Merged r3050 from trunk.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/0.8-stable@3052 e93f8b46-1217-0410-a6f0-8f06a7374b81

app/controllers/application.rb

@@ -82,7 +82,13 @@ class ApplicationController < ActionController::Base
   
   def require_login
     if !User.current.logged?
-      redirect_to :controller => "account", :action => "login", :back_url => url_for(params)
+      # Extract only the basic url parameters on non-GET requests
+      if request.get?
+        url = url_for(params)
+      else
+        url = url_for(:controller => params[:controller], :action => params[:action], :id => params[:id], :project_id => params[:project_id])
+      end
+      redirect_to :controller => "account", :action => "login", :back_url => url
       return false
     end
     true

doc/CHANGELOG

@@ -10,6 +10,7 @@ http://www.redmine.org/
 * Fixed: pre tags containing "<pre*"
 * Fixed: First date of the date range not included in the time report with SQLite
 * Fixed: Password field not styled correctly on alternative stylesheet
+* Fixed: Error when sumbitting a POST request that requires a login
 
 == 2009-11-04 v0.8.6
 

test/integration/admin_test.rb

@@ -63,4 +63,10 @@ class AdminTest < ActionController::IntegrationTest
     assert_response :success
     assert_template "admin/projects"
   end  
+
+  def test_add_a_user_as_an_anonymous_user_should_fail
+    post '/users/add', :user => { :login => 'psmith', :firstname => 'Paul'}, :password => "psmith09", :password_confirmation => "psmith09"
+    assert_response :redirect
+    assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fusers%2Fadd"
+  end
 end