Signed-off-by: root <root@foreman.labo.org>
···
From: root
---
app/models/user.rb | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/app/models/user.rb b/app/models/user.rb
index af2cad1…0d5ae61 100644
— a/app/models/user.rb
+++ b/app/models/user.rb
@@ -25,7 +25,7 @@ class User < ActiveRecord::Base
validates_uniqueness_of :login, :message => "already exists"
validates_presence_of :login, :mail, :auth_source_id
validates_presence_of :password_hash, :if => Proc.new {|user| user.manage_password?}
- validates_confirmation_of :password, :if => Proc.new {|user| user.manage_password?}, :unless => Proc.new {|user| user.password.empty?}
- validates_confirmation_of :password, :if => Proc.new {|user| user.manage_password?}, :unless => Proc.new {|user| user.password_confirmation.empty?}
validates_format_of :login, :with => /^[a-z0-9_-@.]$/i
validates_length_of :login, :maximum => 30
validates_format_of :firstname, :lastname, :with => /^[\w\s’-.]$/i, :allow_nil => true
–
1.7.1
wont this break? e.g. if you entered a password just in the confirmation dialog?
thanks,
Ohad
···
On Thu, Nov 10, 2011 at 10:28 PM, wrote:
> From: root
>
>
> Signed-off-by: root
> ---
> app/models/user.rb | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/app/models/user.rb b/app/models/user.rb
> index af2cad1..0d5ae61 100644
> --- a/app/models/user.rb
> +++ b/app/models/user.rb
> @@ -25,7 +25,7 @@ class User < ActiveRecord::Base
> validates_uniqueness_of :login, :message => "already exists"
> validates_presence_of :login, :mail, :auth_source_id
> validates_presence_of :password_hash, :if => Proc.new {|user| user.manage_password?}
> - validates_confirmation_of :password, :if => Proc.new {|user| user.manage_password?}, :unless => Proc.new {|user| user.password.empty?}
> + validates_confirmation_of :password, :if => Proc.new {|user| user.manage_password?}, :unless => Proc.new {|user| user.password_confirmation.empty?}
> validates_format_of :login, :with => /^[a-z0-9_\-@\.]*$/i
> validates_length_of :login, :maximum => 30
> validates_format_of :firstname, :lastname, :with => /^[\w\s\'\-\.]*$/i, :allow_nil => true
> --
> 1.7.1
Well yeah you're right …
It does the job but not efficienly … if I provide an empty password +
dummy confirmation, it will be accepted (but password will not be modified).
I should more search on the following way:
- Track the modification of the password field and enable confirmation only
if password field has been modified
Gonna check more in details, but it looks rails related, and I don't really
know that … so should take time … 
Will come back to you ASAP!
Sorry for the mistake!
···
On 14 November 2011 12:56, Ohad Levy wrote:
On Thu, Nov 10, 2011 at 10:28 PM, florent.delvaille@gmail.com wrote:
From: root root@foreman.labo.org
app/models/user.rb | 2 ±
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/app/models/user.rb b/app/models/user.rb
index af2cad1…0d5ae61 100644
— a/app/models/user.rb
+++ b/app/models/user.rb
@@ -25,7 +25,7 @@ class User < ActiveRecord::Base
validates_uniqueness_of :login, :message => "already exists"
validates_presence_of :login, :mail, :auth_source_id
validates_presence_of :password_hash, :if => Proc.new {|user|
user.manage_password?}
- validates_confirmation_of :password, :if => Proc.new {|user|
user.manage_password?}, :unless => Proc.new {|user| user.password.empty?}
- validates_confirmation_of :password, :if => Proc.new {|user|
user.manage_password?}, :unless => Proc.new {|user|
user.password_confirmation.empty?}
validates_format_of :login, :with => /^[a-z0-9_-@.]$/i
validates_length_of :login, :maximum => 30
validates_format_of :firstname, :lastname, :with =>
/^[\w\s’-.]$/i, :allow_nil => true
–
1.7.1
wont this break? e.g. if you entered a password just in the confirmation
dialog?
thanks,
Ohad
–
Florent Delvaille
> Well yeah you're right …
> It does the job but not efficienly … if I provide an empty password +
> dummy confirmation, it will be accepted (but password will not be modified).
>
> I should more search on the following way:
> - Track the modification of the password field and enable confirmation only
> if password field has been modified
>
> Gonna check more in details, but it looks rails related, and I don't really
> know that … so should take time …
>
> Will come back to you ASAP!
>
no problems, maybe using the changed_attributes method [1]
or simply do a check on both password and password confirmation
Ohad
[1] http://apidock.com/rails/ActiveRecord/Dirty/changed_attributes
···
On Mon, Nov 14, 2011 at 2:32 PM, Florent Delvaille wrote:
> Sorry for the mistake!
>
> On 14 November 2011 12:56, Ohad Levy wrote:
>>
>> On Thu, Nov 10, 2011 at 10:28 PM, wrote:
>> > From: root
>> >
>> >
>> > Signed-off-by: root
>> > ---
>> > app/models/user.rb | 2 +-
>> > 1 files changed, 1 insertions(+), 1 deletions(-)
>> >
>> > diff --git a/app/models/user.rb b/app/models/user.rb
>> > index af2cad1..0d5ae61 100644
>> > --- a/app/models/user.rb
>> > +++ b/app/models/user.rb
>> > @@ -25,7 +25,7 @@ class User < ActiveRecord::Base
>> > validates_uniqueness_of :login, :message => "already exists"
>> > validates_presence_of :login, :mail, :auth_source_id
>> > validates_presence_of :password_hash, :if => Proc.new {|user|
>> > user.manage_password?}
>> > - validates_confirmation_of :password, :if => Proc.new {|user|
>> > user.manage_password?}, :unless => Proc.new {|user| user.password.empty?}
>> > + validates_confirmation_of :password, :if => Proc.new {|user|
>> > user.manage_password?}, :unless => Proc.new {|user|
>> > user.password_confirmation.empty?}
>> > validates_format_of :login, :with => /^[a-z0-9_\-@\.]*$/i
>> > validates_length_of :login, :maximum => 30
>> > validates_format_of :firstname, :lastname, :with =>
>> > /^[\w\s\'\-\.]*$/i, :allow_nil => true
>> > --
>> > 1.7.1
>>
>> wont this break? e.g. if you entered a password just in the confirmation
>> dialog?
>>
>> thanks,
>> Ohad
>
>
>
> --
> Florent Delvaille
>
