##// END OF EJS Templates
Creating a wiki page named "Sidebar" without proper permission raises an exception (#23700)....
Jean-Philippe Lang -
r15367:650a64cb0020
parent child
Show More
@@ -62,10 +62,12 class WikiController < ApplicationController
62 62
63 63 def new
64 64 @page = WikiPage.new(:wiki => @wiki, :title => params[:title])
65 unless User.current.allowed_to?(:edit_wiki_pages, @project) && editable?
65 unless User.current.allowed_to?(:edit_wiki_pages, @project)
66 66 render_403
67 return
67 68 end
68 69 if request.post?
70 @page.title = '' unless editable?
69 71 @page.validate
70 72 if @page.errors[:title].blank?
71 73 path = project_wiki_page_path(@project, @page.title)
@@ -216,6 +216,15 class WikiControllerTest < Redmine::ControllerTest
216 216 assert_select_error 'Title has already been taken'
217 217 end
218 218
219 def test_post_new_with_protected_title_should_display_errors
220 Role.find(1).remove_permission!(:protect_wiki_pages)
221 @request.session[:user_id] = 2
222
223 post :new, :params => {:project_id => 'ecookbook', :title => 'Sidebar'}
224 assert_response :success
225 assert_select_error /Title/
226 end
227
219 228 def test_post_new_xhr_with_invalid_title_should_display_errors
220 229 @request.session[:user_id] = 2
221 230
General Comments 0
You need to be logged in to leave comments. Login now