diff options
| author | Yves Senn <yves.senn@gmail.com> | 2013-03-04 18:56:05 +0100 |
|---|---|---|
| committer | Yves Senn <yves.senn@gmail.com> | 2013-03-04 18:56:05 +0100 |
| commit | 8c1687bbf8dd518d64fc7180b33c1cb57f29a69a (patch) | |
| tree | 17538b7a80d65742b6872f7b1fef5122c324060b /activemodel/lib/active_model/secure_password.rb | |
| parent | b501ee47fa3f877f8b8028e732f8ef8a22cc75fb (diff) | |
| download | rails-8c1687bbf8dd518d64fc7180b33c1cb57f29a69a.tar.gz rails-8c1687bbf8dd518d64fc7180b33c1cb57f29a69a.tar.bz2 rails-8c1687bbf8dd518d64fc7180b33c1cb57f29a69a.zip | |
`has_secure_password` is not invalid when assigning empty Strings.
Closes #9535.
With 692b3b6 the `password=` setter does no longer set blank passwords.
This triggered validation errors when assigning empty Strings to `password`
and `password_confirmation`.
This patch only sets the confirmation if it is not `blank?`.
Diffstat (limited to 'activemodel/lib/active_model/secure_password.rb')
| -rw-r--r-- | activemodel/lib/active_model/secure_password.rb | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index 6644b60609..9324a1ad0a 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -48,6 +48,8 @@ module ActiveModel attr_reader :password + include InstanceMethodsOnActivation + if options.fetch(:validations, true) validates_confirmation_of :password validates_presence_of :password, :on => :create @@ -55,8 +57,6 @@ module ActiveModel before_create { raise "Password digest missing on new record" if password_digest.blank? } end - include InstanceMethodsOnActivation - if respond_to?(:attributes_protected_by_default) def self.attributes_protected_by_default #:nodoc: super + ['password_digest'] @@ -99,6 +99,12 @@ module ActiveModel self.password_digest = BCrypt::Password.create(unencrypted_password, cost: cost) end end + + def password_confirmation=(unencrypted_password) + unless unencrypted_password.blank? + @password_confirmation = unencrypted_password + end + end end end end |