UPDATE:
I needed to put my controller code ABOVE super, like so and then I had access to the #company instance variable in the view:
User Registration Controller:
class UserRegistrationController < Devise::RegistrationsController
before_action :configure_permitted_parameters
skip_before_filter :load_customer_access, only: [:new, :create]
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:first_name, :last_name, :current_password, :password, :password_confirmation, :email) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:first_name, :last_name, :current_password, :password, :password_confirmation, :email) }
end
def edit
#customer = current_user.customer
#company = Company.find_by_domain(User.get_domain(#customer.email))
super
end
end
I want to pass through the Company ID of the currently logged-in user so I can then view all the users from the same company.
This page will be accessed via a button from the Edit Account page (automatically generated view with Devise). This is the page in which I get the below error:
Note: I only see this error with the button to 'Manage Users' page. If I comment out that line and look at my logs, I can see this fine:
User Model:
...
def self.get_domain(email_address)
email_address.gsub(/.+#([^.]+.+)/, '\1')
end
def confirm!
current_customer = Customer.where(email: self.email).first
super
end
def ensure_has_customer
customer = self.customer
company = Company.find_by_domain(User.get_domain(self.email))
end
...
User Registration Controller:
class UserRegistrationController < Devise::RegistrationsController
before_action :configure_permitted_parameters
skip_before_filter :load_customer_access, only: [:new, :create]
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:first_name, :last_name, :current_password, :password, :password_confirmation, :email) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:first_name, :last_name, :current_password, :password, :password_confirmation, :email) }
end
def edit
super
#customer = current_user.customer
#company = Company.find_by_domain(User.get_domain(#customer.email))
puts "HAPPY CUSTOMER"
puts #customer.email
puts "HAPPY COMPANY"
puts #company.id // See above screenshot for logs
end
end
Edit User Route:
match "company/:company_id/edit_users" => 'company#edit_users', via: [:get], :as => :edit_company_users
_edit_account.html.erb:
<%= form_for(current_user, :as => :user, :url => registration_path(:user), :html => { :method => :put }) do |f| %>
<div>
<h1 class="login-header">My Account</h1>
</div>
<div class="control-group">
<div class="controls">
<div class="input-group col-centered input-group-lg">
<%= f.text_field :first_name, :class => 'form-control custom-form-control', :placeholder => 'First name' %>
</div>
</div>
</div>
<div class="control-group">
<div class="controls">
<div class="input-group col-centered input-group-lg">
<%= f.text_field :last_name, :class => 'form-control custom-form-control', :placeholder => 'Last name' %>
</div>
</div>
</div>
<div class="control-group">
<div class="controls">
<div class="input-group col-centered input-group-lg">
<%= f.email_field :email, :autocomplete => "off", :class => 'form-control custom-form-control', :placeholder => 'Email' %>
</div>
</div>
</div>
<div class="control-group">
<div class="controls">
<div class="input-group col-centered input-group-lg">
<%= f.password_field :password, :autocomplete => "off", :class => 'form-control custom-form-control', :placeholder => 'New password' %>
</div>
</div>
</div>
<div class="control-group">
<div class="controls">
<div class="input-group col-centered input-group-lg">
<%= f.password_field :password_confirmation, :autocomplete => "off", :class => 'form-control custom-form-control', :placeholder => 'New password confirmation' %>
</div>
</div>
</div>
<div class="control-group">
<div class="controls">
<div class="input-group col-centered input-group-lg">
<%= f.password_field :current_password, :class => 'form-control custom-form-control', :placeholder => 'Current password' %>
</div>
</div>
</div>
<br>
<div class="form-actions">
<button type="submit" class="btn-account-primary">Update Account</button>
</div>
<% end %>
<% if #customerAccess.admin_role %>
<hr>
<%= link_to 'Manage Users', edit_company_users_path(#company), :class => 'btn btn-sm btn-default' %><br>
<% end %>
The code for my Company controller and views can reach the edit_company_users_path ok, and the Company controller code is shown below if that's helpful:
Company Controller:
class CompanyController < ApplicationController
def index
#companies = Company.all
respond_to do |format|
format.html
format.json { render json: #companies }
end
end
def edit_users
#company = Company.find(params[:company_id])
#company_name = #company.name
#domain = #company.domain
#find_domain = "%" + #domain + "%"
#users = User.find(:all, :conditions => ["email LIKE ?", #find_domain])
end
end
Company Index View:
<div class="col-md-12">
<div class="row">
<div class="col-md-2"></div>
<div class="col-md-8">
<div class="page-header">
<h1>Manage Companies</h1>
</div>
<table class = "table table-striped table-bordered">
<tr>
<th>Company Name</th>
<th>Domain</th>
<th>Action</th>
</tr>
<% #companies.each do |company| %>
<tr>
<td><%= company.name %></td>
<td><%= company.domain %></td>
<td>
<%= link_to 'Manage Company Access', edit_company_path(company), :class => 'btn btn-sm btn-default' %>
<%= link_to 'Manage Applications', edit_company_applications_path(company), :class => 'btn btn-sm btn-default' %>
<%= link_to 'Manage Users', edit_company_users_path(company), :class => 'btn btn-sm btn-default' %><br>
</td>
</tr>
<% end %>
</table>
</div>
</div>
</div>
What's interesting to note is that when I do <%= #company %> in the view, no name of the Company appears (though the ID is 2, and name is 'Ryan Drake'), and displays ok in the view. When I do <%= #company.id %>, it throws "undefined method 'id' for nil:class".
