A 403 error page is now displayed (instead of a blank page) when trying to access a protected page.

git-svn-id: http://redmine.rubyforge.org/svn/trunk@495 e93f8b46-1217-0410-a6f0-8f06a7374b81
2026-05-07 17:56:11 +02:00 · 2007-04-30 19:47:28 +00:00
parent 9af49e07f3
commit d94bcd285a
10 changed files with 22 additions and 3 deletions
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -71,7 +71,7 @@ class ApplicationController < ActionController::Base
  def require_admin
    return unless require_login
    unless self.logged_in_user.admin?
-      render :nothing => true, :status => 403
+      render_403
      return false
    end
    true
@@ -91,7 +91,7 @@ class ApplicationController < ActionController::Base
    if logged_in_user_membership and Permission.allowed_to_role( "%s/%s" % [ ctrl, action ], logged_in_user_membership )    
      return true		
    end		
-    render :nothing => true, :status => 403
+    render_403
    false
  end
  
@@ -101,7 +101,7 @@ class ApplicationController < ActionController::Base
    return true if @project.is_public?
    return false unless logged_in_user
    return true if logged_in_user.admin? || logged_in_user_membership
-    render :nothing => true, :status => 403
+    render_403
    false
  end

@@ -121,6 +121,13 @@ class ApplicationController < ActionController::Base
    end
  end
  
+  def render_403
+    @html_title = "403"
+    @project = nil
+    render :template => "common/403", :layout => true, :status => 403
+    return false
+  end
+    
  def render_404
    @html_title = "404"
    render :template => "common/404", :layout => true, :status => 404