jro_apps/redmine Commit - r2936:93bf1df5d40e

Fix 500 errors with a POST request that requires a login. #4216...

Eric Davis -

r2936:93bf1df5d40e

parent child

Context file:

r2936:93bf1df5d40e

app/controllers/application_controller.rb +7 -1

                def require_login
                  if !User.current.logged?
-                   redirect_to :controller => "account", :action => "login", :back_url => url_for(params)
+                   # Extract only the basic url parameters on non-GET requests
+                   if request.get?
+                     url = url_for(params)
+                   else
+                     url = url_for(:controller => params[:controller], :action => params[:action], :id => params[:id], :project_id => params[:project_id])
+                   end
+                   redirect_to :controller => "account", :action => "login", :back_url => url
                    return false
                  end
                  true

test/integration/admin_test.rb +6 0

                  locked_user = User.try_to_login("psmith", "psmith09")
                  assert_equal nil, locked_user
                end
+               test "Add a user as an anonymous user should fail" do
+                 post '/users/add', :user => { :login => 'psmith', :firstname => 'Paul'}, :password => "psmith09", :password_confirmation => "psmith09"
+                 assert_response :redirect
+                 assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fusers%2Fnew"
+               end
              end

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages