Holger Just
6e46c5e945
Update changelog for 2.5.0 release
2011-11-30 20:42:04 +01:00
Holger Just
c2edd624a6
Fix trailing whitespace
2011-11-30 20:29:59 +01:00
Holger Just
5e171001bc
[ #709 ] Fix cache poisoning vector if credential caching is enabled.
...
The cache did not distinguish between cached credentials for read and write
access. As it does not check permissions again if there is a cache hit, users
with authorization for either reading or writing could poison the cache and
subsequently authorize themselves for both access types.
Original fix is by Jean-Philippe Lang, http://www.redmine.org/issues/9567
2011-11-30 20:29:58 +01:00
Holger Just
24538a4af2
[ #735 ] Log time form on issue update should only be displayed with log_time permission
...
Based on a patch by Jean-Philippe Lang.
2011-11-30 20:28:20 +01:00
Holger Just
59dc103492
[ #735 ] Don't allow time entry creation with only edit permission
...
Based on a patch by Jean-Philippe Lang.
2011-11-30 20:27:59 +01:00
Holger Just
c5b83b8709
[ #735 ] Don't allow time entry edits with only log_time permission
...
Based on a patch by Jean-Philippe Lang.
2011-11-30 20:27:59 +01:00
Felix Schäfer
42363c32f7
Better checks for previous commit.
2011-11-30 18:08:36 +01:00
Felix Schäfer
f333f43a57
[ #736 ] force recipients/cc to arrays in the Mailer
...
String#delete might break on 1.9 with dashes in the author's email address. Furthermore, String#delete doesn't do what the original author thought it does.
2011-11-30 18:04:09 +01:00
Felix Schäfer
add0bf4d0a
Don't double-escape project names in base layout.
2011-11-27 17:01:46 +01:00
Holger Just
8c26dea72d
Add catch-all compatibility check, defaults to false
2011-11-26 22:21:48 +01:00
Holger Just
ce5ffed6a3
Require bundler 1.0.6.
...
Only that version introduced the mingw platforms we use in our Gemfile.
2011-11-26 12:26:11 +01:00
Eric Davis
261aca658c
Merge pull request #133 from schmidt/pulls/725/master
...
[#725 ] Compatibility check for jQuery availability (master)
2011-11-25 12:50:08 -08:00
Felix Schäfer
166d65b26d
[ #258 ] Unvendor net-ldap
2011-11-25 20:54:23 +01:00
Eric Davis
1322fbbad0
Merge pull request #129 from jwalkerbg/master
...
Added Bulgarian translation of several strings
2011-11-25 11:28:45 -08:00
Gregor Schmidt
be44bbe597
[ #725 ] Add compatibility check for jQuery availability
...
In the current master a.k.a. ChiliProject 2.x, there is
no jQuery loaded by core.
2011-11-25 20:18:10 +01:00
Felix Schäfer
574419bbb1
Merge pull request #126 from mbreit/bugfix/711-tabular_form_builder_ruby19
...
[#711 ] Fix TabularFormBuilder on Ruby 1.9
This is actually a bug in rails 2.3.14 on ruby 1.9 -- Felix
2011-11-25 11:04:35 -08:00
jwalkerbg
d8daeffa7b
Added Bulgarian translation of several strings.
2011-11-25 20:32:27 +02:00
Felix Schäfer
8b7ee93f90
Merge pull request #124 from mbreit/bugfix/707-wiki-diff-encoding-error-ruby19
...
[#707 ] Fix encoding error on wiki diffs on Ruby 1.9
2011-11-25 09:48:52 -08:00
Felix Schäfer
03d956c360
Merge pull request #90 from meineerde/issues/master/124-delete-registered-users
...
[124] delete registered users
2011-11-25 09:47:12 -08:00
Felix Schäfer
a80f822481
Merge pull request #123 from mbreit/bugfix/698-issue-query-ruby19
...
[#698 ] Fix single-value query atoms in issue queries on Ruby 1.9
2011-11-25 09:45:49 -08:00
Eric Davis
a0d95a87e9
[ #706 ] Add plugin hooks to projects/index
...
Contributed by David O
2011-11-25 02:21:11 -08:00
Moritz Breit
d15c851bb3
[ #711 ] Fix TabularFormBuilder on Ruby 1.9.2
2011-11-17 11:32:13 +01:00
Moritz Breit
60db868470
[ #707 ] Fix encoding error on wiki diffs on Ruby 1.9
...
