Devise不允许用户更新他们的信息

Question

在写这篇文章之前，我已经检查了official guides和类似的问题，但不知怎的，我一直遇到问题而且没有帮助。

问题是我需要用户能够更改密码。为此，我使用Devise及其观点。我可以在所有其他方面完美地使用Devise，但是当我尝试这个时，即使是为此创建的帐户，它也会产生2个错误：当前密码无效，密码确认无效。

我尝试过两种方式的消毒剂：

用户/ registration_controller.rb

# frozen_string_literal: true

class Users::RegistrationsController < Devise::RegistrationsController
  # before_action :configure_sign_up_params, only: [:create]
  skip_before_action :require_no_authentication
  before_action :authenticate_user!
  before_action :authorize_admin!, only: :create
  # before_action :configure_account_update_params, only: [:update]

  # GET /resource/sign_up
  # def new
  #   super
  # end

  # POST /resource
  def create
     build_resource(sign_up_params)

     resource.save
     yield resource if block_given?
     if resource.persisted?
       if resource.active_for_authentication?
         set_flash_message! :notice, :signed_up
         respond_with resource, location: after_sign_up_path_for(resource)
       else
         set_flash_message! :notice, :"signed_up_but_#{resource.inactive_message}"
         expire_data_after_sign_in!
         respond_with resource, location: after_inactive_sign_up_path_for(resource)
       end
     else
       clean_up_passwords resource
       set_minimum_password_length
       respond_with resource
     end
  end

  # GET /resource/edit
  # def edit
  #   super
  # end

  # PUT /resource
  # def update
  #   super
  # end

  # DELETE /resource
  # def destroy
  #   super
  # end

  # GET /resource/cancel
  # Forces the session data which is usually expired after sign
  # in to be expired now. This is useful if the user wants to
  # cancel oauth signing in/up in the middle of the process,
  # removing all OAuth session data.
  # def cancel
  #   super
  # end

  protected

  # If you have extra params to permit, append them to the sanitizer.
  def configure_sign_up_params
    devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, :email, :password, :password_confirmation, :creditos, :role, :birthday, :dni, :address, :phone, :gender])
  end

  # If you have extra params to permit, append them to the sanitizer.
  def configure_account_update_params
    devise_parameter_sanitizer.permit(:account_update, keys: [:first_name, :last_name, :email, :password, :password_confirmation, :current_password, :creditos, :role, :birthday, :dni, :address, :phone, :gender])
  end

  # The path used after sign up.
  def after_sign_up_path_for(resource) #Resource is the user just created

    empresa = Empresa.create(user_id: resource.id)
    resource.empresa_id = empresa.id
    if resource.save(validate: false)
      edit_empresa_path(resource.empresa)
    else
      flash[:alert] = "Ha habido un problema"
      redirect_to (root_path)
    end
  end

  # The path used after sign up for inactive accounts.
  # def after_inactive_sign_up_path_for(resource)
  #   super(resource)
  # end

  private

  def authorize_admin!
    unless user_signed_in? && current_user.admin?
      redirect_to root_path, alert: "Tú no eres administrador."
    end
  end

end

application_controller.rb

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  before_action :configure_permitted_parameters, if: :devise_controller?

  private
  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up) do |user|
      user.permit(:email, :password, :password_confirmation, :role, :creditos )
    end
    devise_parameter_sanitizer.permit(:account_update) do |user|
      user.permit(:email, :password, :password_confirmation, :current_password, :role, :creditos )
    end
  end
end

注意：我已经多次使用不同帐户验证当前密码是否正常。上面的方法一次使用一个。不是同时的。