Avoid mass assignment error messages with current password.
This commit is contained in:
parent
bdacffab58
commit
48a94cdece
|
@ -1,3 +1,12 @@
|
|||
== 1.0.1
|
||||
|
||||
* enhancements
|
||||
* HttpAuthenticatable is not added by default automatically.
|
||||
* Avoid mass assignment error messages with current password.
|
||||
|
||||
* bug fix
|
||||
* Fixed encryptors autoload
|
||||
|
||||
== 1.0.0
|
||||
|
||||
* deprecation
|
||||
|
|
|
@ -86,11 +86,12 @@ module Devise
|
|||
|
||||
params.delete(:password) if params[:password].blank?
|
||||
params.delete(:password_confirmation) if params[:password_confirmation].blank?
|
||||
current_password = params.delete(:current_password)
|
||||
|
||||
result = if valid_password?(params[:current_password])
|
||||
result = if valid_password?(current_password)
|
||||
update_attributes(params)
|
||||
else
|
||||
message = params[:current_password].blank? ? :blank : :invalid
|
||||
message = current_password.blank? ? :blank : :invalid
|
||||
self.class.add_error_on(self, :current_password, message, false)
|
||||
self.attributes = params
|
||||
false
|
||||
|
|
Loading…
Reference in New Issue