Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
O
OHR Support
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
97
Issues
97
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Wiki
Wiki
image/svg+xml
Discourse
Discourse
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Projects
OHR Support
Commits
7b23d3bd
Commit
7b23d3bd
authored
Apr 06, 2012
by
Francisco Juan
Browse files
Options
Browse Files
Download
Plain Diff
Merge commit 'tags/v2.7.1'
parents
f1ff9c1a
9d32e68e
Hide whitespace changes
Inline
Side-by-side
Showing
19 changed files
with
84 additions
and
45 deletions
+84
-45
documents_controller.rb
app/controllers/documents_controller.rb
+3
-2
issue_categories_controller.rb
app/controllers/issue_categories_controller.rb
+4
-2
members_controller.rb
app/controllers/members_controller.rb
+7
-5
messages_controller.rb
app/controllers/messages_controller.rb
+13
-16
news_controller.rb
app/controllers/news_controller.rb
+8
-9
projects_controller.rb
app/controllers/projects_controller.rb
+2
-1
timelog_controller.rb
app/controllers/timelog_controller.rb
+4
-4
versions_controller.rb
app/controllers/versions_controller.rb
+4
-3
wikis_controller.rb
app/controllers/wikis_controller.rb
+1
-1
document.rb
app/models/document.rb
+3
-0
issue_category.rb
app/models/issue_category.rb
+3
-0
message.rb
app/models/message.rb
+7
-0
news.rb
app/models/news.rb
+3
-0
time_entry.rb
app/models/time_entry.rb
+3
-0
user_preference.rb
app/models/user_preference.rb
+1
-1
version.rb
app/models/version.rb
+10
-0
wiki.rb
app/models/wiki.rb
+3
-0
CHANGELOG.rdoc
doc/CHANGELOG.rdoc
+4
-0
version.rb
lib/chili_project/version.rb
+1
-1
No files found.
app/controllers/documents_controller.rb
View file @
7b23d3bd
...
...
@@ -43,8 +43,9 @@ class DocumentsController < ApplicationController
end
def
new
@document
=
@project
.
documents
.
build
(
params
[
:document
])
if
request
.
post?
and
@document
.
save
@document
=
@project
.
documents
.
build
@document
.
safe_attributes
=
params
[
:document
]
if
request
.
post?
&&
@document
.
save
attachments
=
Attachment
.
attach_files
(
@document
,
params
[
:attachments
])
render_attachment_warning_if_needed
(
@document
)
flash
[
:notice
]
=
l
(
:notice_successful_create
)
...
...
app/controllers/issue_categories_controller.rb
View file @
7b23d3bd
...
...
@@ -23,7 +23,8 @@ class IssueCategoriesController < ApplicationController
verify
:method
=>
:post
,
:only
=>
:destroy
def
new
@category
=
@project
.
issue_categories
.
build
(
params
[
:category
])
@category
=
@project
.
issue_categories
.
build
@category
.
safe_attributes
=
params
[
:category
]
if
request
.
post?
if
@category
.
save
respond_to
do
|
format
|
...
...
@@ -50,7 +51,8 @@ class IssueCategoriesController < ApplicationController
end
def
edit
if
request
.
post?
and
@category
.
update_attributes
(
params
[
:category
])
@category
.
safe_attributes
=
params
[
:category
]
if
request
.
post?
and
@category
.
save
flash
[
:notice
]
=
l
(
:notice_successful_update
)
redirect_to
:controller
=>
'projects'
,
:action
=>
'settings'
,
:tab
=>
'categories'
,
:id
=>
@project
end
...
...
app/controllers/members_controller.rb
View file @
7b23d3bd
...
...
@@ -21,17 +21,19 @@ class MembersController < ApplicationController
def
new
members
=
[]
if
params
[
:member
]
&&
request
.
post?
attrs
=
params
[
:member
].
dup
if
(
user_ids
=
attrs
.
delete
(
:user_ids
))
if
params
[
:member
]
if
params
[
:member
][
:user_ids
]
attrs
=
params
[
:member
].
dup
user_ids
=
attrs
.
delete
(
:user_ids
)
user_ids
.
each
do
|
user_id
|
members
<<
Member
.
new
(
attrs
.
merge
(
:user_id
=>
user_id
)
)
members
<<
Member
.
new
(
:role_ids
=>
params
[
:member
][
:role_ids
],
:user_id
=>
user_id
)
end
else
members
<<
Member
.
new
(
attrs
)
members
<<
Member
.
new
(
:role_ids
=>
params
[
:member
][
:role_ids
],
:user_id
=>
params
[
:member
][
:user_id
]
)
end
@project
.
members
<<
members
end
respond_to
do
|
format
|
if
members
.
present?
