Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

add resource.update_no_current_password

  • Loading branch information...
commit a3fada06f7386e8322f8245677678a2d71d53416 1 parent 85ea531
@sillydeveloper authored
View
2  Gemfile.lock
@@ -1,7 +1,7 @@
PATH
remote: .
specs:
- devise (2.1.0.rc)
+ devise (2.1.0.rc2)
bcrypt-ruby (~> 3.0)
orm_adapter (~> 0.0.7)
railties (~> 3.1)
View
11 lib/devise/models/database_authenticatable.rb
@@ -54,13 +54,14 @@ def clean_up_passwords
# error on :current_password. It also automatically rejects :password and
# :password_confirmation if they are blank.
def update_with_password(params, *options)
+
current_password = params.delete(:current_password)
if params[:password].blank?
params.delete(:password)
params.delete(:password_confirmation) if params[:password_confirmation].blank?
end
-
+
result = if valid_password?(current_password)
update_attributes(params, *options)
else
@@ -73,6 +74,14 @@ def update_with_password(params, *options)
clean_up_passwords
result
end
+
+ def update_no_current_password(params, *options)
+ result= update_with_password(params, *options)
+ result= update_attributes(params, *options) if !result
+
+ clean_up_passwords
+ result
+ end
# Updates record attributes without asking for the current password.
# Never allows to change the current password. If you are using this
View
5 test/models/database_authenticatable_test.rb
@@ -92,6 +92,11 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
:password => 'pass321', :password_confirmation => 'pass321')
assert user.reload.valid_password?('pass321')
end
+
+ test 'should update password without current password' do
+ user = create_user
+ assert user.update_no_current_password(:password => 'pass321', :password_confirmation => 'pass321')
+ end
test 'should update password with valid current password and :as option' do
user = create_user
Please sign in to comment.
Something went wrong with that request. Please try again.