)
activesupport (>= 4.2.0.beta, < 5.0)
nokogiri (~> 1.6.0)
nokogiri (~> 1.6)
rails-deprecated_sanitizer (>= 1.0.1)
rails-html-sanitizer (1.0.3)
loofah (~> 2.0)
rails_email_validator (0.1.4)
activemodel (>= 3.0.0)
railties (4.2.6)
actionpack (= 4.2.6)
activesupport (= 4.2.6)
railties (4.2.8)
actionpack (= 4.2.8)
activesupport (= 4.2.8)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rainbow (2.1.0)
rake (11.2.2)
responders (2.2.0)
rake (12.0.0)
responders (2.3.0)
railties (>= 4.2.0, < 5.1)
rmagick (2.15.4)
rspec-core (3.4.4)
Expand Down Expand Up @@ -154,23 +151,23 @@ GEM
json (~> 1.8)
simplecov-html (~> 0.10.0)
simplecov-html (0.10.0)
sprockets (3.6.0)
sprockets (3.7.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.0.4)
sprockets-rails (3.2.0)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.11)
term-ansicolor (1.3.2)
tins (~> 1.0)
thor (0.19.1)
thread_safe (0.3.5)
thor (0.19.4)
thread_safe (0.3.6)
tins (1.6.0)
tzinfo (1.2.2)
tzinfo (1.2.3)
thread_safe (~> 0.1)
unicode-display_width (1.0.5)
warden (1.2.6)
warden (1.2.7)
rack (>= 1.0)
yard (0.8.7.6)

Expand All @@ -188,4 +185,4 @@ DEPENDENCIES
sqlite3 (~> 1.3.10)

BUNDLED WITH
1.12.5
1.14.6
6 changes: 5 additions & 1 deletion devise_security_extension.gemspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,11 @@ Gem::Specification.new do |s|
s.require_paths = ['lib']
s.required_ruby_version = '>= 2.1.0'

s.add_runtime_dependency 'railties', '>= 3.2.6', '< 6.0'
if RUBY_VERSION >= '2.4'
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is pre Rails 4.2.8 compatibility important? If so, is this the way you want to support it? Ruby 2.4+ requires Rails 4.2.8+ because of changes in the json gem.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO, its easy enough to upgrade to 4.2.[8, 9, 10] we should not need to support previous versions

s.add_runtime_dependency 'rails', '>= 4.2.8', '< 6.0'
else
s.add_runtime_dependency 'railties', '>= 3.2.6', '< 6.0'
end
s.add_runtime_dependency 'devise', '>= 3.0.0', '< 5.0'
s.add_development_dependency 'bundler', '>= 1.3.0', '< 2.0'
s.add_development_dependency 'sqlite3', '~> 1.3.10'
Expand Down
2 changes: 1 addition & 1 deletion lib/devise_security_extension/models/password_archivable.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ def validate_password_archive

# validate is the password used in the past
def password_archive_included?
unless deny_old_passwords.is_a? Fixnum
unless deny_old_passwords.is_a? 1.class
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not use Integer here? Even in Ruby < 2.4:

1.class #=> Fixnum
1.is_a? Integer #=> true

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The maintainers of this repo seemed to have disappeared, so a few of us are maintaining a fork at https://github.com/devise-security/devise-security. Feel free to make a PR with these changes over there.

if deny_old_passwords.is_a? TrueClass and archive_count > 0
self.deny_old_passwords = archive_count
else
Expand Down
14 changes: 10 additions & 4 deletions lib/devise_security_extension/models/password_expirable.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ module PasswordExpirable

# is an password change required?
def need_change_password?
if self.expire_password_after.is_a? Fixnum or self.expire_password_after.is_a? Float
if expired_password_after_numeric?
self.password_changed_at.nil? or self.password_changed_at < self.expire_password_after.seconds.ago
else
false
Expand All @@ -22,15 +22,15 @@ def need_change_password?

# set a fake datetime so a password change is needed and save the record
def need_change_password!
if self.expire_password_after.is_a? Fixnum or self.expire_password_after.is_a? Float
if expired_password_after_numeric?
need_change_password
self.save(:validate => false)
end
end

# set a fake datetime so a password change is needed
def need_change_password
if self.expire_password_after.is_a? Fixnum or self.expire_password_after.is_a? Float
if expired_password_after_numeric?
self.password_changed_at = self.expire_password_after.seconds.ago
end

Expand All @@ -39,7 +39,7 @@ def need_change_password

self.password_changed_at
end

def expire_password_after
self.class.expire_password_after
end
Expand All @@ -51,6 +51,12 @@ def update_password_changed
self.password_changed_at = Time.now if (self.new_record? or self.encrypted_password_changed?) and not self.password_changed_at_changed?
end

def expired_password_after_numeric?
return @_numeric if defined?(@_numeric)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it actually a good idea to memoize this? Could there be a scenario where this gets checked and then the column is made to be nil?

expired_password_after_numeric? #=> true
self.expire_password_after = nil
expired_password_after_numeric? #=> true

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unfortunately I don't know the code well enough to say.

@_numeric ||= self.expire_password_after.is_a?(1.class) ||
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

||= is redundant if you're using a guard

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point

self.expire_password_after.is_a?(Float)
end

module ClassMethods
::Devise::Models.config(self, :expire_password_after)
end
Expand Down
2 changes: 1 addition & 1 deletion test/test_paranoid_verification.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ class TestParanoidVerification < ActiveSupport::TestCase
test 'when code not match upon verification code, should not set paranoid_verified_at' do
user = User.new(paranoid_verification_code: 'abcde')
user.verify_code('wrong')
assert_equal(nil, user.paranoid_verified_at)
assert_nil(user.paranoid_verified_at)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rip

end

test 'when code not match upon verification code too many attempts should generate new code' do
Expand Down