Any guidance about accessing the company ID from the Edit Account Devise view in the easiest way possible, so I can pass that through as a parameter and hit the method would be superb.
In the code you show, there is an end and a if, I think you are probably closing the "each" loop before the line of the error, so the "company" variable is not found.
EDIT:
I see two potential problems:
It is definitely #company in edit_company_users_path(#company). If
it doesn't work, does it show the same error? Please show that.
I think you might be messing with devise routes in the alias
"edit_company_users_path", but I don't know how are you organizing
your resources. If you are nesting companies under users, the
default route for that would be something like
edit_company_users_path(#company, current_user). Run rake routes if
you get a routing error.
Related
I try save record on database, in pivot table but I have a error(screen) if I write #video.category_ids = 1 it works but category id = 1 in database
Below I put my code if you neeed more information please write.
videos_controller.rb
class VideosController < ApplicationController
layout 'master'
before_action :chceck_login
def index
#videos = Video.sortASC
end
def new
#categories = Category.all
end
def create
#video = Video.new(video_params)
#video.category_ids = [video_params]
if #video.save
flash[:notice] = 'The movie has been added successfuly'
redirect_to(:action => 'index')
else
#categories = Category.all
render('new')
end
end
def show
end
def edit
end
def delete
end
private
def video_params
params.require(:video).permit(:title, :url, :description, category_attributes: [:id]).merge(user_id: session[:user_id])
end
end
_form_html.erb
<div class="input-group mb-3">
<div class="input-group-prepend">
<span class="input-group-text" id="basic-addon1"><i class="fas fa-tag"></i></span>
</div>
<%= f.text_field :title, placeholder: 'Title', :class => 'form-control', :id => 'title' %>
</div>
<div class="input-group mb-3">
<div class="input-group-prepend">
<span class="input-group-text" id="basic-addon1"><i class="fas fa-link"></i></span>
</div>
<%= f.text_field :url, placeholder: 'URL', :class => 'form-control', :id => 'url' %>
</div>
<div class="input-group mb-3">
<div class="input-group-prepend">
<span class="input-group-text" id="basic-addon1"><i class="fas fa-edit"></i></span>
</div>
<%= f.text_area :description, placeholder: 'Description', rows: 5, :class => 'form-control', :id => 'description' %>
</div>
<div class="input-group mb-3">
<div class="input-group-prepend">
<span class="input-group-text" id="basic-addon1"><i class="fas fa-sitemap"></i></span>
</div>
<%= f.select(:category_id, #categories.map{|t| [t.name, t.id]}, {}, :multiple => true, :class => 'custom-select') %>
</div>
video.rb
class Video < ApplicationRecord
belongs_to :user
has_and_belongs_to_many :categories
scope :sortASC, lambda{order("videos.created_at ASC")}
end
new.html.erb
<% #page_title = 'Add Film' %>
<div class='container'>
<div class='row'>
<div class='col s-6'>
<div class="jumbotron jumbotron-fluid bg-info">
<div class="container">
<h1 class="display-4 text-center">ADD NEW FILM <i class="fas fa-plus"></i></h1>
<p class="lead">This is a modified jumbotron that occupies the entire horizontal space of its parent.</p>
</div>
</div>
</div>
<div class='col s-6'>
<%= form_for(:video, :url => {:action => 'create'}) do |f| %>
<%= render(:partial => 'form', :locals => {:f => f}) %>
<%= submit_tag('Add Film', :class => 'btn btn-primary float-right') %>
<% end %>
</div>
</div>
</div>
Error
https://imgur.com/7P4WpMU
If you want I have put my project on Github.
I would suggest the following changes:
In _form.html.erb pluralize the name of the select, i.e. change
<%= f.select(:category_id, #categories.map{|t| [t.name, t.id]}, {}, :multiple => true, :class => 'custom-select') %>
to
<%= f.select(:category_ids, #categories.map{|t| [t.name, t.id]}, {}, :multiple => true, :class => 'custom-select') %>
In videos_controller.rb change
def video_params
params.require(:video).permit(:title, :url, :description, category_attributes: [:id]).merge(user_id: session[:user_id])
end
to
def video_params
params[:video][:category_ids].reject!(&:blank?) unless params[:video][:category_ids].nil?
params.require(:video).permit(:title, :url, :description, category_ids: []).merge(user_id: session[:user_id])
end
Also in videos_controller.rb remove
#video.category_ids = [video_params]
to leave things to the constructor
Regarding 2. I am not 100% sure about the exact solution, maybe you should also reject the empty id you have in your parameters (according to the provided screenshot, use .reject!(&:blank?) for that) - for analyzing further problems check the output of the video_params function before passing it to the constructor - it basically should look like a hash representation of the expected object.
edit Updated the change proposal for 2. regarding category_ids
been banging my head on the table over this one. I have another nested form but this one is driving me crazy.
The error is:
TypeError in CompaniesController#create
no implicit conversion of Symbol into Integer
#company = Company.new(company_params)
The controller:
class CompaniesController < ApplicationController
layout 'welcome'
def new
#company = Company.new
end
def create
#company = Company.new(company_params)
if #company.save
flash[:notice] = "New company created successful."
redirect_to admin_accounts_path
else
flash.now[:alert] = "Creation failed, please try again"
render :new
end
end
private
def company_params
params.require(:company).permit(:name, :location, :users_attributes => [:email, :password])
end
end
On the new.html.erb:
<%= render partial: 'form', locals: { company: #company, users_attributes: :users_attributes } %>
This code looks exactly like another nested setup I have, but it works :p
I had read that sometimes changing the params from => to just having a semicolon works, but replacing the user_attributes => with a user_attributes: didn't change anything.
EDIT: form.html.erb
<%= form_for company, url: companies_path do |f| %>
<div class="col-12">
<div class="row">
<div class="col p-0 mr-3">
<div class="form-group">
Company <%= f.label :name %>
<%= f.text_field :name, :placeholder => 'Company name', class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :location %>
<%= f.text_field :location, :placeholder => 'Location', class: 'form-control' %>
</div>
</div>
<div class="col p-0">
<%= f.fields_for users_attributes do |user_f| %>
<div class="form-group">
<%= user_f.label :email %>
<%= user_f.text_field :email, :placeholder => 'Your Email Address', class: 'form-control' %>
</div>
<div class="form-group">
<%= user_f.label :password %>
<%= user_f.password_field :password, :placeholder => 'Password', class: 'form-control' %>
</div>
<% end %>
</div>
<div class="col-12 p-0">
<%= f.submit "Sign-Up", :class => 'btn btn-primary btn-block btn-lg' %>
</div>
</div>
</div>
<% end %>
Use users instead of users_attributes on the form.
Don't forget to define accepts_nested_attributes_for :users in model Company
## new.html.erb
<%= render partial: 'form', locals: { company: #company, users_attributes: :users } %>
I wonder why you didn't put :users into the form directly
I want my user to be able to go straight to the path subscriptions/new after landing on their edit user/update account page. can anyone help me as to how i would go about this. I have listed my routes below
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name, :email, :password) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :line1, :line2, :town, :county, :postcode, :password, :password_confrimation, :current_password)}
end
private
def after_sign_in_path_for(resource)
edit_user_registration_path(current_user) #basically whichever path you think meets your needs
end
routes.rb file
Rails.application.routes.draw do
resources :subscriptions, only: [:new, :create, :show, :destroy]
#gives standard routes
get 'content/fruit'
get 'content/veg'
get 'content/mix'
devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)
namespace :admin do
get 'dashboard/index'
end
devise_for :users, :controllers => {:registrations => 'devise/registrations'}
# devise_for :users
resources :products do
resources :orders, only: [:new, :create]
#tells rails needs product id number
end
# get 'pages/payment'
get 'home/about'
get 'home/contact'
get 'seller' => "products#seller"
get 'sales' => "orders#sales"
get 'static_pages/productlanding'
get "content/veg"
get "content/fruit"
get "content/mix"
get 'subscriptions/new'
Devise Registration Controller
class Devise::RegistrationsController < DeviseController
def update
set_flash_message :notice, :"message here" if is_flashing_format?
