Updating attributes from retrieved objects that has required attr_acessors - Rails Tutorial - Michael Hartl's

On Chapter 7 from Michael Hartl's tutorial there is a User model <code here> that has a password attribute defined as a attr_accessor and also as attr_accessible with a presence validator.

The problem is: if I retrieve an existent User and try to update its email, ruby throws an exception claiming for its password, and I'm forced to re-set the password every time I want to update any other attribute. Example:

User.first.update_attributes!(:email => "example@mail.com")
ActiveRecord::RecordInvalid: Validation failed: Password can't be blank, Password is too short (minimum is 6 characters)

I开发者_开发百科 added ":on => :create" next to the password's presence validator and it seemed to solve the problem. Is this the right solution regarding a login system?

Anyone who has completed the Michael Harlt's tutorial knows if that was an error or it was his real intention?

You want to add the validator to the password hash field so that it is the actual password stored in the database which is checked. If you make the password= function set the value of a hash column, then this method will work independently of the actual password virtual variable.