Skip to content

O
OHR Support
Commit 3844e4bc authored by Jean-Philippe Lang's avatar Jean-Philippe Lang
Browse files
Options

Fixed: a user not authorized to edit wiki pages gets the edit form if the page… 

Fixed: a user not authorized to edit wiki pages gets the edit form if the page doesn't exist. He now gets a 404.

git-svn-id: http://redmine.rubyforge.org/svn/trunk@823 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent 38f540a7
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 2 deletions
app/controllers/wiki_controller.rb
View file @ 3844e4bc
......@@ -31,8 +31,13 @@ class WikiController < ApplicationController
page_title = params[:page]
@page = @wiki.find_or_new_page(page_title)
if @page.new_record?
edit
render :action => 'edit' and return
if User.current.allowed_to?(:edit_wiki_pages, @project)
edit
render :action => 'edit'
else
render_404
end
return
end
@content = @page.content_for_version(params[:version])
if params[:export] == 'html'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment