2

我有一个带有名称和密码属性的用户模型。当用户单击“编辑”时,我只希望名称字段可编辑和验证,而不是密码字段。当用户单击“重置密码”时,反之亦然。我认为我的主要问题是如何在名称字段编辑期间关闭密码验证以及如何在密码编辑期间关闭名称验证?

编辑.html.erb

<%= form_for @user, html: { class: "form_settings" } do |f| %>
  <%= render 'shared/error_messages', object: f.object %>
  <p><span><%= f.label :name %></span>
    <%= f.text_field :name %>
  </p>

  <p style="padding-top: 15px"><span>&nbsp;</span>
    <%= f.submit "Submit", class: "submit" %>
  </p>
<% end %>

reset_password.html.erb

<%= form_for @user, html: { class: "form_settings" } do |f| %>
  <%= render 'shared/error_messages', object: f.object %>
  <p><span><%= label_tag :old_password, "Current Password" %></span>
    <%= password_field_tag :old_password %>
  </p>

  <p><span><%= f.label :password %></span>
    <%= f.password_field :password %>
  </p>

  <p><span><%= f.label :password_confirmation %></span>
    <%= f.password_field :password_confirmation %>
  </p>

  <p style="padding-top: 15px"><span>&nbsp;</span>
    <%= f.submit "Submit", class: "submit" %>
  </p>
<% end %>

users_controller.rb

def update
  @user = User.find(params[:id])
  if params[:old_password]
    if @user.authenticate(params[:old_password])
      @user.update_attributes(password: params[:user][:password])
      flash[:success] = "Password has been updated"
      redirect_to @user
    else
      flash.now[:error] = "Current password is incorrect"
      render :reset_password
    end
  elsif @user.update_attributes(params[:user])
    flash[:success] = "User name updated"
    redirect_to @user
  else
    render :edit
  end
end

我的另一个问题是密码和密码确认验证不起作用。这就是我在模型中的内容:

validates :password, presence: true, confirmation: true

更新 获得了要重置的密码并使用此代码进行验证:

def update
  @user = User.find(params[:id])
  if params[:old_password]
    if @user.authenticate(params[:old_password])
      if params[:user][:password] == params[:user][:password_confirmation]
        @user.update_attributes(password: params[:user][:password])
        flash[:success] = "Password has been updated"
        redirect_to @user
      else
        flash.now[:error] = "Passwords don't match"
        render :reset_password
      end
    else
      flash.now[:error] = "Current password is incorrect"
      render :reset_password
    end
  elsif @user.update_attributes(params[:user])
    flash[:success] = "User name updated"
    redirect_to @user
  else
    render :edit
  end
end

但这对我来说似乎太复杂了。有人看到更简单的解决方案吗?

但是我仍然有编辑名称字段的问题。就是说密码不能为空。

4

3 回答 3

1

将验证逻辑移至模型并保持控制器清洁。

validates :password, presence: true, confirmation: true, if: password?, on: :update
validates :name, presence: true, if: name?, on: :update

当您创建记录时,这是必需的。只需添加on: :create

validates :password, presence: true, confirmation: true, on: :create
validates :name, presence: true, on: :create

像这样修改你的控制器,

def update
  @user = User.find(params[:id])
  @user.authenticate(params[:old_password]) if params[:old_password]
  return redirect_to @user, notice: "Sucessfully updated" if @user.update_attributes(params[:user])
  render Rails.application.routes.recognize_path(request.referer)[:action]
end

从此链接使用的渲染想法: 渲染启动更新的操作

于 2013-03-03T13:32:10.547 回答
1

您不应在同一操作中混合使用名称编辑和密码重置。

创建一个将更新用户属性的操作,该password字段不应被列入白名单attr_accessible

创建另一项将处理密码重置的操作。

def update
  @user = User.find(params[:id])
  if @user.update_attributes(params[:user])
    flash[:success] = "User name updated"
    redirect_to @user
  else
    render :edit
  end
end

def reset_password
  if params[:old_password] && @user.authenticate(params[:old_password])
    if params[:user][:password] == params[:user][:password_confirmation]
      @user.password = params[:user][:password]
      flash[:success] = "Password has been updated"
      redirect_to @user
    else
      flash.now[:error] = "Passwords don't match"
      render :reset_password
    end
  else
    flash.now[:error] = "Current password is incorrect"
    render :reset_password
  end
end

这样,每个动作都有其语义角色。

顺便说一句,我希望您使用 bcrypt 之类的东西来存储密码。

于 2013-03-03T13:42:47.870 回答
0

想通了......但它看起来有点难看:

def update
  @user = User.find(params[:id])
  if params[:old_password]
    if @user.authenticate(params[:old_password])
      if params[:user][:password] == params[:user][:password_confirmation]
        @user.update_attributes(password: params[:user][:password])
        flash[:success] = "Password has been updated"
        redirect_to @user
      else
        flash.now[:error] = "Passwords don't match"
        render :reset_password
      end
    else
      flash.now[:error] = "Current password is incorrect"
      render :reset_password
    end
  elsif params[:user][:name].blank?
    flash[:error] = "Name can't be blank"
    render :edit
  else
    @user.update_attribute(:name, params[:user][:name])
    flash[:success] = "User name updated"
    redirect_to @user
  end
end
于 2013-03-03T03:35:56.767 回答