From: Toshi MARUYAMA Date: Thu, 17 Sep 2020 15:49:06 +0000 (+0000) Subject: add empty line after guard clause to ApplicationController X-Git-Tag: 4.2.0~769 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=d7e881617d5aba3d884dfadd19149917dc37d68a;p=redmine.git add empty line after guard clause to ApplicationController git-svn-id: http://svn.redmine.org/redmine/trunk@20046 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 08dea30a7..c14b82108 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -194,6 +194,7 @@ class ApplicationController < ActionController::Base def check_if_login_required # no check needed if user is already logged in return true if User.current.logged? + require_login if Setting.login_required? end @@ -285,6 +286,7 @@ class ApplicationController < ActionController::Base def require_admin return unless require_login + if !User.current.admin? render_403 return false @@ -375,6 +377,7 @@ class ApplicationController < ActionController::Base # if the issue actually exists but requires authentication @issue = Issue.find(params[:id]) raise Unauthorized unless @issue.visible? + @project = @issue.project rescue ActiveRecord::RecordNotFound render_404 @@ -391,6 +394,7 @@ class ApplicationController < ActionController::Base to_a raise ActiveRecord::RecordNotFound if @issues.empty? raise Unauthorized unless @issues.all?(&:visible?) + @projects = @issues.collect(&:project).compact.uniq @project = @projects.first if @projects.size == 1 rescue ActiveRecord::RecordNotFound @@ -491,6 +495,7 @@ class ApplicationController < ActionController::Base if uri.send(component).present? && uri.send(component) != request.send(component) return false end + uri.send(:"#{component}=", nil) end # Always ignore basic user:password in the URL @@ -575,6 +580,7 @@ class ApplicationController < ActionController::Base # but have no HTML representation for non admin users def require_admin_or_api_request return true if api_request? + if User.current.admin? true elsif User.current.logged?