Commit Graph

1082 Commits

Author SHA1 Message Date
Felix Schäfer 1d3cdf1fa9 Correct email sending on attachment to document #1008 2012-05-18 22:45:52 +02:00
Holger Just 2bcd8787d3 Remove cookie cleaning method as it is not required anymore 2012-04-13 13:44:16 +02:00
Holger Just b169f02377 REMEMBER: ALWAYS RUN THE TESTS! 2012-04-09 15:46:06 +02:00
Holger Just 1f4baaa27b Take the password salt into account when checking for admin account change 2012-04-09 15:43:51 +02:00
Jean-Philippe Lang 275163ead2 Prevent mass-assignment vulnerability when adding/updating a wiki (#922). 2012-04-04 14:21:41 +02:00
Jean-Philippe Lang fc5dfd5813 Prevent mass-assignment vulnerability when adding/updating a version (#922). 2012-04-04 14:21:41 +02:00
Jean-Philippe Lang a3f6b30e99 Prevent mass-assignment vulnerability when adding/updating a time entry (#922). 2012-04-04 14:21:41 +02:00
Jean-Philippe Lang 5de377c5ee Use safe_attributes= just like in #create. (#922) 2012-04-04 14:21:41 +02:00
Jean-Philippe Lang 305df19ab7 Prevent mass-assignment vulnerability when adding/updating a news (#922). 2012-04-04 14:21:40 +02:00
Jean-Philippe Lang c3ca5813d5 Prevent mass-assignment vulnerability when adding/updating a forum message (#922). 2012-04-04 14:21:40 +02:00
Jean-Philippe Lang 384890c5ad Prevent mass-assignment vulnerability when adding a project member (#922). 2012-04-04 14:21:40 +02:00
Jean-Philippe Lang e77cb6133d Prevent mass-assignment vulnerability when adding/updating an issue category (#922). 2012-04-04 14:21:39 +02:00
Jean-Philippe Lang 7505cb2ff0 Prevent mass-assignment vulnerability when adding/updating a document (#922). 2012-04-04 14:21:39 +02:00
Jean-Philippe Lang 2eeb4b13a6 Prevent mass-assignment vulnerability when adding a news comment (#922). 2012-04-04 14:21:39 +02:00
Felix Schäfer 6f064d3856 Activity: use default filter only on first request #861 2012-03-28 20:31:20 +02:00
Holger Just 724bd48494 Remove unused code
Since Rails 2.3.11, protect_from_forgery exclusively calls
handle_unverified_request which defaults to resetting the session. The old
code to handle an invalid CSRF token is not used anymore and is thus
removed to un-confuse people.
2012-03-05 12:50:44 +01:00
Holger Just 3f99ee63ff Always display our custom 404 page 2012-01-30 21:28:57 +01:00
Holger Just 185edcd283 Fix trailing whitespace 2012-01-18 19:26:03 +01:00
Holger Just 33a8baf347 Merge branch 'pulls/780/setting-cache' of https://github.com/finnlabs/chiliproject into unstable 2012-01-16 14:50:34 +01:00
Holger Just 61a65d4624 [#827] Add status group in time entries report.
Patch provided by Jérôme BATAILLE.
Test from Jean-Philippe Lang.
2012-01-16 13:48:06 +01:00
Holger Just 0c87f611e9 Merge branch 'master' into unstable
Conflicts:
	config/locales/bg.yml
	config/locales/bs.yml
	config/locales/ca.yml
	config/locales/cs.yml
	config/locales/da.yml
	config/locales/de.yml
	config/locales/el.yml
	config/locales/en-GB.yml
	config/locales/es.yml
	config/locales/eu.yml
	config/locales/fa.yml
	config/locales/fi.yml
	config/locales/fr.yml
	config/locales/gl.yml
	config/locales/he.yml
	config/locales/hr.yml
	config/locales/hu.yml
	config/locales/id.yml
	config/locales/it.yml
	config/locales/ja.yml
	config/locales/ko.yml
	config/locales/lt.yml
	config/locales/lv.yml
	config/locales/mk.yml
	config/locales/mn.yml
	config/locales/nl.yml
	config/locales/no.yml
	config/locales/pl.yml
	config/locales/pt-BR.yml
	config/locales/pt.yml
	config/locales/ro.yml
	config/locales/ru.yml
	config/locales/sk.yml
	config/locales/sl.yml
	config/locales/sr-YU.yml
	config/locales/sr.yml
	config/locales/sv.yml
	config/locales/th.yml
	config/locales/tr.yml
	config/locales/uk.yml
	config/locales/vi.yml
	config/locales/zh-TW.yml
	config/locales/zh.yml
	db/migrate/20100217010520_add_custom_filter_to_auth_sources.rb
	lib/chili_project/version.rb
2012-01-04 16:41:10 +01:00
Holger Just e95b4992e4 Update copyright for 2012
We programmers have a nice new years tradition: We revisit all of our
projects and add 1 to a small number near a "(c)".

