Reject non numeric values for numeric fields.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6228 e93f8b46-1217-0410-a6f0-8f06a7374b81

2 files changed, 14 insertions, 1 deletions

diff --git a/app/models/query.rb b/app/models/query.rb
index 33fe2ec5f..b9be08519 100644
--- a/app/models/query.rb
+++ b/app/models/query.rb
@@ -278,7 +278,11 @@ class Query < ActiveRecord::Base
       #  allowed_values = values & ([""] + (filter_options[:values] || []).collect {|val| val[1]})
       #  filters[field] = {:operator => operator, :values => allowed_values } if (allowed_values.first and !allowed_values.first.empty?) or ["o", "c", "!*", "*", "t"].include? operator
       #end
-      filters[field] = {:operator => operator, :values => (values || ['']) }
+      values ||= ['']
+      if filter_options[:type] == :integer
+        values = values.select {|v| v.blank? || v.match(/^\d+(\.\d+)?$/) }
+      end
+      filters[field] = {:operator => operator, :values => values }
     end
   end
 
diff --git a/test/unit/query_test.rb b/test/unit/query_test.rb
index d1d55bb2a..95308ee0c 100644
--- a/test/unit/query_test.rb
+++ b/test/unit/query_test.rb
@@ -101,6 +101,15 @@ class QueryTest < ActiveSupport::TestCase
     find_issues_with_query(query)
   end
   
+  def test_numeric_filter_should_not_accept_non_numeric_values
+    query = Query.new(:name => '_')
+    query.add_filter('estimated_hours', '=', ['a'])
+    
+    assert query.has_filter?('estimated_hours')
+    assert query.values_for('estimated_hours').empty?
+    assert !query.valid?
+  end
+  
   def test_operator_is_on_float
     Issue.update_all("estimated_hours = 171.2", "id=2")