From 7029341e40fc8344928106ac20cb643404c0687d Mon Sep 17 00:00:00 2001
From: mokaddem <sami.mokaddem@circl.lu>
Date: Tue, 12 Jan 2021 08:50:01 +0100
Subject: [PATCH] fix: [user] Allow password update and hiden confirm_password
 field

---
 src/Controller/Component/CRUDComponent.php | 7 ++++---
 src/Model/Entity/User.php                  | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/Controller/Component/CRUDComponent.php b/src/Controller/Component/CRUDComponent.php
index 81fd6d8..171533c 100644
--- a/src/Controller/Component/CRUDComponent.php
+++ b/src/Controller/Component/CRUDComponent.php
@@ -196,9 +196,10 @@ class CRUDComponent extends Component
             }
         }
         if (!empty($params['removeEmpty'])) {
-            foreach ($params['removeEmpty'] as $removeEmptyField)
-            if (isset($input[$removeEmptyField])) {
-                unset($input[$removeEmptyField]);
+            foreach ($params['removeEmpty'] as $removeEmptyField) {
+                if (empty($input[$removeEmptyField])) {
+                    unset($input[$removeEmptyField]);
+                }
             }
         }
         return $input;
diff --git a/src/Model/Entity/User.php b/src/Model/Entity/User.php
index e6a6796..fe31e50 100644
--- a/src/Model/Entity/User.php
+++ b/src/Model/Entity/User.php
@@ -8,7 +8,7 @@ use Authentication\PasswordHasher\DefaultPasswordHasher;
 
 class User extends AppModel
 {
-    protected $_hidden = ['password'];
+    protected $_hidden = ['password', 'confirm_password'];
     protected function _setPassword(string $password) : ?string
     {
         if (strlen($password) > 0) {