## View<% form_for :user, @user do |f| %> <table> <tr> <td><lab

1. ## View
2. <% form_for :user, @user do |f| %>
3. <table>
4. <tr>
5. <td><label for="user_username">Username:</label></td>
6. <td><%= f.text_field :username %></td>
7. </tr>
8. <tr>
9. <td><label for="user_email">Email:</label></td>
10. <td><%= f.text_field :email %></td>
11. </tr>
12. <tr>
13. <td><label for="user_password">Password:</label></td>
14. <td><%= f.password_field :password %></td>
15. </tr>
16. <tr>
17. <td><label for="user_password_confirmation">Password (confirm):</label></td>
18. <td><%= f.password_field :password_confirmation %></td>
19. </tr>
20. <tr>
21. <td colspan="2"><%= f.check_box :terms_of_service, :onclick => "toggleSubmit()" %> <label for="user_terms_of_service">I have read and agree to the <%= link_to 'Terms of Service', page_url(:url_name => 'tos') %> and <%= link_to 'Privacy Policy', page_url(:url_name => 'privacy') %>.</label></td>
22. </tr>
23. </table>
24. <%= submit_tag 'Register', :id => 'submit' %>
25. <% end %>
26.  
27. ## Model
28. class User < ActiveRecord::Base
29. has_many :pages
30. belongs_to :school
31. has_many :memberships, :conditions => 'memberships.status > 0',
32. :dependent => :destroy
33. has_many :groups, :through => :memberships
34.  
35. attr_accessor :password, :old_password
36. attr_accessible :username, :password, :email
37.  
38. validates_length_of :username, :in => 3..12
39. validates_length_of :password, :in => 4..20, :if => :password_required?
40. validates_confirmation_of :password, :if => :password_required?
41. validates_acceptance_of :terms_of_service
42. validates_uniqueness_of :username, :email
43. validates_format_of :email,
44. :with => /^[a-zA-Z0-9._+%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}$/,
45. :message => 'format does not appear to be valid'
46. validates_format_of :username, :with => /^[a-zA-Z0-9_]+$/,
47. :message => 'may only contain alphanumerical characters and "_"'
48.  
49. #...
50. private
51.  
52. def password_required?
53. !@password.nil? or self.hashed_password.blank?
54. end
55. #...
56. end
57.  
58. ## Breakpoint!
59.  
60. =begin
61. Executing break point at script/../config/../app/controllers/user_controller.rb:16 in `register'
62. irb(#<UserController:0xb77bbbb0>):001:0> params
63. => {"user"=>{"password_confirmation"=>"", "username"=>"technel", "terms_of_service"=>"1", "password"=>"", "email"=>""}, "commit"=>"Register", "action"=>"register", "controller"=>"user"}
64.  
65. Executing break point at script/../config/../app/models/user.rb:90 in `validate'
66. irb(#<User:0xb778a9ac>):001:0> password
67. => ""
68. irb(#<User:0xb778a9ac>):002:0> password_confirmation
69. => nil
70. irb(#<User:0xb778a9ac>):003:0> self.errors
71. => #<ActiveRecord::Errors:0xb7562378 @base=#<User:0xb778a9ac @errors=#<ActiveRecord::Errors:0xb7562378 ...>, @__bp_line=90, @password="", @attributes={"status"=>0, "hashed_password"=>"a23c713da2124e9dc3c651e18e382af2f4418aabbc9be557b8d7e4203db9e3a2", "password_salt"=>"clE7EckB-608414506", "username"=>"technel", "school_id_updated_on"=>nil, "last_logged_in_at"=>nil, "school_id"=>0, "getting_started"=>true, "created_at"=>nil, "email"=>""}, @__bp_file="script/../config/../app/models/user.rb", @new_record=true>, @errors={"username"=>["has already been taken"], "password"=>["is too short (minimum is 4 characters)"], "email"=>["format does not appear to be valid"]}>
72.  
73. =end
74.  
