From ddbea9474e20a40e80110944c1e3493ba0efe572 Mon Sep 17 00:00:00 2001
From: Michael de Silva <michael@mwdesilva.com>
Date: Sun, 11 Mar 2012 23:31:11 +0300
Subject: Fixed Issue #2884 ActiveModel::SecurePassword code / rdoc conflict;
 an elucidated explanation has been provided and ActiveModel en-locale updated
 to present a less confusing attribute name for 'password_digest' in form
 errors due to "has_secure_password"

---
 activemodel/lib/active_model/locale/en.yml      |  4 ++++
 activemodel/lib/active_model/secure_password.rb | 13 +++++++++++++
 2 files changed, 17 insertions(+)

(limited to 'activemodel/lib')

diff --git a/activemodel/lib/active_model/locale/en.yml b/activemodel/lib/active_model/locale/en.yml
index ba49c6beaa..1842ba002f 100644
--- a/activemodel/lib/active_model/locale/en.yml
+++ b/activemodel/lib/active_model/locale/en.yml
@@ -1,4 +1,8 @@
 en:
+  attributes:
+    # Prevent confusion in form errors due to 'has_secure_password'
+    password_digest: "Password"
+
   errors:
     # The default format to use in full error messages.
     format: "%{attribute} %{message}"
diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb
index e7a57cf691..7c529cb67b 100644
--- a/activemodel/lib/active_model/secure_password.rb
+++ b/activemodel/lib/active_model/secure_password.rb
@@ -10,6 +10,19 @@ module ActiveModel
       # a "password_confirmation" attribute) are automatically added.
       # You can add more validations by hand if need be.
       #
+      # Note: the implementation of <tt>has_secure_password</tt> enforces presence validation
+      # on the <tt>:password_digest</tt> attribute rather than on <tt>:password</tt>, which is
+      # in fact a virtual reader attribute.  However, <tt>validates_confirmation_of</tt> ensures
+      # an indirect means of presence validation of <tt>:password</tt> if the
+      # <tt>:password_confirmation</tt> attribute is not nil.
+      #
+      # You may want to add presence validation on <tt>:password</tt> for the benefit of your forms
+      #
+      #   class User < ActiveRecord::Base
+      #     has_secure_password
+      #     validates :password, :presence => { :on => :create }
+      #   end
+      #
       # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use has_secure_password:
       #
       #   gem 'bcrypt-ruby', '~> 3.0.0'
-- 
cgit v1.2.3