intended to remove some of the weirdness when updating a users account. A blank password basically ends up causing the previously existing password to be hashed twice. Probably move to has_secure_password at some point although that may end up screwing up the intent of the particular tutorial item

app/models/user.rb

@@ -1,15 +1,16 @@
 class User < ActiveRecord::Base
-  attr_accessible :email, :password, :admin, :password_confirmation, :first_name, :last_name
-  validates_confirmation_of :password, :password_confirmation, :on => :create
+  attr_accessible :email, :admin, :first_name, :last_name, :user_id, :password, :password_confirmation
   validates :password, :presence => true,
                        :confirmation => true,
                        :length => {:within => 6..40},
-                       :on => :create#,
+                       :on => :create,
+                       :if => :password#,
                        #:format => {:with => /\A.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\@\#\$\%\^\&\+\=]).*\z/}
   validates_presence_of :email
   validates_uniqueness_of :email
   validates_format_of :email, :with => /.+@.+\..+/i
   attr_accessor :skip_user_id_assign
+  attr_accessor :skip_hash_password
   before_save :assign_user_id, :on => :create
   before_save :hash_password
   has_one :retirement, :foreign_key => :user_id, :primary_key => :user_id, :dependent => :destroy
@@ -18,6 +19,7 @@ class User < ActiveRecord::Base
   has_many :performance, :foreign_key => :user_id, :primary_key => :user_id, :dependent => :destroy
 
 
+
   def build_benefits_data
     build_retirement(POPULATE_RETIREMENTS.shuffle.first)
     build_paid_time_off(POPULATE_PAID_TIME_OFF.shuffle.first).schedule.build(POPULATE_SCHEDULE.shuffle.first)
@@ -44,7 +46,7 @@ class User < ActiveRecord::Base
           raise "#{email} doesn't exist!"
        end
        return auth
-  end  
+  end 
     
   def assign_user_id
      unless @skip_user_id_assign.present? || self.user_id.present?
@@ -55,8 +57,10 @@ class User < ActiveRecord::Base
   end
   
   def hash_password
-    if self.password.present?
-      self.password = Digest::MD5.hexdigest(password)
+    unless @skip_hash_password == true
+      if password.present?
+        self.password = Digest::MD5.hexdigest(password)
+      end
     end
   end