Defect #6826

Clicking "Add" twice creates duplicate member record

Added by Andrew Vit about 7 years ago. Updated almost 7 years ago.

Status:ClosedStart date:2010-11-04
Priority:LowDue date:
Assignee:Jean-Philippe Lang% Done:

100%

Category:Permissions and roles
Target version:1.1.0
Resolution:Fixed Affected version:1.0.3

Description

When editing members for a project:

If you select a user and click "Add" twice before the server request is completed, it will add a duplicate member record. It then shows up as two items in the projects dropdown menu, and probably other side-effects.

Possible solutions:

1. Add a unique key on `members (user_id, project_id)`
2. Prevent accidental re-submit on the front end, by disabling the button until ajax completes.

Associated revisions

Revision 4369
Added by Jean-Philippe Lang about 7 years ago

Adds a unique index on members (#6826).

Revision 4371
Added by Jean-Philippe Lang about 7 years ago

Disable button to prevent accidental double click on project members (#6826).

Contributed by Andrew Vit.

History

#1 Updated by Andrew Vit about 7 years ago

  • % Done changed from 0 to 50

I made a quick patch for the button UI on my github fork:

https://github.com/avit/redmine/commit/78c57faf4200cd7b3717ea5e8df338338a151f67

The members model has a validates_uniqueness_of that should prevent another record with the same value from being created, but maybe because happened concurrently from the double click, it couldn't verify uniqueness. Does this warrant adding a database constraint?

#2 Updated by Jean-Philippe Lang about 7 years ago

  • Assignee set to Jean-Philippe Lang

#3 Updated by Jean-Philippe Lang about 7 years ago

  • Status changed from New to Closed
  • Target version set to 1.1.0
  • % Done changed from 50 to 100
  • Resolution set to Fixed

I've applied your patch and added the unique index on members table.
Thanks.

#4 Updated by Bruno Medeiros almost 7 years ago

Any changes of get similar fix (don't allow double submitting) for the #6579? It's really a very dangerous bug without workaround.

Also available in: Atom PDF