Module | ActiveRecord::Validations::ClassMethods |
In: |
lib/active_record/validations.rb
|
Active Record classes can implement validations in several ways. The highest level, easiest to read, and recommended approach is to use the declarative validates_..._of class methods (and validates_associated) documented below. These are sufficient for most model validations.
Slightly lower level is validates_each. It provides some of the same options as the purely declarative validation methods, but like all the lower-level approaches it requires manually adding to the errors collection when the record is invalid.
At a yet lower level, a model can use the class methods validate, validate_on_create and validate_on_update to add validation methods or blocks. These are ActiveSupport::Callbacks and follow the same rules of inheritance and chaining.
The lowest level style is to define the instance methods validate, validate_on_create and validate_on_update as documented in ActiveRecord::Validations.
Calls to these methods add a validation method or block to the class. Again, this approach is recommended only when the higher-level methods documented below (validates_..._of and validates_associated) are insufficient to handle the required validation.
This can be done with a symbol pointing to a method:
class Comment < ActiveRecord::Base validate :must_be_friends def must_be_friends errors.add_to_base("Must be friends to leave a comment") unless commenter.friend_of?(commentee) end end
Or with a block which is passed the current record to be validated:
class Comment < ActiveRecord::Base validate do |comment| comment.must_be_friends end def must_be_friends errors.add_to_base("Must be friends to leave a comment") unless commenter.friend_of?(commentee) end end
This usage applies to validate_on_create and validate_on_update as well.
DEFAULT_VALIDATION_OPTIONS | = | { :on => :save, :allow_nil => false, :allow_blank => false, :message => nil |
ALL_RANGE_OPTIONS | = | [ :is, :within, :in, :minimum, :maximum ].freeze |
ALL_NUMERICALITY_CHECKS | = | { :greater_than => '>', :greater_than_or_equal_to => '>=', :equal_to => '==', :less_than => '<', :less_than_or_equal_to => '<=', :odd => 'odd?', :even => 'even?' }.freeze |
Creates an object just like Base.create but calls save! instead of save so an exception is raised if the record is invalid.
Encapsulates the pattern of wanting to validate the acceptance of a terms of service check box (or similar agreement). Example:
class Person < ActiveRecord::Base validates_acceptance_of :terms_of_service validates_acceptance_of :eula, :message => "must be abided" end
If the database column does not exist, the terms_of_service attribute is entirely virtual. This check is performed only if terms_of_service is not nil and by default on save.
Configuration options:
Validates whether the associated object or objects are all valid themselves. Works with any kind of association.
class Book < ActiveRecord::Base has_many :pages belongs_to :library validates_associated :pages, :library end
Warning: If, after the above definition, you then wrote:
class Page < ActiveRecord::Base belongs_to :book validates_associated :book end
this would specify a circular dependency and cause infinite recursion.
NOTE: This validation will not fail if the association hasn‘t been assigned. If you want to ensure that the association is both present and guaranteed to be valid, you also need to use validates_presence_of.
Configuration options:
Encapsulates the pattern of wanting to validate a password or email address field with a confirmation. Example:
Model: class Person < ActiveRecord::Base validates_confirmation_of :user_name, :password validates_confirmation_of :email_address, :message => "should match confirmation" end View: <%= password_field "person", "password" %> <%= password_field "person", "password_confirmation" %>
The added password_confirmation attribute is virtual; it exists only as an in-memory attribute for validating the password. To achieve this, the validation adds accessors to the model for the confirmation attribute. NOTE: This check is performed only if password_confirmation is not nil, and by default only on save. To require confirmation, make sure to add a presence check for the confirmation attribute:
validates_presence_of :password_confirmation, :if => :password_changed?
Configuration options:
Validates each attribute against a block.
class Person < ActiveRecord::Base validates_each :first_name, :last_name do |record, attr, value| record.errors.add attr, 'starts with z.' if value[0] == ?z end end
Options:
Validates that the value of the specified attribute is not in a particular enumerable object.
class Person < ActiveRecord::Base validates_exclusion_of :username, :in => %w( admin superuser ), :message => "You don't belong here" validates_exclusion_of :age, :in => 30..60, :message => "This site is only for under 30 and over 60" validates_exclusion_of :format, :in => %w( mov avi ), :message => "extension {{value}} is not allowed" end
Configuration options:
Validates whether the value of the specified attribute is of the correct form by matching it against the regular expression provided.
class Person < ActiveRecord::Base validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i, :on => :create end
Note: use \A and \Z to match the start and end of the string, ^ and $ match the start/end of a line.
