From ce8f78a57168bbacb1320a4dc4e9e79b878221d4 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Sat, 19 Sep 2015 21:12:32 -0400 Subject: Bump devise to 3.5.2 --- Gemfile | 2 +- Gemfile.lock | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index 1903d66e6ab..426e67e7e3f 100644 --- a/Gemfile +++ b/Gemfile @@ -22,7 +22,7 @@ gem "mysql2", '~> 0.3.16', group: :mysql gem "pg", '~> 0.18.2', group: :postgres # Authentication libraries -gem "devise", '~> 3.2.4' +gem "devise", '~> 3.5.2' gem "devise-async", '~> 0.9.0' gem 'omniauth', "~> 1.2.2" gem 'omniauth-google-oauth2', '~> 0.2.5' diff --git a/Gemfile.lock b/Gemfile.lock index f43e885ce48..a8a067eb785 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -136,10 +136,11 @@ GEM activerecord (>= 3.2.0, < 5.0) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) - devise (3.2.4) + devise (3.5.2) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 3.2.6, < 5) + responders thread_safe (~> 0.1) warden (~> 1.2.3) devise-async (0.9.0) @@ -148,7 +149,7 @@ GEM activemodel activesupport attr_encrypted (~> 1.3.2) - devise (>= 3.2.4, < 3.5) + devise (~> 3.5.0) railties rotp (< 2) diff-lcs (1.2.5) @@ -558,6 +559,8 @@ GEM request_store (1.2.0) rerun (0.10.0) listen (~> 2.7, >= 2.7.3) + responders (1.1.2) + railties (>= 3.2, < 4.2) rest-client (1.8.0) http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 3.0) @@ -806,7 +809,7 @@ DEPENDENCIES d3_rails (~> 3.5.5) database_cleaner (~> 1.4.0) default_value_for (~> 3.0.0) - devise (~> 3.2.4) + devise (~> 3.5.2) devise-async (~> 0.9.0) devise-two-factor (~> 1.0.1) diffy (~> 3.0.3) @@ -928,3 +931,6 @@ DEPENDENCIES webmock (~> 1.21.0) whenever (~> 0.8.4) wikicloth (= 0.8.1) + +BUNDLED WITH + 1.10.6 -- cgit v1.2.1 From 69723d20024821fb4206e899ffa3acd2da690315 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Sat, 19 Sep 2015 21:15:13 -0400 Subject: Devise 3.5.x deprecates `confirm!` in favor of `confirm` --- app/controllers/admin/users_controller.rb | 2 +- db/fixtures/production/001_admin.rb | 2 +- spec/mailers/notify_spec.rb | 6 +++--- spec/models/user_spec.rb | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index 6092c79c254..a19b1abee27 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -56,7 +56,7 @@ class Admin::UsersController < Admin::ApplicationController end def confirm - if user.confirm! + if user.confirm redirect_to :back, notice: "Successfully confirmed" else redirect_to :back, alert: "Error occurred. User was not confirmed" diff --git a/db/fixtures/production/001_admin.rb b/db/fixtures/production/001_admin.rb index 1c8740f6ba9..b0c0b6450f6 100644 --- a/db/fixtures/production/001_admin.rb +++ b/db/fixtures/production/001_admin.rb @@ -19,7 +19,7 @@ admin = User.create( admin.projects_limit = 10000 admin.admin = true admin.save! -admin.confirm! +admin.confirm if admin.valid? puts %Q[ diff --git a/spec/mailers/notify_spec.rb b/spec/mailers/notify_spec.rb index 97c07ad7d55..2c97a521d96 100644 --- a/spec/mailers/notify_spec.rb +++ b/spec/mailers/notify_spec.rb @@ -712,7 +712,7 @@ describe Notify do before do user.update_attribute(:email, "user@company.com") - user.confirm! + user.confirm end it "is sent from the committer email" do @@ -730,7 +730,7 @@ describe Notify do before do user.update_attribute(:email, "user@something.company.com") - user.confirm! + user.confirm end it "is sent from the default email" do @@ -748,7 +748,7 @@ describe Notify do before do user.update_attribute(:email, "user@mpany.com") - user.confirm! + user.confirm end it "is sent from the default email" do diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index eeb9069aa17..480950859a2 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -188,7 +188,7 @@ describe User do end it 'confirms a user' do - user.confirm! + user.confirm expect(user.confirmed?).to be_truthy end end -- cgit v1.2.1 From 259851c0d601632ad02a9f6ac0d59276552570b9 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Sat, 19 Sep 2015 21:16:18 -0400 Subject: Bump devise-two-factor to 2.0.0 Addresses internal https://dev.gitlab.org/gitlab/gitlabhq/issues/2605 See https://github.com/tinfoil/devise-two-factor/pull/43 --- Gemfile | 2 +- Gemfile.lock | 9 ++++----- app/controllers/profiles/two_factor_auths_controller.rb | 2 +- app/controllers/sessions_controller.rb | 2 +- db/migrate/20150920010715_add_consumed_timestep_to_users.rb | 5 +++++ db/schema.rb | 3 ++- spec/controllers/profiles/two_factor_auths_controller_spec.rb | 4 ++-- 7 files changed, 16 insertions(+), 11 deletions(-) create mode 100644 db/migrate/20150920010715_add_consumed_timestep_to_users.rb diff --git a/Gemfile b/Gemfile index 426e67e7e3f..924ee382f4d 100644 --- a/Gemfile +++ b/Gemfile @@ -38,7 +38,7 @@ gem 'omniauth_crowd' gem "rack-oauth2", "~> 1.0.5" # Two-factor authentication -gem 'devise-two-factor', '~> 1.0.1' +gem 'devise-two-factor', '~> 2.0.0' gem 'rqrcode-rails3', '~> 0.1.7' gem 'attr_encrypted', '~> 1.3.4' diff --git a/Gemfile.lock b/Gemfile.lock index a8a067eb785..320f7629fb6 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -145,13 +145,12 @@ GEM warden (~> 1.2.3) devise-async (0.9.0) devise (~> 3.2) - devise-two-factor (1.0.2) - activemodel + devise-two-factor (2.0.0) activesupport attr_encrypted (~> 1.3.2) devise (~> 3.5.0) railties - rotp (< 2) + rotp (~> 2) diff-lcs (1.2.5) diffy (3.0.7) docile (1.1.5) @@ -566,7 +565,7 @@ GEM mime-types (>= 1.16, < 3.0) netrc (~> 0.7) rinku (1.7.3) - rotp (1.6.1) + rotp (2.1.1) rouge (1.10.1) rqrcode (0.7.0) chunky_png @@ -811,7 +810,7 @@ DEPENDENCIES default_value_for (~> 3.0.0) devise (~> 3.5.2) devise-async (~> 0.9.0) - devise-two-factor (~> 1.0.1) + devise-two-factor (~> 2.0.0) diffy (~> 3.0.3) doorkeeper (~> 2.1.3) dropzonejs-rails (~> 0.7.1) diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index f9af0871cf1..e6b99be37fb 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -9,7 +9,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController end def create - if current_user.valid_otp?(params[:pin_code]) + if current_user.validate_and_consume_otp!(params[:pin_code]) current_user.two_factor_enabled = true @codes = current_user.generate_otp_backup_codes! current_user.save! diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index cfa565cd03e..1b60d3e27d0 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -99,7 +99,7 @@ class SessionsController < Devise::SessionsController end def valid_otp_attempt?(user) - user.valid_otp?(user_params[:otp_attempt]) || + user.validate_and_consume_otp!(user_params[:otp_attempt]) || user.invalidate_otp_backup_code!(user_params[:otp_attempt]) end diff --git a/db/migrate/20150920010715_add_consumed_timestep_to_users.rb b/db/migrate/20150920010715_add_consumed_timestep_to_users.rb new file mode 100644 index 00000000000..c8438b3f6aa --- /dev/null +++ b/db/migrate/20150920010715_add_consumed_timestep_to_users.rb @@ -0,0 +1,5 @@ +class AddConsumedTimestepToUsers < ActiveRecord::Migration + def change + add_column :users, :consumed_timestep, :integer + end +end diff --git a/db/schema.rb b/db/schema.rb index d70c4b58e93..b8eb9d26779 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20150918084513) do +ActiveRecord::Schema.define(version: 20150920010715) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -749,6 +749,7 @@ ActiveRecord::Schema.define(version: 20150918084513) do t.string "public_email", default: "", null: false t.integer "dashboard", default: 0 t.integer "project_view", default: 0 + t.integer "consumed_timestep" end add_index "users", ["admin"], name: "index_users_on_admin", using: :btree diff --git a/spec/controllers/profiles/two_factor_auths_controller_spec.rb b/spec/controllers/profiles/two_factor_auths_controller_spec.rb index f54706e3aa3..4fb1473c2d2 100644 --- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb +++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb @@ -37,7 +37,7 @@ describe Profiles::TwoFactorAuthsController do context 'with valid pin' do before do - expect(user).to receive(:valid_otp?).with(pin).and_return(true) + expect(user).to receive(:validate_and_consume_otp!).with(pin).and_return(true) end it 'sets two_factor_enabled' do @@ -63,7 +63,7 @@ describe Profiles::TwoFactorAuthsController do context 'with invalid pin' do before do - expect(user).to receive(:valid_otp?).with(pin).and_return(false) + expect(user).to receive(:validate_and_consume_otp!).with(pin).and_return(false) end it 'assigns error' do -- cgit v1.2.1