bcrypt will encrypt anything, so validate_presence_of would not catch nil / blank passwords. Thank you to Aleksander Kamil Modzelewski for reporting this

author: Aaron Patterson <aaron.patterson@gmail.com> 2011-04-14 14:54:25 -0700
committer: Aaron Patterson <aaron.patterson@gmail.com> 2011-04-14 14:54:25 -0700
commit: 3e237522366e4b5b5811f9436a58de99d8b12542 (patch)
tree: 43329d0760f64d6b1f6c3f9b8bfb0fdee714b02e /activemodel/test/cases
parent: 9951af02891f889cbc8de818adb6b50ceb31e7bf (diff)
download: rails-3e237522366e4b5b5811f9436a58de99d8b12542.tar.gz
rails-3e237522366e4b5b5811f9436a58de99d8b12542.tar.bz2
rails-3e237522366e4b5b5811f9436a58de99d8b12542.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb
index 4a47a7a226..c455cf57b3 100644
--- a/activemodel/test/cases/secure_password_test.rb
+++ b/activemodel/test/cases/secure_password_test.rb
@@ -9,6 +9,18 @@ class SecurePasswordTest < ActiveModel::TestCase
     @user = User.new
   end
 
+  test "blank password" do
+    user = User.new
+    user.password = ''
+    assert !user.valid?, 'user should be invalid'
+  end
+
+  test "nil password" do
+    user = User.new
+    user.password = nil
+    assert !user.valid?, 'user should be invalid'
+  end
+
   test "password must be present" do
     assert !@user.valid?
     assert_equal 1, @user.errors.size
author	Aaron Patterson <aaron.patterson@gmail.com>	2011-04-14 14:54:25 -0700
committer	Aaron Patterson <aaron.patterson@gmail.com>	2011-04-14 14:54:25 -0700
commit	3e237522366e4b5b5811f9436a58de99d8b12542 (patch)
tree	43329d0760f64d6b1f6c3f9b8bfb0fdee714b02e /activemodel/test/cases
parent	9951af02891f889cbc8de818adb6b50ceb31e7bf (diff)
download	rails-3e237522366e4b5b5811f9436a58de99d8b12542.tar.gz rails-3e237522366e4b5b5811f9436a58de99d8b12542.tar.bz2 rails-3e237522366e4b5b5811f9436a58de99d8b12542.zip