git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9746 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/2.1.0
@@ -63,7 +63,8 @@ class GroupsController < ApplicationController | |||
# POST /groups | |||
# POST /groups.xml | |||
def create | |||
@group = Group.new(params[:group]) | |||
@group = Group.new | |||
@group.safe_attributes = params[:group] | |||
respond_to do |format| | |||
if @group.save | |||
@@ -83,9 +84,10 @@ class GroupsController < ApplicationController | |||
# PUT /groups/1.xml | |||
def update | |||
@group = Group.find(params[:id]) | |||
@group.safe_attributes = params[:group] | |||
respond_to do |format| | |||
if @group.update_attributes(params[:group]) | |||
if @group.save | |||
flash[:notice] = l(:notice_successful_update) | |||
format.html { redirect_to(groups_path) } | |||
format.xml { head :ok } |
@@ -16,6 +16,8 @@ | |||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
class Group < Principal | |||
include Redmine::SafeAttributes | |||
has_and_belongs_to_many :users, :after_add => :user_added, | |||
:after_remove => :user_removed | |||
@@ -27,6 +29,11 @@ class Group < Principal | |||
before_destroy :remove_references_before_destroy | |||
safe_attributes 'name', | |||
'custom_field_values', | |||
'custom_fields', | |||
:if => lambda {|group, user| user.admin?} | |||
def to_s | |||
lastname.to_s | |||
end |