Permalink
Browse files

Fix secure_password password_confirmation validations

  • Loading branch information...
1 parent f38b544 commit 3be0cdfa55cadf35f7625e055fad9999d064c827 @nettsundere nettsundere committed Jun 26, 2013
View
@@ -1,3 +1,8 @@
+* Fix has_secure_password. `password_confirmation` validations are triggered
+ even if no `password_confirmation` is set.
+
+ *Vladimir Kiselev*
+
* `inclusion` / `exclusion` validations with ranges will only use the faster
`Range#cover` for numerical ranges, and the more accurate `Range#include?`
for non-numerical ones.
@@ -56,9 +56,9 @@ def has_secure_password(options = {})
include InstanceMethodsOnActivation
if options.fetch(:validations, true)
- validates_confirmation_of :password, if: lambda { |m| m.password.present? }
+ validates_confirmation_of :password, if: :should_confirm_password?
validates_presence_of :password, on: :create
- validates_presence_of :password_confirmation, if: lambda { |m| m.password.present? }
+ validates_presence_of :password_confirmation, if: :should_confirm_password?
before_create { raise "Password digest missing on new record" if password_digest.blank? }
end
@@ -109,6 +109,12 @@ def password=(unencrypted_password)
def password_confirmation=(unencrypted_password)
@password_confirmation = unencrypted_password
end
+
+ private
+
+ def should_confirm_password?
+ password_confirmation && password.present?
+ end
end
end
end
@@ -95,6 +95,11 @@ class SecurePasswordTest < ActiveModel::TestCase
assert @user.valid?(:update), "user should be valid"
end
+ test "password_confirmation validations will not be triggered if password_confirmation is not sent" do
+ @user.password = "password"
+ assert @user.valid?(:create)
+ end
+
test "will not save if confirmation is blank but password is not" do
@user.password = "password"
@user.password_confirmation = ""

0 comments on commit 3be0cdf

Please sign in to comment.