How to change password without current password in devise?

Question

I am using devise for authentication and i have a role for each user and i allow the user with admin role to create new user and i want the admin user to edit the password for the rest of user if they forgot their password. But i cannot able to change the password without current password in edit. So how can i allow the admin user to change the password by editing the users password and save as we do for the rest of the values.

Answer 1

Since update_without_password still requires current_password to update the password, you will have to have an update like this:

  def update
    # required for settings form to submit when password is left blank
    if params[:user][:password].blank?
      params[:user].delete("password")
      params[:user].delete("password_confirmation")
    end

    @user = User.find(current_user.id)
    if @user.update_attributes(params[:user])
      set_flash_message :notice, :updated
      # Sign in the user bypassing validation in case his password changed
      sign_in @user, :bypass => true
      redirect_to after_update_path_for(@user)
    else
      render "edit"
    end
  end

This example is meant for updating the current user (including user's password), but you can modify it to fit your needs.