diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-01-06 20:46:22 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-01-06 20:46:22 +0000 |
| commit | 072c4ad14cf0649545ceab6261558a32c234e720 (patch) | |
| tree | 22a1b4bbd76f0ef4eda852e971cb5e24bf2bcb92 /app/controllers | |
| parent | 9fb770ba503b3dfe1fe48794e1b7042c5e26d8d7 (diff) | |
| download | redmine-072c4ad14cf0649545ceab6261558a32c234e720.tar.gz redmine-072c4ad14cf0649545ceab6261558a32c234e720.zip | |
Verify HTTP method on ProjectsController#create.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4646 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/projects_controller.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 1dffedc0e..6557af3e4 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -32,9 +32,6 @@ class ProjectsController < ApplicationController end end - # TODO: convert to PUT only - verify :method => [:post, :put], :only => :update, :render => {:nothing => true, :status => :method_not_allowed } - helper :sort include SortHelper helper :custom_fields @@ -71,6 +68,7 @@ class ProjectsController < ApplicationController @project = Project.new(params[:project]) end + verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed } def create @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position") @trackers = Tracker.all @@ -183,6 +181,8 @@ class ProjectsController < ApplicationController def edit end + # TODO: convert to PUT only + verify :method => [:post, :put], :only => :update, :render => {:nothing => true, :status => :method_not_allowed } def update @project.safe_attributes = params[:project] if validate_parent_id && @project.save |