Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
O
OHR Support
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
97
Issues
97
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Wiki
Wiki
image/svg+xml
Discourse
Discourse
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Projects
OHR Support
Commits
bdc7325a
Commit
bdc7325a
authored
May 01, 2011
by
Eric Davis
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'master' into unstable
Conflicts: doc/CHANGELOG.rdoc
parents
614bad89
9d13deee
Hide whitespace changes
Inline
Side-by-side
Showing
13 changed files
with
66 additions
and
24 deletions
+66
-24
account_controller.rb
app/controllers/account_controller.rb
+1
-1
application_controller.rb
app/controllers/application_controller.rb
+1
-0
custom_fields_controller.rb
app/controllers/custom_fields_controller.rb
+4
-2
enumerations_controller.rb
app/controllers/enumerations_controller.rb
+2
-0
issue_categories_controller.rb
app/controllers/issue_categories_controller.rb
+2
-0
roles_controller.rb
app/controllers/roles_controller.rb
+5
-3
settings_controller.rb
app/controllers/settings_controller.rb
+11
-10
CHANGELOG.rdoc
doc/CHANGELOG.rdoc
+6
-0
version.rb
lib/redmine/version.rb
+1
-1
404.html
public/404.html
+2
-2
500.html
public/500.html
+5
-3
roles_controller_test.rb
test/functional/roles_controller_test.rb
+1
-1
account_test.rb
test/integration/account_test.rb
+25
-1
No files found.
app/controllers/account_controller.rb
View file @
bdc7325a
...
@@ -66,7 +66,7 @@ class AccountController < ApplicationController
...
@@ -66,7 +66,7 @@ class AccountController < ApplicationController
if
token
.
save
if
token
.
save
Mailer
.
deliver_lost_password
(
token
)
Mailer
.
deliver_lost_password
(
token
)
flash
[
:notice
]
=
l
(
:notice_account_lost_email_sent
)
flash
[
:notice
]
=
l
(
:notice_account_lost_email_sent
)
redirect_to
:action
=>
'login'
redirect_to
:action
=>
'login'
,
:back_url
=>
home_url
return
return
end
end
end
end
...
...
app/controllers/application_controller.rb
View file @
bdc7325a
...
@@ -275,6 +275,7 @@ class ApplicationController < ActionController::Base
...
@@ -275,6 +275,7 @@ class ApplicationController < ActionController::Base
end
end
end
end
redirect_to
default
redirect_to
default
false
end
end
def
render_403
(
options
=
{})
def
render_403
(
options
=
{})
...
...
app/controllers/custom_fields_controller.rb
View file @
bdc7325a
...
@@ -38,8 +38,9 @@ class CustomFieldsController < ApplicationController
...
@@ -38,8 +38,9 @@ class CustomFieldsController < ApplicationController
flash
[
:notice
]
=
l
(
:notice_successful_create
)
flash
[
:notice
]
=
l
(
:notice_successful_create
)
call_hook
(
:controller_custom_fields_new_after_save
,
:params
=>
params
,
:custom_field
=>
@custom_field
)
call_hook
(
:controller_custom_fields_new_after_save
,
:params
=>
params
,
:custom_field
=>
@custom_field
)
redirect_to
:action
=>
'index'
,
:tab
=>
@custom_field
.
class
.
name
redirect_to
:action
=>
'index'
,
:tab
=>
@custom_field
.
class
.
name
else
@trackers
=
Tracker
.
find
(
:all
,
:order
=>
'position'
)
end
end
@trackers
=
Tracker
.
find
(
:all
,
:order
=>
'position'
)
end
end
def
edit
def
edit
...
@@ -48,8 +49,9 @@ class CustomFieldsController < ApplicationController
...
@@ -48,8 +49,9 @@ class CustomFieldsController < ApplicationController
flash
[
:notice
]
=
l
(
:notice_successful_update
)
flash
[
:notice
]
=
l
(
:notice_successful_update
)
call_hook
(
:controller_custom_fields_edit_after_save
,
:params
=>
params
,
:custom_field
=>
@custom_field
)
call_hook
(
:controller_custom_fields_edit_after_save
,
:params
=>
params
,
:custom_field
=>
@custom_field
)
redirect_to
:action
=>
'index'
,
:tab
=>
@custom_field
.
class
.
name
redirect_to
:action
=>
'index'
,
:tab
=>
@custom_field
.
class
.
name
else
@trackers
=
Tracker
.
find
(
:all
,
:order
=>
'position'
)
end
end
@trackers
=
Tracker
.
find
(
:all
,
:order
=>
'position'
)
end
end
def
destroy
def
destroy
...
