I’ve got a model Officer that relies on password validation in all
cases, but I need it to validate the password at different times. For
on create, I want to verify that the password and password
confirmation exists at all times. For update, want to make it
possible for providing password optional, and only when the password
is provided, to make sure it matches the password confirmation and the
within a certain length (such as when calling method
update_attributes).
The best ways I see it right now is to define either
before_validation_on_create, after_validation_on_create, or
before_create for method new, and define either
before_validation_on_update, after_validation_on_update, or
before_update for method update_attributes. It’s worth noting that
Officer extends off of Person, which has it’s own validations to do.
I have several questions about this. First, which function should I
define for validating create and update? What are the pros and cons
on each one?
I’ve also noticed that I cannot use validate_length_of and other
helper methods inside these, and wondered why I’m not allowed to.
Does this mean I have to make my own validation?
If I do have to make my own validations within these methods, I will
have to verify that the pseudo-parameters :password
and :password_confirmation exists. Do I have to call attr_accessor on
either :password, :password_confirmation, or both in this case?
Many thanks in advance!
P.S. Currently, my Officer and Person model looks like this:
class Officer < Person
#take care of password thingy
validates_length_of :password, :within => 5…20
#attr_accessor :password_confirmation
validates_presence_of :password_confirmation, :if => :password
validates_confirmation_of :password
#some functions
def validate
errors.add_to_base(“Missing password”) if hashed_password.blank?
end
def self.authenticate( rin, password )
person = self.find( :first, :conditions => [ ‘rin = ?’, rin ] )
if person
expected_password = encrypted_password( password, person.salt )
if person.hashed_password != expected_password
person = nil
end
end
person
end
end
class Person < ActiveRecord::Base
#first_name is required: must start with a capital
validates_presence_of :first_name
validates_format_of :first_name,
:with => /^[A-Z][a-zA-Z0-9, .]+$/
#last_name is required: must start with a capital
validates_presence_of :last_name
validates_format_of :last_name,
:with => /^[A-Z][a-zA-Z0-9, .]+$/
#rin is required: must be unique; also, must all be lowercases
#with 0 to 2 numbers following the letters.
validates_presence_of :rin,
:message => ‘: A Rensselaer ID must be provided’
validates_format_of :rin,
:with => /^[a-z]+[0-9]{0,2}$/,
:message => ‘: Invalid Rensselaer ID’
validates_uniqueness_of :rin,
:message => ‘: Someone already has this Rensselaer ID’
#email must be unique, and it is required.
validates_presence_of :email
validates_format_of :email,
:with => /^[a-zA-Z0-9_]+@[a-zA-Z0-9_]+(.[a-z]{2,3}){1,2}$/
validates_uniqueness_of :email
#year is required, and must be a 4 digit number greater than 2000
validates_presence_of :year
validates_numericality_of :year,
:only_integer => true
validates_length_of :year,
:is => 4
#completely ignore the passwords
def password
@password
end
def password=(pwd)
@password = pwd
create_new_salt
self.hashed_password = Officer.encrypted_password(self.password,
self.salt)
end
protected
def validate
errors.add(:year, “should be between 2000 and 3000”) if
( year.to_i < 2000 or year.to_i > 3000 )
end
def self.encrypted_password(password, salt)
string_to_hash = password + “Japan is an island of interest” +
salt
Digest::SHA1.hexdigest(string_to_hash)
end
def create_new_salt
self.salt = (self.object_id * rand).to_s + rand.to_s
end
end