##// END OF EJS Templates
jro_apps » redmine
RSS
Do not render hidden news edit form if user is not allowed to edit (closes #4068)....
Jean-Philippe Lang -
r2840:04ae25f6b0ce
parent child
Show More
Side by Side Unified
Context file:
r2840:04ae25f6b0ce Loading diff...:
Show file before | Show file after | Hide comments
@@ -9,6 +9,7
9
9
10 <h2><%=h @news.title %></h2>
10 <h2><%=h @news.title %></h2>
11
11
12 <% if authorize_for('news', 'edit') %>
12 <div id="edit-news" style="display:none;">
13 <div id="edit-news" style="display:none;">
13 <% labelled_tabular_form_for :news, @news, :url => { :action => "edit", :id => @news },
14 <% labelled_tabular_form_for :news, @news, :url => { :action => "edit", :id => @news },
14 :html => { :id => 'news-form' } do |f| %>
15 :html => { :id => 'news-form' } do |f| %>
@@ -20,10 +21,11
20 :update => 'preview',
21 :update => 'preview',
21 :with => "Form.serialize('news-form')"
22 :with => "Form.serialize('news-form')"
22 }, :accesskey => accesskey(:preview) %> |
23 }, :accesskey => accesskey(:preview) %> |
23 <%= link_to l(:button_cancel), "#", :onclick => 'Element.hide("edit-news")' %>
24 <%= link_to l(:button_cancel), "#", :onclick => 'Element.hide("edit-news"); return false;' %>
24 <% end %>
25 <% end %>
25 <div id="preview" class="wiki"></div>
26 <div id="preview" class="wiki"></div>
26 </div>
27 </div>
28 <% end %>
27
29
28 <p><em><% unless @news.summary.blank? %><%=h @news.summary %><br /><% end %>
30 <p><em><% unless @news.summary.blank? %><%=h @news.summary %><br /><% end %>
29 <span class="author"><%= authoring @news.created_on, @news.author %></span></em></p>
31 <span class="author"><%= authoring @news.created_on, @news.author %></span></em></p>
General Comments 0
You need to be logged in to leave comments. Login now