Have you tried following the "forgot my password" path as admin? Getting the reset token mailed to you lets you go through a different controller: Devise::PasswordsController < DeviseController, so you can still have the admin get special privileges in the users_controller.
I use the following in my users_controller to allow admins to change other users' accounts without that user's password, and to keep non-admins from "promoting" themselves:
def update
if( ! current_user.admin? )
user_params[:admin_role] = @user.admin_role
command = :update_with_password
else
command = :update_without_password
user_params.delete(:password)
user_params.delete(:password_confirmation)
user_params.delete(:current_password)
end
@user = User.accessible_by(current_ability).find(params[:id])
old_user = current_user
if @user.send(command, user_params)
sign_in 'user', old_user, :bypass => true
redirect_to users_path, :notice => "Successfully updated user."
else
render :action => 'edit'
end
end
Walter
>
> Thanks in advance
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "Devise" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
plataformatec-de...@googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.