Creating a wiki page named "Sidebar" without proper permission raises an exception (#23700).

git-svn-id: http://svn.redmine.org/redmine/trunk@15749 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2016-08-30 19:21:42 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2016-08-30 19:21:42 +0000
commit: 650a64cb0020ac849eaefb20abbbb090abcb6b3d (patch)
tree: bde24d7f46e7406aa7ff59d030a9cc1c6e2d68ef /app/controllers
parent: 0925ce756c30883692d4ba76dff69507f21525e6 (diff)
download: redmine-650a64cb0020ac849eaefb20abbbb090abcb6b3d.tar.gz
redmine-650a64cb0020ac849eaefb20abbbb090abcb6b3d.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/app/controllers/wiki_controller.rb b/app/controllers/wiki_controller.rb
index de1931a0b..1dfb16640 100644
--- a/app/controllers/wiki_controller.rb
+++ b/app/controllers/wiki_controller.rb
@@ -62,10 +62,12 @@ class WikiController < ApplicationController
 
   def new
     @page = WikiPage.new(:wiki => @wiki, :title => params[:title])
-    unless User.current.allowed_to?(:edit_wiki_pages, @project) && editable?
+    unless User.current.allowed_to?(:edit_wiki_pages, @project)
       render_403
+      return
     end
     if request.post?
+      @page.title = '' unless editable?
       @page.validate
       if @page.errors[:title].blank?
         path = project_wiki_page_path(@project, @page.title)
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2016-08-30 19:21:42 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2016-08-30 19:21:42 +0000
commit	650a64cb0020ac849eaefb20abbbb090abcb6b3d (patch)
tree	bde24d7f46e7406aa7ff59d030a9cc1c6e2d68ef /app/controllers
parent	0925ce756c30883692d4ba76dff69507f21525e6 (diff)
download	redmine-650a64cb0020ac849eaefb20abbbb090abcb6b3d.tar.gz redmine-650a64cb0020ac849eaefb20abbbb090abcb6b3d.zip