I'm learning rails and building an authentication system using guides from around the web and following railscasts tutorials.
I've come to a stand still at the moment and need a bit of assistance if possible.
When ever I try to edit the user profile, I get an error message which tells me that it can't create an account due to fields such as email and username already being taken.
Looking around it seems it's related to how my edit form is being submitted, but I can't solve it!
Any help would be appreciated.
Users_controller.rb
def edit
#user = User.find(params[:id])
end
def update
#user = User.find(params[:id])
if #user.update_attributes(user_params)
flash[:success] = "Profile updated"
redirect_to #user
else
render 'edit'
end
end
edit.html.erb
<%= form_for :user, url: '/users' do |f| %>
<form class="m-t" role="form" action="#">
<div class="form-group">
<%= f.label :name %>
<%= f.text_field :name, class: 'form-control', autocomplete: "off" %>
</div>
<div class="form-group">
<%= f.label :user_type %>
<%= f.select(:user_type, ['Admin', 'Technical', 'Accounts'], {}, { :class => 'form-control' }) %>
</div>
<div class="form-group">
<%= f.label :email %>
<%= f.text_field :email, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :telephone %>
<%= f.text_field :telephone, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :mobile %>
<%= f.text_field :mobile, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :user_name %>
<%= f.text_field :user_name, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password %>
<%= f.password_field :password, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :company_admin%>
<%= f.check_box :company_admin, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :user_admin %>
<%= f.check_box :user_admin, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :emergency_contact %>
<%= f.check_box :emergency_contact, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.submit "Submit", class: "btn btn-primary block full-width m-b" %>
</div>
</form>
<% end %>
Rails Log
User Exists (0.2ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = 'emailaddress#gmail.com' LIMIT 1
User Exists (0.1ms) SELECT 1 AS one FROM "users" WHERE "users"."user_name" = 'AUserName' LIMIT 1
user.rb
class User < ActiveRecord::Base
has_secure_password
validates :name, presence: { message: "Please enter your name." }
validates_uniqueness_of :email, presence: { message: "Please enter your email address." }
validates_format_of :email, with: /\A([^#\s]+)#((?:[-a-z0-9]+\.)+[a-z] {2,})\z/i, message: "Please enter a valid email address.", allow_blank: true
validates :telephone, presence: { message: "Please enter your phone number." }
validates :mobile, presence: { message: "Please enter your mobile number." }
validates_uniqueness_of :user_name, presence: { message: "Please enter your user name." }
validates_confirmation_of :password, presence: { message: "Please enter your password" }, allow_nil: true
before_create { generate_token(:auth_token) }
def generate_token(column)
begin
self[column] = SecureRandom.urlsafe_base64
end while User.exists?(column => self[column])
end
def send_password_reset
generate_token(:password_reset_token)
self.password_reset_sent_at = Time.zone.now
save!
UserMailer.password_reset(self).deliver
end
end
Wait I'm wrong on the validation. Just spotted it.
<%= form_for :user, url: '/users' do |f| %>
This won't use the #user object, which means rails thinks you're trying to create a user.
Switch it to
<%= form_for #user do |f| %>
Rails will also infer the correct place to post to so you won't need the url option anymore.
Related
I'm using the Devise gem for authentication and for the login form when I click on "Log in" with the fields blank I get the error "Invalid Email or password". I think it would be nice just like the registration form to have errors like "Name can't be blank" or "Email can't be blank" depending on the field that is blank. How can one achieve that?
Log in view
<h2>Log in</h2>
<%= form_for(resource, as: resource_name, url: session_path(resource_name), data: { turbo: false }) do |f| %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true, autocomplete: "email" %>
</div>
<div class="field">
<%= f.label :password %><br />
<%= f.password_field :password, autocomplete: "current-password" %>
</div>
<% if devise_mapping.rememberable? %>
<div class="field remember">
<%= f.check_box :remember_me %>
<%= f.label :remember_me %>
</div>
<% end %>
<div class="actions">
<%= f.submit "Log in" %>
</div>
<% end %>
<%= render "devise/shared/links" %>
application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :authenticate_user!
before_action :update_allowed_parameters, if: :devise_controller?
