summaryrefslogtreecommitdiffstats
path: root/app/models/group.rb
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2012-06-01 19:06:16 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2012-06-01 19:06:16 +0000
commit9f531a4380852c466c62bb55734b347a03b82e55 (patch)
treeee12beecb58a7a317424317a0718366e329b0e77 /app/models/group.rb
parent733fef458c5c0aa7b0d3231f849dfc3245143ddb (diff)
downloadredmine-9f531a4380852c466c62bb55734b347a03b82e55.tar.gz
redmine-9f531a4380852c466c62bb55734b347a03b82e55.zip
Use safe_attributes in GroupsController.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9746 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/group.rb')
-rw-r--r--app/models/group.rb7
1 files changed, 7 insertions, 0 deletions
diff --git a/app/models/group.rb b/app/models/group.rb
index 80c97c3ac..a269c5c16 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -16,6 +16,8 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class Group < Principal
+ include Redmine::SafeAttributes
+
has_and_belongs_to_many :users, :after_add => :user_added,
:after_remove => :user_removed
@@ -27,6 +29,11 @@ class Group < Principal
before_destroy :remove_references_before_destroy
+ safe_attributes 'name',
+ 'custom_field_values',
+ 'custom_fields',
+ :if => lambda {|group, user| user.admin?}
+
def to_s
lastname.to_s
end