1f4baaa27b
Take the password salt into account when checking for admin account change
2012-04-09 15:43:51 +02:00
8f06b77ccb
correct 'edit own issue notes' permission #966
2012-04-07 15:59:51 +02:00
e5de5f43cc
v3.1.0 merged
2012-04-05 13:22:02 +04:00
3183aa55ed
Set user_id as a protected attribute ( #922 ).
2012-04-04 14:21:41 +02:00
275163ead2
Prevent mass-assignment vulnerability when adding/updating a wiki ( #922 ).
2012-04-04 14:21:41 +02:00
fc5dfd5813
Prevent mass-assignment vulnerability when adding/updating a version ( #922 ).
2012-04-04 14:21:41 +02:00
a3f6b30e99
Prevent mass-assignment vulnerability when adding/updating a time entry ( #922 ).
2012-04-04 14:21:41 +02:00
5de377c5ee
Use safe_attributes= just like in #create. ( #922 )
2012-04-04 14:21:41 +02:00
305df19ab7
Prevent mass-assignment vulnerability when adding/updating a news ( #922 ).
2012-04-04 14:21:40 +02:00
c3ca5813d5
Prevent mass-assignment vulnerability when adding/updating a forum message ( #922 ).
2012-04-04 14:21:40 +02:00
384890c5ad
Prevent mass-assignment vulnerability when adding a project member ( #922 ).
2012-04-04 14:21:40 +02:00
e77cb6133d
Prevent mass-assignment vulnerability when adding/updating an issue category ( #922 ).
2012-04-04 14:21:39 +02:00
7505cb2ff0
Prevent mass-assignment vulnerability when adding/updating a document ( #922 ).
2012-04-04 14:21:39 +02:00
2eeb4b13a6
Prevent mass-assignment vulnerability when adding a news comment ( #922 ).
2012-04-04 14:21:39 +02:00
0a7c6e6774
Correct handling of @Rational#to_s@ on ruby 1.9 #887
...
Contributed by Martin S
2012-04-04 09:36:58 +02:00
6f064d3856
Activity: use default filter only on first request #861
2012-03-28 20:31:20 +02:00
c6af5c7982
Correct error message on group name #873
2012-03-28 08:56:06 +02:00
e6ec8ab30c
Remove length limits on some user fields #928
2012-03-25 09:40:56 +02:00
65b94d2014
Character encoding detection in attachments is now automatic
2012-03-24 23:39:46 +04:00
7b3280e5ad
Replace tables that were using the 'width' attribute with inline styles (should be replaced with an ID/class).
2012-03-23 11:22:58 +01:00
fd250726ce
Remove some inline styling and some depreciated table cell attributes and replace them with proper class names.
2012-03-23 11:22:57 +01:00
1cfd20e7e7
Fix missing cells and incorrect close order
2012-03-23 11:22:57 +01:00
b15e6d8305
Fix duplicated 'back_url' IDs
...
Various hidden input fields are used to hold a URL to send the user back
to the correct page after submitting a form, however, they all use the
same ID which isn't allowed in HTML. Passing in 'id' as nil stops the
'hidden_field_tag' from adding an ID attribute to the tag.
2012-03-23 11:22:57 +01:00
2a70e2704f
HTML corrections
2012-03-23 11:22:57 +01:00
23a857bf75
Remove hard-coded div on issue page
2012-03-21 21:07:21 +01:00
1b7ddb3cd7
jQuery version of the issue context menu
2012-03-21 21:06:58 +01:00
565aeabc79
Issue hierarchy on issue show view #906
2012-03-20 09:25:54 +01:00
efac256a6b
Design fix
...
The lower would only show if you have the permission to see/add related issues
2012-03-17 15:31:26 +01:00
f01194856f
Use the news description as event description #933
2012-03-17 13:55:36 +01:00
20eed68421
[ #739 ] Convert relative links to full links in textile
...
