diff -Nru redmine-4.0.6/app/controllers/application_controller.rb redmine-4.0.7/app/controllers/application_controller.rb
--- redmine-4.0.6/app/controllers/application_controller.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/controllers/application_controller.rb 2020-04-06 16:53:54.000000000 +0000
@@ -397,14 +397,19 @@
url = params[:back_url]
if url.nil? && referer = request.env['HTTP_REFERER']
url = CGI.unescape(referer.to_s)
+ # URLs that contains the utf8=[checkmark] parameter added by Rails are
+ # parsed as invalid by URI.parse so the redirect to the back URL would
+ # not be accepted (ApplicationController#validate_back_url would return
+ # false)
+ url.gsub!(/(\?|&)utf8=\u2713&?/, '\1')
end
url
end
+ helper_method :back_url
def redirect_back_or_default(default, options={})
- back_url = params[:back_url].to_s
- if back_url.present? && valid_url = validate_back_url(back_url)
- redirect_to(valid_url)
+ if back_url = validate_back_url(params[:back_url].to_s)
+ redirect_to(back_url)
return
elsif options[:referer]
redirect_to_referer_or default
@@ -417,6 +422,8 @@
# Returns a validated URL string if back_url is a valid url for redirection,
# otherwise false
def validate_back_url(back_url)
+ return false if back_url.blank?
+
if CGI.unescape(back_url).include?('..')
return false
end
@@ -454,11 +461,13 @@
return path
end
private :validate_back_url
+ helper_method :validate_back_url
def valid_back_url?(back_url)
!!validate_back_url(back_url)
end
private :valid_back_url?
+ helper_method :valid_back_url?
# Redirects to the request referer if present, redirects to args or call block otherwise.
def redirect_to_referer_or(*args, &block)
diff -Nru redmine-4.0.6/app/controllers/enumerations_controller.rb redmine-4.0.7/app/controllers/enumerations_controller.rb
--- redmine-4.0.6/app/controllers/enumerations_controller.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/controllers/enumerations_controller.rb 2020-04-06 16:53:54.000000000 +0000
@@ -107,7 +107,7 @@
def enumeration_params
# can't require enumeration on #new action
- cf_ids = @enumeration.available_custom_fields.map{|c| c.id.to_s}
+ cf_ids = @enumeration.available_custom_fields.map {|c| c.multiple? ? {c.id.to_s => []} : c.id.to_s}
params.permit(:enumeration => [:name, :active, :is_default, :position, :custom_field_values => cf_ids])[:enumeration]
end
end
diff -Nru redmine-4.0.6/app/controllers/repositories_controller.rb redmine-4.0.7/app/controllers/repositories_controller.rb
--- redmine-4.0.6/app/controllers/repositories_controller.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/controllers/repositories_controller.rb 2020-04-06 16:53:54.000000000 +0000
@@ -261,7 +261,7 @@
@changeset = @repository.find_changeset_by_name(@rev)
@changeset_to = @rev_to ? @repository.find_changeset_by_name(@rev_to) : nil
@diff_format_revisions = @repository.diff_format_revisions(@changeset, @changeset_to)
- render :diff, :formats => :html
+ render :diff, :formats => :html, :layout => 'base.html.erb'
end
end
diff -Nru redmine-4.0.6/app/controllers/workflows_controller.rb redmine-4.0.7/app/controllers/workflows_controller.rb
--- redmine-4.0.6/app/controllers/workflows_controller.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/controllers/workflows_controller.rb 2020-04-06 16:53:54.000000000 +0000
@@ -118,7 +118,7 @@
def find_roles
ids = Array.wrap(params[:role_id])
if ids == ['all']
- @roles = Role.sorted.to_a
+ @roles = Role.sorted.select(&:consider_workflow?)
elsif ids.present?
