私有方法`update_without_password'调用了nil：NilClass

Question

I am following this tutorial on cancancan authentication, and specifically wanting admins to update users without needing a password. I've also seen this suggestion, but am unsure how to adapt it into my own code. When I click update, it says 'NoMethodError in UsersController#update' private method `update_without_password' called for nil:NilClass

My app returns all the user's params, so I don't understand what's happening here. Still very new to rails - let me know if you need any further information. Thank you in advance!

USERS CONTROLLER

class UsersController < ApplicationController
before_filter :authenticate_user!



 def update
  if user_params[:password].blank?
    user_params.delete(:password)
    user_params.delete(:password_confirmation)
  end


  successfully_updated = if needs_password?(@user, user_params)
                           @user.update(user_params)
                         else
                           @user.update_without_password(user_params)
                         end
 respond_to do |format|
    if successfully_updated
      format.html { redirect_to @user, notice: 'User was successfully updated.' }
      format.json { head :no_content }
    else
      format.html { render action: 'edit' }
      format.json { render json: @user.errors, status: :unprocessable_entity }
    end
  end


  rescue ActiveRecord::RecordNotFound
    respond_to_not_found(:js, :xml, :html)
  end


private
def needs_password?(user, params)
  params[:password].present?
end

def update_without_password(user_params)
  user.update_without_password(user_params)
end



def user_params
        params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation, :name, :role_id, :accepted)
end

EDIT FORM

<h3><%= @user == @current_user ? "Your Account Settings" : "Edit User" %></h3>

<%= form_for(@user, :html => { :method => :put }) do |f| %>
 <p><%= f.label :first_name %></p>
 <p><%= f.text_field :first_name %></p>

 <p><%= f.label :last_name %></p>
 <p><%= f.text_field :last_name %></p>

 <p><%= f.label :email %></p>
 <p><%= f.text_field :email %></p>
  <% if can? :read, Role %>
 <%= collection_select(:user, :role_id, Role.all, :id, :name, {prompt: true}) %>
  <% end %>
 <p><%= f.submit "Update" %></p>
<% end %>

What am I missing here? Please let me know if should provide anything else. Thanks!!

Answer 1

It looks to me like you're seeing that error because @user is not being instantiated in the update method. You need to set @user to an instance of your User model. Without seeing your full app, I can't know for sure, but you should have access to :id in the params hash, allowing you to set up @user doing something like this:

@user = User.find(params[:id])

Since you're digging into CanCan, I'd highly encourage you to read through their documentation for the load_and_authorize_resource method. You use it in your controllers to DRY up repetitive code that loads the object or collection you want to work with. It uses the name of the controller you're in and the :id value from params to automatically instantiate your resource. So, in your show , edit , and update methods, it would instantiate the singular @user object in your UsersController , and in your index method, it would instantiate the collection @users .

FWIW, you might wonder why you aren't seeing the NoMethodError crop up on the if needs_password?(@user, user_params) line. Even though @user is used there, if you look at the definition of your needs_password? method, it takes a user argument, but doesn't actually use it, so it won't complain about the fact that @user is nil when it's called. However, in this line @user.update_without_password(user_params) , you're directly sending the update_without_password method/message to the @user variable, which is nil .

I hope that helps!