different password validation on create and on update

I've got a model Officer that relies on password validation in all cases, but I need it to validate the password at different times. For on create, I want to verify that the password and password confirmation exists at all times. For update, want to make it possible for providing password optional, and only when the password is provided, to make sure it matches the password confirmation and the within a certain length (such as when calling method update_attributes).

The best ways I see it right now is to define either before_validation_on_create, after_validation_on_create, or before_create for method new, and define either before_validation_on_update, after_validation_on_update, or before_update for method update_attributes. It's worth noting that Officer extends off of Person, which has it's own validations to do.

I have several questions about this. First, which function should I define for validating create and update? What are the pros and cons on each one? I've also noticed that I cannot use validate_length_of and other helper methods inside these, and wondered why I'm not allowed to. Does this mean I have to make my own validation? If I do have to make my own validations within these methods, I will have to verify that the pseudo-parameters :password and :password_confirmation exists. Do I have to call attr_accessor on either :password, :password_confirmation, or both in this case?

Many thanks in advance!

P.S. Currently, my Officer and Person model looks like this:

I tried this:

I tried this:

I tried this:

Taro, 3 tips for validations:

(1) Have a look at these customized validation methods to help make validation code smaller and more readable for many scenarios:

http://www.railsdev.ws/blog/11/custom-validations-in-rails/

(2) To validate a specific input only when it is not empty, use an :if => Proc.new technique. In my case, I use this for an email address like this:

validates_as_email :userEmail,                     :if => Proc.new { |PrivilegedUser|                            PrivilegedUser.userEmail.length > 0 }

where :userEmail is the HTML input, and PrivilegedUser is the name of the class.

(3) For passwords, and other validations that require some custom logic, add a "validate" method to your class. ActiveRecord will call this automatically. Let's assume your HTML inputs are pswd and verify_pswd:

def validate

   # this disallows empty values if the record is new

   if self.new_record? && (@pswd.blank? || @verify_pswd.blank?)      self.errors.add(:pswd, 'Password cannot be empty.')    end

end

There are several waysto slice this as there are a few validation callbacks, so have a look here to see which one best suits how you prefer to organize your logic: http://api.rubyonrails.org/classes/ActiveRecord/Callbacks.html

def validate

# this disallows empty values if the record is new

if self.new_record? && (@pswd.blank? || @verify_pswd.blank?) self.errors.add(:pswd, 'Password cannot be empty.') end

end

THIS is what I was looking for. The new_record? method! Thanks you so much!

By the way, I apologize for the triple post. They happened accidentally by the magic of F5 :-P.