...
app/controllers/enumerations_controller.rb
View file @
bdc7325a
...
@@ -74,10 +74,12 @@ class EnumerationsController < ApplicationController
...
@@ -74,10 +74,12 @@ class EnumerationsController < ApplicationController
# No associated objects
# No associated objects
@enumeration
.
destroy
@enumeration
.
destroy
redirect_to
:action
=>
'index'
redirect_to
:action
=>
'index'
return
elsif
params
[
:reassign_to_id
]
elsif
params
[
:reassign_to_id
]
if
reassign_to
=
@enumeration
.
class
.
find_by_id
(
params
[
:reassign_to_id
])
if
reassign_to
=
@enumeration
.
class
.
find_by_id
(
params
[
:reassign_to_id
])
@enumeration
.
destroy
(
reassign_to
)
@enumeration
.
destroy
(
reassign_to
)
redirect_to
:action
=>
'index'
redirect_to
:action
=>
'index'
return
end
end
end
end
@enumerations
=
@enumeration
.
class
.
find
(
:all
)
-
[
@enumeration
]
@enumerations
=
@enumeration
.
class
.
find
(
:all
)
-
[
@enumeration
]
...
...
app/controllers/issue_categories_controller.rb
View file @
bdc7325a
...
@@ -65,10 +65,12 @@ class IssueCategoriesController < ApplicationController
...
@@ -65,10 +65,12 @@ class IssueCategoriesController < ApplicationController
# No issue assigned to this category
# No issue assigned to this category
@category
.
destroy
@category
.
destroy
redirect_to
:controller
=>
'projects'
,
:action
=>
'settings'
,
:id
=>
@project
,
:tab
=>
'categories'
redirect_to
:controller
=>
'projects'
,
:action
=>
'settings'
,
:id
=>
@project
,
:tab
=>
'categories'
return
elsif
params
[
:todo
]
elsif
params
[
:todo
]
reassign_to
=
@project
.
issue_categories
.
find_by_id
(
params
[
:reassign_to_id
])
if
params
[
:todo
]
==
'reassign'
reassign_to
=
@project
.
issue_categories
.
find_by_id
(
params
[
:reassign_to_id
])
if
params
[
:todo
]
==
'reassign'
@category
.
destroy
(
reassign_to
)
@category
.
destroy
(
reassign_to
)
redirect_to
:controller
=>
'projects'
,
:action
=>
'settings'
,
:id
=>
@project
,
:tab
=>
'categories'
redirect_to
:controller
=>
'projects'
,
:action
=>
'settings'
,
:id
=>
@project
,
:tab
=>
'categories'
return
end
end
@categories
=
@project
.
issue_categories
-
[
@category
]
@categories
=
@project
.
issue_categories
-
[
@category
]
end
end
...
...
app/controllers/roles_controller.rb
View file @
bdc7325a
...
@@ -38,9 +38,10 @@ class RolesController < ApplicationController
...
@@ -38,9 +38,10 @@ class RolesController < ApplicationController
end
end
flash
[
:notice
]
=
l
(
:notice_successful_create
)
flash
[
:notice
]
=
l
(
:notice_successful_create
)
redirect_to
:action
=>
'index'
redirect_to
:action
=>
'index'
else
@permissions
=
@role
.
setable_permissions
@roles
=
Role
.
find
:all
,
:order
=>
'builtin, position'
end
end
@permissions
=
@role
.
setable_permissions
@roles
=
Role
.
find
:all
,
:order
=>
'builtin, position'
end
end
def
edit
def
edit
...
@@ -48,8 +49,9 @@ class RolesController < ApplicationController
...
@@ -48,8 +49,9 @@ class RolesController < ApplicationController
if
request
.
post?
and
@role
.
update_attributes
(
params
[
:role
])
if
request
.
post?
and
@role
.
update_attributes
(
params
[
:role
])
flash
[
:notice
]
=
l
(
:notice_successful_update
)
flash
[
:notice
]
=
l
(
:notice_successful_update
)
redirect_to
:action
=>
'index'
redirect_to
:action
=>
'index'
else
@permissions
=
@role
.
setable_permissions
end
end
@permissions
=
@role
.
setable_permissions
end
end
def
destroy
def
destroy
...
...
app/controllers/settings_controller.rb
View file @
bdc7325a
...
@@ -36,16 +36,16 @@ class SettingsController < ApplicationController
...
@@ -36,16 +36,16 @@ class SettingsController < ApplicationController
end
end
flash
[
:notice
]
=
l
(
:notice_successful_update
)
flash
[
:notice
]
=
l
(
:notice_successful_update
)
redirect_to
:action
=>
'edit'
,
:tab
=>
params
[
:tab
]
redirect_to
:action
=>
'edit'
,
:tab
=>
params
[
:tab
]
return
else
end
@options
=
{}
@options
=
{}
@options
[
:user_format
]
=
User
::
USER_FORMATS
.
keys
.
collect
{
|
f
|
[
User
.
current
.
name
(
f
),
f
.
to_s
]
}
@options
[
:user_format
]
=
User
::
USER_FORMATS
.
keys
.
collect
{
|
f
|
[
User
.
current
.
name
(
f
),
f
.
to_s
]
}
@deliveries
=
ActionMailer
::
Base
.
perform_deliveries
@deliveries
=
ActionMailer
::
Base
.
perform_deliveries
@guessed_host_and_path
=
request
.
host_with_port
.
dup
@guessed_host_and_path
=
request
.
host_with_port
.
dup
@guessed_host_and_path
<<
(
'/'
+
Redmine
::
Utils
.
relative_url_root
.
gsub
(
%r{^
\/
}
,
''
))
unless
Redmine
::
Utils
.
relative_url_root
.
blank?
@guessed_host_and_path
<<
(
'/'
+
Redmine
::
Utils
.
relative_url_root
.
gsub
(
%r{^
\/
}
,
''
))
unless
Redmine
::
Utils
.
relative_url_root
.
blank?
Redmine
::
Themes
.
rescan
Redmine
::
Themes
.
rescan
end
end
end
def
plugin
def
plugin
...
@@ -54,9 +54,10 @@ class SettingsController < ApplicationController
...
@@ -54,9 +54,10 @@ class SettingsController < ApplicationController
Setting
[
"plugin_
#{
@plugin
.
id
}
"
]
=
params
[
:settings
]
Setting
[
"plugin_
#{
@plugin
.
id
}
"
]
=
params
[
:settings
]
flash
[
:notice
]
=
l
(
:notice_successful_update
)
flash
[
:notice
]
=
l
(
:notice_successful_update
)
redirect_to
:action
=>
'plugin'
,
:id
=>
@plugin
.
id
redirect_to
:action
=>
'plugin'
,
:id
=>
@plugin
.
id
else
@partial
=
@plugin
.
settings
[
:partial
]
@settings
=
Setting
[
"plugin_
#{
@plugin
.
id
}
"
]
end
end
@partial
=
@plugin
.
settings
[
:partial
]
@settings
=
Setting
[
"plugin_
#{
@plugin
.
id
}
"
]
rescue
Redmine
::
PluginNotFound
rescue
Redmine
::
PluginNotFound
render_404
render_404
end
end
...
...
doc/CHANGELOG.rdoc
View file @
bdc7325a
...
@@ -19,6 +19,12 @@
...
@@ -19,6 +19,12 @@
* Patch #7598: Extensible MailHandler
* Patch #7598: Extensible MailHandler
* Patch #7795: Internal server error at journals#index with custom fields
* Patch #7795: Internal server error at journals#index with custom fields
== 2011-05-01 v1.3.0
* Bug #309: The login screen after lost_password redirects back to lost_password after you login
* Bug #347: Potential Security Vulnerability - Execution After Redirect
* Bug #352: Errorpage should be modified
== 2011-03-27 v1.2.0
== 2011-03-27 v1.2.0
* Bug #209: Don't hardcode user viewable labels (like "Path to .git repository")
* Bug #209: Don't hardcode user viewable labels (like "Path to .git repository")
...
...
lib/redmine/version.rb
View file @
bdc7325a
...
@@ -3,7 +3,7 @@ require 'rexml/document'
...
@@ -3,7 +3,7 @@ require 'rexml/document'
module
Redmine
module
Redmine
module
VERSION
#:nodoc:
module
VERSION
#:nodoc:
MAJOR
=
1
MAJOR
=
1
MINOR
=
2
MINOR
=
3
PATCH
=
0
PATCH
=
0
TINY
=
PATCH
# Redmine compat
TINY
=
PATCH
# Redmine compat
...
...
public/404.html
View file @
bdc7325a
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<html>
<title>
redMine
404 error
</title>
<title>
ChiliProject
404 error
</title>
<style>
<style>
body
{
body
{
font-family
:
Trebuchet
MS
,
Georgia
,
"Times New Roman"
,
serif
;
font-family
:
Trebuchet
MS
,
Georgia
,
"Times New Roman"
,
serif
;
...
@@ -20,4 +20,4 @@ font-size:0.8em;
...
@@ -20,4 +20,4 @@ font-size:0.8em;
<p>
The page you were trying to access doesn't exist or has been removed.
</p>
<p>
The page you were trying to access doesn't exist or has been removed.
</p>
<p><a
href=
"javascript:history.back()"
>
Back
</a></p>
<p><a
href=
"javascript:history.back()"
>
Back
</a></p>
</body>
</body>
</html>
</html>
\ No newline at end of file
public/500.html
View file @
bdc7325a
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<html>
<title>
redMine
500 error
</title>
<title>
ChiliProject
500 error
</title>
<style>
<style>
body
{
body
{
font-family
:
Trebuchet
MS
,
Georgia
,
"Times New Roman"
,
serif
;
font-family
:
Trebuchet
MS
,
Georgia
,
"Times New Roman"
,
serif
;
...
@@ -18,7 +18,9 @@ font-size:0.8em;
...
@@ -18,7 +18,9 @@ font-size:0.8em;
<body>
<body>
<h1>
Internal error
</h1>
<h1>
Internal error
</h1>
<p>
An error occurred on the page you were trying to access.
<br
/>
<p>
An error occurred on the page you were trying to access.
<br
/>
If you continue to experience problems please contact your redMine administrator for assistance.
</p>
If you continue to experience problems please contact your ChiliProject administrator for assistance.
</p>
<p>
If you are the ChiliProject administrator, check your log files for details about the error.
</p>
<p><a
href=
"javascript:history.back()"
>
Back
</a></p>
<p><a
href=
"javascript:history.back()"
>
Back
</a></p>
</body>
</body>
</html>
</html>
\ No newline at end of file
test/functional/roles_controller_test.rb
View file @
bdc7325a
...
@@ -22,7 +22,7 @@ require 'roles_controller'
...
@@ -22,7 +22,7 @@ require 'roles_controller'
class
RolesController
;
def
rescue_action
(
e
)
raise
e
end
;
end
class
RolesController
;
def
rescue_action
(
e
)
raise
e
end
;
end
class
RolesControllerTest
<
ActionController
::
TestCase
class
RolesControllerTest
<
ActionController
::
TestCase
fixtures
:roles
,
:users
,
:members
,
:member_roles
,
:workflows
fixtures
:roles
,
:users
,
:members
,
:member_roles
,
:workflows
,
:trackers
def
setup
def
setup
@controller
=
RolesController
.
new
@controller
=
RolesController
.
new
...
...
test/integration/account_test.rb
View file @
bdc7325a
...
@@ -77,7 +77,7 @@ class AccountTest < ActionController::IntegrationTest
...
@@ -77,7 +77,7 @@ class AccountTest < ActionController::IntegrationTest
assert_template
"account/lost_password"
assert_template
"account/lost_password"
post
"account/lost_password"
,
:mail
=>
'jSmith@somenet.foo'
post
"account/lost_password"
,
:mail
=>
'jSmith@somenet.foo'
assert_redirected_to
"/login"
assert_redirected_to
"/login
?back_url=http%3A%2F%2Fwww.example.com%2F
"
token
=
Token
.
find
(
:first
)
token
=
Token
.
find
(
:first
)
assert_equal
'recovery'
,
token
.
action
assert_equal
'recovery'
,
token
.
action
...
@@ -143,6 +143,30 @@ class AccountTest < ActionController::IntegrationTest
...
@@ -143,6 +143,30 @@ class AccountTest < ActionController::IntegrationTest
assert_redirected_to
'/login'
assert_redirected_to
'/login'
log_user
(
'newuser'
,
'newpass'
)
log_user
(
'newuser'
,
'newpass'
)
end
end
should_eventually
"login after losing password should redirect back to home"
do
visit
"/login"
assert_response
:success
click_link
"Lost password"
assert_response
:success
# Lost password form
fill_in
"mail"
,
:with
=>
"admin@somenet.foo"
click_button
"Submit"
assert_response
:success
# back to login page
assert_equal
"/login"
,
current_path
fill_in
"Login:"
,
:with
=>
'admin'
fill_in
"Password:"
,
:with
=>
'test'
click_button
"login"
assert_response
:success
assert_equal
"/"
,
current_path
end
if
Object
.
const_defined?
(
:Mocha
)
if
Object
.
const_defined?
(
:Mocha
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment