Allow changes to internal user when password is void

app/controllers/internal_users_controller.rb

@@ -125,6 +125,11 @@ class InternalUsersController < ApplicationController
   def show; end
 
   def update
+    # Let's skip the password validation if the user is edited through
+    # the form by another user. Otherwise, the update might fail if an
+    # activation_token or password_reset_token is present
+    @user.validate_password = current_user == @user
+
     update_and_respond(object: @user, params: internal_user_params)
   end
 end

app/models/internal_user.rb

@@ -3,8 +3,10 @@
 class InternalUser < User
   authenticates_with_sorcery!
 
+  attr_accessor :validate_password
+
   validates :email, presence: true, uniqueness: true
-  validates :password, confirmation: true, if: :password_void?, on: :update, presence: true
+  validates :password, confirmation: true, if: -> { password_void? && validate_password? }, on: :update, presence: true
   validates :role, inclusion: {in: ROLES}
 
   def activated?
@@ -16,6 +18,13 @@ class InternalUser < User
   end
   private :password_void?
 
+  def validate_password?
+    return true if @validate_password.nil?
+
+    @validate_password
+  end
+  private :validate_password?
+
   def teacher?
     role == 'teacher'
   end

config/locales/de.yml

@@ -522,6 +522,7 @@ de:
     index:
       activate: Aktivieren
       forgot_password: Passwort zurücksetzen
+      reset_password: Passwort zurücksetzen
     activate:
       headline: Registrierung abschließen
       submit: Passwort speichern

config/locales/en.yml

@@ -522,6 +522,7 @@ en:
     index:
       activate: Activate
       forgot_password: Reset Password
+      reset_password: Reset Password
     activate:
       headline: Complete Registration
       submit: Set Password