malevsilich

in users/_form.html.erb: 

  <fieldset>
    <legend>Enter user details</legend>
    <div>
      <%= f.label :name %><br />
      <%= f.text_field :name, size: 40 %>
    </div>
    <% if params[:action]=="edit" || params[:action]=="update" %>
      <div>
        <%= f.label :current_password, :class => "long_label" %><br />
        <%= f.password_field :current_password, size: 40 %>
      </div>
    <% end %>
    <div>
      <%= f.label :password %><br />
      <%= f.password_field :password, size: 40 %>
    </div>
    <div>
      <%= f.label :password_confirmation, 'Confirm' %>
      <%= f.password_field :password_confirmation, size: 40 %>
    </div>

    <div>
      <%= f.submit %>
    </div>

  </fieldset>
in users_controller.rb: 

  def update
    @user = User.find(params[:id])
    cp = params[:user].delete('current_password')
    @user.errors.add(:current_password, 'is not correct') unless @user.authenticate(cp)

    respond_to do |format|
      if @user.errors.empty? and @user.update_attributes(params[:user])
        format.html { redirect_to users_url, notice: "User #{@user.name} was successfully updated." }
        format.json { head :no_content }
      else
        format.html { render action: "edit" }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end
in user.rb: 

    validates :password, presence: true

somebody

I did something different:

In the users_controllers.rb

def edit
  @user = User.find(params[:id])
  params[:action] = :edit
end
def update
  @user = User.find(params[:id])    
  if @user.authenticate(params:user)    
    params[:user].delete :current_password      
    respond_to do |format|      
      if @user.update_attributes(params[:user])
        format.html { redirect_to users_url, notice: "User #{@user.name} was successfully updated." }
        format.json { head :ok }
      else
        format.html { render action: "edit" }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end      
  else
    redirect_to edit_user_path(@user), notice: 'Current password is incorrect'
  end      
end

in the _form.html.erb (users) I added:

<% if params[:action] == :edit %>
  

    <%= f.label :current_password, 'Current password' %>
    <%= f.password_field :current_password, size: 40 %>
  

<% end %>

in the edit.html.erb (users) I added:

<% if notice %>

<%= notice %>

<% end %>

Following line doesn’t display correctly in browser:

if @user.authenticate(params:user)


Instead it should looks like this:

if @user.authenticate(params[:user][:current_password])