@roles = Role.where(:id => ids).to_a
end
diff -Nru redmine-4.0.6/app/helpers/application_helper.rb redmine-4.0.7/app/helpers/application_helper.rb
--- redmine-4.0.6/app/helpers/application_helper.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/helpers/application_helper.rb 2020-04-06 16:53:54.000000000 +0000
@@ -1292,26 +1292,13 @@
arg.to_json.to_s.gsub('/', '\/').html_safe
end
- def back_url
- url = params[:back_url]
- if url.nil? && referer = request.env['HTTP_REFERER']
- url = CGI.unescape(referer.to_s)
- # URLs that contains the utf8=[checkmark] parameter added by Rails are
- # parsed as invalid by URI.parse so the redirect to the back URL would
- # not be accepted (ApplicationController#validate_back_url would return
- # false)
- url.gsub!(/(\?|&)utf8=\u2713&?/, '\1')
- end
- url
- end
-
def back_url_hidden_field_tag
- url = back_url
+ url = validate_back_url(back_url)
hidden_field_tag('back_url', url, :id => nil) unless url.blank?
end
def cancel_button_tag(fallback_url)
- url = back_url.blank? ? fallback_url : back_url
+ url = validate_back_url(back_url) || fallback_url
link_to l(:button_cancel), url
end
diff -Nru redmine-4.0.6/app/helpers/queries_helper.rb redmine-4.0.7/app/helpers/queries_helper.rb
--- redmine-4.0.6/app/helpers/queries_helper.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/helpers/queries_helper.rb 2020-04-06 16:53:54.000000000 +0000
@@ -261,7 +261,7 @@
value.to_s(object)
when 'Issue'
if object.is_a?(TimeEntry)
- "#{value.tracker} ##{value.id}: #{value.subject}"
+ value.visible? ? "#{value.tracker} ##{value.id}: #{value.subject}" : "##{value.id}"
else
value.id
end
diff -Nru redmine-4.0.6/app/helpers/timelog_helper.rb redmine-4.0.7/app/helpers/timelog_helper.rb
--- redmine-4.0.6/app/helpers/timelog_helper.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/helpers/timelog_helper.rb 2020-04-06 16:53:54.000000000 +0000
@@ -63,7 +63,15 @@
"[#{l(:label_none)}]"
elsif k = criteria_options[:klass]
obj = k.find_by_id(value.to_i)
- format_object(obj, html)
+ if obj.is_a?(Issue)
+ if obj.visible?
+ html ? link_to_issue(obj) : "#{obj.tracker} ##{obj.id}: #{obj.subject}"
+ else
+ "##{obj.id}"
+ end
+ else
+ format_object(obj, html)
+ end
elsif cf = criteria_options[:custom_field]
format_value(value, cf)
else
diff -Nru redmine-4.0.6/app/views/layouts/base.html.erb redmine-4.0.7/app/views/layouts/base.html.erb
--- redmine-4.0.6/app/views/layouts/base.html.erb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/views/layouts/base.html.erb 2020-04-06 16:53:54.000000000 +0000
@@ -4,7 +4,7 @@
<%= html_title %>
-
+
<%= csrf_meta_tag %>
@@ -119,7 +119,7 @@
diff -Nru redmine-4.0.6/app/views/projects/show.api.rsb redmine-4.0.7/app/views/projects/show.api.rsb
--- redmine-4.0.6/app/views/projects/show.api.rsb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/app/views/projects/show.api.rsb 2020-04-06 16:53:54.000000000 +0000
@@ -7,6 +7,8 @@
api.parent(:id => @project.parent.id, :name => @project.parent.name) if @project.parent && @project.parent.visible?
api.status @project.status
api.is_public @project.is_public?
+ api.default_version(:id => @project.default_version.id, :name => @project.default_version.name) if @project.default_version
+ api.default_assignee(:id => @project.project.default_assigned_to.id, :name => @project.project.default_assigned_to.name) if @project.default_assigned_to
render_api_custom_values @project.visible_custom_field_values, api
render_api_includes(@project, api)
diff -Nru redmine-4.0.6/config/application.rb redmine-4.0.7/config/application.rb
--- redmine-4.0.6/config/application.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/config/application.rb 2020-04-06 16:53:54.000000000 +0000
@@ -51,7 +51,7 @@
config.active_record.sqlite3.represent_boolean_as_integer = true
# Sets the Content-Length header on responses with fixed-length bodies
- config.middleware.insert_after Rack::Sendfile, Rack::ContentLength
+ config.middleware.insert_before Rack::Sendfile, Rack::ContentLength
# Verify validity of user sessions
config.redmine_verify_sessions = true
diff -Nru redmine-4.0.6/debian/changelog redmine-4.0.7/debian/changelog
--- redmine-4.0.6/debian/changelog 2020-02-12 14:04:45.000000000 +0000
+++ redmine-4.0.7/debian/changelog 2020-04-20 17:32:29.000000000 +0000
@@ -1,3 +1,19 @@
+redmine (4.0.7-1) unstable; urgency=medium
+
+ * New upstream version 4.0.7:
+ + adapt/refresh patches.