session[:user_return_to] = new_subscription_path
super
end
end
Edit form user
<h2>Edit <%= resource_name.to_s.humanize %></h2>
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
<%= devise_error_messages! %>
<div class="form-group">
<%= f.label :avatar, class: 'col-sm-2 control-label' %>
<div class="col-sm-6">
<%= f.file_field :avatar %>
</div>
</div>
<div class="form-group">
<%= f.label :name %>
<%= f.text_field :name, autofocus: true, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :email %>
<%= f.email_field :email, class: "form-control" %>
</div>
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
<div class="form-group">
Currently waiting confirmation for: <%= resource.unconfirmed_email %>
</div>
<% end %>
<div class="form-group">
<%= f.label :password %> <i>(leave blank if you don't want to change it)</i>
<%= f.password_field :password, autocomplete: "off", class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i>
<%= f.password_field :current_password, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :line1 %>
<%= f.text_field :line1, autofocus: true, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :line2 %>
<%= f.text_field :line2, autofocus: true, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :town %>
<%= f.text_field :town, autofocus: true, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :county %>
<%= f.text_field :county, autofocus: true, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :postcode %>
<%= f.text_field :postcode, autofocus: true, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :organization %>
<%= f.text_field :organization, autofocus: true, class: "form-control" %>
</div>
<div class="form-group">
<%= f.submit "Update", class: "btn btn-primary" %>
</div>
<% end %>
<h3>Cancel my account</h3>
<p>Unhappy? <%= button_to "cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete, class: "btn btn-danger" %></p>
<%= link_to "Back", :back %>
You can change path on this method after_update_path_for(resource)
class Devise::RegistrationsController < DeviseController
## other devise stuff
protected
def after_update_path_for(resource)
new_subscription_path
end
end
If you have multiple devise model you can try this
class Devise::RegistrationsController < DeviseController
## other devise stuff
protected
def after_update_path_for(resource)
if resource.is_a?(DeviseModel1)
new_subscription_path
else
other_path
end
end
end
Or you can put them into application_controller.rb
You need to override update action of devise registration controller for this.
class Devise::RegistrationsController < DeviseController
def update
set_flash_message :notice, :"message here" if is_flashing_format?
session[:user_return_to] = new_subscription_path
super
end
end
In your routes :
devise_for :users, :controllers => {:registrations => 'devise/registrations'}
There should be another controller app/controllers/devise/registrations. Controller code above.
If you want to make custom message then it come from config/locales/en.yml:
en:
devise:
registrations:
destroyed: "my custom message."
updated: "my custom message"
I would like to let the user choose the service (free, standard, pro) in the registration step.
Here is the db model i'm working with:
(User)1---n(Subscription)n--1(Service)
In the "new user" form I have this customised code in order to let the user chose the service:
identities/new.hmtl.erb
<%= form_tag "/auth/identity/register", :html => {:role=>"form"} do %>
<div class="form-group">
<label>Service</label>
<%= select("service", "service_id", #available_services, {:selected => params[:service_id]}, {class:"form-control"}) %>
</div>
<div class="form-group">
<label>Name</label>
<%= text_field_tag :name, nil, class:"form-control" %>
<p class="help-block">Nome e cognome completo e corretto.</p>
</div>
<div class="form-group">
<label>Email</label>
<%= text_field_tag :email, #identity.try(:email), class:"form-control" %>
</div>
<div class="form-group">
<label>Password</label>
<%= password_field_tag :password, nil, class:"form-control"%>
</div>
<div class="form-group">
<label>Password confirmation</label>
<%= password_field_tag :password_confirmation, nil, class:"form-control"%>
</div>
<%= submit_tag "Sign up",class:"btn btn-default" %>
<% end %>
identities_controller.rb
class IdentitiesController < ApplicationController
skip_before_filter :require_login
layout "static"
def new
#available_services = Service.all.where(:id => [1, 2, 3]).collect {|p| [ p.name, p.id ] }
#identity = env['omniauth.identity']
end
end
Now, what's the way to create/save the user and the relation between the new user and the selected subscription?
I solved this by...
Adding an hidden field for the service:
#identitiy.new.html
<%= hidden_field_tag :service_id, params[:service_id] %>
Edited the omniauth initializer as follow:
#omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :identity,:fields => [:service_id,:name,:email], on_failed_registration: lambda { |env|
IdentitiesController.action(:new).call(env)
}
end
Added attr_accessor and a after_create method in the Identity model:
#identity.rb
class Identity < OmniAuth::Identity::Models::ActiveRecord
attr_accessor :service_id
validates_presence_of :name
validates_uniqueness_of :email
#validates_format_of :email, :with => /^[-a-z0-9_+\.]+\#([-a-z0-9]+\.)+[a-z0-9]{2,4}$/i
after_create :add_subscription
private
def add_subscription
Subscription.create(:user_id => self.id, :service_id => service_id.to_f)
end
end
I worry the solution here will be woefully obvious, but I'm having trouble implementing the instructions on the Devise wiki (https://github.com/plataformatec/devise/wiki/How-To%3a-Allow-users-to-edit-their-account-without-providing-a-password)
I'm using Rails 4. After following the wiki, I'm still receiving "current password can't be blank". Here's my setup. Any assistance is much appreciated!
