diff options
Diffstat (limited to 'activemodel')
| -rw-r--r-- | activemodel/CHANGELOG.md | 5 | ||||
| -rw-r--r-- | activemodel/examples/validations.rb | 2 | ||||
| -rw-r--r-- | activemodel/lib/active_model/secure_password.rb | 16 | ||||
| -rw-r--r-- | activemodel/lib/active_model/serializers/xml.rb | 2 | ||||
| -rw-r--r-- | activemodel/test/cases/secure_password_test.rb | 5 |
5 files changed, 23 insertions, 7 deletions
diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md index 0568e5d545..3d3c61ed1c 100644 --- a/activemodel/CHANGELOG.md +++ b/activemodel/CHANGELOG.md @@ -1,3 +1,8 @@ +* Fix has_secure_password. `password_confirmation` validations are triggered + even if no `password_confirmation` is set. + + *Vladimir Kiselev* + * `inclusion` / `exclusion` validations with ranges will only use the faster `Range#cover` for numerical ranges, and the more accurate `Range#include?` for non-numerical ones. diff --git a/activemodel/examples/validations.rb b/activemodel/examples/validations.rb index 2c5cc11f49..c94cd17e18 100644 --- a/activemodel/examples/validations.rb +++ b/activemodel/examples/validations.rb @@ -25,5 +25,5 @@ person1 = Person.new p person1.valid? # => false p person1.errors.messages # => {:name=>["can't be blank"]} -person2 = Person.new(:name => "matz") +person2 = Person.new(name: 'matz') p person2.valid? # => true diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index 7156f1bb30..cc9483e67b 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -18,9 +18,9 @@ module ActiveModel # value to the password_confirmation attribute and the validation # will not be triggered. # - # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use #has_secure_password: + # You need to add bcrypt-ruby (~> 3.1.0) to Gemfile to use #has_secure_password: # - # gem 'bcrypt-ruby', '~> 3.0.0' + # gem 'bcrypt-ruby', '~> 3.1.0' # # Example using Active Record (which automatically includes ActiveModel::SecurePassword): # @@ -44,7 +44,7 @@ module ActiveModel # This is to avoid ActiveModel (and by extension the entire framework) # being dependent on a binary library. begin - gem 'bcrypt-ruby', '~> 3.0.0' + gem 'bcrypt-ruby', '~> 3.1.0' require 'bcrypt' rescue LoadError $stderr.puts "You don't have bcrypt-ruby installed in your application. Please add it to your Gemfile and run bundle install" @@ -56,9 +56,9 @@ module ActiveModel include InstanceMethodsOnActivation if options.fetch(:validations, true) - validates_confirmation_of :password, if: lambda { |m| m.password.present? } + validates_confirmation_of :password, if: :should_confirm_password? validates_presence_of :password, on: :create - validates_presence_of :password_confirmation, if: lambda { |m| m.password.present? } + validates_presence_of :password_confirmation, if: :should_confirm_password? before_create { raise "Password digest missing on new record" if password_digest.blank? } end @@ -109,6 +109,12 @@ module ActiveModel def password_confirmation=(unencrypted_password) @password_confirmation = unencrypted_password end + + private + + def should_confirm_password? + password_confirmation && password.present? + end end end end diff --git a/activemodel/lib/active_model/serializers/xml.rb b/activemodel/lib/active_model/serializers/xml.rb index 2803f69b6f..2864c2ba11 100644 --- a/activemodel/lib/active_model/serializers/xml.rb +++ b/activemodel/lib/active_model/serializers/xml.rb @@ -205,7 +205,7 @@ module ActiveModel Serializer.new(self, options).serialize(&block) end - # Sets the model +attributes+ from a JSON string. Returns +self+. + # Sets the model +attributes+ from an XML string. Returns +self+. # # class Person # include ActiveModel::Serializers::Xml diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb index 0b900d934d..98e5c747d5 100644 --- a/activemodel/test/cases/secure_password_test.rb +++ b/activemodel/test/cases/secure_password_test.rb @@ -95,6 +95,11 @@ class SecurePasswordTest < ActiveModel::TestCase assert @user.valid?(:update), "user should be valid" end + test "password_confirmation validations will not be triggered if password_confirmation is not sent" do + @user.password = "password" + assert @user.valid?(:create) + end + test "will not save if confirmation is blank but password is not" do @user.password = "password" @user.password_confirmation = "" |