Regression in validate_on_invite between 2.0.1 and 2.0.6 prevents record from being saved due to missing password

Question

Regression in validate_on_invite between 2.0.1 and 2.0.6 prevents record from being saved due to missing password

uberllama opened this issue 3 years ago · 5 comments

Something has changed in a recent version such that passwords are not auto-generated if validate_on_invite is set to true.

2.0.1:

customer = Customer.new
customer.assign_attributes(email: "foo@example.com")
customer.invite!
# works hunky dory

2.0.6

customer = Customer.new
customer.assign_attributes(email: "foo@example.com")
customer.invite!
# ROLLBACK
customer.errors.full_messages # "Password can't be blank"

Answer 1 · 2022-03-29T18:10:07.000Z

In 2.0.1

lib/devise_invitable/models.rb

         if save(validate: false)
            self.invited_by.decrement_invitation_limit! if !was_invited and self.invited_by.present?
            deliver_invitation(options) unless skip_invitation
          end

in 2.0.6 - 986f49b

lib/devise_invitable/models.rb

         validate = options.key?(:validate) ? options[:validate] : self.class.validate_on_invite
          if save(validate: validate)
            self.invited_by.decrement_invitation_limit! if !was_invited and self.invited_by.present?
            deliver_invitation(options) unless skip_invitation
          end

2.0.6 is no longer hard-coding validate to false and it's deriving the value from validate_on_invite config. If this config was set to true, the validation errors would happen whereas in previous version, validate was always set to false since this config, even if it was set, was not used.

Answer 2 · 2022-03-29T21:51:37.000Z

If default controller is used, which calls class method, it will default to false, as it calls with validate: false option. Otherwise it defaults to follow setting. You can disable the setting if you don't need it, it can be set per model too if you have more than one model. Or calls with validate: false

customer.invite! nil, validate: false

Answer 3 · 2022-08-31T19:43:10.000Z

This is a breaking change, right?

EDIT: On second thought, maybe it's a bugfix? In any case, the change was introduced in 2.0.6 and does not have a changelog entry unfortunately.

Answer 4 · 2022-09-06T15:53:29.000Z

Ahhh this is why my tests are failing. Thanks for the notes so I can fix!

Answer 5 · 2022-09-08T07:58:07.000Z

I think it was a bugfix, although it shouldn't change default behaviour, when using the class method invite, as class method is providing validate option with false, as it worked before. So it would affect to custom code when calling the instance method invite, without providing a validate option.

I have updated the changelog