diff options
| author | Azul <azul@riseup.net> | 2016-05-13 16:23:10 +0200 |
|---|---|---|
| committer | Azul <azul@riseup.net> | 2016-05-13 16:45:45 +0200 |
| commit | 12e6c096088a8fb5947a854d2dd385156319b8a6 (patch) | |
| tree | 4fb0e79ae15a17e8693f4fd660108a1e0632d0be | |
| parent | c52d6bb25702fafb60bf9d8dfb9c1afbd77062c0 (diff) | |
ensure invalid user ids still render the ticket form
We still have strange urls requested like
/pt/users/AnonymousUser.../tickets/new
Not sure where they are coming from - but this should make sure we
respond with sth. meaningful instead of erroring out.
6 files changed, 7 insertions, 11 deletions
diff --git a/app/views/layouts/_content.html.haml b/app/views/layouts/_content.html.haml index d5c2fa3..07f9189 100644 --- a/app/views/layouts/_content.html.haml +++ b/app/views/layouts/_content.html.haml @@ -7,7 +7,7 @@ - else - content = yield -- if @show_navigation +- if @show_navigation && @user .span2 = render 'layouts/navigation' .span10 diff --git a/engines/support/app/views/tickets/edit.html.haml b/engines/support/app/views/tickets/edit.html.haml index 03bda7d..cdc5e16 100644 --- a/engines/support/app/views/tickets/edit.html.haml +++ b/engines/support/app/views/tickets/edit.html.haml @@ -1,4 +1,3 @@ -- @show_navigation = params[:user_id].present? - @comment = TicketComment.new .ticket diff --git a/engines/support/app/views/tickets/index.html.haml b/engines/support/app/views/tickets/index.html.haml index d107ce2..56c7012 100644 --- a/engines/support/app/views/tickets/index.html.haml +++ b/engines/support/app/views/tickets/index.html.haml @@ -1,5 +1,3 @@ -- @show_navigation = params[:user_id].present? - = render 'tickets/tabs' = table @tickets, %w(subject created updated voices) = paginate @tickets diff --git a/engines/support/app/views/tickets/new.html.haml b/engines/support/app/views/tickets/new.html.haml index d3580f9..d0b0f89 100644 --- a/engines/support/app/views/tickets/new.html.haml +++ b/engines/support/app/views/tickets/new.html.haml @@ -1,10 +1,5 @@ -- @show_navigation = params[:user_id].present? - = render 'tickets/tabs' -- user = @user if admin? -- user ||= current_user - = simple_form_for @ticket, :validate => true, :html => {:class => 'form-horizontal'} do |f| = hidden_ticket_fields = f.input :subject diff --git a/engines/support/app/views/tickets/show.html.haml b/engines/support/app/views/tickets/show.html.haml index 99afa2a..a625870 100644 --- a/engines/support/app/views/tickets/show.html.haml +++ b/engines/support/app/views/tickets/show.html.haml @@ -1,5 +1,3 @@ -- @show_navigation = params[:user_id].present? - .ticket = render 'tickets/edit_form' = render 'tickets/comments' diff --git a/engines/support/test/functional/tickets_controller_test.rb b/engines/support/test/functional/tickets_controller_test.rb index a7a2011..5c2b346 100644 --- a/engines/support/test/functional/tickets_controller_test.rb +++ b/engines/support/test/functional/tickets_controller_test.rb @@ -35,6 +35,12 @@ class TicketsControllerTest < ActionController::TestCase assert_response :success end + test "should get new despite invalid user_id" do + get :new, user_id: :bla + assert_equal Ticket, assigns(:ticket).class + assert_response :success + end + test "unauthenticated tickets are visible" do ticket = find_record :ticket, :created_by => nil get :show, :id => ticket.id |