From 6fcfba229d8fe4e4f2721a8edeb2807e8cb5cb09 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Valim?= <jose.valim@gmail.com>
Date: Tue, 25 Oct 2011 18:37:53 +0200
Subject: [PATCH] Improve docs for update_without_password.

---
 lib/devise/models/database_authenticatable.rb | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/lib/devise/models/database_authenticatable.rb b/lib/devise/models/database_authenticatable.rb
index 033f84e7..b9168186 100644
--- a/lib/devise/models/database_authenticatable.rb
+++ b/lib/devise/models/database_authenticatable.rb
@@ -73,7 +73,17 @@ module Devise
       end
 
       # Updates record attributes without asking for the current password.
-      # Never allows to change the current password
+      # Never allows to change the current password. If you are using this
+      # method, you should probably override this method to protect other
+      # attributes you would not like to be updated without a password.
+      #
+      # Example:
+      #
+      #   def update_without_password(params={})
+      #     params.delete(:email)
+      #     super(params)
+      #   end
+      #
       def update_without_password(params={})
         params.delete(:password)
         params.delete(:password_confirmation)