Textile doesn't "understand" :only_path => false and thus doesn't convert links of the form
<pre>"foo":/bar</pre>
to full URLs, this is done in a subsequent method akin to the wiki_lins and so on
2012-03-16 00:47:18 +01:00
2c76240544
Fix edit issue notes permission #888
2012-03-05 18:13:59 +01:00
724bd48494
Remove unused code
...
Since Rails 2.3.11, protect_from_forgery exclusively calls
handle_unverified_request which defaults to resetting the session. The old
code to handle an invalid CSRF token is not used anymore and is thus
removed to un-confuse people.
2012-03-05 12:50:44 +01:00
cbcce70400
Fix requiring SCM classes in dev mode #828
...
Change require to require_dependency so SCM classes get loaded on each request in dev mode
2012-02-24 15:44:02 +01:00
0fd499afca
Merge branch 'master' into unstable
2012-02-06 22:47:35 +01:00
aa3ab990d0
[ #593 ] Generate wiki content notifications in the JournalObserver
...
This will prevent the usage of the wrong wiki_content status.
The code is not overly pretty and deserves a thorough refactoring, but at
least it solves the problem at hand.
2012-02-06 22:44:44 +01:00
01fefe8d3b
[ #775 ] Don't create a new journal on parent message on reply
2012-01-31 16:02:56 +01:00
fb595ec7f9
[ #775 ] Don't create a new journal on Attachment#increment_download
2012-01-31 16:02:49 +01:00
3f99ee63ff
Always display our custom 404 page
2012-01-30 21:28:57 +01:00
185edcd283
Fix trailing whitespace
2012-01-18 19:26:03 +01:00
19f2ccd496
Update copyright for 2012
2012-01-18 19:25:13 +01:00
e85947c7d4
Merge branch 'master' into unstable
2012-01-18 19:18:27 +01:00
3c9e9764b0
[ #807 ] Re-add details class to maintain backwarts-compatible lasses
2012-01-17 23:43:28 +01:00
3f325243ce
Merge branch 'pulls/783/remove-new-issue-link-if-unauthorized' of https://github.com/finnlabs/chiliproject into unstable
2012-01-17 20:14:25 +01:00
323b5bebc8
[ #774 ] Move gravatar of issue author into the author tag
2012-01-17 19:31:02 +01:00
91c04f335d
[ #807 ] Move gravatar into the journal div
2012-01-17 19:25:53 +01:00
637ca24aed
Completely disable the Rails cache for tests
...
Settings extension to handle cache behaviour by Gregor Schmidt.
2012-01-16 15:54:05 +01:00
a938d582b1
[ #780 ] Clarify deprecation of Setting.clear_cache
2012-01-16 14:53:51 +01:00
33a8baf347
Merge branch 'pulls/780/setting-cache' of https://github.com/finnlabs/chiliproject into unstable
2012-01-16 14:50:34 +01:00
d7ebffb7ad
[ #795 ] Generate error flash on Liquid syntax error
2012-01-16 14:10:45 +01:00
61a65d4624
[ #827 ] Add status group in time entries report.
...
Patch provided by Jérôme BATAILLE.
Test from Jean-Philippe Lang.
2012-01-16 13:48:06 +01:00
0407abbd56
Hide the More menu if there are no items to show
2012-01-12 15:00:23 -08:00
4ce3b88473
Add a menu to view all projects since the main click event is blocked
2012-01-12 14:58:15 -08:00
cd0ea44ff8
[ #822 ] Provide a default log_encoding even if the db column is not present yet
2012-01-10 18:32:38 +01:00
3c3eb2f7e7
[ #790 ] Register variables with an API
2012-01-05 23:36:29 +01:00
0c87f611e9
Merge branch 'master' into unstable
...
Conflicts:
config/locales/bg.yml
config/locales/bs.yml
config/locales/ca.yml
config/locales/cs.yml
config/locales/da.yml
config/locales/de.yml
config/locales/el.yml
config/locales/en-GB.yml
config/locales/es.yml
config/locales/eu.yml
config/locales/fa.yml
config/locales/fi.yml
config/locales/fr.yml
config/locales/gl.yml
config/locales/he.yml
config/locales/hr.yml
config/locales/hu.yml
config/locales/id.yml
config/locales/it.yml
config/locales/ja.yml
config/locales/ko.yml
config/locales/lt.yml
config/locales/lv.yml
config/locales/mk.yml
config/locales/mn.yml
config/locales/nl.yml
config/locales/no.yml
config/locales/pl.yml
config/locales/pt-BR.yml
config/locales/pt.yml
config/locales/ro.yml
config/locales/ru.yml
config/locales/sk.yml
config/locales/sl.yml
config/locales/sr-YU.yml
config/locales/sr.yml
config/locales/sv.yml
config/locales/th.yml
config/locales/tr.yml
config/locales/uk.yml
config/locales/vi.yml
config/locales/zh-TW.yml
config/locales/zh.yml
db/migrate/20100217010520_add_custom_filter_to_auth_sources.rb
lib/chili_project/version.rb
2012-01-04 16:41:10 +01:00
4577e54f04
Fix trailing whitespace
2012-01-03 20:43:08 +01:00
e95b4992e4
Update copyright for 2012
...
We programmers have a nice new years tradition: We revisit all of our
projects and add 1 to a small number near a "(c)".
-- Volker Dusch
https://twitter.com/__edorian/status/153801913442373633
2012-01-03 20:36:40 +01:00
b8a7f2923a
Remove arbitrary limit on the Time Entry Report columns
...
Appears it was put in place to prevent wide reports but was actually
limiting the data, especially when putting a day in each column.
2011-12-29 15:24:03 -08:00
00df832126
Merge branch 'ticket/unstable/792-confirmation-emails' into unstable
2011-12-29 10:28:47 -08:00
66fe8287ce
[ #809 ] Fixed a nil object error in params.
2011-12-29 10:08:03 -08:00
c51d339512
[ #809 ] Multiple projects can now be assigned to a group or user.
...
* Added a Javascript autocomplete for searching Projects
* Updated the Users and Groups controllers' #edit_membership method to
create/update multiple Member records
2011-12-29 09:30:32 -08:00
af00598e5e
[ #809 ] Refactored a duplicate form to a partial.
2011-12-29 09:30:32 -08:00
38d0d530b0
[ #808 ] Show issue description diffs in the lightbox popup
2011-12-29 08:35:51 -08:00
4acee9e989
Add a reusable dialog-window for lightbox style popups
2011-12-29 08:35:51 -08:00
5ad97a4ea3
[ #808 ] Add JournalsController#diff to diff a single field
2011-12-29 08:35:45 -08:00
84cc8ab215
Guard against nil author or author emails in the Mailer.
2011-12-28 11:31:05 -08:00
ef00061568
[ #798 ] Fixed the sidebar design by moving #sidebar out of #main-menu
...
The #main-menu was used as the entire left column but was having styles
applied to it for the menu which were leaking onto the #sidebar. By
wrapping the column in a unique div the menu styles were isolated from
the sidebar styles.
2011-12-28 11:14:38 -08:00
15428fc092
[ #806 ] Add Board and Message watcher management
2011-12-28 11:03:24 -08:00
ce0c32ea02
Refactor: create the permission name dynamically to support other classes
2011-12-28 10:22:06 -08:00
97fe88f8d9
[ #805 ] Add the Watchers sidebar to Wiki Pages
2011-12-28 10:22:06 -08:00
16943d04f7
[ #802 ] Use the group.png icon as a Group avatar
2011-12-27 17:38:34 -08:00
8e3d4da376
[ #802 ] Show groups in the watchers partial and users autocomplete
2011-12-27 17:38:30 -08:00
65e7995682
[ #802 ] Change WatchersController to allow groups
2011-12-27 17:38:25 -08:00
e6e6a06fff
[ #802 ] Allow Groups to be added as a Watcher
2011-12-27 17:38:20 -08:00
10054cfd8f
[ #802 ] Move methods from User so other Principals can use them
2011-12-27 17:38:14 -08:00
c3555b1728
[ #800 #801 ] Exclude users already watching the issue
2011-12-27 17:09:29 -08:00
8160cd02bd
[ #800 #801 ] Add Javascript search to bulk add watchers to issues.
2011-12-27 17:09:24 -08:00
5deae7ebe3
[ #800 #801 ] Refactor AutoCompletesController#users to not be coupled to Groups
2011-12-27 17:09:19 -08:00
a110f1041d
[ #800 #801 ] Refactor the user auto complete method to the AutoCompletesController
2011-12-27 17:09:18 -08:00
3af5544dbc
[LSS#4190] Add watching to documents
2011-12-27 13:16:52 -08:00
72eadcc6ea
[ #796 ] Adds date range filter.
...
Based on r6226 from Redmine by Jean-Philippe Lang
2011-12-27 13:02:46 -08:00
dc541597ec
[ #792 ] Send email from mail_handler for emails which are missing required information
2011-12-26 17:39:29 -08:00
1dd07471ca
[ #792 ] Send email from mail_handler for emails missing a project
2011-12-26 17:38:26 -08:00
4ff670f5fa
[ #792 ] Send email from mail_handler for unauthorized actions
2011-12-26 17:38:25 -08:00
9f4683d71b
[ #792 ] Send email when mail_handler gets an email from an unknown user
2011-12-26 17:38:25 -08:00
331ecb4c4f
[ #792 ] Add confirmation emails for successful forum replies
2011-12-26 17:38:25 -08:00
7c7aca4f0c
[ #792 ] Add confirmation emails for successful issue replies
2011-12-26 17:38:25 -08:00
d53c4e9aae
[ #792 ] Add confirmation emails for successful issue creation
2011-12-26 17:38:24 -08:00
9d8fc86b8e
[ #792 ] Add settings for confirmation emails are sent for incoming mail
2011-12-26 17:38:19 -08:00
260e8b84f8
[ #674 ] Convert outbound mail to be sent per-recipient
...
Instead of a single email that is sent out with all the recipients as CC/BCC,
each recipient will be delivered their own email. This will let emails to be
customized per user based on their permissions, without exposing private data.
2011-12-26 16:58:43 -08:00
69ccbafaf4
[ #783 ] Removing link to new issue when missing permissions
2011-12-20 10:13:01 +01:00
6273891ae7
[ #780 ] Remove non-functional call to Setting.check_cache
2011-12-19 17:30:13 +01:00
92b6d43150
[ #780 ] using a changing cache key to avoid the need for explicit cache invalidation
...
This should work on all cache stores, since only the basic cache operations fetch and delete are used. The methods clear_cache and check_cache can no longer be supported. To sweep the whole cache Rails.cache.clear may be used. To invalidate the Settings only, you may use Setting.first.try(:touch).
2011-12-19 17:30:08 +01:00
745f889e92
Enforce UTF-8 source encoding
2011-12-18 21:40:14 +01:00
e1ac469cfb
Fix trailing whitespace
2011-12-18 21:40:01 +01:00
d24e8186b4
Merge remote-tracking branch 'chiliproject/master' into unstable
2011-12-18 21:33:05 +01:00
1ebec832af
[ #486 ] More menu items on the wiki annotate view.
2011-12-18 21:21:21 +01:00
44cf67032f
Merge pull request #142 from elm/custom-ldap-filter
...
[#388 ] Custom LDAP filter
2011-12-18 11:13:55 -08:00
b135162c5b
Login should redirect to welcome/home page if already logged in.
2011-12-18 19:49:35 +01:00
81f6635878
Remove debug code. Sorry for that...
2011-12-18 15:58:42 +01:00
Holger Just
Felix Schäfer
Kolan Sh
Jean-Philippe Lang
Robert Mitwicki
Andrew Smith
Andrew Smith
Holger Just
Michaël Rigart
Eric Davis
Gregor Schmidt
Tom Rochette