Permalink
Browse files

Avoid mass assignment error messages with current password.

  • Loading branch information...
1 parent bdacffa commit 48a94cdece2b091f30e18552a2e3014d3a9e872e @josevalim josevalim committed Feb 15, 2010
Showing with 12 additions and 2 deletions.
  1. +9 −0 CHANGELOG.rdoc
  2. +3 −2 lib/devise/models/authenticatable.rb
View
@@ -1,3 +1,12 @@
+== 1.0.1
+
+* enhancements
+ * HttpAuthenticatable is not added by default automatically.
+ * Avoid mass assignment error messages with current password.
+
+* bug fix
+ * Fixed encryptors autoload
+
== 1.0.0
* deprecation
@@ -86,11 +86,12 @@ def update_with_password(params={})
params.delete(:password) if params[:password].blank?
params.delete(:password_confirmation) if params[:password_confirmation].blank?
+ current_password = params.delete(:current_password)
- result = if valid_password?(params[:current_password])
+ result = if valid_password?(current_password)
update_attributes(params)
else
- message = params[:current_password].blank? ? :blank : :invalid
+ message = current_password.blank? ? :blank : :invalid
self.class.add_error_on(self, :current_password, message, false)
self.attributes = params
false

0 comments on commit 48a94cd

Please sign in to comment.