Merge branch 'master' into unstable
Conflicts: doc/CHANGELOG.rdoc
This commit is contained in:
commit
bdc7325a82
|
@ -66,7 +66,7 @@ class AccountController < ApplicationController
|
||||||
if token.save
|
if token.save
|
||||||
Mailer.deliver_lost_password(token)
|
Mailer.deliver_lost_password(token)
|
||||||
flash[:notice] = l(:notice_account_lost_email_sent)
|
flash[:notice] = l(:notice_account_lost_email_sent)
|
||||||
redirect_to :action => 'login'
|
redirect_to :action => 'login', :back_url => home_url
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -275,6 +275,7 @@ class ApplicationController < ActionController::Base
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
redirect_to default
|
redirect_to default
|
||||||
|
false
|
||||||
end
|
end
|
||||||
|
|
||||||
def render_403(options={})
|
def render_403(options={})
|
||||||
|
|
|
@ -38,8 +38,9 @@ class CustomFieldsController < ApplicationController
|
||||||
flash[:notice] = l(:notice_successful_create)
|
flash[:notice] = l(:notice_successful_create)
|
||||||
call_hook(:controller_custom_fields_new_after_save, :params => params, :custom_field => @custom_field)
|
call_hook(:controller_custom_fields_new_after_save, :params => params, :custom_field => @custom_field)
|
||||||
redirect_to :action => 'index', :tab => @custom_field.class.name
|
redirect_to :action => 'index', :tab => @custom_field.class.name
|
||||||
|
else
|
||||||
|
@trackers = Tracker.find(:all, :order => 'position')
|
||||||
end
|
end
|
||||||
@trackers = Tracker.find(:all, :order => 'position')
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
|
@ -48,8 +49,9 @@ class CustomFieldsController < ApplicationController
|
||||||
flash[:notice] = l(:notice_successful_update)
|
flash[:notice] = l(:notice_successful_update)
|
||||||
call_hook(:controller_custom_fields_edit_after_save, :params => params, :custom_field => @custom_field)
|
call_hook(:controller_custom_fields_edit_after_save, :params => params, :custom_field => @custom_field)
|
||||||
redirect_to :action => 'index', :tab => @custom_field.class.name
|
redirect_to :action => 'index', :tab => @custom_field.class.name
|
||||||
|
else
|
||||||
|
@trackers = Tracker.find(:all, :order => 'position')
|
||||||
end
|
end
|
||||||
@trackers = Tracker.find(:all, :order => 'position')
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
|
|
|
@ -74,10 +74,12 @@ class EnumerationsController < ApplicationController
|
||||||
# No associated objects
|
# No associated objects
|
||||||
@enumeration.destroy
|
@enumeration.destroy
|
||||||
redirect_to :action => 'index'
|
redirect_to :action => 'index'
|
||||||
|
return
|
||||||
elsif params[:reassign_to_id]
|
elsif params[:reassign_to_id]
|
||||||
if reassign_to = @enumeration.class.find_by_id(params[:reassign_to_id])
|
if reassign_to = @enumeration.class.find_by_id(params[:reassign_to_id])
|
||||||
@enumeration.destroy(reassign_to)
|
@enumeration.destroy(reassign_to)
|
||||||
redirect_to :action => 'index'
|
redirect_to :action => 'index'
|
||||||
|
return
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
@enumerations = @enumeration.class.find(:all) - [@enumeration]
|
@enumerations = @enumeration.class.find(:all) - [@enumeration]
|
||||||
|
|
|
@ -65,10 +65,12 @@ class IssueCategoriesController < ApplicationController
|
||||||
# No issue assigned to this category
|
# No issue assigned to this category
|
||||||
@category.destroy
|
@category.destroy
|
||||||
redirect_to :controller => 'projects', :action => 'settings', :id => @project, :tab => 'categories'
|
redirect_to :controller => 'projects', :action => 'settings', :id => @project, :tab => 'categories'
|
||||||
|
return
|
||||||
elsif params[:todo]
|
elsif params[:todo]
|
||||||
reassign_to = @project.issue_categories.find_by_id(params[:reassign_to_id]) if params[:todo] == 'reassign'
|
reassign_to = @project.issue_categories.find_by_id(params[:reassign_to_id]) if params[:todo] == 'reassign'
|
||||||
@category.destroy(reassign_to)
|
@category.destroy(reassign_to)
|
||||||
redirect_to :controller => 'projects', :action => 'settings', :id => @project, :tab => 'categories'
|
redirect_to :controller => 'projects', :action => 'settings', :id => @project, :tab => 'categories'
|
||||||
|
return
|
||||||
end
|
end
|
||||||
@categories = @project.issue_categories - [@category]
|
@categories = @project.issue_categories - [@category]
|
||||||
end
|
end
|
||||||
|
|
|
@ -38,9 +38,10 @@ class RolesController < ApplicationController
|
||||||
end
|
end
|
||||||
flash[:notice] = l(:notice_successful_create)
|
flash[:notice] = l(:notice_successful_create)
|
||||||
redirect_to :action => 'index'
|
redirect_to :action => 'index'
|
||||||
|
else
|
||||||
|
@permissions = @role.setable_permissions
|
||||||
|
@roles = Role.find :all, :order => 'builtin, position'
|
||||||
end
|
end
|
||||||
@permissions = @role.setable_permissions
|
|
||||||
@roles = Role.find :all, :order => 'builtin, position'
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
|
@ -48,8 +49,9 @@ class RolesController < ApplicationController
|
||||||
if request.post? and @role.update_attributes(params[:role])
|
if request.post? and @role.update_attributes(params[:role])
|
||||||
flash[:notice] = l(:notice_successful_update)
|
flash[:notice] = l(:notice_successful_update)
|
||||||
redirect_to :action => 'index'
|
redirect_to :action => 'index'
|
||||||
|
else
|
||||||
|
@permissions = @role.setable_permissions
|
||||||
end
|
end
|
||||||
@permissions = @role.setable_permissions
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
|
|
|
@ -36,16 +36,16 @@ class SettingsController < ApplicationController
|
||||||
end
|
end
|
||||||
flash[:notice] = l(:notice_successful_update)
|
flash[:notice] = l(:notice_successful_update)
|
||||||
redirect_to :action => 'edit', :tab => params[:tab]
|
redirect_to :action => 'edit', :tab => params[:tab]
|
||||||
return
|
else
|
||||||
end
|
@options = {}
|
||||||
@options = {}
|
@options[:user_format] = User::USER_FORMATS.keys.collect {|f| [User.current.name(f), f.to_s] }
|
||||||
@options[:user_format] = User::USER_FORMATS.keys.collect {|f| [User.current.name(f), f.to_s] }
|
@deliveries = ActionMailer::Base.perform_deliveries
|
||||||
@deliveries = ActionMailer::Base.perform_deliveries
|
|
||||||
|
|
||||||
@guessed_host_and_path = request.host_with_port.dup
|
@guessed_host_and_path = request.host_with_port.dup
|
||||||
@guessed_host_and_path << ('/'+ Redmine::Utils.relative_url_root.gsub(%r{^\/}, '')) unless Redmine::Utils.relative_url_root.blank?
|
@guessed_host_and_path << ('/'+ Redmine::Utils.relative_url_root.gsub(%r{^\/}, '')) unless Redmine::Utils.relative_url_root.blank?
|
||||||
|
|
||||||
Redmine::Themes.rescan
|
Redmine::Themes.rescan
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def plugin
|
def plugin
|
||||||
|
@ -54,9 +54,10 @@ class SettingsController < ApplicationController
|
||||||
Setting["plugin_#{@plugin.id}"] = params[:settings]
|
Setting["plugin_#{@plugin.id}"] = params[:settings]
|
||||||
flash[:notice] = l(:notice_successful_update)
|
flash[:notice] = l(:notice_successful_update)
|
||||||
redirect_to :action => 'plugin', :id => @plugin.id
|
redirect_to :action => 'plugin', :id => @plugin.id
|
||||||
|
else
|
||||||
|
@partial = @plugin.settings[:partial]
|
||||||
|
@settings = Setting["plugin_#{@plugin.id}"]
|
||||||
end
|
end
|
||||||
@partial = @plugin.settings[:partial]
|
|
||||||
@settings = Setting["plugin_#{@plugin.id}"]
|
|
||||||
rescue Redmine::PluginNotFound
|
rescue Redmine::PluginNotFound
|
||||||
render_404
|
render_404
|
||||||
end
|
end
|
||||||
|
|
|
@ -19,6 +19,12 @@
|
||||||
* Patch #7598: Extensible MailHandler
|
* Patch #7598: Extensible MailHandler
|
||||||
* Patch #7795: Internal server error at journals#index with custom fields
|
* Patch #7795: Internal server error at journals#index with custom fields
|
||||||
|
|
||||||
|
== 2011-05-01 v1.3.0
|
||||||
|
|
||||||
|
* Bug #309: The login screen after lost_password redirects back to lost_password after you login
|
||||||
|
* Bug #347: Potential Security Vulnerability - Execution After Redirect
|
||||||
|
* Bug #352: Errorpage should be modified
|
||||||
|
|
||||||
== 2011-03-27 v1.2.0
|
== 2011-03-27 v1.2.0
|
||||||
|
|
||||||
* Bug #209: Don't hardcode user viewable labels (like "Path to .git repository")
|
* Bug #209: Don't hardcode user viewable labels (like "Path to .git repository")
|
||||||
|
|
|
@ -3,7 +3,7 @@ require 'rexml/document'
|
||||||
module Redmine
|
module Redmine
|
||||||
module VERSION #:nodoc:
|
module VERSION #:nodoc:
|
||||||
MAJOR = 1
|
MAJOR = 1
|
||||||
MINOR = 2
|
MINOR = 3
|
||||||
PATCH = 0
|
PATCH = 0
|
||||||
TINY = PATCH # Redmine compat
|
TINY = PATCH # Redmine compat
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||||
"http://www.w3.org/TR/html4/loose.dtd">
|
"http://www.w3.org/TR/html4/loose.dtd">
|
||||||
<html>
|
<html>
|
||||||
<title>redMine 404 error</title>
|
<title>ChiliProject 404 error</title>
|
||||||
<style>
|
<style>
|
||||||
body{
|
body{
|
||||||
font-family: Trebuchet MS,Georgia,"Times New Roman",serif;
|
font-family: Trebuchet MS,Georgia,"Times New Roman",serif;
|
||||||
|
@ -20,4 +20,4 @@ font-size:0.8em;
|
||||||
<p>The page you were trying to access doesn't exist or has been removed.</p>
|
<p>The page you were trying to access doesn't exist or has been removed.</p>
|
||||||
<p><a href="javascript:history.back()">Back</a></p>
|
<p><a href="javascript:history.back()">Back</a></p>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||||
"http://www.w3.org/TR/html4/loose.dtd">
|
"http://www.w3.org/TR/html4/loose.dtd">
|
||||||
<html>
|
<html>
|
||||||
<title>redMine 500 error</title>
|
<title>ChiliProject 500 error</title>
|
||||||
<style>
|
<style>
|
||||||
body{
|
body{
|
||||||
font-family: Trebuchet MS,Georgia,"Times New Roman",serif;
|
font-family: Trebuchet MS,Georgia,"Times New Roman",serif;
|
||||||
|
@ -18,7 +18,9 @@ font-size:0.8em;
|
||||||
<body>
|
<body>
|
||||||
<h1>Internal error</h1>
|
<h1>Internal error</h1>
|
||||||
<p>An error occurred on the page you were trying to access.<br />
|
<p>An error occurred on the page you were trying to access.<br />
|
||||||
If you continue to experience problems please contact your redMine administrator for assistance.</p>
|
If you continue to experience problems please contact your ChiliProject administrator for assistance.</p>
|
||||||
|
|
||||||
|
<p>If you are the ChiliProject administrator, check your log files for details about the error.</p>
|
||||||
<p><a href="javascript:history.back()">Back</a></p>
|
<p><a href="javascript:history.back()">Back</a></p>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -22,7 +22,7 @@ require 'roles_controller'
|
||||||
class RolesController; def rescue_action(e) raise e end; end
|
class RolesController; def rescue_action(e) raise e end; end
|
||||||
|
|
||||||
class RolesControllerTest < ActionController::TestCase
|
class RolesControllerTest < ActionController::TestCase
|
||||||
fixtures :roles, :users, :members, :member_roles, :workflows
|
fixtures :roles, :users, :members, :member_roles, :workflows, :trackers
|
||||||
|
|
||||||
def setup
|
def setup
|
||||||
@controller = RolesController.new
|
@controller = RolesController.new
|
||||||
|
|
|
@ -77,7 +77,7 @@ class AccountTest < ActionController::IntegrationTest
|
||||||
assert_template "account/lost_password"
|
assert_template "account/lost_password"
|
||||||
|
|
||||||
post "account/lost_password", :mail => 'jSmith@somenet.foo'
|
post "account/lost_password", :mail => 'jSmith@somenet.foo'
|
||||||
assert_redirected_to "/login"
|
assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2F"
|
||||||
|
|
||||||
token = Token.find(:first)
|
token = Token.find(:first)
|
||||||
assert_equal 'recovery', token.action
|
assert_equal 'recovery', token.action
|
||||||
|
@ -143,6 +143,30 @@ class AccountTest < ActionController::IntegrationTest
|
||||||
assert_redirected_to '/login'
|
assert_redirected_to '/login'
|
||||||
log_user('newuser', 'newpass')
|
log_user('newuser', 'newpass')
|
||||||
end
|
end
|
||||||
|
|
||||||
|
should_eventually "login after losing password should redirect back to home" do
|
||||||
|
visit "/login"
|
||||||
|
assert_response :success
|
||||||
|
|
||||||
|
click_link "Lost password"
|
||||||
|
assert_response :success
|
||||||
|
|
||||||
|
# Lost password form
|
||||||
|
fill_in "mail", :with => "admin@somenet.foo"
|
||||||
|
click_button "Submit"
|
||||||
|
|
||||||
|
assert_response :success # back to login page
|
||||||
|
assert_equal "/login", current_path
|
||||||
|
|
||||||
|
fill_in "Login:", :with => 'admin'
|
||||||
|
fill_in "Password:", :with => 'test'
|
||||||
|
click_button "login"
|
||||||
|
|
||||||
|
assert_response :success
|
||||||
|
assert_equal "/", current_path
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
if Object.const_defined?(:Mocha)
|
if Object.const_defined?(:Mocha)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue