10 files changed, 40 insertions, 30 deletions

diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md
index 0568e5d545..3d3c61ed1c 100644
--- a/activemodel/CHANGELOG.md
+++ b/activemodel/CHANGELOG.md
@@ -1,3 +1,8 @@
+*   Fix has_secure_password. `password_confirmation` validations are triggered
+    even if no `password_confirmation` is set.
+
+    *Vladimir Kiselev*
+
 *   `inclusion` / `exclusion` validations with ranges will only use the faster
     `Range#cover` for numerical ranges, and the more accurate `Range#include?`
     for non-numerical ones.
diff --git a/activemodel/Rakefile b/activemodel/Rakefile
index f72b949c64..407dda2ec3 100644
--- a/activemodel/Rakefile
+++ b/activemodel/Rakefile
@@ -13,9 +13,8 @@ end
 
 namespace :test do
   task :isolated do
-    ruby = File.join(*RbConfig::CONFIG.values_at('bindir', 'RUBY_INSTALL_NAME'))
     Dir.glob("#{dir}/test/**/*_test.rb").all? do |file|
-      sh(ruby, '-w', "-I#{dir}/lib", "-I#{dir}/test", file)
+      sh(Gem.ruby, '-w', "-I#{dir}/lib", "-I#{dir}/test", file)
     end or raise "Failures"
   end
 end
diff --git a/activemodel/lib/active_model/errors.rb b/activemodel/lib/active_model/errors.rb
index e608a649f8..cf7551e4f4 100644
--- a/activemodel/lib/active_model/errors.rb
+++ b/activemodel/lib/active_model/errors.rb
@@ -238,8 +238,8 @@ module ActiveModel
     # object. You can pass the <tt>:full_messages</tt> option. This determines
     # if the json object should contain full messages or not (false by default).
     #
-    #   person.as_json                      # => {:name=>["can not be nil"]}
-    #   person.as_json(full_messages: true) # => {:name=>["name can not be nil"]}
+    #   person.errors.as_json                      # => {:name=>["can not be nil"]}
+    #   person.errors.as_json(full_messages: true) # => {:name=>["name can not be nil"]}
     def as_json(options=nil)
       to_hash(options && options[:full_messages])
     end
@@ -247,8 +247,8 @@ module ActiveModel
     # Returns a Hash of attributes with their error messages. If +full_messages+
     # is +true+, it will contain full messages (see +full_message+).
     #
-    #   person.to_hash       # => {:name=>["can not be nil"]}
-    #   person.to_hash(true) # => {:name=>["name can not be nil"]}
+    #   person.errors.to_hash       # => {:name=>["can not be nil"]}
+    #   person.errors.to_hash(true) # => {:name=>["name can not be nil"]}
     def to_hash(full_messages = false)
       if full_messages
         messages = {}
diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb
index 7156f1bb30..8b9ac97bbb 100644
--- a/activemodel/lib/active_model/secure_password.rb
+++ b/activemodel/lib/active_model/secure_password.rb
@@ -2,7 +2,9 @@ module ActiveModel
   module SecurePassword
     extend ActiveSupport::Concern
 
-    class << self; attr_accessor :min_cost; end
+    class << self
+      attr_accessor :min_cost # :nodoc:
+    end
     self.min_cost = false
 
     module ClassMethods
@@ -18,9 +20,9 @@ module ActiveModel
       # value to the password_confirmation attribute and the validation
       # will not be triggered.
       #
-      # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use #has_secure_password:
+      # You need to add bcrypt-ruby (~> 3.1.0) to Gemfile to use #has_secure_password:
       #
-      #   gem 'bcrypt-ruby', '~> 3.0.0'
+      #   gem 'bcrypt-ruby', '~> 3.1.0'
       #
       # Example using Active Record (which automatically includes ActiveModel::SecurePassword):
       #
@@ -44,7 +46,7 @@ module ActiveModel
         # This is to avoid ActiveModel (and by extension the entire framework)
         # being dependent on a binary library.
         begin
-          gem 'bcrypt-ruby', '~> 3.0.0'
+          gem 'bcrypt-ruby', '~> 3.1.0'
           require 'bcrypt'
         rescue LoadError
           $stderr.puts "You don't have bcrypt-ruby installed in your application. Please add it to your Gemfile and run bundle install"
@@ -56,9 +58,9 @@ module ActiveModel
         include InstanceMethodsOnActivation
 
         if options.fetch(:validations, true)
-          validates_confirmation_of :password, if: lambda { |m| m.password.present? }
+          validates_confirmation_of :password, if: :should_confirm_password?
           validates_presence_of     :password, on: :create
-          validates_presence_of     :password_confirmation, if: lambda { |m| m.password.present? }
+          validates_presence_of     :password_confirmation, if: :should_confirm_password?
 
           before_create { raise "Password digest missing on new record" if password_digest.blank? }
         end
@@ -109,6 +111,12 @@ module ActiveModel
       def password_confirmation=(unencrypted_password)
         @password_confirmation = unencrypted_password
       end
+
+      private
+
+      def should_confirm_password?
+        password_confirmation && password.present?
+      end
     end
   end
 end
diff --git a/activemodel/lib/active_model/serializers/xml.rb b/activemodel/lib/active_model/serializers/xml.rb
index 2803f69b6f..2864c2ba11 100644
--- a/activemodel/lib/active_model/serializers/xml.rb
+++ b/activemodel/lib/active_model/serializers/xml.rb
@@ -205,7 +205,7 @@ module ActiveModel
         Serializer.new(self, options).serialize(&block)
       end
 
-      # Sets the model +attributes+ from a JSON string. Returns +self+.
+      # Sets the model +attributes+ from an XML string. Returns +self+.
       #
       #   class Person
       #     include ActiveModel::Serializers::Xml
diff --git a/activemodel/test/cases/railtie_test.rb b/activemodel/test/cases/railtie_test.rb
index 0643fa775d..96b3b07e50 100644
--- a/activemodel/test/cases/railtie_test.rb
+++ b/activemodel/test/cases/railtie_test.rb
@@ -8,7 +8,7 @@ class RailtieTest < ActiveModel::TestCase
     require 'active_model/railtie'
 
     # Set a fake logger to avoid creating the log directory automatically
-    fake_logger = mock()
+    fake_logger = Logger.new(nil)
 
     @app ||= Class.new(::Rails::Application) do
       config.eager_load = false
diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb
index 0b900d934d..98e5c747d5 100644
--- a/activemodel/test/cases/secure_password_test.rb
+++ b/activemodel/test/cases/secure_password_test.rb
@@ -95,6 +95,11 @@ class SecurePasswordTest < ActiveModel::TestCase
     assert @user.valid?(:update), "user should be valid"
   end
 
+  test "password_confirmation validations will not be triggered if password_confirmation is not sent" do
+    @user.password = "password"
+    assert @user.valid?(:create)
+  end
+
   test "will not save if confirmation is blank but password is not" do
     @user.password = "password"
     @user.password_confirmation = ""
diff --git a/activemodel/test/cases/serializers/json_serialization_test.rb b/activemodel/test/cases/serializers/json_serialization_test.rb
index f0347081ee..bc185c737f 100644
--- a/activemodel/test/cases/serializers/json_serialization_test.rb
+++ b/activemodel/test/cases/serializers/json_serialization_test.rb
@@ -155,12 +155,6 @@ class JsonSerializationTest < ActiveModel::TestCase
     end
   end
 
-  test "as_json should keep the default order in the hash" do
-    json = @contact.as_json
-
-    assert_equal %w(name age created_at awesome preferences), json.keys
-  end
-
   test "from_json should work without a root (class attribute)" do
     json = @contact.to_json
     result = Contact.new.from_json(json)
@@ -204,7 +198,7 @@ class JsonSerializationTest < ActiveModel::TestCase
     assert_no_match %r{"preferences":}, json
   end
 