&&
members
.
all?
{
|
m
|
m
.
valid?
}
...
...
app/controllers/messages_controller.rb
View file @
7b23d3bd
...
...
@@ -48,26 +48,26 @@ class MessagesController < ApplicationController
# Create a new topic
def
new
@message
=
Message
.
new
(
params
[
:message
])
@message
=
Message
.
new
@message
.
author
=
User
.
current
@message
.
board
=
@board
if
params
[
:message
]
&&
User
.
current
.
allowed_to?
(
:edit_messages
,
@project
)
@message
.
locked
=
params
[
:message
][
'locked'
]
@message
.
sticky
=
params
[
:message
][
'sticky'
]
end
if
request
.
post?
&&
@message
.
save
call_hook
(
:controller_messages_new_after_save
,
{
:params
=>
params
,
:message
=>
@message
})
attachments
=
Attachment
.
attach_files
(
@message
,
params
[
:attachments
])
render_attachment_warning_if_needed
(
@message
)
redirect_to
:action
=>
'show'
,
:id
=>
@message
@message
.
safe_attributes
=
params
[
:message
]
if
request
.
post?
if
@message
.
save
call_hook
(
:controller_messages_new_after_save
,
{
:params
=>
params
,
:message
=>
@message
})
attachments
=
Attachment
.
attach_files
(
@message
,
params
[
:attachments
])
render_attachment_warning_if_needed
(
@message
)
redirect_to
:action
=>
'show'
,
:id
=>
@message
end
end
end
# Reply to a topic
def
reply
@reply
=
Message
.
new
(
params
[
:reply
])
@reply
=
Message
.
new
@reply
.
author
=
User
.
current
@reply
.
board
=
@board
@reply
.
safe_attributes
=
params
[
:reply
]
@topic
.
children
<<
@reply
if
!
@reply
.
new_record?
call_hook
(
:controller_messages_reply_after_save
,
{
:params
=>
params
,
:message
=>
@reply
})
...
...
@@ -80,11 +80,8 @@ class MessagesController < ApplicationController
# Edit a message
def
edit
(
render_403
;
return
false
)
unless
@message
.
editable_by?
(
User
.
current
)
if
params
[
:message
]
@message
.
locked
=
params
[
:message
][
'locked'
]
@message
.
sticky
=
params
[
:message
][
'sticky'
]
end
if
request
.
post?
&&
@message
.
update_attributes
(
params
[
:message
])
@message
.
safe_attributes
=
params
[
:message
]
if
request
.
post?
&&
@message
.
save
attachments
=
Attachment
.
attach_files
(
@message
,
params
[
:attachments
])
render_attachment_warning_if_needed
(
@message
)
flash
[
:notice
]
=
l
(
:notice_successful_update
)
...
...
app/controllers/news_controller.rb
View file @
7b23d3bd
...
...
@@ -59,14 +59,12 @@ class NewsController < ApplicationController
def
create
@news
=
News
.
new
(
:project
=>
@project
,
:author
=>
User
.
current
)
if
request
.
post?
@news
.
attributes
=
params
[
:news
]
if
@news
.
save
flash
[
:notice
]
=
l
(
:notice_successful_create
)
redirect_to
:controller
=>
'news'
,
:action
=>
'index'
,
:project_id
=>
@project
else
render
:action
=>
'new'
end
@news
.
safe_attributes
=
params
[
:news
]
if
@news
.
save
flash
[
:notice
]
=
l
(
:notice_successful_create
)
redirect_to
:controller
=>
'news'
,
:action
=>
'index'
,
:project_id
=>
@project
else
render
:action
=>
'new'
end
end
...
...
@@ -74,7 +72,8 @@ class NewsController < ApplicationController
end
def
update
if
request
.
put?
and
@news
.
update_attributes
(
params
[
:news
])
@news
.
safe_attributes
=
params
[
:news
]
if
@news
.
save
flash
[
:notice
]
=
l
(
:notice_successful_update
)
redirect_to
:action
=>
'show'
,
:id
=>
@news
else
...
