kolan/obsolete.ChilliProject
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Prevents NoMethodError when requesting /time_entries/edit without an id (#6904).

Browse Source 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4410 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2010-11-16 20:27:45 +00:00
parent 3e95d12b75
commit 3ba3c540fb
1 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
app/controllers/timelog_controller.rb
View File

@ -17,7 +17,9 @@
class TimelogController < ApplicationController class TimelogController < ApplicationController
menu_item :issues menu_item :issues
before_filter :find_project, :authorize, :only => [:new, :create, :edit, :update, :destroy] before_filter :find_project, :only => [:new, :create]
before_filter :find_time_entry, :only => [:edit, :update, :destroy]
before_filter :authorize, :except => [:index]
before_filter :find_optional_project, :only => [:index] before_filter :find_optional_project, :only => [:index]
helper :sort helper :sort
@ -108,7 +110,6 @@ class TimelogController < ApplicationController
end end
def edit def edit
(render_403; return) if @time_entry && !@time_entry.editable_by?(User.current)
@time_entry.attributes = params[:time_entry] @time_entry.attributes = params[:time_entry]
call_hook(:controller_timelog_edit_before_save, { :params => params, :time_entry => @time_entry }) call_hook(:controller_timelog_edit_before_save, { :params => params, :time_entry => @time_entry })
@ -116,7 +117,6 @@ class TimelogController < ApplicationController
verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed } verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
def update def update
(render_403; return) if @time_entry && !@time_entry.editable_by?(User.current)
@time_entry.attributes = params[:time_entry] @time_entry.attributes = params[:time_entry]
call_hook(:controller_timelog_edit_before_save, { :params => params, :time_entry => @time_entry }) call_hook(:controller_timelog_edit_before_save, { :params => params, :time_entry => @time_entry })
@ -131,8 +131,6 @@ class TimelogController < ApplicationController
verify :method => :delete, :only => :destroy, :render => {:nothing => true, :status => :method_not_allowed } verify :method => :delete, :only => :destroy, :render => {:nothing => true, :status => :method_not_allowed }
def destroy def destroy
(render_404; return) unless @time_entry
(render_403; return) unless @time_entry.editable_by?(User.current)
if @time_entry.destroy && @time_entry.destroyed? if @time_entry.destroy && @time_entry.destroyed?
flash[:notice] = l(:notice_successful_delete) flash[:notice] = l(:notice_successful_delete)
else else
@ -144,11 +142,19 @@ class TimelogController < ApplicationController
end end
private private
def find_time_entry
@time_entry = TimeEntry.find(params[:id])
unless @time_entry.editable_by?(User.current)
render_403
return false
end
@project = @time_entry.project
rescue ActiveRecord::RecordNotFound
render_404
end
def find_project def find_project
if params[:id] if params[:issue_id]
@time_entry = TimeEntry.find(params[:id])
@project = @time_entry.project
elsif params[:issue_id]
@issue = Issue.find(params[:issue_id]) @issue = Issue.find(params[:issue_id])
@project = @issue.project @project = @issue.project
elsif params[:project_id] elsif params[:project_id]