From 692b3b6b6a565a27b968db8027daabcc766cfede Mon Sep 17 00:00:00 2001
From: Oscar Del Ben <info@oscardelben.com>
Date: Tue, 24 Apr 2012 19:16:01 +0200
Subject: [PATCH] Fix secure_password setter

---
 activemodel/lib/active_model/secure_password.rb | 2 +-
 activemodel/test/cases/secure_password_test.rb  | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb
index e7a57cf691..111204d67d 100644
--- a/activemodel/lib/active_model/secure_password.rb
+++ b/activemodel/lib/active_model/secure_password.rb
@@ -64,8 +64,8 @@ def authenticate(unencrypted_password)
 
       # Encrypts the password into the password_digest attribute.
       def password=(unencrypted_password)
-        @password = unencrypted_password
         unless unencrypted_password.blank?
+          @password = unencrypted_password
           self.password_digest = BCrypt::Password.create(unencrypted_password)
         end
       end
diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb
index 4338a3fc53..c451cc1aca 100644
--- a/activemodel/test/cases/secure_password_test.rb
+++ b/activemodel/test/cases/secure_password_test.rb
@@ -19,6 +19,12 @@ class SecurePasswordTest < ActiveModel::TestCase
     assert !@user.valid?, 'user should be invalid'
   end
 
+  test "blank password doesn't override previous password" do
+    @user.password = 'test'
+    @user.password = ''
+    assert_equal @user.password, 'test'
+  end
+
   test "password must be present" do
     assert !@user.valid?
     assert_equal 1, @user.errors.size
-- 
GitLab