...
app/controllers/projects_controller.rb
View file @
7b23d3bd
...
...
@@ -59,7 +59,8 @@ class ProjectsController < ApplicationController
def
new
@issue_custom_fields
=
IssueCustomField
.
find
(
:all
,
:order
=>
"
#{
CustomField
.
table_name
}
.position"
)
@trackers
=
Tracker
.
all
@project
=
Project
.
new
(
params
[
:project
])
@project
=
Project
.
new
@project
.
safe_attributes
=
params
[
:project
]
end
verify
:method
=>
:post
,
:only
=>
:create
,
:render
=>
{
:nothing
=>
true
,
:status
=>
:method_not_allowed
}
...
...
app/controllers/timelog_controller.rb
View file @
7b23d3bd
...
...
@@ -97,7 +97,7 @@ class TimelogController < ApplicationController
def
new
@time_entry
||=
TimeEntry
.
new
(
:project
=>
@project
,
:issue
=>
@issue
,
:user
=>
User
.
current
,
:spent_on
=>
User
.
current
.
today
)
@time_entry
.
attributes
=
params
[
:time_entry
]
@time_entry
.
safe_
attributes
=
params
[
:time_entry
]
call_hook
(
:controller_timelog_edit_before_save
,
{
:params
=>
params
,
:time_entry
=>
@time_entry
})
render
:action
=>
'edit'
...
...
@@ -106,7 +106,7 @@ class TimelogController < ApplicationController
verify
:method
=>
:post
,
:only
=>
:create
,
:render
=>
{
:nothing
=>
true
,
:status
=>
:method_not_allowed
}
def
create
@time_entry
||=
TimeEntry
.
new
(
:project
=>
@project
,
:issue
=>
@issue
,
:user
=>
User
.
current
,
:spent_on
=>
User
.
current
.
today
)
@time_entry
.
attributes
=
params
[
:time_entry
]
@time_entry
.
safe_
attributes
=
params
[
:time_entry
]
call_hook
(
:controller_timelog_edit_before_save
,
{
:params
=>
params
,
:time_entry
=>
@time_entry
})
...
...
@@ -127,14 +127,14 @@ class TimelogController < ApplicationController
end
def
edit
@time_entry
.
attributes
=
params
[
:time_entry
]
@time_entry
.
safe_
attributes
=
params
[
:time_entry
]
call_hook
(
:controller_timelog_edit_before_save
,
{
:params
=>
params
,
:time_entry
=>
@time_entry
})
end
verify
:method
=>
:put
,
:only
=>
:update
,
:render
=>
{
:nothing
=>
true
,
:status
=>
:method_not_allowed
}
def
update
@time_entry
.
attributes
=
params
[
:time_entry
]
@time_entry
.
safe_
attributes
=
params
[
:time_entry
]
call_hook
(
:controller_timelog_edit_before_save
,
{
:params
=>
params
,
:time_entry
=>
@time_entry
})
...
...
app/controllers/versions_controller.rb
View file @
7b23d3bd
...
...
@@ -56,7 +56,7 @@ class VersionsController < ApplicationController
if
params
[
:version
]
attributes
=
params
[
:version
].
dup
attributes
.
delete
(
'sharing'
)
unless
attributes
.
nil?
||
@version
.
allowed_sharings
.
include?
(
attributes
[
'sharing'
])
@version
.
attributes
=
attributes
@version
.
safe_
attributes
=
attributes
end
end
...
...
@@ -66,7 +66,7 @@ class VersionsController < ApplicationController
if
params
[
:version
]
attributes
=
params
[
:version
].
dup
attributes
.
delete
(
'sharing'
)
unless
attributes
.
nil?
||
@version
.
allowed_sharings
.
include?
(
attributes
[
'sharing'
])
@version
.
attributes
=
attributes
@version
.
safe_
attributes
=
attributes
end
if
request
.
post?
...
...
@@ -101,7 +101,8 @@ class VersionsController < ApplicationController
if
request
.
put?
&&
params
[
:version
]
attributes
=
params
[
:version
].
dup
attributes
.
delete
(
'sharing'
)
unless
@version
.
allowed_sharings
.
include?