-- Volker Dusch
https://twitter.com/__edorian/status/153801913442373633
2012-01-03 20:36:40 +01:00
Eric Davis b8a7f2923a Remove arbitrary limit on the Time Entry Report columns
Appears it was put in place to prevent wide reports but was actually
limiting the data, especially when putting a day in each column.
2011-12-29 15:24:03 -08:00
Eric Davis 66fe8287ce [#809] Fixed a nil object error in params. 2011-12-29 10:08:03 -08:00
Eric Davis c51d339512 [#809] Multiple projects can now be assigned to a group or user.
* Added a Javascript autocomplete for searching Projects
* Updated the Users and Groups controllers' #edit_membership method to
  create/update multiple Member records
2011-12-29 09:30:32 -08:00
Eric Davis 38d0d530b0 [#808] Show issue description diffs in the lightbox popup 2011-12-29 08:35:51 -08:00
Eric Davis 5ad97a4ea3 [#808] Add JournalsController#diff to diff a single field 2011-12-29 08:35:45 -08:00
Eric Davis ce0c32ea02 Refactor: create the permission name dynamically to support other classes 2011-12-28 10:22:06 -08:00
Eric Davis 97fe88f8d9 [#805] Add the Watchers sidebar to Wiki Pages 2011-12-28 10:22:06 -08:00
Eric Davis 8e3d4da376 [#802] Show groups in the watchers partial and users autocomplete 2011-12-27 17:38:30 -08:00
Eric Davis 65e7995682 [#802] Change WatchersController to allow groups 2011-12-27 17:38:25 -08:00
Eric Davis c3555b1728 [#800 #801] Exclude users already watching the issue 2011-12-27 17:09:29 -08:00
Eric Davis 8160cd02bd [#800 #801] Add Javascript search to bulk add watchers to issues. 2011-12-27 17:09:24 -08:00
Eric Davis 5deae7ebe3 [#800 #801] Refactor AutoCompletesController#users to not be coupled to Groups 2011-12-27 17:09:19 -08:00
Eric Davis a110f1041d [#800 #801] Refactor the user auto complete method to the AutoCompletesController 2011-12-27 17:09:18 -08:00
Eric Davis 3af5544dbc [LSS#4190] Add watching to documents 2011-12-27 13:16:52 -08:00
Eric Davis 260e8b84f8 [#674] Convert outbound mail to be sent per-recipient
Instead of a single email that is sent out with all the recipients as CC/BCC,
each recipient will be delivered their own email. This will let emails to be
customized per user based on their permissions, without exposing private data.
2011-12-26 16:58:43 -08:00
Gregor Schmidt 6273891ae7 [#780] Remove non-functional call to Setting.check_cache 2011-12-19 17:30:13 +01:00
Holger Just d24e8186b4 Merge remote-tracking branch 'chiliproject/master' into unstable 2011-12-18 21:33:05 +01:00
Felix Schäfer 1ebec832af [#486] More menu items on the wiki annotate view. 2011-12-18 21:21:21 +01:00
Tom Rochette b135162c5b Login should redirect to welcome/home page if already logged in. 2011-12-18 19:49:35 +01:00
Holger Just 81f6635878 Remove debug code. Sorry for that... 2011-12-18 15:58:42 +01:00
Holger Just 0049f82182 Redirect back to where I came from when loggin in via the menu form 2011-12-18 12:28:32 +01:00
Holger Just 58a7182e2d Use the correct subject id for quoting 2011-12-18 12:04:13 +01:00
Eric Davis ee48a8da4f Merge branch 'ticket/unstable/692-final-design' into unstable 2011-12-10 10:40:09 -08:00
Romano Licker e371bcad24 [#692] fixes admin-menu
new design on ticket view
filter / options / attachments fieldset redesign
2011-12-09 18:06:12 -08:00
Felix Schäfer 1d21cab2e4 Merge branch 'master' into unstable
Conflicts:
	app/views/projects/index.rhtml
	lib/chili_project/compatibility.rb
2011-12-01 17:46:05 +01:00
Felix Schäfer 03d956c360 Merge pull request #90 from meineerde/issues/master/124-delete-registered-users
[124] delete registered users
2011-11-25 09:47:12 -08:00
Felix Schäfer b1671e46f0 Merge pull request #111 from edavis10/ticket/unstable/672-query-subprojects
#672 Allow queries to include subproject issues
2011-11-13 12:11:52 -08:00
Holger Just 21a45b4e52 [#676] Enforce UTF-8 encodings on the params hash
Contributed by Toshi MARUYAMA
2011-10-30 11:25:56 +01:00