b169f02377
REMEMBER: ALWAYS RUN THE TESTS!
2012-04-09 15:46:06 +02:00
1f4baaa27b
Take the password salt into account when checking for admin account change
2012-04-09 15:43:51 +02:00
8f06b77ccb
correct 'edit own issue notes' permission #966
2012-04-07 15:59:51 +02:00
3183aa55ed
Set user_id as a protected attribute ( #922 ).
2012-04-04 14:21:41 +02:00
275163ead2
Prevent mass-assignment vulnerability when adding/updating a wiki ( #922 ).
2012-04-04 14:21:41 +02:00
fc5dfd5813
Prevent mass-assignment vulnerability when adding/updating a version ( #922 ).
2012-04-04 14:21:41 +02:00
a3f6b30e99
Prevent mass-assignment vulnerability when adding/updating a time entry ( #922 ).
2012-04-04 14:21:41 +02:00
5de377c5ee
Use safe_attributes= just like in #create. ( #922 )
2012-04-04 14:21:41 +02:00
305df19ab7
Prevent mass-assignment vulnerability when adding/updating a news ( #922 ).
2012-04-04 14:21:40 +02:00
c3ca5813d5
Prevent mass-assignment vulnerability when adding/updating a forum message ( #922 ).
2012-04-04 14:21:40 +02:00
384890c5ad
Prevent mass-assignment vulnerability when adding a project member ( #922 ).
2012-04-04 14:21:40 +02:00
e77cb6133d
Prevent mass-assignment vulnerability when adding/updating an issue category ( #922 ).
2012-04-04 14:21:39 +02:00
7505cb2ff0
Prevent mass-assignment vulnerability when adding/updating a document ( #922 ).
2012-04-04 14:21:39 +02:00
2eeb4b13a6
Prevent mass-assignment vulnerability when adding a news comment ( #922 ).
2012-04-04 14:21:39 +02:00
0a7c6e6774
Correct handling of @Rational#to_s@ on ruby 1.9 #887
...
Contributed by Martin S
2012-04-04 09:36:58 +02:00
6f064d3856
Activity: use default filter only on first request #861
2012-03-28 20:31:20 +02:00
c6af5c7982
Correct error message on group name #873
2012-03-28 08:56:06 +02:00
e6ec8ab30c
Remove length limits on some user fields #928
2012-03-25 09:40:56 +02:00
7b3280e5ad
Replace tables that were using the 'width' attribute with inline styles (should be replaced with an ID/class).
2012-03-23 11:22:58 +01:00
fd250726ce
Remove some inline styling and some depreciated table cell attributes and replace them with proper class names.
2012-03-23 11:22:57 +01:00
1cfd20e7e7
Fix missing cells and incorrect close order
2012-03-23 11:22:57 +01:00
b15e6d8305
Fix duplicated 'back_url' IDs
...
Various hidden input fields are used to hold a URL to send the user back
to the correct page after submitting a form, however, they all use the
same ID which isn't allowed in HTML. Passing in 'id' as nil stops the
'hidden_field_tag' from adding an ID attribute to the tag.
2012-03-23 11:22:57 +01:00
2a70e2704f
HTML corrections
2012-03-23 11:22:57 +01:00
23a857bf75
Remove hard-coded div on issue page
2012-03-21 21:07:21 +01:00
1b7ddb3cd7
jQuery version of the issue context menu
2012-03-21 21:06:58 +01:00
565aeabc79
Issue hierarchy on issue show view #906
2012-03-20 09:25:54 +01:00
efac256a6b
Design fix
...
The lower would only show if you have the permission to see/add related issues
2012-03-17 15:31:26 +01:00
f01194856f
Use the news description as event description #933
2012-03-17 13:55:36 +01:00
20eed68421
[ #739 ] Convert relative links to full links in textile
...
Textile doesn't "understand" :only_path => false and thus doesn't convert links of the form
<pre>"foo":/bar</pre>
to full URLs, this is done in a subsequent method akin to the wiki_lins and so on
2012-03-16 00:47:18 +01:00
2c76240544
Fix edit issue notes permission #888
2012-03-05 18:13:59 +01:00
724bd48494
Remove unused code
...
Since Rails 2.3.11, protect_from_forgery exclusively calls
handle_unverified_request which defaults to resetting the session. The old
code to handle an invalid CSRF token is not used anymore and is thus
removed to un-confuse people.
2012-03-05 12:50:44 +01:00
cbcce70400
Fix requiring SCM classes in dev mode #828
...
Change require to require_dependency so SCM classes get loaded on each request in dev mode
2012-02-24 15:44:02 +01:00
0fd499afca
Merge branch 'master' into unstable
2012-02-06 22:47:35 +01:00
aa3ab990d0
[ #593 ] Generate wiki content notifications in the JournalObserver
...
This will prevent the usage of the wrong wiki_content status.
The code is not overly pretty and deserves a thorough refactoring, but at
least it solves the problem at hand.
2012-02-06 22:44:44 +01:00
01fefe8d3b
[ #775 ] Don't create a new journal on parent message on reply
2012-01-31 16:02:56 +01:00
fb595ec7f9
[ #775 ] Don't create a new journal on Attachment#increment_download
2012-01-31 16:02:49 +01:00
3f99ee63ff
Always display our custom 404 page
2012-01-30 21:28:57 +01:00
185edcd283
Fix trailing whitespace
2012-01-18 19:26:03 +01:00
19f2ccd496
Update copyright for 2012
2012-01-18 19:25:13 +01:00
e85947c7d4
Merge branch 'master' into unstable
2012-01-18 19:18:27 +01:00
3c9e9764b0
[ #807 ] Re-add details class to maintain backwarts-compatible lasses
2012-01-17 23:43:28 +01:00
3f325243ce
Merge branch 'pulls/783/remove-new-issue-link-if-unauthorized' of https://github.com/finnlabs/chiliproject into unstable
2012-01-17 20:14:25 +01:00
323b5bebc8
[ #774 ] Move gravatar of issue author into the author tag
2012-01-17 19:31:02 +01:00
91c04f335d
[ #807 ] Move gravatar into the journal div
2012-01-17 19:25:53 +01:00
637ca24aed
Completely disable the Rails cache for tests
...
Settings extension to handle cache behaviour by Gregor Schmidt.
2012-01-16 15:54:05 +01:00
a938d582b1
[ #780 ] Clarify deprecation of Setting.clear_cache
2012-01-16 14:53:51 +01:00
33a8baf347
Merge branch 'pulls/780/setting-cache' of https://github.com/finnlabs/chiliproject into unstable
2012-01-16 14:50:34 +01:00
d7ebffb7ad
[ #795 ] Generate error flash on Liquid syntax error
2012-01-16 14:10:45 +01:00
61a65d4624
[ #827 ] Add status group in time entries report.
...
Patch provided by Jérôme BATAILLE.
Test from Jean-Philippe Lang.
2012-01-16 13:48:06 +01:00
0407abbd56
Hide the More menu if there are no items to show
2012-01-12 15:00:23 -08:00
Holger Just
Felix Schäfer
Jean-Philippe Lang
Robert Mitwicki
Andrew Smith
Andrew Smith
Holger Just
Michaël Rigart
Eric Davis