Require password re-entry for sensitive actions (#19851).

Patch by Jens Krämer. git-svn-id: http://svn.redmine.org/redmine/trunk@14333 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2015-06-19 18:41:10 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2015-06-19 18:41:10 +0000
commit: d6f389658b9e83d7a5d74c57fc46a203a5a88591 (patch)
tree: 534fd5f3520833e1c1c2bb2105971ce86008b991 /app/controllers/members_controller.rb
parent: 3811ff5d95bd848f457c9d29a162ce83f12fe3ac (diff)
download: redmine-d6f389658b9e83d7a5d74c57fc46a203a5a88591.tar.gz
redmine-d6f389658b9e83d7a5d74c57fc46a203a5a88591.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/app/controllers/members_controller.rb b/app/controllers/members_controller.rb
index 0f1f53f8e..dbf7a5bec 100644
--- a/app/controllers/members_controller.rb
+++ b/app/controllers/members_controller.rb
@@ -23,6 +23,8 @@ class MembersController < ApplicationController
   before_filter :authorize
   accept_api_auth :index, :show, :create, :update, :destroy
 
+  require_sudo_mode :create, :update, :destroy
+
   def index
     scope = @project.memberships.active
     @offset, @limit = api_offset_and_limit
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2015-06-19 18:41:10 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2015-06-19 18:41:10 +0000
commit	d6f389658b9e83d7a5d74c57fc46a203a5a88591 (patch)
tree	534fd5f3520833e1c1c2bb2105971ce86008b991 /app/controllers/members_controller.rb
parent	3811ff5d95bd848f457c9d29a162ce83f12fe3ac (diff)
download	redmine-d6f389658b9e83d7a5d74c57fc46a203a5a88591.tar.gz redmine-d6f389658b9e83d7a5d74c57fc46a203a5a88591.zip