aboutsummaryrefslogtreecommitdiffstats
path: root/activemodel/test/cases/secure_password_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* applies new string literal convention in activemodel/testXavier Noria2016-08-061-59/+59
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Allow password to contain spaces only.Yevhene Shemet2014-08-061-0/+10
|
* Only automatically include validations when enabledGodfrey Chan2014-07-021-11/+3
| | | | This is a follow up to #16024.
* automatically include ActiveModel::Validations when include ↵Aditya Kapoor2014-07-031-0/+5
| | | | ActiveModel::SecurePassword
* Use `@existing_user` while updating existing user, fixing - #ee4e86Akshay Vishnoi2014-06-141-6/+6
|
* Cleaned up the `has_secure_password` test casesGodfrey Chan2014-06-141-33/+29
| | | | | | * Grouped the valid test cases in one place * Make the length of the generated password obvious * Removed two wrong (copy-and-pasted) test cases
* SecurePassword - Validate password must be less than or equal to 72Akshay Vishnoi2014-06-141-0/+28
| | | | See #14591, Reason - BCrypt hash function can handle maximum 72 characters.
* comment why we are modifying global state. [ci skip]Yves Senn2014-03-111-0/+1
|
* Completely remove potential global state leaks in ActiveModel tests.Zuhao Wan2014-03-111-23/+11
| | | | ActiveModel tests can now be run in random order.
* Run ActiveModel test suites in random order.Zuhao Wan2014-03-101-7/+25
| | | | | | | | | | This gets the whole ActiveModel test suites working even if `self.i_suck_and_my_tests_are_order_dependent!` is disabled in `ActiveSupport::TestCase`. Two places are found that potentially leak global state. This patch makes sure states are restored so that none of the changes happen in a single test will be carried over to subsequence tests.
* Some minor fixesGodfrey Chan2014-01-241-1/+0
|
* Removed old testsGodfrey Chan2014-01-241-58/+121
|
* Merge pull request #13273 from robertomiranda/test-remove-requireGuillermo Iguaran2013-12-111-1/+0
|\ | | | | Remove require 'models/administrator', Administrator is not used in secure password test
| * Remove require 'models/administrator', Administrator is not used in secure ↵robertomiranda2013-12-111-1/+0
| | | | | | | | password test
* | Use bcrypt's public cost attr, not internal constantT.J. Schuck2013-10-101-0/+8
|/ | | | | | | | See: - https://github.com/codahale/bcrypt-ruby/pull/63 - https://github.com/codahale/bcrypt-ruby/pull/64 - https://github.com/codahale/bcrypt-ruby/pull/65
* Fix secure_password password_confirmation validationsVladimir Kiselev2013-07-241-0/+5
|
* Fix regression in has_secure_password.Phil Calvin2013-05-301-0/+9
| | | | If the confirmation was blank, but the password wasn't, it would still save.
* `has_secure_password` is not invalid when assigning empty Strings.Yves Senn2013-03-041-0/+6
| | | | | | | | | | Closes #9535. With 692b3b6 the `password=` setter does no longer set blank passwords. This triggered validation errors when assigning empty Strings to `password` and `password_confirmation`. This patch only sets the confirmation if it is not `blank?`.
* Use secure password min cost option in its own tests for a speed upCarlos Antonio da Silva2012-11-211-2/+10
| | | | Around 0.564359s => 0.092244s speed up in my machine.
* Use BCrypt's MIN_COST in the test environment for speedier testsTrevor Turk2012-11-141-1/+12
|
* Cleanup trailing whitespacesdfens2012-10-121-1/+1
|
* Remove MassAssignmentSecurity from ActiveModelGuillermo Iguaran2012-09-161-12/+0
| | | | This will be moved out to protected_attributes gem
* has_secure_password should not raise a 'digest missing' error if the calling ↵Robby Grossman2012-07-311-0/+8
| | | | class has specified for validations to be skipped.
* Updated tests for has_secure_password.Erich Menge2012-05-081-8/+22
|
* Fix secure_password setterOscar Del Ben2012-04-241-0/+6
|
* use variables from test setupVijay Dev2011-10-171-6/+4
|
* AM mass assignment security attr_accessible and attr_protected now allow for ↵Josh Kalderimis2011-04-241-5/+6
| | | | | | | | scopes using :as => scope eg. attr_accessible :name attr_accessible :name, :admin, :as => :admin
* bcrypt will encrypt anything, so validate_presence_of would not catch nil / ↵Aaron Patterson2011-04-141-0/+12
| | | | blank passwords. Thank you to Aleksander Kamil Modzelewski for reporting this
* Override attributes_protected_by_default when has_secure_password is called.Tsutomu Kuroda2011-02-091-0/+13
| | | | | | | attr_protected should not be called, because it nullifies the mass assignment protection that has been set by attr_accessible. Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
* Remove weak_passwords list and the length/strong password validator, leave ↵Santiago Pastorino2010-12-191-49/+1
| | | | that up to the programmer
* Add set_weak_passwords call in alignment with set_table_name.Mikel Lindsaar2010-12-191-0/+5
|
* Added ability to specify which passwords you want as weak passwordsMikel Lindsaar2010-12-191-11/+31
|
* Make password messages translatable.José Valim2010-12-191-1/+1
|
* Avoid warnings and fix small typo on SecurePassword.José Valim2010-12-191-1/+3
|
* BCrypt does its own salting, lovely!David Heinemeier Hansson2010-12-181-0/+11
|
* Added ActiveRecord::Base#has_secure_password (via ↵David Heinemeier Hansson2010-12-181-0/+42
ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting