diff options
| author | Yevhene Shemet <yevhene@gmail.com> | 2014-08-06 17:41:36 +0300 |
|---|---|---|
| committer | Yevhene Shemet <yevhene@gmail.com> | 2014-08-06 22:11:06 +0300 |
| commit | f8dcb365dfb8506c60297a4434f70f41b5259250 (patch) | |
| tree | d11691bec39ebeed383ad1993516616d475c8143 /activemodel | |
| parent | d5be08347fb7ff758572775ec93247a3ca886004 (diff) | |
| download | rails-f8dcb365dfb8506c60297a4434f70f41b5259250.tar.gz rails-f8dcb365dfb8506c60297a4434f70f41b5259250.tar.bz2 rails-f8dcb365dfb8506c60297a4434f70f41b5259250.zip | |
Allow password to contain spaces only.
Diffstat (limited to 'activemodel')
| -rw-r--r-- | activemodel/CHANGELOG.md | 6 | ||||
| -rw-r--r-- | activemodel/lib/active_model/secure_password.rb | 4 | ||||
| -rw-r--r-- | activemodel/test/cases/secure_password_test.rb | 10 |
3 files changed, 18 insertions, 2 deletions
diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md index 8d22e3ac46..b1a3d660d6 100644 --- a/activemodel/CHANGELOG.md +++ b/activemodel/CHANGELOG.md @@ -1,3 +1,9 @@ +* Passwords with spaces only allowed in `ActiveModel::SecurePassword`. + + Presence validation can be used to resore old behavior. + + *Yevhene Shemet* + * Validate options passed to `ActiveModel::Validations.validate`. Preventing, in many cases, the simple mistake of using `validate` instead of `validates`. diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index 7e179cf4b7..f6ad35769f 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -105,7 +105,7 @@ module ActiveModel attr_reader :password # Encrypts the password into the +password_digest+ attribute, only if the - # new password is not blank. + # new password is not empty. # # class User < ActiveRecord::Base # has_secure_password validations: false @@ -119,7 +119,7 @@ module ActiveModel def password=(unencrypted_password) if unencrypted_password.nil? self.password_digest = nil - elsif unencrypted_password.present? + elsif !unencrypted_password.empty? @password = unencrypted_password cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost self.password_digest = BCrypt::Password.create(unencrypted_password, cost: cost) diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb index 6b21bc68fa..6d56c8344a 100644 --- a/activemodel/test/cases/secure_password_test.rb +++ b/activemodel/test/cases/secure_password_test.rb @@ -40,6 +40,11 @@ class SecurePasswordTest < ActiveModel::TestCase assert @user.valid?(:create), 'user should be valid' end + test "create a new user with validation and a spaces only password" do + @user.password = ' ' * 72 + assert @user.valid?(:create), 'user should be valid' + end + test "create a new user with validation and a blank password" do @user.password = '' assert !@user.valid?(:create), 'user should be invalid' @@ -105,6 +110,11 @@ class SecurePasswordTest < ActiveModel::TestCase assert @existing_user.valid?(:update), 'user should be valid' end + test "updating an existing user with validation and a spaces only password" do + @user.password = ' ' * 72 + assert @user.valid?(:update), 'user should be valid' + end + test "updating an existing user with validation and a blank password and password_confirmation" do @existing_user.password = '' @existing_user.password_confirmation = '' |