From 20490adcbf00cd382e8e310415955a427b93e398 Mon Sep 17 00:00:00 2001 From: Godfrey Chan Date: Mon, 20 Jan 2014 04:27:42 -0800 Subject: Restored the ability to clear the password with user.password= nil (see the docs) --- activemodel/lib/active_model/secure_password.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'activemodel/lib') diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index d824a66784..e4af1efa65 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -100,7 +100,9 @@ module ActiveModel # user.password = 'mUc3m00RsqyRe' # user.password_digest # => "$2a$10$4LEA7r4YmNHtvlAvHhsYAeZmk/xeUVtMTYqwIvYY76EW5GUqDiP4." def password=(unencrypted_password) - unless unencrypted_password.blank? + if unencrypted_password.nil? + self.password_digest = nil + elsif unencrypted_password.present? @password = unencrypted_password cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost self.password_digest = BCrypt::Password.create(unencrypted_password, cost: cost) -- cgit v1.2.3 From 8ca59237dd4951efcc9861142222254a134911ca Mon Sep 17 00:00:00 2001 From: Godfrey Chan Date: Mon, 20 Jan 2014 05:04:19 -0800 Subject: Got all the new tests passing --- activemodel/lib/active_model/secure_password.rb | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) (limited to 'activemodel/lib') diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index e4af1efa65..c0e60fbb8a 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -57,11 +57,15 @@ module ActiveModel include InstanceMethodsOnActivation if options.fetch(:validations, true) - validates_confirmation_of :password, if: :password_confirmation_required? - validates_presence_of :password, on: :create - validates_presence_of :password_confirmation, if: :password_confirmation_required? + # This ensures the model has a password by checking whether the password_digest + # is present, so that this works with both new and existing records. However, + # when there is an error, the message is added to the password attribute instead + # so that the error message will makes sense to the end-user. + validate do |record| + record.errors.add(:password, :blank) unless record.password_digest.present? + end - before_create { raise "Password digest missing on new record" if password_digest.blank? } + validates_confirmation_of :password, if: ->{ self.password.present? } end if respond_to?(:attributes_protected_by_default) @@ -112,12 +116,6 @@ module ActiveModel def password_confirmation=(unencrypted_password) @password_confirmation = unencrypted_password end - - private - - def password_confirmation_required? - password_confirmation && password.present? - end end end end -- cgit v1.2.3 From 98705d88cd8ec705b80a032f8c166072b4e6fffd Mon Sep 17 00:00:00 2001 From: Godfrey Chan Date: Fri, 24 Jan 2014 19:57:07 -0800 Subject: Some minor fixes --- activemodel/lib/active_model/secure_password.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'activemodel/lib') diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index c0e60fbb8a..01739d8ae4 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -60,12 +60,12 @@ module ActiveModel # This ensures the model has a password by checking whether the password_digest # is present, so that this works with both new and existing records. However, # when there is an error, the message is added to the password attribute instead - # so that the error message will makes sense to the end-user. + # so that the error message will make sense to the end-user. validate do |record| record.errors.add(:password, :blank) unless record.password_digest.present? end - validates_confirmation_of :password, if: ->{ self.password.present? } + validates_confirmation_of :password, if: ->{ password.present? } end if respond_to?(:attributes_protected_by_default) -- cgit v1.2.3