#137 ✓resolved
Daniel

Validation documentation error

Reported by Daniel | July 7th, 2009 @ 05:46 PM

Hello Ben,

It seems that there is a discrepancy between the below two documentation pages in that one creates a "before_validation" callback, while the other creates a "validate" callback. In any case, I'm not having success with either version. When using "before_validation", "attempted_record" is nil. When using "validate", my method does not get called at all.

http://rdoc.info/rdoc/binarylogic/authlogic/blob/aa4ee71622b151f3a2...
http://rdoc.info/rdoc/binarylogic/authlogic/blob/aa4ee71622b151f3a2...

In the below example, nothing gets printed. Changing "validate" to "before_validation" prints the $s, but then throws a "nil object" error when reaching "if attempted_record.invited?" ("The error occurred while evaluating nil.invited?").

class UserSession < Authlogic::Session::Base
  logout_on_timeout true
  consecutive_failed_logins_limit 12
  validate :ensure_not_invited


private


def ensure_not_invited

puts &quot;$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$&quot;
if attempted_record.invited?
  puts &quot;********************************************&quot;
  self.errors.clear
  self.errors.add_to_base('invited_but_not_created')
end



end end

Comments and changes to this ticket

  • Daniel

    Daniel July 9th, 2009 @ 04:29 PM

    After updating AuthLogic to version 2.1.1 from 2.0.14, validate :ensure_not_invited now causes ensure_not_invited to be called, but attempted_record is still nil.

  • Ben Johnson

    Ben Johnson July 12th, 2009 @ 09:35 PM

    • State changed from “new” to “resolved”

    You are right, but attempted_record could have the possibility of being nil. Checkout this code:

    def valid?
            errors.clear
            self.attempted_record = nil
            
            before_validation
            new_session? ? before_validation_on_create : before_validation_on_update
            validate
            ensure_authentication_attempted
                    
            if errors.size == 0
              new_session? ? after_validation_on_create : after_validation_on_update
              after_validation
            end
            
            save_record(attempted_record)
            errors.size == 0
          end
          
          private
            def ensure_authentication_attempted
              errors.add(:base, I18n.t('error_messages.no_authentication_details', :default => "You did not provide any details for authentication.")) if errors.empty? && attempted_record.nil?
            end
    

    The validation chain will continue to be called regardless if attempted record is found or not. So if attempted_record is nil, that means the credentials passed could not locate a record. In your method you should check to see if attempted record is present before doing anything with it. If it is not present, there will be errors in the errors object.

    Validations have to occur this way for the magic fields and brute force protection. Ex: failed_logins_count.

    Hope that wasn't too confusing.

  • Daniel

    Daniel July 15th, 2009 @ 12:47 AM

    Thanks Ben. I was using valid login data, but perhaps because the object wasn't confirmed, the attempted_record stayed at nil. I was hoping to supersede the unconfirmed error with a different error, but at this point, I'm refactoring away from that need anyway, so it is no longer a problem for me.

    Cheers,

    Daniel

  • hellenjos

    hellenjos March 23rd, 2018 @ 06:56 AM

    Hope the information helps me to fix the error. I have gone through the steps and it works well. I appreciate your effort to post something like this here. Try to include some more topics here. louvre guided tour

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.

People watching this ticket

Pages