diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2015-06-19 18:41:10 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2015-06-19 18:41:10 +0000 |
commit | d6f389658b9e83d7a5d74c57fc46a203a5a88591 (patch) | |
tree | 534fd5f3520833e1c1c2bb2105971ce86008b991 /app/views/sudo_mode | |
parent | 3811ff5d95bd848f457c9d29a162ce83f12fe3ac (diff) | |
download | redmine-d6f389658b9e83d7a5d74c57fc46a203a5a88591.tar.gz redmine-d6f389658b9e83d7a5d74c57fc46a203a5a88591.zip |
Require password re-entry for sensitive actions (#19851).
Patch by Jens Krämer.
git-svn-id: http://svn.redmine.org/redmine/trunk@14333 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/views/sudo_mode')
-rw-r--r-- | app/views/sudo_mode/_new_modal.html.erb | 19 | ||||
-rw-r--r-- | app/views/sudo_mode/new.html.erb | 17 | ||||
-rw-r--r-- | app/views/sudo_mode/new.js.erb | 4 |
3 files changed, 40 insertions, 0 deletions
diff --git a/app/views/sudo_mode/_new_modal.html.erb b/app/views/sudo_mode/_new_modal.html.erb new file mode 100644 index 000000000..f63c1a427 --- /dev/null +++ b/app/views/sudo_mode/_new_modal.html.erb @@ -0,0 +1,19 @@ +<h3 class="title"><%= l(:label_password_required) %></h3> +<%= form_tag({}, remote: true) do %> + + <%= hidden_field_tag '_method', request.request_method %> + <%= hash_to_hidden_fields @sudo_form.original_fields %> + <%= render_flash_messages %> + <div class="box tabular"> + <p> + <label for="sudo_password"><%= l :field_password %><span class="required">*</span></label> + <%= password_field_tag :sudo_password, nil, size: 25 %> + </p> + </div> + + <p class="buttons"> + <%= submit_tag l(:button_confirm_password), onclick: "hideModal(this);" %> + <%= submit_tag l(:button_cancel), name: nil, onclick: "hideModal(this);", type: 'button' %> + </p> +<% end %> + diff --git a/app/views/sudo_mode/new.html.erb b/app/views/sudo_mode/new.html.erb new file mode 100644 index 000000000..d92e47d47 --- /dev/null +++ b/app/views/sudo_mode/new.html.erb @@ -0,0 +1,17 @@ +<h2><%= l :label_password_required %></h2> +<%= form_tag({}, class: 'tabular') do %> + + <%= hidden_field_tag '_method', request.request_method %> + <%= hash_to_hidden_fields @sudo_form.original_fields %> + + <div class="box"> + <p> + <label for="sudo_password"><%= l :field_password %><span class="required">*</span></label> + <%= password_field_tag :sudo_password, nil, size: 25 %> + </p> + </div> + <%= submit_tag l(:button_confirm_password) %> +<% end %> +<%= javascript_tag "$('#sudo_password').focus();" %> + + diff --git a/app/views/sudo_mode/new.js.erb b/app/views/sudo_mode/new.js.erb new file mode 100644 index 000000000..34510fa54 --- /dev/null +++ b/app/views/sudo_mode/new.js.erb @@ -0,0 +1,4 @@ +$('#ajax-modal').html('<%= escape_javascript render partial: 'sudo_mode/new_modal' %>'); +showModal('ajax-modal', '400px'); +$('#sudo_password').focus(); + |