CakePHP isUnique Validation During User Edit

2
votes

I have the following validation code processed for my User Model. It works good when creating a User, however, it does not work when updating. I am aware of 'on' => 'create', but I want the rule to also apply during Edit as well. I am allowing a user to change its username, but if what the user is changing it to is already in Db, the submission should be denied.

var $validate = array(
    'username' => array(
        'alphaNumeric' => array(
                'rule' => 'alphaNumeric',
                'message' => 'Usa letras ou numeros como o teu << Usuario >>',
        ),
        'between' => array(
                'rule' => array('between' , 5, 15),
                'message' => 'O << Usuario >> tens que ter entre 5 a 15 letras/numeros',
        ),
        'isUnique' => array(
                'rule' => 'isUnique',
                'message' => 'O << Usuario >> que escolhestes ja foi utilizado. Escolhe um outro.'
        )
    )
);

Since the user needs to be logged in to reach the Edit page, could a custom validation rule be created to:

  1. Check If the Submitted Username already belongs to the Auth->User('id') and if it is submit normally
  2. However, if the username being submitted is different than Auth->User('username'), we should check if no one else has this username.
  3. And if Auth->User() is NULL, process isUnique as normal as this only apply when creating new User.

Thanks

check

2
validationcakephp

2 Answers

2
votes

I was able to fix my problem using the following:

var $validate = array(
    'username' => array(
        'third' => array(
                'rule' => array('checkUniqueName'),
                'message' => 'O << Usuario >> que escolhestes ja foi utilizado. Escolhe um outro.'
        )
    ),
    'email' => array(
        'second' => array(
            'rule' => array('checkUniqueEmail'),
            'message' => 'Este email ja foi registado anteriormente. Contacta-nos se foi por engano'
        )
    )
);  


function checkUniqueName($data) {

    $isUnique = $this->find(
                'first',
                array(
                    'fields' => array(
                        'User.id',
            'User.username'
                    ),
                    'conditions' => array(
                        'User.username' => $data['username']
                    )
                )
        );

    if(!empty($isUnique)){

        if($this->authUserId == $isUnique['User']['id']){
            return true; //Allow update
        }else{
            return false; //Deny update
        }
    }else{
        return true; //If there is no match in DB allow anyone to change
    }
    }

function checkUniqueEmail($data) {

    $isUnique = $this->find(
                'first',
                array(
                    'fields' => array(
                        'User.id'
                    ),
                    'conditions' => array(
                        'User.email' => $data['email']
                    )
                )
        );

    if(!empty($isUnique)){

        if($this->authUserId == $isUnique['User']['id']){
            return true; //Allow update
        }else{
            return false; //Deny update
        }
    }else{
        return true; //If there is no match in DB allow anyone to change
    }
    }
1
votes

If the 'on' key isn't specified for the validation rule, or it is set to null, the rule will be applied for both create and update operations, as specified in both the 1.3 and 2.0 manual:

The ‘on’ key can be set to either one of the following values: ‘update’ or ‘create’. This provides a mechanism that allows a certain rule to be applied either during the creation of a new record, or during update of a record.

If a rule has defined ‘on’ => ‘create’, the rule will only be enforced during the creation of a new record. Likewise, if it is defined as ‘on’ => ‘update’, it will only be enforced during the updating of a record.

The default value for ‘on’ is null. When ‘on’ is null, the rule will be enforced during both creation and update.

The code you have supplied should validate on the edit form as well, as long as you are making sure to include the ID of the logged in user on the form. So for example:

<?php echo $this->Form->create('User'); ?>
<?php echo $this->Form->hidden('id', array('value' => AuthComponent::user('id'))); ?>
<?php echo $this->Form->input('username'); ?>
<?php echo $this->Form->end('Update Username'); ?>

If the form is a create user form, you wouldn't include the hidden ID field.