diff options
-rw-r--r-- | app/controllers/application_controller.rb | 11 | ||||
-rw-r--r-- | app/controllers/documents_controller.rb | 4 | ||||
-rw-r--r-- | app/controllers/issue_categories_controller.rb | 4 | ||||
-rw-r--r-- | app/controllers/issue_relations_controller.rb | 7 | ||||
-rw-r--r-- | app/controllers/issues_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/members_controller.rb | 4 | ||||
-rw-r--r-- | app/controllers/news_controller.rb | 4 | ||||
-rw-r--r-- | app/controllers/versions_controller.rb | 4 |
8 files changed, 24 insertions, 16 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 58d87e7ed..da90e7564 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -166,7 +166,16 @@ class ApplicationController < ActionController::Base rescue ActiveRecord::RecordNotFound render_404 end - + + # Finds and sets @project based on @object.project + def find_project_from_association + render_404 unless @object.present? + + @project = @object.project + rescue ActiveRecord::RecordNotFound + render_404 + end + # make sure that the user is a member of the project (or admin) if project is private # used as a before_filter for actions that do not require any particular permission on the project def check_project_privacy diff --git a/app/controllers/documents_controller.rb b/app/controllers/documents_controller.rb index 526bf8123..6f2432386 100644 --- a/app/controllers/documents_controller.rb +++ b/app/controllers/documents_controller.rb @@ -19,6 +19,7 @@ class DocumentsController < ApplicationController default_search_scope :documents before_filter :find_project, :only => [:index, :new] before_filter :find_document, :except => [:index, :new] + before_filter :find_project_from_association, :except => [:index, :new] before_filter :authorize helper :attachments @@ -83,8 +84,7 @@ private end def find_document - @document = Document.find(params[:id]) - @project = @document.project + @document = @object = Document.find(params[:id]) rescue ActiveRecord::RecordNotFound render_404 end diff --git a/app/controllers/issue_categories_controller.rb b/app/controllers/issue_categories_controller.rb index 8c077cf7a..2904c2399 100644 --- a/app/controllers/issue_categories_controller.rb +++ b/app/controllers/issue_categories_controller.rb @@ -18,6 +18,7 @@ class IssueCategoriesController < ApplicationController menu_item :settings before_filter :find_category, :except => :new + before_filter :find_project_from_association, :except => :new before_filter :find_project, :only => :new before_filter :authorize @@ -73,8 +74,7 @@ class IssueCategoriesController < ApplicationController private def find_category - @category = IssueCategory.find(params[:id]) - @project = @category.project + @category = @object = IssueCategory.find(params[:id]) rescue ActiveRecord::RecordNotFound render_404 end diff --git a/app/controllers/issue_relations_controller.rb b/app/controllers/issue_relations_controller.rb index 9ce358584..7462adca8 100644 --- a/app/controllers/issue_relations_controller.rb +++ b/app/controllers/issue_relations_controller.rb @@ -16,7 +16,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. class IssueRelationsController < ApplicationController - before_filter :find_project, :authorize + before_filter :find_issue, :find_project_from_association, :authorize def new @relation = IssueRelation.new(params[:relation]) @@ -52,9 +52,8 @@ class IssueRelationsController < ApplicationController end private - def find_project - @issue = Issue.find(params[:issue_id]) - @project = @issue.project + def find_issue + @issue = @object = Issue.find(params[:issue_id]) rescue ActiveRecord::RecordNotFound render_404 end diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb index 4a8c56ea9..68d3c94f7 100644 --- a/app/controllers/issues_controller.rb +++ b/app/controllers/issues_controller.rb @@ -511,7 +511,7 @@ private rescue ActiveRecord::RecordNotFound render_404 end - + # Retrieve query from session or build a new query def retrieve_query if !params[:query_id].blank? diff --git a/app/controllers/members_controller.rb b/app/controllers/members_controller.rb index e3f4a16e6..14c65d747 100644 --- a/app/controllers/members_controller.rb +++ b/app/controllers/members_controller.rb @@ -17,6 +17,7 @@ class MembersController < ApplicationController before_filter :find_member, :except => [:new, :autocomplete_for_member] + before_filter :find_project_from_association, :except => [:new, :autocomplete_for_member] before_filter :find_project, :only => [:new, :autocomplete_for_member] before_filter :authorize @@ -75,8 +76,7 @@ class MembersController < ApplicationController private def find_member - @member = Member.find(params[:id]) - @project = @member.project + @member = @object = Member.find(params[:id]) rescue ActiveRecord::RecordNotFound render_404 end diff --git a/app/controllers/news_controller.rb b/app/controllers/news_controller.rb index 53e0addf2..5ce216fb7 100644 --- a/app/controllers/news_controller.rb +++ b/app/controllers/news_controller.rb @@ -18,6 +18,7 @@ class NewsController < ApplicationController default_search_scope :news before_filter :find_news, :except => [:new, :index, :preview] + before_filter :find_project_from_association, :except => [:new, :index, :preview] before_filter :find_project, :only => [:new, :preview] before_filter :authorize, :except => [:index, :preview] before_filter :find_optional_project, :only => :index @@ -89,8 +90,7 @@ class NewsController < ApplicationController private def find_news - @news = News.find(params[:id]) - @project = @news.project + @news = @object = News.find(params[:id]) rescue ActiveRecord::RecordNotFound render_404 end diff --git a/app/controllers/versions_controller.rb b/app/controllers/versions_controller.rb index 0ea440e12..6625ff634 100644 --- a/app/controllers/versions_controller.rb +++ b/app/controllers/versions_controller.rb @@ -18,6 +18,7 @@ class VersionsController < ApplicationController menu_item :roadmap before_filter :find_version, :except => [:new, :close_completed] + before_filter :find_project_from_association, :except => [:new, :close_completed] before_filter :find_project, :only => [:new, :close_completed] before_filter :authorize @@ -94,8 +95,7 @@ class VersionsController < ApplicationController private def find_version - @version = Version.find(params[:id]) - @project = @version.project + @version = @object = Version.find(params[:id]) rescue ActiveRecord::RecordNotFound render_404 end |