Deny edit/update/delete for anonymous user (#25483).

Patch by Holger Just. git-svn-id: http://svn.redmine.org/redmine/trunk@16464 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2017-04-03 12:59:55 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2017-04-03 12:59:55 +0000
commit: 3e787f7e7d0a013376735dbe2b60054166a61499 (patch)
tree: 79fc54ce0cdf4f1b1e31c4b5501f87713f52310e /app/views/users/show.html.erb
parent: a8d8c213bb61e702b6266b6f5ae71ad6be647614 (diff)
download: redmine-3e787f7e7d0a013376735dbe2b60054166a61499.tar.gz
redmine-3e787f7e7d0a013376735dbe2b60054166a61499.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 9bb5d6667..b44ed6a3f 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -1,5 +1,5 @@
 <div class="contextual">
-<%= link_to(l(:button_edit), edit_user_path(@user), :class => 'icon icon-edit') if User.current.admin? %>
+<%= link_to(l(:button_edit), edit_user_path(@user), :class => 'icon icon-edit') if User.current.admin? && @user.logged? %>
 </div>
 
 <h2><%= avatar @user, :size => "50" %> <%= @user.name %></h2>
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2017-04-03 12:59:55 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2017-04-03 12:59:55 +0000
commit	3e787f7e7d0a013376735dbe2b60054166a61499 (patch)
tree	79fc54ce0cdf4f1b1e31c4b5501f87713f52310e /app/views/users/show.html.erb
parent	a8d8c213bb61e702b6266b6f5ae71ad6be647614 (diff)
download	redmine-3e787f7e7d0a013376735dbe2b60054166a61499.tar.gz redmine-3e787f7e7d0a013376735dbe2b60054166a61499.zip