def after_sign_up_path_for(_resource)
groups_path
end
def after_sign_in_path_for(_resource)
groups_path
end
protected
def update_allowed_parameters
devise_parameter_sanitizer.permit(:sign_up) do |u|
u.permit(:name, :email, :password, :password_confirmation)
end
devise_parameter_sanitizer.permit(:account_update) do |u|
u.permit(:name, :email, :password, :password_confirmation, :current_password)
end
end
end
Its pretty trivial to just add a client side validation which will provide immediate feedback if you want to:
# app/views/devise/sessions/new.html.erb
<h2>Log in</h2>
<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true, autocomplete: "email", required: true %>
</div>
<div class="field">
<%= f.label :password %><br />
<%= f.password_field :password, autocomplete: "current-password", required: true %>
</div>
<% if devise_mapping.rememberable? %>
<div class="field">
<%= f.check_box :remember_me %>
<%= f.label :remember_me %>
</div>
<% end %>
<div class="actions">
<%= f.submit "Log in" %>
</div>
<% end %>
<%= render "devise/shared/links" %>`
The views in your application will take priority over those defined by the engine.
The reason why Devise doesn't actually use model validation at all for sessions is that models are not context aware and adding this feature would add a lot of complexity for very little gain.
Your model doesn't have a concept of "signing in" so if you called resource.valid? it will fire all the validations for creating a record like for example uniqueness of the email.
While you could do this by creating a form object or by overriding the controller method and adding the errors "inline" it provides very little additional value in safeguarding your application against bad user input which is what server side validations are primarily intendended to do (user feedback is the secondary purpose). YAGNI.
validates_confirmation_of :password does not work when I submitted my form. Even if the password confirmation is not the same, the user is signed up.
I wrote the same thing that the guide. during my research , I did not found anything that explain that.
Do you know what is happening and how can I solve it?
Here is my code:
My view:
<%= form_for User.new do |f| %>
<div class="row">
<div class="col-md-6">
<%= f.label :Prénom %> :
<%= f.text_field :first_name, class: "form-control" %><br />
</div>
<div class="col-md-6">
<%= f.label :Nom %> :
<%= f.text_field :last_name, class: "form-control" %><br />
</div>
</div>
<div class="row">
<div class="col-md-6">
<%= f.label :Pseudo %> :
<%= f.text_field :user_name, class: "form-control"%><br />
</div>
<div class="col-md-6">
<%= f.label :Email %> :
<%= f.email_field :email, class: "form-control" %><br />
</div>
</div>
<div class="row">
<div class="col-md-6">
<%= f.label :Mot_de_passe %> :
<%= f.password_field :password, class: "form-control" %><br />
</div>
<div class="col-md-6">
<%= f.label :Confirmation_mot_de_passe %> :
<%= f.password_field :password_confirmation, class: "form-control" %><br />
</div>
</div>
<%= f.label :Club_favori %> :
<%=f.select(:club) do%>
<%= options_from_collection_for_select(Club.all,:id ,:name) %>
<% end %>
<br>
<%= f.submit class: "btn btn-primary" %>
<% end %>
My model:
class User < ActiveRecord::Base
has_merit
has_secure_password
has_many :comments
validates_length_of :password, minimum: 5, too_short: 'please enter at least 5 characters', on: :create
validates_presence_of :user_name, :message => 'Vous devez remplir tout les champs.', on: :create
validates_uniqueness_of :user_name, :case_sensitive => false, :message => "Ce pseudo n'est pas disponible.", on: :create
validates_confirmation_of :password, on: :create
end
My controller:
class UsersController < ApplicationController
def create
#user = User.new(user_params)
if #user.save
#user.add_badge(1)
session[:user_id] = #user.id
redirect_to '/feed'
else
redirect_to '/signup', flash: {error_message: #user.errors}
end
end
private
def user_params
params.require(:user).permit( :user_name, :first_name, :last_name, :email, :password, :sash, :club)
end
def new
#user = User.new
#clubs =Club.all
end
end
Thank you in advance for your help.
You override your current #user when you enter your form.
Just change:
<%= form_for User.new do |f| %>
to
<%= form_for #user do |f| %>
I'm new to rails...but I'm trying to do an app on my own to "practice" what I've learned.
I have a new form with model validations, but the error messages aren't showing. Here is what I have:
seed.rb (Model)
class Seed < ApplicationRecord
validates :name, presence: true
validates :category, presence: true
validates :latin, presence: true
validates :maturity, presence: true
validates :sun, presence: true
validates :sow, presence: true
validates :cycle, presence: true
validates :description, presence: true, length: { minimum: 5, maximum: 500 }
mount_uploader :seedimage, SeedImageUploader
end
seed_controller.rb (Controller)
class SeedsController < ApplicationController
def index
#seeds = Seed.all
end
def new
#seed = Seed.new
end
def create
#seed = Seed.new(seed_params)
if #seed.save
redirect_to seeds_path
else
render 'new'
end
end
def edit
end
def update
#seed = Seed.find(params[:id])
if #seed.update(seed_params)
redirect_to #seed
else
render 'edit'
end
end
def show
#seed = Seed.find(params[:id])
end
def destroy
#seed = Seed.find(params[:id])
#seed.destroy
redirect_to seeds_path
end
def seed_params
params.require(:seed).permit(:name, :category, :latin, :maturity, :sun, :sow, :cycle, :description, :seedimage)
end
end
_form.html.erb (Form for 'New') (new.html.erb just has <% render 'form' %>
<%= form_with model: #seed, class: "form-horizontal" do |f| %>
<% if #seed.errors.any? %>
<div id="error_explanation">
<h2>
<%= pluralize(#seed.errors.count, "error") %> prohibited
this seed from being saved:
</h2>
<ul>
<% #seed.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="form-group">
<%= f.label :name %>
<%= f.text_field :name, class: "form-control", placeholder: "Seed Name" %>
</div>
<div class="form-group">
<%= f.label :category %>
<%= f.text_field :category, class: "form-control", placeholder: "Category: 'beans'" %>
</div>
<div class="control-label">
<%= f.label :latin %>
<%= f.text_field :latin, class: "form-control", placeholder: "Latin Name" %>
</div>
<div class="form-group">
<%= f.label :maturity %>
<%= f.number_field :maturity, class: "form-control", placeholder: "Maturity Time" %>
</div>
<div class="form-group">
<%= f.label :sun %>
<%= f.select(:sun, options_for_select([['Full Sun'], ['Partial Sun'], ['Full Shade']]), {}, { class: "custom-select"}) %>
</div>
<div class="form-group">
<%= f.label :sow %>
<%= f.text_field :sow, class: "form-control", placeholder: "Plant Indoors/Sow Outdoors/etc.." %>
</div>
<div class="form-group">
<%= f.label :cycle %>
<%= f.text_field :cycle, class: "form-control", placeholder: "Annual/Perennial/etc.." %>
</div>
<div class="form-group">
<%= f.label :description %>
<%= f.text_area :description, size: "60x12", class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :seedimage %>
<%= f.file_field :seedimage, class: "form-control" %>
</div>
<div class="form-group">
<%= f.submit "Create", class: "btn btn-primary btn-lg" %>
</div>
<% end %>
I'm a bit confused why this doesn't work? Right now when I hit the create button it flashes, but no error messages. I can CONFIRM that the model is using the validations because if I try to do a Seed.create() and check messages against that it doesn't indeed work....so I'm a bit confused?
From what I can tell the .any? isn't happening, since if I do a ! to that statement it'll at least display 0 messages.
You are not seeing any error messages because all the forms generated by form_with tag are remote: true by default and send xhr(ajax) requests to the server. If you want to see the error messages, as of your current setup, you have to add local: true wich makes the submission normal.
Replacing
<%= form_with model: #seed, class: "form-horizontal" do |f| %>
with
<%= form_with model: #seed, local: true, class: "form-horizontal" do |f| %>
will do the trick. Hope this will help.
I am creating an application through which a user will be able to create an account. When they create an account, in the same form they will be able to create an organization that will then be tied to their user. Once that user has created their account (and an organization) other users will be able to create an account and use an "access code" to join that organization as well. Looking at the code may explain it better.
The reason i'm posting on SO is because i have a feeling there is a better / more efficient way to do it than what i am currently doing. I'm using nested_forms (maybe not correctly) and i don't think i'm doing the associations the right way because, for example, i haven't been able to get the edit form to fill out the organization fields.
I am using sorcery for the authentication as well.
users_controller.rb
def new
#user = User.new
end
def create
#user = User.new(user_params)
if params[:user][:organization][:name].blank?
flash.now[:error] = "You must specify an organization name."
render :new
else
if params[:user][:organization][:access_code].blank?
