jro_apps/redmine Commit - r13956:c2fca3799927

Don't use SudoMode.disable! to skip API requests (#19851)....

Jean-Philippe Lang -

r13956:c2fca3799927

parent child

Context file:

r13956:c2fca3799927

lib/redmine/sudo_mode.rb +4 -4

                    # After the request refreshes the timestamp if sudo mode was used during
                    # this request.
                    def sudo_mode
-                     if api_request?
-                       SudoMode.disable!
-                     elsif sudo_timestamp_valid?
+                     if sudo_timestamp_valid?
                        SudoMode.active!
                      end
                      yield
                    class SudoRequestFilter < Struct.new(:parameters, :request_methods)
                      def before(controller)
                        method_matches = request_methods.blank? || request_methods.include?(controller.request.method_symbol)
-                       if SudoMode.possible? && method_matches
+                       if controller.api_request?
+                         true
+                       elsif SudoMode.possible? && method_matches
                          controller.require_sudo_mode( *parameters )
                        else
                          true

test/integration/sudo_mode_test.rb +15 0

		@@ -143,4 +143,19 class SudoTest < Redmine::IntegrationTest
143	143	assert_equal 'even.newer.mail@test.com', User.find_by_login('jsmith').mail
144	144	end
145	145
	146	def test_sudo_mode_should_skip_api_requests
	147	with_settings :rest_api_enabled => '1' do
	148	assert_difference('User.count') do
	149	post '/users.json', {
	150	:user => {
	151	:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname',
	152	:mail => 'foo@example.net', :password => 'secret123',
	153	:mail_notification => 'only_assigned'}
	154	},
	155	credentials('admin')
	156
	157	assert_response :created
	158	end
	159	end
	160	end
146	161	end

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages