Fix potential Execution After Redirect bugs.
Execution After Redirect (EAR) happens when redirect in a controller is triggered but there still is code that is executed in the action. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5611 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
8632efcce2
commit
ed7091cda1
|
@ -275,6 +275,7 @@ class ApplicationController < ActionController::Base
|
|||
end
|
||||
end
|
||||
redirect_to default
|
||||
false
|
||||
end
|
||||
|
||||
def render_403(options={})
|
||||
|
|
|
@ -38,9 +38,10 @@ class CustomFieldsController < ApplicationController
|
|||
flash[:notice] = l(:notice_successful_create)
|
||||
call_hook(:controller_custom_fields_new_after_save, :params => params, :custom_field => @custom_field)
|
||||
redirect_to :action => 'index', :tab => @custom_field.class.name
|
||||
end
|
||||
else
|
||||
@trackers = Tracker.find(:all, :order => 'position')
|
||||
end
|
||||
end
|
||||
|
||||
def edit
|
||||
@custom_field = CustomField.find(params[:id])
|
||||
|
@ -48,9 +49,10 @@ class CustomFieldsController < ApplicationController
|
|||
flash[:notice] = l(:notice_successful_update)
|
||||
call_hook(:controller_custom_fields_edit_after_save, :params => params, :custom_field => @custom_field)
|
||||
redirect_to :action => 'index', :tab => @custom_field.class.name
|
||||
end
|
||||
else
|
||||
@trackers = Tracker.find(:all, :order => 'position')
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
@custom_field = CustomField.find(params[:id]).destroy
|
||||
|
|
|
@ -75,10 +75,12 @@ class EnumerationsController < ApplicationController
|
|||
# No associated objects
|
||||
@enumeration.destroy
|
||||
redirect_to :action => 'index'
|
||||
return
|
||||
elsif params[:reassign_to_id]
|
||||
if reassign_to = @enumeration.class.find_by_id(params[:reassign_to_id])
|
||||
@enumeration.destroy(reassign_to)
|
||||
redirect_to :action => 'index'
|
||||
return
|
||||
end
|
||||
end
|
||||
@enumerations = @enumeration.class.find(:all) - [@enumeration]
|
||||
|
|
|
@ -65,10 +65,12 @@ class IssueCategoriesController < ApplicationController
|
|||
# No issue assigned to this category
|
||||
@category.destroy
|
||||
redirect_to :controller => 'projects', :action => 'settings', :id => @project, :tab => 'categories'
|
||||
return
|
||||
elsif params[:todo]
|
||||
reassign_to = @project.issue_categories.find_by_id(params[:reassign_to_id]) if params[:todo] == 'reassign'
|
||||
@category.destroy(reassign_to)
|
||||
redirect_to :controller => 'projects', :action => 'settings', :id => @project, :tab => 'categories'
|
||||
return
|
||||
end
|
||||
@categories = @project.issue_categories - [@category]
|
||||
end
|
||||
|
|
|
@ -38,19 +38,21 @@ class RolesController < ApplicationController
|
|||
end
|
||||
flash[:notice] = l(:notice_successful_create)
|
||||
redirect_to :action => 'index'
|
||||
end
|
||||
else
|
||||
@permissions = @role.setable_permissions
|
||||
@roles = Role.find :all, :order => 'builtin, position'
|
||||
end
|
||||
end
|
||||
|
||||
def edit
|
||||
@role = Role.find(params[:id])
|
||||
if request.post? and @role.update_attributes(params[:role])
|
||||
flash[:notice] = l(:notice_successful_update)
|
||||
redirect_to :action => 'index'
|
||||
end
|
||||
else
|
||||
@permissions = @role.setable_permissions
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
@role = Role.find(params[:id])
|
||||
|
|
|
@ -36,8 +36,7 @@ class SettingsController < ApplicationController
|
|||
end
|
||||
flash[:notice] = l(:notice_successful_update)
|
||||
redirect_to :action => 'edit', :tab => params[:tab]
|
||||
return
|
||||
end
|
||||
else
|
||||
@options = {}
|
||||
@options[:user_format] = User::USER_FORMATS.keys.collect {|f| [User.current.name(f), f.to_s] }
|
||||
@deliveries = ActionMailer::Base.perform_deliveries
|
||||
|
@ -47,6 +46,7 @@ class SettingsController < ApplicationController
|
|||
|
||||
Redmine::Themes.rescan
|
||||
end
|
||||
end
|
||||
|
||||
def plugin
|
||||
@plugin = Redmine::Plugin.find(params[:id])
|
||||
|
@ -54,9 +54,10 @@ class SettingsController < ApplicationController
|
|||
Setting["plugin_#{@plugin.id}"] = params[:settings]
|
||||
flash[:notice] = l(:notice_successful_update)
|
||||
redirect_to :action => 'plugin', :id => @plugin.id
|
||||
end
|
||||
else
|
||||
@partial = @plugin.settings[:partial]
|
||||
@settings = Setting["plugin_#{@plugin.id}"]
|
||||
end
|
||||
rescue Redmine::PluginNotFound
|
||||
render_404
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue