From 73e8ab972b29a716e0f87cb053f99b058a01b2bf Mon Sep 17 00:00:00 2001 From: chrismo Date: Tue, 6 Jan 2015 11:47:05 -0600 Subject: [PATCH] assign_user_id and UserFixture password fixes. When the database is empty, which can happen in the test database and in the dev database if the seeds.rb aren't applied, the assign_user_id method would not assign an id and the newer before_filter block to generate_token would fail. UserFixture had a password on it that wouldn't pass the new validation rules once that vulnerability is patched. --- app/models/user.rb | 6 +++++- spec/support/user_fixture.rb | 6 +++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 9c5cc7f..21b4fd1 100755 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -77,7 +77,11 @@ class User < ActiveRecord::Base def assign_user_id unless @skip_user_id_assign.present? || self.user_id.present? user = User.order("user_id").last - uid = user.user_id.to_i + 1 if user && user.user_id && !(User.exists?(:user_id => "#{user.user_id.to_i + 1}")) + uid = if user && user.user_id && !(User.exists?(:user_id => "#{user.user_id.to_i + 1}")) + user.user_id.to_i + 1 + else + 1 + end self.user_id = uid.to_s if uid end end diff --git a/spec/support/user_fixture.rb b/spec/support/user_fixture.rb index 8a5f182..bb71be2 100644 --- a/spec/support/user_fixture.rb +++ b/spec/support/user_fixture.rb @@ -5,14 +5,14 @@ class UserFixture end def self.normal_user - password = 'aoeuaoeu' + password = 'thi$ 1s cOmplExEr' user = User.new(:first_name => 'Joe', :last_name => 'Schmoe', :email => 'joe@schmoe.com', :password => password, :password_confirmation => password) def user.clear_password - 'aoeuaoeu' + 'thi$ 1s cOmplExEr' end user.build_benefits_data user.save! user end -end \ No newline at end of file +end