Home/ Questions/Q 665917
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T23:45:41+00:00

I’ve got a simple form on a User page that allows a User, once

  • 0

I’ve got a simple form on a User page that allows a User, once they have logged in, to change some attributes on their own user object. The view:

<% form_for @user, :url => {:controller => "teachers", :action => "update"} do |f| %>
    <%= f.error_messages %>
    <%= f.text_field :display_name %>
    <%= f.submit "Update" %>
<% end %>

I need to supply the URL because it is not a standard RESTful controller. The controller provides

@user = current_user

to the view.

Next, the update action in the controller tries to handle the save:

@user = current_user
if @user.update_attributes(params[:user])
  flash[:notice] = "Successfully updated profile."
  redirect_to root_url
else
  render :action => 'edit'
end

This should update the display_name attribute on the user object, save it to the database, and redirect to the root_url. Instead, the edit action gets rendered again with the form’s error_messages indicating that the “password can’t be blank.”

This is clearly something that Authlogic is messing with! Ack! Here’s a look at my entire Users.rb file:

class User < ActiveRecord::Base
  acts_as_authentic do |c|
    c.transition_from_crypto_providers = Authlogic::CryptoProviders::MD5
    c.crypto_provider = Authlogic::CryptoProviders::Sha512
    c.validate_email_field = false
    c.require_password_confirmation = false
    c.ignore_blank_passwords = true
    c.validate_password_field = false
  end

  belongs_to :school

  validates_presence_of :first_name, :last_name, :email, :password
  validates_uniqueness_of :email, :scope => :email, :case_sensitive => false, :message => "is already in our database. Please contact us for help reactivating your account."

  ROLES = %w[admin teacher student]

  def role_symbols
    [role.to_sym]
  end
end

As you can see, I’ve turned off most every Authlogic validation I can find in order to keep this simple and functional! Still no luck. If I add a password_field to the edit page then it will work successfully — but it will also update the user’s password when this form is intended only to update their display_name!

Any tips on how I can update the attributes on a user object without having to pass in the user’s password?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It turns out the problem was not with Authlogic. The problem was my validates_presence_of that was firing whenever I updated my user object. I added an :on => :create stipulation to the validation, and now it is all working just fine.

    • 0