Rails validates a field that isn't included in page
Question
I have a sample app that I created and I'm having trouble editing the fields. Whenever I try and update my fields, it's triggers my "validates :password_confirmation" in my user model even though I haven't included the password_confirmation field in the page.
Here are some of my codes:
This is my 'pages/services.html.erb' where I display the data
<h1>Shows all users</h1>
<% if current_user %>
<table border="1">
<% @column_names.each do |column_name| %>
<% if column_name == "name" || column_name == "username" || column_name == "email"%>
<td>
<strong><%= column_name.capitalize %></strong>
</td>
<% end %>
<% end %>
<% @users.each do |user| %>
<tr>
<td><%= user.name%></td>
<td><%= user.username%></td>
<td><%= user.email%></td>
<td><%= link_to "edit", edit_user_path(user)%></td>
<td><%= link_to "delete", '#'%></td>
</tr>
<%end%>
</table>
<% end %>
And here's my 'users/edit.html.erb'. I have a users model fyi.
Edit
<%= form_for @user do |f| %>
<%= render 'shared/error_message' %>
<p>
<%= f.text_field :name%><br/>
<%= f.label :name %><br/>
</p>
<p>
<%= f.text_field :username %><br/>
<%= f.label :username%><br/>
</p>
<p>
<%= f.email_field :email%><br/>
<%= f.label :email %><br/>
</p>
<p> <%= f.submit "Update" %></p>
<% end%>
and here's my UsersController code:
class UsersController < ApplicationController
def new
@user = User.new
@title = "User Sign Up"
end
def create
@user = User.new(params[:user])
if @user.save
sign_in_check @user
redirect_to root_path, :flash => { :success => "Welcome to the Bakeshop"}
else
@title = "User Sign Up"
render 'new'
end
end
def edit
@user = User.find(params[:id])
end
def update
@user = User.find(params[:id])
if @user.update_attributes(params[:user])
redirect_to pages_services_path, :notice => "Update Successful"
else
render "edit"
end
end
end
Can someone explain this phenomenon and suggest a fix?
EDIT
Added my user.rb file code:
class User < ActiveRecord::Base
require 'digest/md5'
attr_accessible :password_confirmation, :name, :email, :password, :username
before_save :encrypt_password
validates :name, :presence => true,
:length => { :maximum => 25}
validates :username, :presence => true,
:length => { :maximum => 25},
:uniqueness => {:case_sensitive => false}
validates :email, :presence => true,
:uniqueness => {:case_sensitive => false}
validates :password, :presence => true,
:confirmation => true,
:length => {:within => 6..40}
validates :password_confirmation, :presence => true
def self.authenticate(username, password)
user = User.find_by_username(username)
if user && user.password == Digest::MD5.hexdigest(password)
user
else
nil
end
end
def encrypt_password
self.password = Digest::MD5.hexdigest(password)
end
end
2 answers
solution1
0 ACCPTED 2013-08-28 12:03:20
I think the problem might be here:
validates :password, :presence => true,
:confirmation => true, #Confirm 1
:length => {:within => 6..40}
validates :password_confirmation, :presence => true #Confirm 2
in the first validates block, the code that I've marked as confirm 1 is basically doing the same thing as the code I've marked confirm 2 . The first block is all that you need as when there's a field with a password, this code will automatically confirm it.
The second bit is causing an error because this is not associated with the password field explicitly and so you're asking Rails to confirm the presence of the :password_confirmation attribute before a user is created or updated, which is unnecessary. Does that make sense?
solution2
0 2013-08-28 12:20:20
Rails will validate against the validators of the class User, even though you are not using all the fields of that class.
If you don't want to use or validate all the fields of the class User in your view, you should use another view model class or simply remove the validation that you don't want to use (in this case password_confirmation).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.