There were at least two possibilities regarding the user profile update:
change the UI to indicate that the password is required to update any field
separate the form out into a sensitive (password, email) and non-sensitive section by:
creating a new controller to manage user profile
overriding RegistrationsController#update to check if any sensitive attributes are changed (use update_with_password if so or update_without_password otherwise
Option 1 is more readily achievable and doesn't require a bunch of new tests, but option 2 is still possible.
There were at least two possibilities regarding the user profile update:
RegistrationsController#update
to check if any sensitive attributes are changed (useupdate_with_password
if so orupdate_without_password
otherwiseOption 1 is more readily achievable and doesn't require a bunch of new tests, but option 2 is still possible.