-  test "custom as_json options should be extendible" do
+  test "custom as_json options should be extensible" do
     def @contact.as_json(options = {}); super(options.merge(only: [:name])); end
     json = @contact.to_json
 
diff --git a/activemodel/test/cases/serializers/xml_serialization_test.rb b/activemodel/test/cases/serializers/xml_serialization_test.rb
index c4cfb0c255..11ee17bb27 100644
--- a/activemodel/test/cases/serializers/xml_serialization_test.rb
+++ b/activemodel/test/cases/serializers/xml_serialization_test.rb
@@ -53,8 +53,7 @@ class XmlSerializationTest < ActiveModel::TestCase
     @contact.address.city = "Springfield"
     @contact.address.apt_number = 35
     @contact.friends = [Contact.new, Contact.new]
-    @related_contact = SerializableContact.new
-    @contact.contact = @related_contact
+    @contact.contact = SerializableContact.new
   end
 
   test "should serialize default root" do
diff --git a/activemodel/test/cases/validations/conditional_validation_test.rb b/activemodel/test/cases/validations/conditional_validation_test.rb
index 41a4c33727..5049d6dd61 100644
--- a/activemodel/test/cases/validations/conditional_validation_test.rb
+++ b/activemodel/test/cases/validations/conditional_validation_test.rb
@@ -23,7 +23,7 @@ class ConditionalValidationTest < ActiveModel::TestCase
     Topic.validates_length_of(:title, maximum: 5, too_long: "hoo %{count}", unless: :condition_is_true)
     t = Topic.new("title" => "uhohuhoh", "content" => "whatever")
     assert t.valid?
-    assert t.errors[:title].empty?
+    assert_empty t.errors[:title]
   end
 
   def test_if_validation_using_method_false
@@ -31,7 +31,7 @@ class ConditionalValidationTest < ActiveModel::TestCase
     Topic.validates_length_of(:title, maximum: 5, too_long: "hoo %{count}", if: :condition_is_true_but_its_not)
     t = Topic.new("title" => "uhohuhoh", "content" => "whatever")
     assert t.valid?
-    assert t.errors[:title].empty?
+    assert_empty t.errors[:title]
   end
 
   def test_unless_validation_using_method_false
@@ -57,7 +57,7 @@ class ConditionalValidationTest < ActiveModel::TestCase
     Topic.validates_length_of(:title, maximum: 5, too_long: "hoo %{count}", unless: "a = 1; a == 1")
     t = Topic.new("title" => "uhohuhoh", "content" => "whatever")
     assert t.valid?
-    assert t.errors[:title].empty?
+    assert_empty t.errors[:title]
   end
 
   def test_if_validation_using_string_false
@@ -65,7 +65,7 @@ class ConditionalValidationTest < ActiveModel::TestCase
     Topic.validates_length_of(:title, maximum: 5, too_long: "hoo %{count}", if: "false")
     t = Topic.new("title" => "uhohuhoh", "content" => "whatever")
     assert t.valid?
-    assert t.errors[:title].empty?
+    assert_empty t.errors[:title]
   end
 
   def test_unless_validation_using_string_false
@@ -93,7 +93,7 @@ class ConditionalValidationTest < ActiveModel::TestCase
       unless: Proc.new { |r| r.content.size > 4 })
     t = Topic.new("title" => "uhohuhoh", "content" => "whatever")
     assert t.valid?
-    assert t.errors[:title].empty?
+    assert_empty t.errors[:title]
   end
 
   def test_if_validation_using_block_false
@@ -102,7 +102,7 @@ class ConditionalValidationTest < ActiveModel::TestCase
       if: Proc.new { |r| r.title != "uhohuhoh"})
     t = Topic.new("title" => "uhohuhoh", "content" => "whatever")
     assert t.valid?
-    assert t.errors[:title].empty?
+    assert_empty t.errors[:title]
   end
 
   def test_unless_validation_using_block_false
@@ -124,7 +124,7 @@ class ConditionalValidationTest < ActiveModel::TestCase
 
     t = Topic.new
     assert t.invalid?, "A topic without a title should not be valid"
-    assert t.errors[:author_name].empty?, "A topic without an 'important' title should not require an author"
+    assert_empty t.errors[:author_name], "A topic without an 'important' title should not require an author"
 
     t.title = "Just a title"
     assert t.valid?, "A topic with a basic title should be valid"