How to update an user without changing his credentialsclass User < ActiveRecor

1. How to update an user without changing his credentials
2. class User < ActiveRecord::Base
3. authenticates_with_sorcery!
4.  
5. attr_accessible :username, :email, :password, :password_confirmation
6.  
7. has_many :clients
8. has_many :orders
9.  
10. validates_presence_of :email, :username, :on => :create
11. validates_presence_of :password, :on => :create
12. validates_uniqueness_of :email
13. validates_confirmation_of :password, :message => "confirmation doesn't match password "
14. validates_length_of :password, :minimum => 6
15. end
16.  
17. class UsersController < ApplicationController
18. before_filter :require_login, :except => [:not_authenticated, :new, :create]
19. skip_authorize_resource :only => [:new, :create]
20.  
21. layout "users"
22.  
23. def new
24. @user = User.new
25. end
26.  
27. def create
28. @user = User.new(params[:user])
29. if @user.save
30. redirect_to clients_url, :notice => "Bienvenu dans la communauté Bakden!!!"
31. else
32. render :new
33. end
34. end
35.  
36.  
37. #show user profile
38. def show
39. @user = User.find(session[:user_id])
40.  
41. respond_to do |format|
42. format.html # show.html.erb
43. format.json { render json: @user }
44. end
45. end
46.  
47. # edit user profile
48. def edit
49. @user = User.find(session[:user_id])
50. end
51.  
52. # update user profile
53.  
54. def update
55. @user = User.find(session[:user_id])
56.  
57. respond_to do |format|
58. if @user.update_attributes(params[:user])
59. format.html { redirect_to(@user, :notice => 'User was successfully updated.') }
60. format.json { head :ok }
61. else
62. format.html { render :action => "edit" }
63. format.json { render json: @user.errors, :status => :unprocessable_entity }
64. end
65. end
66. end
67.  
68. <%= simple_form_for (@user),:html => {:multipart => true} do |f| %>
69.  
70. <div class="inputs">
71. <%= f.input :adress %>
72. <%= f.input :city %>
73. <%= f.input :country ,:as => :country %>
74. <%= f.input :telephone, :as => :string %>
75. <%= f.file_field :picture %>
76.  
77. <div class="actions">
78. <%= f.button :submit %> | <%= link_to "cancel", profile_path%>
79. </div>
80. <% end %>
81.  
82. # Update record attributes when :current_password matches, otherwise returns
83. # error on :current_password. It also automatically rejects :password and
84. # :password_confirmation if they are blank.
85. def update_with_password(params, *options)
86. current_password = params.delete(:current_password)
87.  
88. if params[:password].blank?
89. params.delete(:password)
90. params.delete(:password_confirmation) if params[:password_confirmation].blank?
91. end
92.  
93. result = if valid_password?(current_password)
94. update_attributes(params, *options)
95. else
96. self.attributes = params
97. self.valid?
98. self.errors.add(:current_password, current_password.blank? ? :blank : :invalid)
99. false
100. end
101.  
102. clean_up_passwords
103. result
104. end
105.  
106. # Set password and password confirmation to nil
107. def clean_up_passwords
108. self.password = self.password_confirmation = nil
109. end