Skip to content

Fix For Password Archival And Expiration After rails-7 Upgrade #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rg-victorylive wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix For Password Archival And Expiration After rails-7 Upgrade #8

rg-victorylive wants to merge 1 commit into from

Conversation

@rg-victorylive
Copy link

@rg-victorylive rg-victorylive commented Jun 30, 2025
edited by atlassian bot
Loading

Jira: VP-2057

Important

Toggle to Squash and Merge when merging PRs to staging branch

What

  • Fixnum was merged into Integer in newer Ruby versions. Rails 5 was lenient with this, but Rails 7 requires checking against Integer explicitly.
  • Using is_a?(TrueClass) is not a reliable way to check for true. It caused logic to fail in Rails 7 that used to work in Rails 5.
  • expire_password_after is usually a duration like 365.days, which isn’t a number. Rails 5 handled this loosely, but Rails 7 is stricter. Checking with respond_to?(:ago) ensures it behaves like a duration.

Testing

I tested this code by (unit/integration/manual) testing…

Extras

  • Includes a DB migration
  • After merge, requires local environment changes like running bin/build, .env changes etc.
  • Includes UI Changes: add screenshots or videos

(if any are checked, please describe below)

PR Code Coverage

  • Changeset: XX%
  • Overall: XX%

Measure with bin/test_cov or some other means. You can find html coverage levels in coverage/index.html or in stdout.

After a successful test run, you can also see calculated and merged coverage, per branch, on Grafana

rg-victorylive
rg-victorylive commented Jun 30, 2025
View reviewed changes
lib/devise_security_extension/models/password_archivable.rb
unless deny_old_passwords.is_a? Fixnum
if deny_old_passwords.is_a? TrueClass and archive_count > 0
unless deny_old_passwords.is_a?(Integer)
if deny_old_passwords == true && archive_count > 0
Copy link
Author

@rg-victorylive rg-victorylive Jun 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixnum was merged into Integer in newer Ruby versions. Rails 5 was lenient with this, but Rails 7 requires checking against Integer explicitly.

rg-victorylive
rg-victorylive commented Jun 30, 2025
View reviewed changes
lib/devise_security_extension/models/password_expirable.rb
# is an password change required?
def need_change_password?
if self.expire_password_after.is_a? Fixnum or self.expire_password_after.is_a? Float
if self.expire_password_after.respond_to?(:ago)
Copy link
Author

@rg-victorylive rg-victorylive Jun 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

expire_password_after is usually a duration like 365.days, which isn’t a number. Rails 5 handled this loosely, but Rails 7 is stricter. Checking with respond_to?(:ago) ensures it behaves like a duration.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coneybeare coneybeare coneybeare approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rg-victorylive @coneybeare