I've got a simple form on a User page that allows a User, once they have logged in, to change some attributes on their own user object. The view:
<% form_for @user, :url => {:controller => "teachers", :action => "update"} do |f| %>
<%= f.error_messages %>
<%= f.text_field :display_name %>
<%= f.submit "Update" %>
<% end %>
I need to supply the URL because it is not a standard RESTful controller. The controller provides
@user = current_user
to the view.
Next, the update
action in the controller tries to handle the save:
@user = current_user
if @user.update_attributes(params[:user])
flash[:notice] = "Successfully updated profile."
redirect_to root_url
else
render :action => 'edit'
end
This should update the display_name
attribute on the user
object, save it to the database, and redirect to the root_url. Instead, the edit
action gets rendered again with the form's error_messages indicating that the "password can't be blank."
This is clearly something that Authlogic is messing with! Ack! Here's a look at my entire Users.rb
file:
class User < ActiveRecord::Base
acts_as_authentic do |c|
c.transition_from_crypto_providers = Authlogic::CryptoProviders::MD5
c.crypto_provider = Authlogic::CryptoProviders::Sha512
c.validate_email_field = false
c.require_password_confirmation = false
c.ignore_blank_passwords = true
c.validate_password_field = false
end
belongs_to :school
validates_presence_of :first_name, :last_name, :email, :password
validates_uniqueness_of :email, :scope => :email, :case_sensitive => false, :message => "is already in our database. Please contact us for help reactivating your account."
ROLES = %w[admin teacher student]
def role_symbols
[role.to_sym]
end
end
As you can see, I've turned off most every Authlogic validation I can find in order to keep this simple and functional! Still no luck. If I add a password_field
to the edit page then it will work successfully -- but it will also update the user's password when this form is intended only to update their display_name
!
Any tips on how I can update the attributes on a user
object without having to pass in the user's password?