Reputation: 7216
Stop Current Password Requirement for Devise
I'm having an issue with the edit user section of my site. For some reason I keep getting the error "Current password can't be blank" when trying to edit a user. We use devise to manage users, but I can't seem to find code anywhere that would generate this error.
Here is the code for the form:
- semantic_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |form|
= devise_error_messages!
= form.semantic_errors
= form.input :first
= form.input :last
= form.input :birth_year, as: :select, collection: User.birth_range.to_a.reverse
%i= t('users.edit.cast_biometrics_hint')
= form.input :gender, as: :select, collection: gender_options, include_blank: false
= form.input :eye_color, as: :select, collection: eye_color_options, required: false
= form.input :hair_color, as: :select, collection: hair_color_options, required: false
= form.input :ethnicity, as: :select, collection: ethnicity_options, required: false
%li.select.optional#user_height_input
%label{for: 'user_height'} Height
%select#user_height_ft{name: 'user[height_ft]'}
= options_for_select 0..9, resource.height_ft
%span ft
%select#user_height_in{name: 'user[height_in]'}
= options_for_select 0..11, resource.height_in
%span in
= form.buttons
Upvotes: 4
Views: 6402
Answers (3)
Reputation: 63
I could not find a solution that worked without providing current_password!
This solution still checks for valid password and password_confirmation if password is present?
So I created an updated version of update_with_password in user.rb
def admin_update_with_password(params, *options)
current_password = params.delete(:current_password)
if params[:password].blank?
params.delete(:password)
params.delete(:password_confirmation) if params[:password_confirmation].blank?
end
result = unless update_attributes(params, *options)
self.assign_attributes(params, *options)
self.valid?
self.errors.add(:current_password, current_password.blank? ? :blank : :invalid)
false
end
clean_up_passwords
result
end
and in my users_controller.rb
def update
@user = User.find(params[:id])
email_changed = @user.email != params[:user][:email]
password_changed = !params[:user][:password].empty?
successfully_updated = if email_changed or password_changed
@user.admin_update_with_password(params[:user])
else
@user.update_without_password(params[:user])
end
if successfully_updated
flash[:notice] = "User updated successfully"
redirect_to redirect_path
else
render "edit"
end
end
Upvotes: 0
Reputation: 1822
There is more info in the devise wiki about this. https://github.com/plataformatec/devise/wiki/How-To%3a-Allow-users-to-edit-their-account-without-providing-a-password
Upvotes: 8
Related Questions
- How to change password without current password in devise?
- Rails 4 / Devise Force User to change password on first login
- How to make passwords optional using Devise?
- Devise with Ruby on Rails - Force user to change password on first login
- Change Devise Password Manually
- How disable encrypting password in devise?
- How can devise allowing me to update password without passing current password?
- Optional password during authentication with Devise
- Rails - Devise - "Your password was set successfully. You are now signed in" - How to disable?
- How to get rid of devise current password requirement when editing a user?