75. ## Diff with previously working model
76. michael@michael-c:~/sapp_bak_2-28-06/sapp/app/models$ diff ./user.rb /home/michael/sapp/app/models/user.rb
77. 4,8c4,8
78. < has_many :pages
79. < has_many :enrollments, :conditions => 'enrollments.status > 0', :dependent => :destroy
80. < has_many :schools, :through => :enrollments
81. < has_many :memberships, :conditions => 'memberships.status > 0', :dependent => :destroy
82. < has_many :groups, :through => :memberships
83. ---
84. > has_many :pages
85. > belongs_to :school
86. > has_many :memberships, :conditions => 'memberships.status > 0',
87. > :dependent => :destroy
88. > has_many :groups, :through => :memberships
89. 10c10
90. < attr_accessor :password, :current_password, :school
91. ---
92. > attr_accessor :password, :old_password, :password_confirmation
93. 13,23c13,23
94. < validates_length_of :username, :in => 3..12
95. < validates_length_of :password, :in => 4..20
96. < validates_acceptance_of :terms_of_service
97. < validates_uniqueness_of :username, :email
98. < validates_confirmation_of :password
99. < validates_format_of :email, :with => /^[a-zA-Z0-9._+%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}$/, :message => 'format does not appear to be valid'
100. < validates_format_of :username, :with => /^[a-zA-Z0-9_]+$/, :message => 'may only contain alphanumerical characters and "_"'
101. <
102. < # This method searches for the username in the database. If the account exists, it checks
103. < # the password. If it matches, the user variable will be returned with the
104. < # object in it. Otherwise, we set the user variable to nil and return that
105. ---
106. > validates_length_of :username, :in => 3..12
107. > validates_length_of :password, :in => 4..20#, :if => :password_required?
108. > validates_confirmation_of :password#, :if => :password_required?
109. > validates_acceptance_of :terms_of_service
110. > validates_uniqueness_of :username, :email
111. > validates_format_of :email,
112. > :with => /^[a-zA-Z0-9._+%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}$/,
113. > :message => 'format does not appear to be valid'
114. > validates_format_of :username, :with => /^[a-zA-Z0-9_]+$/,
115. > :message => 'may only contain alphanumerical characters and "_"'
116. >
117. 25c25
118. < # Accept both usernames and IDs
119. ---
120. > # Accept both username strings and IDs
121. 33c33
122. < unless user.hashed_password == encrypt(password, user.password_salt)
123. ---
124. > unless user.hashed_password == User.encrypt(password, user.password_salt)
125. 41,51c41,42
126. < def school
127. < self.schools[0]
128. < end
129. <
130. < def enrollment
131. < self.enrollments[0]
132. < end
133. <
134. < # The virtual attribute "password" is saved to "hashed_password" after being
135. < # run through the encryption method. A plain-text version is temporarily kept
136. < # for the life of the object so that the length/confirmation can be evaluated.
137. ---
138. > # The virtual attribute "password" stores a plaintext password that is then hashed
139. > # and stored in "hashed_password" after the plaintext is validated.
140. 55c46
141. < create_salt
142. ---
143. > self.password_salt = generate_salt
144. 58a50,53
145. > # Expected values for hash:
146. > # old_password
147. > # password
148. > # password_confirmation
149. 60,65c55,62
150. < unless User.authenticate(self.id, hash[:current_password])
151. < errors.add(:current_password, 'did not match the one on record')
152. < return false
153. < else
154. < self.password = hash[:password]
155. < self.password_confirmation = hash[:password_confirmation]
156. ---
157. > unless User.authenticate(self.id, hash[:old_password])
158. > return errors.add(:old_password, 'was not correct')
159. > end
160. >
161. > self.password = hash[:password]
162. > self.password_confirmation = hash[:password_confirmation]
163. >
164. > if self.valid?
165. 66a64,65
166. > else
167. > return false
168. 70,74c69,73
169. < def ban!
170. < self.memberships.update_attribute(:status, -1)
171. < self.enrollment.update_attribute(:status, -1)
172. < self.update_attribute(:status, -1)
173. < return self.save
174. ---
175. > def ban
176. > self.school_id = nil
177. > self.memberships.destroy_all
178. > self.status = -1
179. > self.save
180. 78,81d76
181. < def create_salt
182. < self.password_salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp + object_id.to_s
183. < end
184. <
185. 84a80,91
186. >
187. > def generate_salt
188. > [Array.new(6){rand(256).chr}.join].pack("m").chomp + object_id.to_s
189. > end
190. >
191. > def password_required?
192. > !@password.nil? or self.hashed_password.blank?
193. > end
194. >
195. > def validate
196. > breakpoint
197. > end