WikiDiff#to_html returns a string with ASCII encoding if
the WikiJournal content has been Zlib compressed because
Zlib::Inflate.inflate returns strings with ASCII encoding.
Forcing the encoding to be UTF8 fixes this bug.
2011-11-16 17:39:26 +01:00
Moritz Breit
c3df17585d
[ #698 ] Fix issue queries on Ruby 1.9
2011-11-16 14:22:43 +01:00
Holger Just
0462fa973b
[ #688 ] Truncate garbage from the end of the changelog.
2011-11-08 11:40:27 +01:00
Felix Schäfer
af50984023
Better decide if journal implements the method itself. #554
2011-11-06 13:25:31 +01:00
Holger Just
8eb72a3c74
Merge branch 'release-v2.4.0'
2011-10-31 18:17:54 +01:00
Holger Just
9e9b6e786e
Bump version to 2.4.0
2011-10-31 17:35:19 +01:00
Holger Just
cb0d4725ad
Only allow the mysql database adapter on Ruby 1.8
2011-10-31 17:33:51 +01:00
Holger Just
29ab88c7f3
Update changelog for 2.4.0 release
2011-10-31 17:28:34 +01:00
Holger Just
ba93eb24c4
Fix trailing whitespace
2011-10-31 17:26:14 +01:00
Holger Just
09b1545c37
Update i18n labels
2011-10-31 17:25:19 +01:00
Holger Just
cb2086f652
[ #647 ] Fix XSS in textile image syntax.
...
Image URLs are not properly escaped in the bundled RedCloth3 library.
It thus allowed an XSS vector.
The patch was adapted from r7570 from Redmine by Etiene Massip. See also
http://www.redmine.org/issues/9245 .
2011-10-31 17:22:34 +01:00
Holger Just
21a45b4e52
[ #676 ] Enforce UTF-8 encodings on the params hash
...
Contributed by Toshi MARUYAMA
2011-10-30 11:25:56 +01:00
Holger Just
2f4afeeb38
[ #615 ] Generate project identifier automatically with JavaScript
...
Also let the user know that the identifier must start with a lower case letter.
Contributed by Jan Schulz-Hofen.
2011-10-30 10:33:20 +01:00
Holger Just
667c4d157f
[ #591 ] Merge branch 'issues/master/591-ruby-19-compatibility' from 'meineerde'
2011-10-29 21:22:35 +02:00
Felix Schäfer
6fcb1de63a
Graciously handle deleted custom fields on issue history view.
2011-10-29 18:29:18 +02:00
Felix Schäfer
92dd2934ae
Merge pull request #106 from finnlabs/pulls/652/fixes_redirect_containing_umlaute
...
[#652 ] fixes wrong redirect after login
2011-10-29 08:47:02 -07:00
Holger Just
91070236db
Set source encoding to UTF-8
2011-10-29 14:48:03 +02:00
Holger Just
0befef718f
Add rake task to set magic comments for source encoding
2011-10-29 14:47:56 +02:00
Holger Just
0ed5cb3f05
Set internal and external encoding to UTF-8
2011-10-29 14:47:56 +02:00
Holger Just
3cc95353cd
Merge commit '873b2b69064d7724c6fc804813fb9e65c14558dc'
...
Conflicts:
config/locales/nl.yml
2011-10-29 14:40:16 +02:00
Holger Just
917c36c27f
Update missing i18n strings
2011-10-29 14:35:29 +02:00
Holger Just
ec6221b7fe
Use class instead of redundant id
2011-10-29 14:28:51 +02:00
Holger Just
fd3d67937c
Fix typo
2011-10-29 14:23:22 +02:00
Holger Just
f1a8373d49
Remove non-break space
2011-10-28 17:46:24 +02:00
Holger Just
e48327893f
[ #667 ] Label all input field and control tags
2011-10-28 17:10:39 +02:00
Romano Licker
5036478017
[ #667 ] improved code readability
2011-10-28 17:05:36 +02:00
Romano Licker
e8a42c9337
[667] corrected spelling error for mail notification
2011-10-28 17:05:33 +02:00
Romano Licker
fed98990dd
[667] corrected german translation for 'notes'
2011-10-28 17:05:29 +02:00