kolan
/
Redmine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't redirect XHR requests to /login. 

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11962 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2013-06-12 16:49:12 +00:00
parent 60d2a5e322
commit 136cdc765a
2 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/controllers/application_controller.rb
View File

@ -195,7 +195,13 @@ class ApplicationController < ActionController::Base
url = url_for(:controller => params[:controller], :action => params[:action], :id => params[:id], :project_id => params[:project_id]) url = url_for(:controller => params[:controller], :action => params[:action], :id => params[:id], :project_id => params[:project_id])
end end
respond_to do |format| respond_to do |format|
format.html { redirect_to :controller => "account", :action => "login", :back_url => url } format.html {
if request.xhr?
head :unauthorized
else
redirect_to :controller => "account", :action => "login", :back_url => url
end
}
format.atom { redirect_to :controller => "account", :action => "login", :back_url => url } format.atom { redirect_to :controller => "account", :action => "login", :back_url => url }
format.xml { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' } format.xml { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' }
format.js { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' } format.js { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' }

16
test/functional/welcome_controller_test.rb
View File

@ -136,4 +136,20 @@ class WelcomeControllerTest < ActionController::TestCase
assert_equal [0, 100], @controller.api_offset_and_limit({:page => 1, :limit => 100}) assert_equal [0, 100], @controller.api_offset_and_limit({:page => 1, :limit => 100})
assert_equal [200, 100], @controller.api_offset_and_limit({:page => 3, :limit => 100}) assert_equal [200, 100], @controller.api_offset_and_limit({:page => 3, :limit => 100})
end end
def test_unhautorized_exception_with_anonymous_should_redirect_to_login
WelcomeController.any_instance.stubs(:index).raises(::Unauthorized)
get :index
assert_response 302
assert_redirected_to('/login?back_url='+CGI.escape('http://test.host/'))
end
def test_unhautorized_exception_with_anonymous_and_xmlhttprequest_should_respond_with_401_to_anonymous
WelcomeController.any_instance.stubs(:index).raises(::Unauthorized)
@request.env["HTTP_X_REQUESTED_WITH"] = "XMLHttpRequest"
get :index
assert_response 401
end
end end