Devise password confirmation for errors

I'm trying to implement a change password view. Currently I'm testing if I get red error messages on the form if I put in password and password_confirmation that don't match. I'm getting a traceback saying "Validation failed: Password doesn't match confirmation", but I'm seeing none of the natural form based error messages...

One other tidbit of information that might be useful is that my User model accepts nested attributes for another model (contact_info). That stuff all works fine.

Here are the relevant bits of code. From my model:

class User < ActiveRecord::Base
  devise :database_auth开发者_Go百科enticatable, :recoverable, :rememberable, :trackable, :validatable
  ...
end

Here is the code from my haml view:

= form_for @user do |user|
  -if @user.errors.any?
  #error_explanation
    %h2= "#{pluralize(@user.errors.count, "error")} prohibited this user from being saved:"
    %ul
      - @user.errors.full_messages.each do |msg|
        %li= msg

And finally, here is the bit from my controller:

...
if @user.update_attributes!(params[:user])
  format.html { redirect_to(users_url, :notice => 'User was successfully updated.') }
  format.xml  { head :ok }
else
  ...

I was able to verify that those fields are in the params being passed in:

Parameters: {"user"=>{"last_name"=>"Jim", "first_name"=>"Dandy", "email"=>"jim@dandy.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"

I suspect I'm missing something fairly simple...but for the life of me I can't figure out what it might be.

So it turns out that what was really missing was the current password--I only had the password and password_confirmation fields and Devise also wanted a current_password field.

once I had that field in place I called update_with_password instead of update_attributes, and the whole thing came together nicely.