| @@ -123,7 +123,7 class AccountController < ApplicationController | |||||
| 123 | user_params = params[:user] || {} |
|
123 | user_params = params[:user] || {} | |
| 124 | @user = User.new |
|
124 | @user = User.new | |
| 125 | @user.safe_attributes = user_params |
|
125 | @user.safe_attributes = user_params | |
| 126 |
@user.pref.attributes = params[:pref] |
|
126 | @user.pref.safe_attributes = params[:pref] | |
| 127 | @user.admin = false |
|
127 | @user.admin = false | |
| 128 | @user.register |
|
128 | @user.register | |
| 129 | if session[:auth_source_registration] |
|
129 | if session[:auth_source_registration] | |
| @@ -56,8 +56,8 class MyController < ApplicationController | |||||
| 56 | @user = User.current |
|
56 | @user = User.current | |
| 57 | @pref = @user.pref |
|
57 | @pref = @user.pref | |
| 58 | if request.post? |
|
58 | if request.post? | |
| 59 |
@user.safe_attributes = params[:user] |
|
59 | @user.safe_attributes = params[:user] | |
| 60 |
@user.pref.attributes = params[:pref] |
|
60 | @user.pref.safe_attributes = params[:pref] | |
| 61 | if @user.save |
|
61 | if @user.save | |
| 62 | @user.pref.save |
|
62 | @user.pref.save | |
| 63 | set_language_if_valid @user.language |
|
63 | set_language_if_valid @user.language | |
| @@ -90,7 +90,7 class UsersController < ApplicationController | |||||
| 90 | @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option, :admin => false) |
|
90 | @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option, :admin => false) | |
| 91 | @user.safe_attributes = params[:user] |
|
91 | @user.safe_attributes = params[:user] | |
| 92 | @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id |
|
92 | @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id | |
| 93 |
@user.pref.attributes = params[:pref] |
|
93 | @user.pref.safe_attributes = params[:pref] | |
| 94 |
|
94 | |||
| 95 | if @user.save |
|
95 | if @user.save | |
| 96 | Mailer.account_information(@user, @user.password).deliver if params[:send_information] |
|
96 | Mailer.account_information(@user, @user.password).deliver if params[:send_information] | |
| @@ -16,6 +16,8 | |||||
| 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
|
16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |
| 17 |
|
17 | |||
| 18 | class UserPreference < ActiveRecord::Base |
|
18 | class UserPreference < ActiveRecord::Base | |
|
|
19 | include Redmine::SafeAttributes | |||
|
|
20 | ||||
| 19 | belongs_to :user |
|
21 | belongs_to :user | |
| 20 | serialize :others |
|
22 | serialize :others | |
| 21 |
|
23 | |||
| @@ -23,6 +25,12 class UserPreference < ActiveRecord::Base | |||||
| 23 |
|
25 | |||
| 24 | before_save :set_others_hash |
|
26 | before_save :set_others_hash | |
| 25 |
|
27 | |||
|
|
28 | safe_attributes 'hide_mail', | |||
|
|
29 | 'time_zone', | |||
|
|
30 | 'comments_sorting', | |||
|
|
31 | 'warn_on_leaving_unsaved', | |||
|
|
32 | 'no_self_notified' | |||
|
|
33 | ||||
| 26 | def initialize(attributes=nil, *args) |
|
34 | def initialize(attributes=nil, *args) | |
| 27 | super |
|
35 | super | |
| 28 | if new_record? && !(attributes && attributes.key?(:hide_mail)) |
|
36 | if new_record? && !(attributes && attributes.key?(:hide_mail)) | |
General Comments 0
You need to be logged in to leave comments.
Login now