hi,
I am creating a website for a summer institute; i have flaged the
student with a zero entry in the table, and the administrator with a
one. An admin can edit a students information. However, i don’t want him
to edit the password as soon as he click on edit list.
I am trying to allow the admin of editing the student’s information
without changing the password.
my edit function is the default scaffold one.
regards
There are other ways to verify this, but I use the acts_as_modified
plugin for similar things and it’s really handy.
https://rubyforge.org/projects/actsasmodified
With this you can do this in validate
def validate
errors.add(:password, “You can not change a users password”) if
self.modified? && self.password_modified?
end
Mouhannad Oweism wrote:
hi,
I am creating a website for a summer institute; i have flaged the
student with a zero entry in the table, and the administrator with a
one. An admin can edit a students information. However, i don’t want him
to edit the password as soon as he click on edit list.
I am trying to allow the admin of editing the student’s information
without changing the password.
my edit function is the default scaffold one.
regards
–
Sincerely,
William P.
Dear william,
thank you for your quick response
This might work if i want to prevent the admin and the user to edit the
password. However, i want the admin not to have to modify the password
if he wants to edit a user’s information.
regards
After reading your post again, you may need to add another condition to
the if statement to only disallow admins, like this:
def validate
errors.add(:password, “You can not change a users password”) if
current_user.admin && self.modified? && self.password_modified?
end
This assumes you have a current_user function to get at the current user
and that admin is a method that returns a boolean
William P. wrote:
end
my edit function is the default scaffold one.
regards
–
Sincerely,
William P.
it is also worth mentioning william that the edit page is the same as
the sign_up page, and on that page i have used the validate_presence_of.
thank u again
Ok, maybe I misunderstood you. Are you saying that when he edits the
user, and leaves the password fields blank, you don’t want the password
in the database to get wiped out? If thats the case, delete it from the
params hash before calling update_attributes if it’s empty
params[:user].delete(:password) if params[:user][:password].empty?
@user = User.update(params[:id], params[:user])
That will not update the password field if that is what you are looking
to do.
Mouhannad Oweism wrote:
Dear william,
thank you for your quick response
This might work if i want to prevent the admin and the user to edit the
password. However, i want the admin not to have to modify the password
if he wants to edit a user’s information.
regards
–
Sincerely,
William P.