diff options
-rw-r--r-- | activerecord/lib/active_record/secure_token.rb | 3 | ||||
-rw-r--r-- | activerecord/test/cases/secure_token_test.rb | 7 | ||||
-rw-r--r-- | guides/source/action_controller_overview.md | 2 |
3 files changed, 9 insertions, 3 deletions
diff --git a/activerecord/lib/active_record/secure_token.rb b/activerecord/lib/active_record/secure_token.rb index 07031b6371..0990f815a7 100644 --- a/activerecord/lib/active_record/secure_token.rb +++ b/activerecord/lib/active_record/secure_token.rb @@ -27,7 +27,7 @@ module ActiveRecord # Load securerandom only when has_secure_token is used. require 'active_support/core_ext/securerandom' define_method("regenerate_#{attribute}") { update! attribute => self.class.generate_unique_secure_token } - before_create { self.send("#{attribute}=", self.class.generate_unique_secure_token) } + before_create { self.send("#{attribute}=", self.class.generate_unique_secure_token) unless self.send("#{attribute}?")} end def generate_unique_secure_token @@ -36,4 +36,3 @@ module ActiveRecord end end end - diff --git a/activerecord/test/cases/secure_token_test.rb b/activerecord/test/cases/secure_token_test.rb index 3f7455d12d..e731443fc2 100644 --- a/activerecord/test/cases/secure_token_test.rb +++ b/activerecord/test/cases/secure_token_test.rb @@ -22,4 +22,11 @@ class SecureTokenTest < ActiveRecord::TestCase assert_not_equal @user.token, old_token assert_not_equal @user.auth_token, old_auth_token end + + def test_token_value_not_overwritten_when_present + @user.token = "custom-secure-token" + @user.save + + assert_equal @user.token, "custom-secure-token" + end end diff --git a/guides/source/action_controller_overview.md b/guides/source/action_controller_overview.md index 80000baf66..f68179841e 100644 --- a/guides/source/action_controller_overview.md +++ b/guides/source/action_controller_overview.md @@ -737,7 +737,7 @@ You can choose not to yield and build the response yourself, in which case the a While the most common way to use filters is by creating private methods and using *_action to add them, there are two other ways to do the same thing. -The first is to use a block directly with the *_action methods. The block receives the controller as an argument, and the `require_login` filter from above could be rewritten to use a block: +The first is to use a block directly with the *\_action methods. The block receives the controller as an argument, and the `require_login` filter from above could be rewritten to use a block: ```ruby class ApplicationController < ActionController::Base |