Software
/
rosa-build
mirror of https://github.com/OpenMandrivaSoftware/rosa-build.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[refs #194] fix security and tests

This commit is contained in:
Alexander Machehin 2012-03-02 22:52:15 +06:00
parent 2f0981c12f
commit 41c0d1e856
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/issues_controller.rb
View File

@ -4,7 +4,7 @@ class IssuesController < ApplicationController
before_filter :authenticate_user!
load_and_authorize_resource :project, :except => NON_RESTFUL_ACTION
load_and_authorize_resource :issue, :through => :project, :find_by => :serial_id, :only => [:show, :edit, :update, :destroy]
load_and_authorize_resource :issue, :through => :project, :find_by => :serial_id, :only => [:show, :edit, :update, :destroy, :new, :create]
before_filter :load_and_authorize_label, :only => NON_RESTFUL_ACTION
layout 'application'
@ -67,8 +67,8 @@ class IssuesController < ApplicationController
status = 200 if @issue.save
render action, :status => (status || 500), :layout => false
else
@issue.title = params[:issue][:title]
@issue.body = params[:issue][:body]
@issue.title = params[:issue][:title] if params[:issue][:title]
@issue.body = params[:issue][:body] if params[:issue][:body]
status = 200 if @issue.save
render :nothing => true, :status => (status || 500), :layout => false
end

2
spec/controllers/issues_controller_spec.rb
View File

@ -27,7 +27,7 @@ end
shared_examples_for 'user with issue update rights' do
it 'should be able to perform update action' do
put :update, {:id => @issue.serial_id}.merge(@update_params)
response.should redirect_to([@project, @issue])
response.code.should eq('200')
end
it 'should update issue title' do