git-svn-id: http://svn.redmine.org/redmine/branches/3.0-stable@14150 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/3.0.2
@@ -133,7 +133,7 @@ class IssuesController < ApplicationController | |||
end | |||
def create | |||
unless User.current.allowed_to?(:add_issues, @issue.project) | |||
unless User.current.allowed_to?(:add_issues, @issue.project, :global => true) | |||
raise ::Unauthorized | |||
end | |||
call_hook(:controller_issues_new_before_save, { :params => params, :issue => @issue }) | |||
@@ -151,7 +151,13 @@ class IssuesController < ApplicationController | |||
return | |||
else | |||
respond_to do |format| | |||
format.html { render :action => 'new' } | |||
format.html { | |||
if @issue.project.nil? | |||
render_error :status => 422 | |||
else | |||
render :action => 'new' | |||
end | |||
} | |||
format.api { render_validation_errors(@issue) } | |||
end | |||
end |
@@ -2218,7 +2218,7 @@ class IssuesControllerTest < ActionController::TestCase | |||
:issue => {:project_id => 3, | |||
:tracker_id => 2, | |||
:subject => 'Foo'} | |||
assert_response 403 | |||
assert_response 422 | |||
end | |||
end | |||
@@ -444,6 +444,11 @@ JSON | |||
assert json['errors'].include?("Subject cannot be blank") | |||
end | |||
test "POST /issues.json with invalid project_id should respond with 422" do | |||
post '/issues.json', {:issue => {:project_id => 999, :subject => "API"}}, credentials('jsmith') | |||
assert_response 422 | |||
end | |||
test "PUT /issues/:id.xml" do | |||
assert_difference('Journal.count') do | |||
put '/issues/6.xml', |