+ * Fix import issue with tmp directory (Thanks Andre Heider) (Closes:
+ #952417).
+ * Bumped Standards-Version to 4.5.0 (no changes required).
+ * Minor package updates suggested by dh-make-ruby.
+ * Add upstream metadata.
+ * Switch to watch format 4.
+ * Add patch to fix drag-and-drop attachments with JQuery 3 (thanks
+ Martin Gregoire) (Closes: #955042).
+ * Ensure database choice match installed redmine- packages.
+
+ -- Marc Dequènes (Duck) Tue, 21 Apr 2020 02:32:29 +0900
+
redmine (4.0.6-2) unstable; urgency=medium
* Relax dependency on ruby-i18n.
diff -Nru redmine-4.0.6/debian/config redmine-4.0.7/debian/config
--- redmine-4.0.6/debian/config 2020-02-07 15:36:16.000000000 +0000
+++ redmine-4.0.7/debian/config 2020-04-20 16:31:07.000000000 +0000
@@ -7,7 +7,16 @@
. /usr/share/debconf/confmodule
if [ -f /usr/share/dbconfig-common/dpkg/config ]; then
- dbc_dbtypes="sqlite3, pgsql, mysql"
+ # 2020-04-20: for some reason sqlite3 is now listed even if
+ # dbconfig-sqlite3 is not installed, breaking the choice
+ # and automated tests because it becomes the default one
+ list=""
+ for dbtype in sqlite pgsql mysql; do
+ if [ -d /usr/share/doc/redmine-$dbtype ]; then
+ list="${list}, ${dbtype}"
+ fi
+ done
+ dbc_dbtypes=$(echo $list | sed -e 's/^, //' -e 's/sqlite/sqlite3/')
. /usr/share/dbconfig-common/dpkg/config
db_get redmine/current-instances || true
diff -Nru redmine-4.0.6/debian/control redmine-4.0.7/debian/control
--- redmine-4.0.6/debian/control 2020-02-12 14:01:52.000000000 +0000
+++ redmine-4.0.7/debian/control 2020-04-20 13:09:12.000000000 +0000
@@ -7,6 +7,7 @@
Marc Dequènes (Duck)
Build-Depends: dbconfig-common,
debhelper-compat (= 12),
+ gem2deb (>= 1),
ruby | ruby-interpreter,
ruby-actionpack-action-caching,
ruby-actionpack-xml-parser,
@@ -32,7 +33,7 @@
ruby-roadie-rails (>= 1.3.0),
ruby-rouge (>= 3.7.0)
Build-Depends-Indep: po-debconf
-Standards-Version: 4.4.0
+Standards-Version: 4.5.0
Vcs-Browser: https://salsa.debian.org/ruby-team/redmine
Vcs-Git: https://salsa.debian.org/ruby-team/redmine.git
Homepage: https://www.redmine.org
diff -Nru redmine-4.0.6/debian/links redmine-4.0.7/debian/links
--- redmine-4.0.6/debian/links 2020-02-07 15:36:16.000000000 +0000
+++ redmine-4.0.7/debian/links 2020-04-20 12:17:13.000000000 +0000
@@ -1,10 +1,8 @@
+/etc/redmine/default/database.yml usr/share/redmine/config/database.yml
/var/lib/redmine usr/share/redmine/instances
/var/lib/redmine/Gemfile.lock usr/share/redmine/Gemfile.lock
-
-usr/share/javascript/jquery/jquery.min.js usr/share/redmine/public/javascripts/jquery.min.js
+usr/share/javascript/chart.js/Chart.min.js usr/share/redmine/public/javascripts/Chart.bundle.min.js
usr/share/javascript/jquery-ui/jquery-ui.min.js usr/share/redmine/public/javascripts/jquery-ui.min.js
-usr/share/ruby-jquery-rails/vendor/assets/javascripts/jquery_ujs.js usr/share/redmine/public/javascripts/jquery_ujs.js
+usr/share/javascript/jquery/jquery.min.js usr/share/redmine/public/javascripts/jquery.min.js
usr/share/javascript/raphael/raphael.min.js usr/share/redmine/public/javascripts/raphael.js
-usr/share/javascript/chart.js/Chart.min.js usr/share/redmine/public/javascripts/Chart.bundle.min.js
-
-/etc/redmine/default/database.yml usr/share/redmine/config/database.yml
+usr/share/ruby-jquery-rails/vendor/assets/javascripts/jquery_ujs.js usr/share/redmine/public/javascripts/jquery_ujs.js
