diff options
| -rw-r--r-- | app/models/setting.rb | 4 | ||||
| -rw-r--r-- | test/functional/settings_controller_test.rb | 9 |
2 files changed, 12 insertions, 1 deletions
diff --git a/app/models/setting.rb b/app/models/setting.rb index 42b179cfc..934e6bf2a 100644 --- a/app/models/setting.rb +++ b/app/models/setting.rb @@ -120,9 +120,11 @@ class Setting < ActiveRecord::Base # Updates multiple settings from params and sends a security notification if needed def self.set_all_from_params(settings) - settings = (settings || {}).dup.symbolize_keys + return false unless settings.is_a?(Hash) + settings = settings.dup.symbolize_keys changes = [] settings.each do |name, value| + next unless available_settings[name.to_s] previous_value = Setting[name] set_from_params name, value if available_settings[name.to_s]['security_notifications'] && Setting[name] != previous_value diff --git a/test/functional/settings_controller_test.rb b/test/functional/settings_controller_test.rb index 9af3ebca7..38e569569 100644 --- a/test/functional/settings_controller_test.rb +++ b/test/functional/settings_controller_test.rb @@ -145,6 +145,15 @@ class SettingsControllerTest < Redmine::ControllerTest ], Setting.commit_update_keywords) end + def test_post_edit_with_invalid_setting_should_not_error + post :edit, :params => { + :settings => { + :invalid_setting => '1' + } + } + assert_redirected_to '/settings' + end + def test_post_edit_should_send_security_notification_for_notified_settings ActionMailer::Base.deliveries.clear post :edit, :params => { |