Home/ Questions/Q 6374835
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T01:32:17+00:00

In my controller, I try updating a user instance’s rank attribute (integer). For example

  • 0

In my controller, I try updating a user instance’s rank attribute (integer). For example from 1 to 2.

I do this by:

@user = User.find(params[:id])
@user.rank = 2
@user.save(:validate => false)

For some reason the password for the user being saved gets erased, so that they can log in to my site without a password at all. I’ve tried with and without the :validate => false parameter.

Any reason why? help? Thanks a bunch

Model Code

class User < ActiveRecord::Base
attr_accessor :password
attr_accessible :login, :email, :fname, :lname, :password, :password_confirmation, :rank, :hours, :wars
email_filter = /\A[\w+-.]+@[a-z\d-.]+.[a-z]+\z/i

validates :login, :presence => true, :length => { :maximum => 15, :minimum => 4 }, :uniqueness => true
validates :fname, :presence => true, :length => {:minimum => 2 }
validates :lname, :presence => true, :length => {:minimum => 2 }
validates :email, :presence => true, :format => { :with => email_filter}, :uniqueness => { :case_sensitive => false }
validates :password,  :presence => true, :confirmation => true, :length => { :within =>4..40 }
validates :lane_id, :presence => true

before_save :encrypt_password
has_many :reports
has_many :accomplishments
belongs_to :lane 


def has_password?(submitted_password)
  encrypted_password == encrypt(submitted_password)
end

def self.authenticate(login, submitted_password)
  user = find_by_login(login)
  return nil  if user.nil?
  return user if user.has_password?(submitted_password)
end

def self.authenticate_with_salt(id, cookie_salt)
  user = find_by_id(id)
  (user && user.salt == cookie_salt) ? user : nil
end

def current_report
  report = (Report.order("created_at DESC")).find_by_user_id(@user.id)
end

private

def encrypt_password
  self.salt = make_salt if new_record?
  self.encrypted_password = encrypt(password)
end

def encrypt(string)
  secure_hash("#{salt}--#{string}")
end

def make_salt
  secure_hash("#{Time.now.utc}--#{password}")
end

def secure_hash(string)
  Digest::SHA2.hexdigest(string)
end

end

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You have a before_filter that encrypts the password everytime you save your model. Instead of a before_filter use something like this:

    def password=(new_password)
  self.salt = make_salt if new_record?
  self.encrypted_password = encrypt(new_password)
end
    • 0