diff -Nru redmine-4.0.6/debian/patches/0004-Add-multi-tenancy-support.patch redmine-4.0.7/debian/patches/0004-Add-multi-tenancy-support.patch
--- redmine-4.0.6/debian/patches/0004-Add-multi-tenancy-support.patch 2020-02-12 00:25:58.000000000 +0000
+++ redmine-4.0.7/debian/patches/0004-Add-multi-tenancy-support.patch 2020-04-20 13:21:18.000000000 +0000
@@ -34,10 +34,8 @@
create mode 100644 config/multitenancy_environment.rb
create mode 100644 lib/redmine/multi_tenancy.rb
-Index: redmine/.gitignore
-===================================================================
---- redmine.orig/.gitignore
-+++ redmine/.gitignore
+--- a/.gitignore
++++ b/.gitignore
@@ -16,6 +16,7 @@
/db/*.sqlite3
/db/schema.rb
@@ -46,11 +44,9 @@
/lib/redmine/scm/adapters/mercurial/redminehelper.pyc
/lib/redmine/scm/adapters/mercurial/redminehelper.pyo
/log/*.log*
-Index: redmine/Gemfile
-===================================================================
---- redmine.orig/Gemfile
-+++ redmine/Gemfile
-@@ -50,12 +50,17 @@ end
+--- a/Gemfile
++++ b/Gemfile
+@@ -51,12 +51,17 @@
# configuration file
require 'erb'
require 'yaml'
@@ -70,7 +66,7 @@
case adapter
when 'mysql2'
gem "mysql2", "~> 0.5", :platforms => [:mri, :mingw, :x64_mingw]
-@@ -73,8 +78,6 @@ if File.exist?(database_file)
+@@ -74,8 +79,6 @@
else
warn("No adapter found in config/database.yml, please configure it first")
end
@@ -79,11 +75,9 @@
end
# Load plugins' Gemfiles
-Index: redmine/app/models/attachment.rb
-===================================================================
---- redmine.orig/app/models/attachment.rb
-+++ redmine/app/models/attachment.rb
-@@ -47,10 +47,10 @@ class Attachment < ActiveRecord::Base
+--- a/app/models/attachment.rb
++++ b/app/models/attachment.rb
+@@ -47,10 +47,10 @@
"LEFT JOIN #{Project.table_name} ON #{Document.table_name}.project_id = #{Project.table_name}.id")
cattr_accessor :storage_path
@@ -96,10 +90,8 @@
before_create :files_to_final_location
after_rollback :delete_from_disk, :on => :create
-Index: redmine/bin/redmine-instances
-===================================================================
--- /dev/null
-+++ redmine/bin/redmine-instances
++++ b/bin/redmine-instances
@@ -0,0 +1,289 @@
+#!/bin/sh
+
@@ -390,11 +382,9 @@
+Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+DOCUMENTATION
-Index: redmine/config/application.rb
-===================================================================
---- redmine.orig/config/application.rb
-+++ redmine/config/application.rb
-@@ -72,6 +72,7 @@ module RedmineApp
+--- a/config/application.rb
++++ b/config/application.rb
+@@ -72,6 +72,7 @@
:key => '_redmine_session',
:path => config.relative_url_root || '/'
@@ -402,10 +392,8 @@
if File.exists?(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
instance_eval File.read(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
end
-Index: redmine/config/multitenancy_environment.rb
-===================================================================
--- /dev/null
-+++ redmine/config/multitenancy_environment.rb
++++ b/config/multitenancy_environment.rb
@@ -0,0 +1,42 @@
+# Copyright (C) 2014-2015 Antonio Terceiro
+# Copyright (C) 2011-2014 Jérémy Lal
@@ -449,11 +437,9 @@
+ end
+
+end
-Index: redmine/lib/plugins/open_id_authentication/lib/open_id_authentication.rb
-===================================================================
---- redmine.orig/lib/plugins/open_id_authentication/lib/open_id_authentication.rb
