models: extract password complexity to a concern

2021-08-26 17:23:01 +00:00 · 2021-08-26 17:23:01 +00:00 · e97b7164dd
commit e97b7164dd
parent 02bdfef893
3 changed files with 29 additions and 3 deletions
--- a/app/models/concerns/password_complexity_concern.rb
+++ b/app/models/concerns/password_complexity_concern.rb
@ -0,0 +1,23 @@
+module PasswordComplexityConcern
+  extend ActiveSupport::Concern
+
+  # Allows adding a condition to the password complexity validation.
+  # Default is yes. Can be overridden in included classes.
+  def validate_password_complexity?
+    true
+  end
+
+  included do
+    # Add a validator for password complexity.
+    #
+    # The validator triggers as soon as the password is long enough (to avoid presenting
+    # two errors when the password is too short, one about length and one about complexity).
+    validates :password, password_complexity: true, if: -> { password_has_minimum_length? && validate_password_complexity? }
+  end
+
+  private
+
+  def password_has_minimum_length?
+    self.class.password_length.include?(password.try(:size))
+  end
+end
--- a/app/models/super_admin.rb
+++ b/app/models/super_admin.rb
@ -25,11 +25,11 @@
 #  updated_at                :datetime
 #
 class SuperAdmin < ApplicationRecord
+  include PasswordComplexityConcern
+
  devise :rememberable, :trackable, :validatable, :lockable, :async, :recoverable,
    :two_factor_authenticatable, :otp_secret_encryption_key => Rails.application.secrets.otp_secret_key

-  validates :password, password_complexity: true, if: -> (u) { Devise.password_length.include?(u.password.try(:size)) }
-
  def enable_otp!
    self.otp_secret = SuperAdmin.generate_otp_secret
    self.otp_required_for_login = true
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -31,6 +31,7 @@
 #
 class User < ApplicationRecord
  include EmailSanitizableConcern
+  include PasswordComplexityConcern

  enum loged_in_with_france_connect: {
    particulier: 'particulier',
@ -57,7 +58,9 @@ class User < ApplicationRecord

  before_validation -> { sanitize_email(:email) }

-  validates :password, password_complexity: true, if: -> (u) { u.administrateur.present? && Devise.password_length.include?(u.password.try(:size)) }
+  def validate_password_complexity?
+    administrateur?
+  end

  # Override of Devise::Models::Confirmable#send_confirmation_instructions
  def send_confirmation_instructions