diff options
| author | Toshi MARUYAMA <marutosijp2@yahoo.co.jp> | 2011-05-01 23:15:03 +0000 |
|---|---|---|
| committer | Toshi MARUYAMA <marutosijp2@yahoo.co.jp> | 2011-05-01 23:15:03 +0000 |
| commit | ed7091cda1427f2fdd29491b8c54ad1dca416e06 (patch) | |
| tree | 0b7097f940ba7e41788818ed01f292435e5f4f30 /app/controllers/roles_controller.rb | |
| parent | 8632efcce2b432ce8b4e55c9d9563cd37c15eb2e (diff) | |
| download | redmine-ed7091cda1427f2fdd29491b8c54ad1dca416e06.tar.gz redmine-ed7091cda1427f2fdd29491b8c54ad1dca416e06.zip | |
Fix potential Execution After Redirect bugs.
Execution After Redirect (EAR) happens when redirect in a controller is
triggered but there still is code that is executed in the action.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5611 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/roles_controller.rb')
| -rw-r--r-- | app/controllers/roles_controller.rb | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb index 0809f9041..efb084973 100644 --- a/app/controllers/roles_controller.rb +++ b/app/controllers/roles_controller.rb @@ -38,9 +38,10 @@ class RolesController < ApplicationController end flash[:notice] = l(:notice_successful_create) redirect_to :action => 'index' + else + @permissions = @role.setable_permissions + @roles = Role.find :all, :order => 'builtin, position' end - @permissions = @role.setable_permissions - @roles = Role.find :all, :order => 'builtin, position' end def edit @@ -48,8 +49,9 @@ class RolesController < ApplicationController if request.post? and @role.update_attributes(params[:role]) flash[:notice] = l(:notice_successful_update) redirect_to :action => 'index' + else + @permissions = @role.setable_permissions end - @permissions = @role.setable_permissions end def destroy |