Running only password/password_confirmation validation when user resets password

1
votes

My site is connected to external vbulletin forum. I have custom user validator to check if username, email is present on vbulletin forum.

validate :check_if_forum_user_exists

def check_if_forum_user_exists
  if Vbuser.find_by_email(email.downcase)
    errors.add(:email, "error 1")
  end

  if !Vbuser.find(:all, conditions: ["lower(username) = lower(?)",name]).empty?
    errors.add(:name, "error 2")
  end
end

I have very basic password reset functionality. At the end step user enters password and password_confirmation which is stored in params[:user]. In controller I want to save it with @user.update_attributes(params[:user]) and get validation 'error 1' (as all existing users have vbulletin accounts it will always trigger).

I'd like to run only has_secure_password validators, and no others, as I don't change anything else but password. Any idea how can I do this? And why this custom validator triggers.

1
ruby-on-railsruby-on-rails-3

1 Answers

1
votes

You can used changed, changed_attributes and _changed? to detemrine which fields have changed on update.

To inspect if the email address has changed, you could do this:

if email_changed?
  ...
end

Password may be a little bit more complicated. You probably have a hashed password field and password and password confirmation aren't actual fields on your model. You could do something similar to see if the hashed password has changed.