diff options
| -rw-r--r-- | app/controllers/wiki_controller.rb | 4 | ||||
| -rw-r--r-- | test/functional/wiki_controller_test.rb | 9 |
2 files changed, 12 insertions, 1 deletions
diff --git a/app/controllers/wiki_controller.rb b/app/controllers/wiki_controller.rb index de1931a0b..1dfb16640 100644 --- a/app/controllers/wiki_controller.rb +++ b/app/controllers/wiki_controller.rb @@ -62,10 +62,12 @@ class WikiController < ApplicationController def new @page = WikiPage.new(:wiki => @wiki, :title => params[:title]) - unless User.current.allowed_to?(:edit_wiki_pages, @project) && editable? + unless User.current.allowed_to?(:edit_wiki_pages, @project) render_403 + return end if request.post? + @page.title = '' unless editable? @page.validate if @page.errors[:title].blank? path = project_wiki_page_path(@project, @page.title) diff --git a/test/functional/wiki_controller_test.rb b/test/functional/wiki_controller_test.rb index ea200b60d..1cc0a3b7d 100644 --- a/test/functional/wiki_controller_test.rb +++ b/test/functional/wiki_controller_test.rb @@ -216,6 +216,15 @@ class WikiControllerTest < Redmine::ControllerTest assert_select_error 'Title has already been taken' end + def test_post_new_with_protected_title_should_display_errors + Role.find(1).remove_permission!(:protect_wiki_pages) + @request.session[:user_id] = 2 + + post :new, :params => {:project_id => 'ecookbook', :title => 'Sidebar'} + assert_response :success + assert_select_error /Title/ + end + def test_post_new_xhr_with_invalid_title_should_display_errors @request.session[:user_id] = 2 |