# create new organization
#access_code = "#{SecureRandom.urlsafe_base64(16)}#{Time.now.to_i}"
#organization = Organization.create(:name => params[:user][:organization][:name], :access_code => #access_code)
#user.organization_id = #organization.id
#user.is_admin = true
else
# try and add someone to an organization
#organization = Organization.find(:all, conditions: ["name = ? AND access_code = ?", params[:user][:organization][:name], params[:user][:organization][:access_code]])
if #organization.empty?
flash.now[:error] = "No organization has been found with that name and access code."
render :new
return
else
#user.organization_id = #organization.first.id
end
end
if #user.save
user = login(#user.email, params[:user][:password])
if user
flash[:success] = "Your account has been successfully created!"
redirect_to admin_dashboard_path
end
else
flash.now[:error] = "Something went wrong! Please try again."
render :new
end
end
end
def edit
#user = User.find(params[:id])
end
def update
#user = User.find(params[:id])
if #user.is_admin?
if params[:user][:organization][:name].blank? && params[:user][:organization][:name] != #user.organization.name
params[:user][:organization][:name] = #user.organization.name
end
if params[:user][:organization][:access_code].blank? && params[:user][:organization][:access_code] != #user.organization.access_code
params[:user][:organization][:access_code] = #user.organization.access_code
end
#organization = Organization.find(params[:user][:organization_id])
#organization.name = params[:user][:organization][:name]
#organization.access_code = params[:user][:organization][:access_code]
#organization.save
end
if #user.update(user_params)
flash[:success] = "Your settings have been updated!"
redirect_to edit_admin_user_path(#user.id)
else
flash.now[:error] = "Something went wrong! Please try again."
render :edit
end
end
private
def user_params
params.require(:user).permit(:organization_id, :email, :password, :password_confirmation, :full_name, :remember_me, {:organization_attributes => [:name, :website, :description, :access_code]})
end
users.rb
class User < ActiveRecord::Base
authenticates_with_sorcery!
belongs_to :organization
VALID_EMAIL_REGEX = /\A[\w+\-.]+#[a-z\d\-.]+\.[a-z]+\z/i
validates_presence_of :full_name
validates_presence_of :email
validates_uniqueness_of :email, :on => :create
validates_format_of :email, :with => VALID_EMAIL_REGEX, :on => :create
validates_presence_of :password, :on => :create
validates_confirmation_of :password
end
organization.rb
class Organization < ActiveRecord::Base
authenticates_with_sorcery!
has_many :users, :dependent => :destroy
accepts_nested_attributes_for :users
validates_presence_of :name
end
new.html.erb
<% provide(:title, 'Create a User') %>
<h1>Create a User</h1>
<p>Use the form below to create an account.</p>
<%= nested_form_for([:admin, #user], html: {role: "form"}) do |f| %>
<%= render "shared/error_messages", obj: #user %>
<fieldset>
<legend>User Information</legend>
<div class="form-group">
<%= f.label :full_name, "Full Name" %>
<span class="help-block">How should others see you?</span>
<%= f.text_field :full_name, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :email %>
<span class="help-block">Your email address is used as your login.</span>
<%= f.text_field :email, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :password %>
<%= f.password_field :password, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :password_confirmation, "Confirm Password" %>
<%= f.password_field :password_confirmation, class: "form-control" %>
</div>
</fieldset>
<%= f.fields_for :organization do |o| %>
<fieldset>
<legend>Associated Organization</legend>
<div class="form-group">
<%= o.label :name, "Organization Name" %>
<span class="help-block">This is the name of the organization you are a part of.</span>
<%= o.text_field :name, class: "form-control" %>
</div>
<div class="form-group">
<%= o.label :access_code, "Organization Access Code" %>
<span class="help-block">Leaving this field blank will setup a new organization.</span>
<%= o.text_field :access_code, class: "form-control" %>
</div>
</fieldset>
<% end %>
<div class="form-actions">
<%= f.submit "Create Account", class: "btn btn-primary" %>
<%= link_to "Cancel", :back, class: "text-btn" %>
</div>
<% end %>
edit.html.erb
<% provide(:title, "Edit User: #{#user.full_name} (#{#user.organization.name})") %>
<h1>Edit User: <%= #user.full_name %> (<%= #user.organization.name %>)</h1>
<p>Use the form below to manage your account.</p>
<%= nested_form_for([:admin, #user], html: {role: "form"}) do |f| %>
<%= render "shared/error_messages", obj: #user %>
<fieldset>
<legend>User Information</legend>
<div class="form-group">
<%= f.label :full_name, "Full Name" %>
<span class="help-block">How should others see you?</span>
<%= f.text_field :full_name, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :email %>
<span class="help-block">Your email address is used as your login.</span>
<%= f.text_field :email, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :password %>
<%= f.password_field :password, placeholder: "leave blank to keep password unchanged", class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :password_confirmation, "Confirm Password" %>
<%= f.password_field :password_confirmation, class: "form-control" %>
</div>
</fieldset>
<% if #user.is_admin? %>
<%= f.fields_for :organization do |o| %>
<fieldset>
<legend>Associated Organization</legend>
<div class="form-group">
<%= o.label :name, "Organization Name" %>
<span class="help-block">This is the name of the organization you are a part of.</span>
<%= o.text_field :name, class: "form-control", value: #user.organization.name %>
</div>
<div class="form-group">
<%= o.label :access_code, "Organization Access Code" %>
<span class="help-block">Leaving this field blank will setup a new organization.</span>
<%= o.text_field :access_code, class: "form-control", value: #user.organization.access_code %>
</div>
</fieldset>
<% end %>
<%= f.hidden_field :organization_id %>
<% end %>
<div class="form-actions">
<%= f.submit "Update User", class: "btn btn-primary" %>
<%= link_to "Cancel", :back, class: "text-btn" %>
</div>
<% end %>
Ok, those are all the files making it happen. Now, i have the application doing almost everything i need it to do but this doesn't feel like production-level code to me.
One issue i know i am having is that if a user types something in the organization field and nothing else the controller will create and save the organization and then render the form back with the user validation errors. I don't want it to save the organization if there are validation errors in the user model.
I'm really just asking for advice if there is a better way of doing what i am trying to do. If you can't tell exactly what i'm trying to do with this code or have any questions please let me know!
Take a look at this post: http://blog.codeclimate.com/blog/2012/10/17/7-ways-to-decompose-fat-activerecord-models/
Of particular interest will be the section on "3. Extract Form Objects".
I am having trouble articulating the exact issue I am facing, but I will try with a brief descriptions and code.
I am trying to add a feature to a simple existing app that allows the user to crop an uploaded image for an avatar. I do the file selection on the same view that allows the user to update their password and other various account options. The user submits that form which then renders the view for the cropping feature. The issue is that from the crop view, the submission fails because it fails validation of parameters from the previous form. Basically I would like the form to all be submitted at the same time but from two different views.
user.rb
class User < ActiveRecord::Base
attr_accessible :name, :email, :password, :password_confirmation, :avatar,
:crop_x, :crop_y, :crop_w, :crop_h
validates :name, presence: true, length: { maximum: 50 }
VALID_EMAIL_REGEX = /\A[\w+\-.]+#[a-z\d\-.]+\.[a-z]+\z/i
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX },
uniqueness: { case_sensitive: false }
validates :password, presence: true, length: { minimum: 6 }
validates :password_confirmation, presence: true
mount_uploader :avatar, AvatarUploader
attr_accessor :crop_x, :crop_y, :crop_w, :crop_h
after_update :crop_avatar
def crop_avatar
avatar.recreate_versions! if crop_x.present?
end
end
I have tried several different things to remedy this. I am sure I am missing a fundamental concept. Any ideas?
users_controller.rb
def update
#user = User.find(params[:id])
if #user.update_attributes(params[:user])
if params[:user][:avatar].present?
render 'crop'
else
sign_in #user
redirect_to #user, notice: "Successfully updated user."
end
else
render 'edit'
end
end
edit.html.erb
<% provide(:title, "Edit user") %>
<h1>Update your profile</h1>
<div class="row">
<div class="span6 offset3">
<%= form_for #user, :html => {:multipart => true } do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<%= f.label :avatar %>
<%= f.file_field :avatar %>
<%= f.label :name %>
<%= f.text_field :name %>
<%= f.label :email %>
<%= f.text_field :email %>
<%= f.label :password %>
<%= f.password_field :password %>
<%= f.label :password_confirmation, "Confirm Password" %>
<%= f.password_field :password_confirmation %>
<%= f.submit "Save changes", class: "btn btn-large btn-primary" %>
<% end %>
</div>
</div>
crop.html.erb
<% provide(:title, 'Crop Avatar') %>
<h1>Crop Avatar</h1>
<div class="row">
<div class="span6 offset3">
<%= image_tag #user.avatar_url(:large), id: "cropbox" %>
<h4>Preview</h4>
<div style="width:100px; height:100px; overflow:hidden">
<%= image_tag #user.avatar.url(:large), :id => "preview" %>
</div>
<%= form_for #user do |f| %>
<% %w[x y w h].each do |attribute| %>
<%= f.hidden_field "crop_#{attribute}" %>
<% end %>
<div class="actions">
<%= f.submit "Crop" %>
</div>
<% end %>
</div>
</div>
You can't have 2 views for one action. On a second thought why do you need it anyways, i mean you are rendering crop only when params[:user][:avatar] is present and that will be called only when you'll submit your edit.html.erb template. I think what you can do is have another method in controller with name crop and there update user's avatar with the dimention's specified.