(
attributes
[
'sharing'
])
if
@version
.
update_attributes
(
attributes
)
@version
.
safe_attributes
=
attributes
if
@version
.
save
flash
[
:notice
]
=
l
(
:notice_successful_update
)
redirect_to
:controller
=>
'projects'
,
:action
=>
'settings'
,
:tab
=>
'versions'
,
:id
=>
@project
else
...
...
app/controllers/wikis_controller.rb
View file @
7b23d3bd
...
...
@@ -19,7 +19,7 @@ class WikisController < ApplicationController
# Create or update a project's wiki
def
edit
@wiki
=
@project
.
wiki
||
Wiki
.
new
(
:project
=>
@project
)
@wiki
.
attributes
=
params
[
:wiki
]
@wiki
.
safe_
attributes
=
params
[
:wiki
]
@wiki
.
save
if
request
.
post?
render
(
:update
)
{
|
page
|
page
.
replace_html
"tab-content-wiki"
,
:partial
=>
'projects/settings/wiki'
}
end
...
...
app/models/document.rb
View file @
7b23d3bd
...
...
@@ -13,6 +13,7 @@
#++
class
Document
<
ActiveRecord
::
Base
include
Redmine
::
SafeAttributes
belongs_to
:project
belongs_to
:category
,
:class_name
=>
"DocumentCategory"
,
:foreign_key
=>
"category_id"
acts_as_attachable
:delete_permission
=>
:manage_documents
...
...
@@ -31,6 +32,8 @@ class Document < ActiveRecord::Base
named_scope
:visible
,
lambda
{
|*
args
|
{
:include
=>
:project
,
:conditions
=>
Project
.
allowed_to_condition
(
args
.
first
||
User
.
current
,
:view_documents
)
}
}
safe_attributes
'category_id'
,
'title'
,
'description'
def
visible?
(
user
=
User
.
current
)
!
user
.
nil?
&&
user
.
allowed_to?
(
:view_documents
,
project
)
end
...
...
app/models/issue_category.rb
View file @
7b23d3bd
...
...
@@ -13,6 +13,7 @@
#++
class
IssueCategory
<
ActiveRecord
::
Base
include
Redmine
::
SafeAttributes
belongs_to
:project
belongs_to
:assigned_to
,
:class_name
=>
'User'
,
:foreign_key
=>
'assigned_to_id'
has_many
:issues
,
:foreign_key
=>
'category_id'
,
:dependent
=>
:nullify
...
...
@@ -21,6 +22,8 @@ class IssueCategory < ActiveRecord::Base
validates_uniqueness_of
:name
,
:scope
=>
[
:project_id
]
validates_length_of
:name
,
:maximum
=>
30
safe_attributes
'name'
,
'assigned_to_id'
alias
:destroy_without_reassign
:destroy
# Destroy the category
...
...
app/models/message.rb
View file @
7b23d3bd
...
...
@@ -13,6 +13,7 @@
#++
class
Message
<
ActiveRecord
::
Base
include
Redmine
::
SafeAttributes
belongs_to
:board
belongs_to
:author
,
:class_name
=>
'User'
,
:foreign_key
=>
'author_id'
acts_as_tree
:counter_cache
=>
:replies_count
,
:order
=>
"
#{
Message
.
table_name
}
.created_on ASC"
...
...
@@ -49,6 +50,12 @@ class Message < ActiveRecord::Base
named_scope
:visible
,
lambda
{
|*
args
|
{
:include
=>
{
:board
=>
:project
},
:conditions
=>
Project
.
allowed_to_condition
(
args
.
first
||
User
.
current
,
:view_messages
)
}
}
safe_attributes
'subject'
,
'content'
safe_attributes
'locked'
,
'sticky'
,
:if
=>
lambda
{
|
message
,
user
|
user
.
allowed_to?
(
:edit_messages
,
message
.
project
)
}
def
visible?
(
user
=
User
.
current
)
!
user
.
nil?
&&
user
.
allowed_to?
(
:view_messages
,
project
)
end
...
...
app/models/news.rb
View file @
7b23d3bd
...
...
@@ -13,6 +13,7 @@
#++
class
News
<
ActiveRecord
::
Base
include
Redmine
::
SafeAttributes
belongs_to
:project
belongs_to
:author
,
:class_name
=>
'User'
,
:foreign_key
=>
'author_id'
has_many
:comments
,
:as
=>
:commented
,
:dependent
=>
:delete_all
,
:order
=>
"created_on"
...
