Merge branch 'release-v1.3.0' into stable

This commit is contained in:
Eric Davis 2011-05-01 13:54:27 -07:00
commit 1219610dc6
13 changed files with 66 additions and 24 deletions

View File

@ -67,7 +67,7 @@ class AccountController < ApplicationController
if token.save
Mailer.deliver_lost_password(token)
flash[:notice] = l(:notice_account_lost_email_sent)
redirect_to :action => 'login'
redirect_to :action => 'login', :back_url => home_url
return
end
end

View File

@ -274,6 +274,7 @@ class ApplicationController < ActionController::Base
end
end
redirect_to default
false
end
def render_403(options={})

View File

@ -38,9 +38,10 @@ class CustomFieldsController < ApplicationController
flash[:notice] = l(:notice_successful_create)
call_hook(:controller_custom_fields_new_after_save, :params => params, :custom_field => @custom_field)
redirect_to :action => 'index', :tab => @custom_field.class.name
end
else
@trackers = Tracker.find(:all, :order => 'position')
end
end
def edit
@custom_field = CustomField.find(params[:id])
@ -48,9 +49,10 @@ class CustomFieldsController < ApplicationController
flash[:notice] = l(:notice_successful_update)
call_hook(:controller_custom_fields_edit_after_save, :params => params, :custom_field => @custom_field)
redirect_to :action => 'index', :tab => @custom_field.class.name
end
else
@trackers = Tracker.find(:all, :order => 'position')
end
end
def destroy
@custom_field = CustomField.find(params[:id]).destroy

View File

@ -75,10 +75,12 @@ class EnumerationsController < ApplicationController
# No associated objects
@enumeration.destroy
redirect_to :action => 'index'
return
elsif params[:reassign_to_id]
if reassign_to = @enumeration.class.find_by_id(params[:reassign_to_id])
@enumeration.destroy(reassign_to)
redirect_to :action => 'index'
return
end
end
@enumerations = @enumeration.class.find(:all) - [@enumeration]

View File

@ -65,10 +65,12 @@ class IssueCategoriesController < ApplicationController
# No issue assigned to this category
@category.destroy
redirect_to :controller => 'projects', :action => 'settings', :id => @project, :tab => 'categories'
return
elsif params[:todo]
reassign_to = @project.issue_categories.find_by_id(params[:reassign_to_id]) if params[:todo] == 'reassign'
@category.destroy(reassign_to)
redirect_to :controller => 'projects', :action => 'settings', :id => @project, :tab => 'categories'
return
end
@categories = @project.issue_categories - [@category]
end

View File

@ -38,19 +38,21 @@ class RolesController < ApplicationController
end
flash[:notice] = l(:notice_successful_create)
redirect_to :action => 'index'
end
else
@permissions = @role.setable_permissions
@roles = Role.find :all, :order => 'builtin, position'
end
end
def edit
@role = Role.find(params[:id])
if request.post? and @role.update_attributes(params[:role])
flash[:notice] = l(:notice_successful_update)
redirect_to :action => 'index'
end
else
@permissions = @role.setable_permissions
end
end
def destroy
@role = Role.find(params[:id])

View File

@ -36,8 +36,7 @@ class SettingsController < ApplicationController
end
flash[:notice] = l(:notice_successful_update)
redirect_to :action => 'edit', :tab => params[:tab]
return
end
else
@options = {}
@options[:user_format] = User::USER_FORMATS.keys.collect {|f| [User.current.name(f), f.to_s] }
@deliveries = ActionMailer::Base.perform_deliveries
@ -47,6 +46,7 @@ class SettingsController < ApplicationController
Redmine::Themes.rescan
end
end
def plugin
@plugin = Redmine::Plugin.find(params[:id])
@ -54,9 +54,10 @@ class SettingsController < ApplicationController
Setting["plugin_#{@plugin.id}"] = params[:settings]
flash[:notice] = l(:notice_successful_update)
redirect_to :action => 'plugin', :id => @plugin.id
end
else
@partial = @plugin.settings[:partial]
@settings = Setting["plugin_#{@plugin.id}"]
end
rescue Redmine::PluginNotFound
render_404
end

View File

@ -1,5 +1,11 @@
= ChiliProject changelog
== 2011-05-01 v1.3.0
* Bug #309: The login screen after lost_password redirects back to lost_password after you login
* Bug #347: Potential Security Vulnerability - Execution After Redirect
* Bug #352: Errorpage should be modified
== 2011-03-27 v1.2.0
* Bug #209: Don't hardcode user viewable labels (like "Path to .git repository")

View File

@ -3,7 +3,7 @@ require 'rexml/document'
module Redmine
module VERSION #:nodoc:
MAJOR = 1
MINOR = 2
MINOR = 3
PATCH = 0
TINY = PATCH # Redmine compat

View File

@ -1,7 +1,7 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<title>redMine 404 error</title>
<title>ChiliProject 404 error</title>
<style>
body{
font-family: Trebuchet MS,Georgia,"Times New Roman",serif;

View File

@ -1,7 +1,7 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<title>redMine 500 error</title>
<title>ChiliProject 500 error</title>
<style>
body{
font-family: Trebuchet MS,Georgia,"Times New Roman",serif;
@ -18,7 +18,9 @@ font-size:0.8em;
<body>
<h1>Internal error</h1>
<p>An error occurred on the page you were trying to access.<br />
If you continue to experience problems please contact your redMine administrator for assistance.</p>
If you continue to experience problems please contact your ChiliProject administrator for assistance.</p>
<p>If you are the ChiliProject administrator, check your log files for details about the error.</p>
<p><a href="javascript:history.back()">Back</a></p>
</body>
</html>

View File

@ -22,7 +22,7 @@ require 'roles_controller'
class RolesController; def rescue_action(e) raise e end; end
class RolesControllerTest < ActionController::TestCase
fixtures :roles, :users, :members, :member_roles, :workflows
fixtures :roles, :users, :members, :member_roles, :workflows, :trackers
def setup
@controller = RolesController.new

View File

@ -77,7 +77,7 @@ class AccountTest < ActionController::IntegrationTest
assert_template "account/lost_password"
post "account/lost_password", :mail => 'jSmith@somenet.foo'
assert_redirected_to "/login"
assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2F"
token = Token.find(:first)
assert_equal 'recovery', token.action
@ -144,6 +144,30 @@ class AccountTest < ActionController::IntegrationTest
log_user('newuser', 'newpass')
end
should_eventually "login after losing password should redirect back to home" do
visit "/login"
assert_response :success
click_link "Lost password"
assert_response :success
# Lost password form
fill_in "mail", :with => "admin@somenet.foo"
click_button "Submit"
assert_response :success # back to login page
assert_equal "/login", current_path
fill_in "Login:", :with => 'admin'
fill_in "Password:", :with => 'test'
click_button "login"
assert_response :success
assert_equal "/", current_path
end
if Object.const_defined?(:Mocha)
def test_onthefly_registration