So far, it\’s RoR

Ruby on Rails, PostgreSQL, SVN, etc….

User profiles with restful_authentication

Posted by Chirag Patel on December 22, 2007

 

Error when updating the user from a form

ActiveRecord::RecordInvalid (Validation failed: Password confirmation can’t be blank, Password is too short (minimum is 4 characters), Password can’t be blank):

 

 

 

Suggestion

It’s probably because of the restrictions on the User model (attr_accessible or attr_protected, in particular). But allowing users access to any part of the User model via mass assignment is dangerous. That’s why many people create a separate Profile model and link it via a 1:1 (belongs_to, has_one) relationship.

 

 

Solution

Coming soon

 

 

Advertisements

2 Responses to “User profiles with restful_authentication”

  1. Piku said

    Yes, it’s because of the restriction on the User model.
    I have
    validates_presence_of :password, :if => :password_required?
    validates_presence_of :password_confirmation, :if => :password_required?
    validates_length_of :password, :within => 4..40, :if => :password_required?
    def password_required?
    crypted_password.blank? || !password.blank?
    end

    That runs the validations over password and password_confirmation only if any of them is set.

  2. Hypnogogic said

    Somehow i missed the point. Probably lost in translation 🙂 Anyway … nice blog to visit.

    cheers, Hypnogogic.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: