Rails 有没有办法说“运行除:密码之外的所有验证”?
我正在使用 Devise 进行身份验证。如果未设置 hashed_password,Rails/Devise 的验证将需要设置密码以及 password_confirmation。
当我邀请新用户时,我显然不想设置他们的密码,因此当我在系统中创建邀请时,它会失败,因为 user.password 为空。
我可以为用户设置临时 hashed_password,但是当他们输入自己的密码时,:password 和 :password_confirmation 的验证检查将不会发生这种情况是因为设置了 hashed_password,这是一个真正的问题。
有什么方法可以告诉 Rails 我想要运行除与 :password 相关的验证之外的所有验证吗?
我知道 Rails 有 :if 条件,这可能会解决我的问题,但 Devise 代表我声明 :password 验证,因此本质上是隐藏的。
我怎样才能在这里得到想要的结果?希望不是黑客的方式。
我当前的假设解决方案有点混乱:我唯一能想到的是创建一个新的邀请模型,而不是用户模型,并使用表单的邀请模型。提交邀请后,我可以验证该邀请并将所有值复制到新的用户模型。我可以在没有任何验证的情况下保存该用户。
这是我梦想的最好的解决方案。
看来我的解决方案比说一些简单的事情要多得多,例如:
user.save(validations => {:except => :password})
编辑:我已经找到了解决方案的一部分,但我仍然遇到问题。在我们的用户模型中,我们可以重写 Devise 方法,以防止使用以下代码验证邀请密码:
#protected
def password_required?
!is_invited && super
end
is_invited 属性只是我添加到 users 的列代码>表/模型。
然而,这里有一个问题。当用户接受邀请并到达需要设置密码/密码确认的表单时,valid? 将始终返回true。
这一点让我深感困惑。我不明白 requires_password? 和 valid? 如何同时为 true。如果需要密码,则应进行验证检查并导致验证失败。
我开始讨厌 Devise - 或者只是使用 gem 在黑匣子中构建应用程序的一部分的想法。我认为真正的解决方案可能是放弃 Devise,从头开始。这样您的应用程序就可以完全控制这一切的工作方式:(
I am using Devise for my authentication. If a hashed_password isn't set, Rails/Devise's validations will require a password to be set, as well as the password_confirmation.
When I invite new users, I obviously don't want to set their password, so when I create the invitation in my system, it fails because user.password is blank.
I can set a temporary hashed_password on the user, but when they enter their own password, the validation checks for :password and :password_confirmation will not happen because hashed_password is set, which is a real problem.
Is there any way to tell Rails that I want to run all the validations except for the ones associated with :password?
I know Rails has :if conditions, which might fix my problem, but Devise declares the :password validation on my behalf, so that essentially is hidden.
How can I get the desired result here?, hopefully in a way that is not a hack.
My current hypothetical solution that is somewhat messy: The only thing I can think of is to create a new Invitation model that is not the User model, and use the Invitation model for the form. When the invitation is submitted I can validate that Invitation and copy over all the values to the new User model. I can save that User without any validations at all.
That's the best solution I dreamed up.
It seems like my solution will be a lot more work than saying something simple like:
user.save(validations => {:except => :password})
EDIT: I have found one part of the solution, but I am still having problems. In our user model, we can override a Devise method to prevent the validation of the password for invitations with this bit of code:
#protected
def password_required?
!is_invited && super
end
The is_invited attribute is just a column I added to the users table/model.
However, there is one gotcha here. When a user accepts an invitation and they arrive to the form where they need to set their password/password_confirmation, valid? will always return true.
This one has me deeply perplexed. I don't see how requires_password? and valid? can be true at the same time. If it requires the password, it should do a validation check and cause the validations to fail.
I'm starting to hate Devise - or just the idea of using gems to build parts of your application in a blackbox. I think the real solution probably is to rip out Devise and just do it all from scratch. That way your app has total control of how all of this works :(
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我最近开始使用这个很棒的 devise 插件: devise_invitable
它很常用,所以用户(或任何模型)可以邀请其他用户加入。
但我将其调整为手动(通过管理面板)邀请新的潜在用户使用我的应用程序。
希望这有帮助!
I recently started using this great devise add-on: devise_invitable
It's commonly used so users (or any model) can invite other users to join.
But I adapt it for manually (via an admin panel) invite new potential users to my app.
Hope this helps!