From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Wed, 25 Sep 2013 17:35:59 +0000 (+0000)
Subject: Prevents invalid SQL with invalid group_ids (#14902).
X-Git-Tag: 2.4.0~98
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=62b66e9b38a8e6a1e60cb0aa8200145ce5f62666;p=redmine.git

Prevents invalid SQL with invalid group_ids (#14902).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@12162 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/models/issue.rb b/app/models/issue.rb
index e6851e4fb..42d33be09 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -108,10 +108,10 @@ class Issue < ActiveRecord::Base
         when 'all'
           nil
         when 'default'
-          user_ids = [user.id] + user.groups.map(&:id)
+          user_ids = [user.id] + user.groups.map(&:id).compact
           "(#{table_name}.is_private = #{connection.quoted_false} OR #{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
         when 'own'
-          user_ids = [user.id] + user.groups.map(&:id)
+          user_ids = [user.id] + user.groups.map(&:id).compact
           "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
         else
           '1=0'