Commit Graph

4989 Commits

Author SHA1 Message Date
Holger Just 6e46c5e945 Update changelog for 2.5.0 release 2011-11-30 20:42:04 +01:00
Holger Just c2edd624a6 Fix trailing whitespace 2011-11-30 20:29:59 +01:00
Holger Just 5e171001bc [#709] Fix cache poisoning vector if credential caching is enabled.
The cache did not distinguish between cached credentials for read and write
access. As it does not check permissions again if there is a cache hit, users
with authorization for either reading or writing could poison the cache and
subsequently authorize themselves for both access types.

Original fix is by Jean-Philippe Lang, http://www.redmine.org/issues/9567
2011-11-30 20:29:58 +01:00
Holger Just 24538a4af2 [#735] Log time form on issue update should only be displayed with log_time permission
Based on a patch by Jean-Philippe Lang.
2011-11-30 20:28:20 +01:00
Holger Just 59dc103492 [#735] Don't allow time entry creation with only edit permission
Based on a patch by Jean-Philippe Lang.
2011-11-30 20:27:59 +01:00
Holger Just c5b83b8709 [#735] Don't allow time entry edits with only log_time permission
Based on a patch by Jean-Philippe Lang.
2011-11-30 20:27:59 +01:00
Felix Schäfer 42363c32f7 Better checks for previous commit. 2011-11-30 18:08:36 +01:00
Felix Schäfer f333f43a57 [#736] force recipients/cc to arrays in the Mailer
String#delete might break on 1.9 with dashes in the author's email address. Furthermore, String#delete doesn't do what the original author thought it does.
2011-11-30 18:04:09 +01:00
Felix Schäfer add0bf4d0a Don't double-escape project names in base layout. 2011-11-27 17:01:46 +01:00
Holger Just 8c26dea72d Add catch-all compatibility check, defaults to false 2011-11-26 22:21:48 +01:00
Holger Just ce5ffed6a3 Require bundler 1.0.6.
Only that version introduced the mingw platforms we use in our Gemfile.
2011-11-26 12:26:11 +01:00
Eric Davis 261aca658c Merge pull request #133 from schmidt/pulls/725/master
[#725] Compatibility check for jQuery availability (master)
2011-11-25 12:50:08 -08:00
Felix Schäfer 166d65b26d [#258] Unvendor net-ldap 2011-11-25 20:54:23 +01:00
Eric Davis 1322fbbad0 Merge pull request #129 from jwalkerbg/master
Added Bulgarian translation of several strings
2011-11-25 11:28:45 -08:00
Gregor Schmidt be44bbe597 [#725] Add compatibility check for jQuery availability
In the current master a.k.a. ChiliProject 2.x, there is
no jQuery loaded by core.
2011-11-25 20:18:10 +01:00
Felix Schäfer 574419bbb1 Merge pull request #126 from mbreit/bugfix/711-tabular_form_builder_ruby19
[#711] Fix TabularFormBuilder on Ruby 1.9

