Updating `User` attributes without requiring password

Question

Right now, users can edit some their attributes without having to enter their password because my validations are set up like this:

validates :password, :prese         


        

Answer 1

I didn't realize the solution I gave you yesterday would lead to this problem. Sorry.

Well, taking inspiration from devise, you should simply update your controller this way:

def update
  params[:user].delete(:password) if params[:user][:password].blank?
  if @user.update_attributes(params[:user])
    flash[:success] = "Edit Successful."
    redirect_to @user
  else
    @title = "Edit user"
    render 'edit'
  end
end