A regular expression must be provided or else an exception will be raised.
Configuration options:
Validates whether the value of the specified attribute is available in a particular enumerable object.
class Person < ActiveRecord::Base validates_inclusion_of :gender, :in => %w( m f ), :message => "woah! what are you then!??!!" validates_inclusion_of :age, :in => 0..99 validates_inclusion_of :format, :in => %w( jpg gif png ), :message => "extension {{value}} is not included in the list" end
Configuration options:
Validates that the specified attribute matches the length restrictions supplied. Only one option can be used at a time:
class Person < ActiveRecord::Base validates_length_of :first_name, :maximum=>30 validates_length_of :last_name, :maximum=>30, :message=>"less than {{count}} if you don't mind" validates_length_of :fax, :in => 7..32, :allow_nil => true validates_length_of :phone, :in => 7..32, :allow_blank => true validates_length_of :user_name, :within => 6..20, :too_long => "pick a shorter name", :too_short => "pick a longer name" validates_length_of :fav_bra_size, :minimum => 1, :too_short => "please enter at least {{count}} character" validates_length_of :smurf_leader, :is => 4, :message => "papa is spelled with {{count}} characters... don't play me." validates_length_of :essay, :minimum => 100, :too_short => "Your essay must be at least {{count}} words."), :tokenizer => lambda {|str| str.scan(/\w+/) } end
Configuration options:
Validates whether the value of the specified attribute is numeric by trying to convert it to a float with Kernel.Float (if only_integer is false) or applying it to the regular expression /\A[+\-]?\d+\Z/ (if only_integer is set to true).
class Person < ActiveRecord::Base validates_numericality_of :value, :on => :create end
Configuration options:
Validates that the specified attributes are not blank (as defined by Object#blank?). Happens by default on save. Example:
class Person < ActiveRecord::Base validates_presence_of :first_name end
The first_name attribute must be in the object and it cannot be blank.
If you want to validate the presence of a boolean field (where the real values are true and false), you will want to use validates_inclusion_of :field_name, :in => [true, false] This is due to the way Object#blank? handles boolean values. false.blank? # => true
Configuration options:
Validates whether the value of the specified attributes are unique across the system. Useful for making sure that only one user can be named "davidhh".
class Person < ActiveRecord::Base validates_uniqueness_of :user_name, :scope => :account_id end
It can also validate whether the value of the specified attributes are unique based on multiple scope parameters. For example, making sure that a teacher can only be on the schedule once per semester for a particular class.
class TeacherSchedule < ActiveRecord::Base validates_uniqueness_of :teacher_id, :scope => [:semester_id, :class_id] end
When the record is created, a check is performed to make sure that no record exists in the database with the given value for the specified attribute (that maps to a column). When the record is updated, the same check is made but disregarding the record itself.
Configuration options:
Using this validation method in conjunction with ActiveRecord::Base#save does not guarantee the absence of duplicate record insertions, because uniqueness checks on the application level are inherently prone to race conditions. For example, suppose that two users try to post a Comment at the same time, and a Comment‘s title must be unique. At the database-level, the actions performed by these users could be interleaved in the following manner:
User 1 | User 2 ------------------------------------+-------------------------------------- # User 1 checks whether there's | # already a comment with the title | # 'My Post'. This is not the case. | SELECT * FROM comments | WHERE title = 'My Post' | | | # User 2 does the same thing and also | # infers that his title is unique. | SELECT * FROM comments | WHERE title = 'My Post' | # User 1 inserts his comment. | INSERT INTO comments | (title, content) VALUES | ('My Post', 'hi!') | | | # User 2 does the same thing. | INSERT INTO comments | (title, content) VALUES | ('My Post', 'hello!') | | # ^^^^^^ | # Boom! We now have a duplicate | # title!
This could even happen if you use transactions with the ‘serializable’ isolation level. There are several ways to get around this problem:
When the database catches such a duplicate insertion, ActiveRecord::Base#save will raise an ActiveRecord::StatementInvalid exception. You can either choose to let this error propagate (which will result in the default Rails exception page being shown), or you can catch it and restart the transaction (e.g. by telling the user that the title already exists, and asking him to re-enter the title). This technique is also known as optimistic concurrency control: en.wikipedia.org/wiki/Optimistic_concurrency_control
Active Record currently provides no way to distinguish unique index constraint errors from other types of database errors, so you will have to parse the (database-specific) exception message to detect such a case.