...
@@ -32,6 +33,8 @@ class News < ActiveRecord::Base
:conditions
=>
Project
.
allowed_to_condition
(
args
.
first
||
User
.
current
,
:view_news
)
}}
safe_attributes
'title'
,
'summary'
,
'description'
def
visible?
(
user
=
User
.
current
)
!
user
.
nil?
&&
user
.
allowed_to?
(
:view_news
,
project
)
end
...
...
app/models/time_entry.rb
View file @
7b23d3bd
...
...
@@ -13,6 +13,7 @@
#++
class
TimeEntry
<
ActiveRecord
::
Base
include
Redmine
::
SafeAttributes
# could have used polymorphic association
# project association here allows easy loading of time entries at project level with one database trip
belongs_to
:project
...
...
@@ -37,6 +38,8 @@ class TimeEntry < ActiveRecord::Base
:conditions
=>
Project
.
allowed_to_condition
(
args
.
first
||
User
.
current
,
:view_time_entries
)
}}
safe_attributes
'hours'
,
'comments'
,
'issue_id'
,
'activity_id'
,
'spent_on'
,
'custom_field_values'
def
after_initialize
if
new_record?
&&
self
.
activity
.
nil?
if
default_activity
=
TimeEntryActivity
.
default
...
...
app/models/user_preference.rb
View file @
7b23d3bd
...
...
@@ -16,7 +16,7 @@ class UserPreference < ActiveRecord::Base
belongs_to
:user
serialize
:others
attr_protected
:others
attr_protected
:others
,
:user_id
def
initialize
(
attributes
=
nil
)
super
...
...
app/models/version.rb
View file @
7b23d3bd
...
...
@@ -13,6 +13,7 @@
#++
class
Version
<
ActiveRecord
::
Base
include
Redmine
::
SafeAttributes
after_update
:update_issues_from_sharing_change
belongs_to
:project
has_many
:fixed_issues
,
:class_name
=>
'Issue'
,
:foreign_key
=>
'fixed_version_id'
,
:dependent
=>
:nullify
...
...
@@ -34,6 +35,15 @@ class Version < ActiveRecord::Base
named_scope
:visible
,
lambda
{
|*
args
|
{
:include
=>
:project
,
:conditions
=>
Project
.
allowed_to_condition
(
args
.
first
||
User
.
current
,
:view_issues
)
}
}
safe_attributes
'name'
,
'description'
,
'effective_date'
,
'due_date'
,
'wiki_page_title'
,
'status'
,
'sharing'
,
'custom_field_values'
# Returns true if +user+ or current user is allowed to view the version
def
visible?
(
user
=
User
.
current
)
user
.
allowed_to?
(
:view_issues
,
self
.
project
)
...
...
app/models/wiki.rb
View file @
7b23d3bd
...
...
@@ -13,6 +13,7 @@
#++
class
Wiki
<
ActiveRecord
::
Base
include
Redmine
::
SafeAttributes
belongs_to
:project
has_many
:pages
,
:class_name
=>
'WikiPage'
,
:dependent
=>
:destroy
,
:order
=>
'title'
has_many
:redirects
,
:class_name
=>
'WikiRedirect'
,
:dependent
=>
:delete_all
...
...
@@ -22,6 +23,8 @@ class Wiki < ActiveRecord::Base
validates_presence_of
:start_page
validates_format_of
:start_page
,
:with
=>
/^[^,\.\/\?\;\|\:]*$/
safe_attributes
'start_page'
def
visible?
(
user
=
User
.
current
)
!
user
.
nil?
&&
user
.
allowed_to?
(
:view_wiki_pages
,
project
)
end
...
...
doc/CHANGELOG.rdoc
View file @
7b23d3bd
= ChiliProject changelog
== 2012-04-04 v2.7.1
* Bug #922: Mass assignment
== 2012-02-06 v2.7.0
* Bug #593: Notification Mail for Wiki-Changes has wrong Diff
...
...
lib/chili_project/version.rb
View file @
7b23d3bd
...
...
@@ -19,7 +19,7 @@ module ChiliProject
MAJOR
=
2
MINOR
=
7
PATCH
=
0
PATCH
=
1
TINY
=
PATCH
# Redmine compat
# Used by semver to define the special version (if any).
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment