Default ActiveRecord/ActiveModel ::Errors are anonymous - ruby-on-rails

Default ActiveModel::Errors are great, but i am solving problem, that the messages are anonymous. For example there is message should look like an email address. that belongs to email field, but what i want is to know that this error message is format type. And the other message doesn't match confirmation is confirmation type.
#<ActiveModel::Errors:0x000001054abef0 #base=#<User ... >,
#messages={
:password=>["doesn't match confirmation"],
:email=>["should look like an email address."]}>
Is there any gem for better errors, or do any of you have idea of monkey patch?
Thanks

In rails validations, you can add custom messages to be passed up the exception food chain, generated from the model.
ActiveRecord validations

Related

Serialization error when sending email with .deliver_later

I have a signup controller action that sends an email confirming registration. It works if I use .deliver_now, but if I try to .deliver_later I get this:
ActiveJob::SerializationError in Users::UsersController#process_signup
Unsupported argument type: Time
My code:
Emails
.with(template_data: processable_data.merge({:user => #u.safe_attributes }))
.signup_inactive
.deliver_later # not even passing a time to deliver the message at
The template_data is a hash with a bunch of user-specific attributes that may be used within the email template, I'm using Liquid for that as they're edited by users. It includes some DateTime values (created_at/updated_at) but ActiveJob is supposed to accept Date/Time/DateTime values afaik?
Am I doing something wrong?

Sending mail 'to' OpenStruct through mailer

I have an app where users can sign up for workshops and admin has a possibility to write an e-mail to all the participants through the app. The fragment of code to send mail message to the group looks like this
workshop.students_all.each do |user|
WorkshopNotifyGroupMailer.notify_user(user, workshop, subject, body).deliver_later
end
so it's nothing extraordinary (User and Workshops are instances of models).
Now, I wanted to add one additional e-mail address to be sent each time a group is notified (just to have a copy how does the sent mail look like). I thought of doing it something like that (to keep the code short):
admin = OpenStruct.new(email: 'admin#email.com', first_name: 'Nameless') #These are fields taken from User instance by mailer
WorkshopNotifyGroupMailer.notify_user(admin, workshop, subject, body).deliver_later
Unfortunately, I receive "Unsupported argument type: OpenStruct" error. Is there a way to send an e-mail which uses an instance of a model using some kind of artificial structure? (In this case just assume admin is not on the user list and won't be)

Issue and clarification needed with attr_accessible

There is so much written about the security threat of attr_accessible that I am beginning to wonder if I should even have any attributes in it. Here is the issue. I have a Message model which has the following:
attr_accessible :body,:sender_id,:recipient_id
I do not have the update or edit action in my messages_controller. With the new and create action I am able to create a new message and send it to a recipient. Only users who have logged in and meet certain conditions can message each other. I do that with the help of a before_filter and the conditions work fine. The message is stored and can be viewed by the sender and the recipient. Perfect!
The question I have is that since :body,:sender_id,:recipient_id are included in attr_accessible, can a malicious user somehow change the :body,:sender_id,:recipient_id of the original message? Should I just add these attributes to attr_readonly as well so they cannot be modified once saved?
This question has been haunting me for practically all my models.
can a malicious user somehow change the :body,:sender_id,:recipient_id
of the original message?
This would depend on other things rather than attr_accesible. attr_accesible will only filter which fields are allowed to be updated using mass assignment. Since you say you don't have any update action, then no, there is now way a user can edit a message since you always create a new Message through you create action.
But there is something you need to care about. What is sender_id? If you do have users in your app and they send messages to each others, then sender_id should not be an accessible field, since this will allow users to send messages on behalf of other users. You probably want to keep that field off the attr_accessible list and do something like this:
m = Message.new params[:message] # body and recipient_id
m.sender_id = current_user.id # this is not mass assignment
m.save
.....
Well, it depends on how your are creating your model's instance. If you use:
FooModel.create(params[:foo])
then yes, your are not secure because a logged in user may pass additional parameters to the request even if you don't provide explicitly form fields for those attributes.
So, for your case, anyone posting to your "create" action with sender_id, recipient_id (values in the request) will be able to change them unless you take care about this assignments in your action.

How do I pass additional information to into ActionMailer to handle incoming messages?

I have an application that checks multiple email accounts (think Webmail). Because I'm retrieving multiple accounts, I need to associate the inbound email with a user's account. However, I can't seem to find a way to do this.
If i pass into Fetcher a user_id in the options hash, from what I understand it creates it as an attribute. But, I'm unclear how to get the fetched message modified in such a way as to make it happy for ActionMailer. If I add an argument to the "receive" method, that fails with a message "wrong number of arguments."
If I try to modify the message retrieved, I get an error with "wrong number of arguments". And, because ActionMailer is not really a full class, I can't simply initialize it with the right data.
Any thoughts on how to pass this information?
I'll answer this because I hate not finding answers.
I wrapped ActionMailer in another class. This new class took the additional attributes and handled them. This is how I got around this problem.

Rails 3 mailer for a model without an email attribute

I want to create a PageMailer which emails users when someone interacts with one of their pages.
The User has_many pages, and so the page email is defined as user.email
I have tried attr_reader in the Page model, and also I've declared an email method, neither are currently working
I'm getting an error message which states: undefined method 'email' for <Page:0x512000d4>
Can anyone suggest a simple workaround?
thanks
Paul
send_fb_like_email(user, page)
undefined method 'email' for <Page:0x512000d4>
The error says it's trying to find the "email" of a "page".
Looks like you've accidentally switched the user and page params in one of the calls to the method. Go check all the places where you call this email method and see if you've done that.

Resources