This is actually a bug in rails 2.3.14 on ruby 1.9 -- Felix
2011-11-25 11:04:35 -08:00
jwalkerbg d8daeffa7b Added Bulgarian translation of several strings. 2011-11-25 20:32:27 +02:00
Felix Schäfer 8b7ee93f90 Merge pull request #124 from mbreit/bugfix/707-wiki-diff-encoding-error-ruby19
[#707] Fix encoding error on wiki diffs on Ruby 1.9
2011-11-25 09:48:52 -08:00
Felix Schäfer 03d956c360 Merge pull request #90 from meineerde/issues/master/124-delete-registered-users
[124] delete registered users
2011-11-25 09:47:12 -08:00
Felix Schäfer a80f822481 Merge pull request #123 from mbreit/bugfix/698-issue-query-ruby19
[#698] Fix single-value query atoms in issue queries on Ruby 1.9
2011-11-25 09:45:49 -08:00
Eric Davis a0d95a87e9 [#706] Add plugin hooks to projects/index
Contributed by David O
2011-11-25 02:21:11 -08:00
Moritz Breit d15c851bb3 [#711] Fix TabularFormBuilder on Ruby 1.9.2 2011-11-17 11:32:13 +01:00
Moritz Breit 60db868470 [#707] Fix encoding error on wiki diffs on Ruby 1.9
WikiDiff#to_html returns a string with ASCII encoding if
the WikiJournal content has been Zlib compressed because
Zlib::Inflate.inflate returns strings with ASCII encoding.
Forcing the encoding to be UTF8 fixes this bug.
2011-11-16 17:39:26 +01:00
Moritz Breit c3df17585d [#698] Fix issue queries on Ruby 1.9 2011-11-16 14:22:43 +01:00
Holger Just 0462fa973b [#688] Truncate garbage from the end of the changelog. 2011-11-08 11:40:27 +01:00
Felix Schäfer af50984023 Better decide if journal implements the method itself. #554 2011-11-06 13:25:31 +01:00
Holger Just 8eb72a3c74 Merge branch 'release-v2.4.0' 2011-10-31 18:17:54 +01:00
Holger Just 9e9b6e786e Bump version to 2.4.0 2011-10-31 17:35:19 +01:00
Holger Just cb0d4725ad Only allow the mysql database adapter on Ruby 1.8 2011-10-31 17:33:51 +01:00
Holger Just 29ab88c7f3 Update changelog for 2.4.0 release 2011-10-31 17:28:34 +01:00
Holger Just ba93eb24c4 Fix trailing whitespace 2011-10-31 17:26:14 +01:00
Holger Just 09b1545c37 Update i18n labels 2011-10-31 17:25:19 +01:00
Holger Just cb2086f652 [#647] Fix XSS in textile image syntax.
Image URLs are not properly escaped in the bundled RedCloth3 library.
It thus allowed an XSS vector.

The patch was adapted from r7570 from Redmine by Etiene Massip. See also
http://www.redmine.org/issues/9245.
2011-10-31 17:22:34 +01:00
Holger Just 21a45b4e52 [#676] Enforce UTF-8 encodings on the params hash
Contributed by Toshi MARUYAMA
2011-10-30 11:25:56 +01:00
Holger Just 2f4afeeb38 [#615] Generate project identifier automatically with JavaScript
Also let the user know that the identifier must start with a lower case letter.

Contributed by Jan Schulz-Hofen.
2011-10-30 10:33:20 +01:00
Holger Just 667c4d157f [#591] Merge branch 'issues/master/591-ruby-19-compatibility' from 'meineerde' 2011-10-29 21:22:35 +02:00
Felix Schäfer 6fcb1de63a Graciously handle deleted custom fields on issue history view. 2011-10-29 18:29:18 +02:00
Felix Schäfer 92dd2934ae Merge pull request #106 from finnlabs/pulls/652/fixes_redirect_containing_umlaute
[#652] fixes wrong redirect after login
2011-10-29 08:47:02 -07:00
Holger Just 91070236db Set source encoding to UTF-8 2011-10-29 14:48:03 +02:00
Holger Just 0befef718f Add rake task to set magic comments for source encoding 2011-10-29 14:47:56 +02:00
Holger Just 0ed5cb3f05 Set internal and external encoding to UTF-8 2011-10-29 14:47:56 +02:00
Holger Just 3cc95353cd Merge commit '873b2b69064d7724c6fc804813fb9e65c14558dc'
Conflicts:
	config/locales/nl.yml
2011-10-29 14:40:16 +02:00
Holger Just 917c36c27f Update missing i18n strings 2011-10-29 14:35:29 +02:00
Holger Just ec6221b7fe Use class instead of redundant id 2011-10-29 14:28:51 +02:00
Holger Just fd3d67937c Fix typo 2011-10-29 14:23:22 +02:00
Holger Just f1a8373d49 Remove non-break space 2011-10-28 17:46:24 +02:00
Holger Just e48327893f [#667] Label all input field and control tags 2011-10-28 17:10:39 +02:00
Romano Licker 5036478017 [#667] improved code readability 2011-10-28 17:05:36 +02:00
Romano Licker e8a42c9337 [667] corrected spelling error for mail notification 2011-10-28 17:05:33 +02:00
Romano Licker fed98990dd [667] corrected german translation for 'notes' 2011-10-28 17:05:29 +02:00