REGISTRATIONS_CONTOLLER.rb
class RegistrationsController < Devise::RegistrationsController
def update
#user = User.find(current_user.id)
successfully_updated = if needs_password?(#user, params)
#user.update_with_password(devise_parameter_sanitizer.for(:account_update))
# Rails 3: #user.update_with_password(params[:user])
else
# remove the virtual current_password attribute update_without_password
# doesn't know how to ignore it
params[:user].delete(:current_password)
#user.update_with_password(devise_parameter_sanitizer.for(:account_update))
# Rails 3: #user.update_without_password(params[:user])
end
if successfully_updated
set_flash_message :notice, :updated
# Sign in the user bypassing validation in case his password changed
sign_in #user, :bypass => true
redirect_to after_update_path_for(#user)
else
render "edit"
end
end
private
# check if we need password to update user data
# ie if password or email was changed
# extend this as needed
def needs_password?(user, params)
user.email != params[:user][:email] ||
params[:user][:password].present?
end
end
APPLICATION_CONTROLER.rb
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_filter :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:first_name, :last_name, :username, :email, :avatar, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:first_name, :last_name, :username, :email, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:sign_in) do |u|
u.permit(:username, :email, :password)
end
end
end
ROUTES.rb
ProjectFoo::Application.routes.draw do
devise_for :users, :controllers => { :registrations => "registrations",
:invitations => 'users/invitations' }
Note: I'm also using the devise_invitable gem
VIEWS/DEVISE/REGISTRATIONS/EDIT.html.erb
<h2>Edit <%= resource_name.to_s.humanize %></h2>
<%= image_tag #user.avatar.url(:square) %>
<%= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put, :class => 'form-horizontal' }) do |f| %>
<%= devise_error_messages! %>
<div class="span5">
<div class="control-group">
<%= f.label :email, :class => 'control-label' %>
<div class="controls">
<%= f.email_field :email, :autofocus => true, :class => 'text_field' %>
</div>
</div>
<div class="control-group">
<%= f.label :username, :class => 'control-label' %>
<div class="controls">
<%= f.text_field :username, :autofocus => true, :class => 'text_field' %>
</div>
</div>
<div class="control-group">
<%= f.label :first_name, :class => 'control-label' %>
<div class="controls">
<%= f.text_field :first_name, :autofocus => true, :class => 'text_field' %>
</div>
</div>
<div class="control-group">
<%= f.label :last_name, :class => 'control-label' %>
<div class="controls">
<%= f.text_field :last_name, :autofocus => true, :class => 'text_field' %>
</div>
</div>
<div class="control-group">
<%= f.label :twitter_handle, :class => 'control-label' %>
<div class="controls">
<%= f.text_field :twitter_handle, :autofocus => true, :class => 'text_field' %>
</div>
</div>
<div class="control-group">
<%= f.label :avatar, :class => 'control-label' %>
<div class="controls">
<%= f.file_field :avatar, :class => 'file_field' %>
</div>
</div>
</div>
<div class="span5">
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
<div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
<% end %>
<div class="control-group">
<%= f.label :password, :class => 'control-label' %>
<div class="controls">
<%= f.password_field :password, :autocomplete => "off", :class => 'password_field' %><br><i>(leave blank if you don't want to change it)</i>
</div>
</div>
<div class="control-group">
<%= f.label :password_confirmation, :class => 'control-label' %>
<div class="controls">
<%= f.password_field :password_confirmation, :class => 'password_field' %>
</div>
</div>
<div class="control-group">
<%= f.label :current_password, :class => 'control-label' %>
<div class="controls">
<%= f.password_field :current_password, :class => 'password_field' %><p><i>(we need your current password to confirm your changes)</i></p>
</div>
</div>
<%= f.submit "Update" %>
</div>
<% end %>
<div class="span11">
<hr>
</div>
<div class="span11">
<h3>Cancel my account</h3>
<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete %></p>
<p><%= link_to "Back", :back %></p>
</div>
You have update_with_password twice. The second time should be update_without_password.
I had same problem for hours. In my particular situation I had many custom user attributes that could be updated from different partials. Make sure you at least add hidden fields - name and email - as required by needs_password?