I have a Laravel application where a superadmin user can edit other users.
Please mind that superadmin should be able to edit user's password too. Since I can't really show the password to the people ( it is hashed anyway ) I just show an empty input field for the password. What is the best way to validate this user object?
My form looks like this:
<form class="form-horizontal" method="post" action="{{ route('update_user') }}">
@csrf
<input type="hidden" name="user_id" value="{{ $user->id }}">
<input type="text" name="name" value="{{ $user->name }}">
<input type="password" name="password" >
<button type="submit">
</form>
My rules in FormRequest looks like this:
public function rules()
{
$userId = $this->input('user_id');
return [
'name' => 'sometimes|required|string|max:255',
'password' => 'sometimes|required|string|min:6|confirmed'
];
}
- The scenario is that superadmin edits just the name field and submits the form.
- Password is recieved as null.
- So the password rule gives an error.
I can handle this by unsetting the password value on the request if it is null. But I sincerely believe it is a lame way to do it. Is there a better way to achieve this?