-+++ redmine/lib/plugins/open_id_authentication/lib/open_id_authentication.rb
-@@ -25,7 +25,7 @@ module OpenIdAuthentication
+--- a/lib/plugins/open_id_authentication/lib/open_id_authentication.rb
++++ b/lib/plugins/open_id_authentication/lib/open_id_authentication.rb
+@@ -25,7 +25,7 @@
OpenID::Store::Memory.new
when :file
require 'openid/store/filesystem'
@@ -462,11 +448,9 @@
when :memcache
require 'memcache'
require 'openid/store/memcache'
-Index: redmine/lib/redmine/configuration.rb
-===================================================================
---- redmine.orig/lib/redmine/configuration.rb
-+++ redmine/lib/redmine/configuration.rb
-@@ -32,7 +32,7 @@ module Redmine
+--- a/lib/redmine/configuration.rb
++++ b/lib/redmine/configuration.rb
+@@ -32,7 +32,7 @@
# * :file: the configuration file to load (default: config/configuration.yml)
# * :env: the environment to load the configuration for (default: Rails.env)
def load(options={})
@@ -475,7 +459,7 @@
env = options[:env] || Rails.env
@config = @defaults.dup
-@@ -110,7 +110,7 @@ module Redmine
+@@ -110,7 +110,7 @@
end
def load_deprecated_email_configuration(env)
@@ -484,11 +468,9 @@
if File.file?(deprecated_email_conf)
warn "Storing outgoing emails configuration in config/email.yml is deprecated. You should now store it in config/configuration.yml using the email_delivery setting."
@config.merge!({'email_delivery' => load_from_yaml(deprecated_email_conf, env)})
-Index: redmine/lib/redmine/export/pdf.rb
-===================================================================
---- redmine.orig/lib/redmine/export/pdf.rb
-+++ redmine/lib/redmine/export/pdf.rb
-@@ -27,7 +27,7 @@ module Redmine
+--- a/lib/redmine/export/pdf.rb
++++ b/lib/redmine/export/pdf.rb
+@@ -27,7 +27,7 @@
attr_accessor :footer_date
def initialize(lang, orientation='P')
@@ -497,10 +479,8 @@
FileUtils.mkdir_p @@k_path_cache unless File::exist?(@@k_path_cache)
set_language_if_valid lang
super(orientation, 'mm', 'A4')
-Index: redmine/lib/redmine/multi_tenancy.rb
-===================================================================
--- /dev/null
-+++ redmine/lib/redmine/multi_tenancy.rb
++++ b/lib/redmine/multi_tenancy.rb
@@ -0,0 +1,43 @@
+# Copyright (C) 2014-2015 Antonio Terceiro
+# Copyright (C) 2011-2014 Jérémy Lal
@@ -545,11 +525,9 @@
+ end
+
+end
-Index: redmine/lib/redmine/plugin.rb
-===================================================================
---- redmine.orig/lib/redmine/plugin.rb
-+++ redmine/lib/redmine/plugin.rb
-@@ -54,7 +54,7 @@ module Redmine
+--- a/lib/redmine/plugin.rb
++++ b/lib/redmine/plugin.rb
+@@ -54,7 +54,7 @@
# Absolute path to the plublic directory where plugins assets are copied
cattr_accessor :public_directory
@@ -558,11 +536,9 @@
@registered_plugins = {}
@used_partials = {}
-Index: redmine/lib/redmine/scm/adapters/abstract_adapter.rb
-===================================================================
---- redmine.orig/lib/redmine/scm/adapters/abstract_adapter.rb
-+++ redmine/lib/redmine/scm/adapters/abstract_adapter.rb
-@@ -210,7 +210,7 @@ module Redmine
+--- a/lib/redmine/scm/adapters/abstract_adapter.rb
++++ b/lib/redmine/scm/adapters/abstract_adapter.rb
+@@ -210,7 +210,7 @@
if @stderr_log_file.nil?
writable = false
path = Redmine::Configuration['scm_stderr_log_file'].presence
@@ -571,11 +547,9 @@
if File.exists?(path)
if File.file?(path) && File.writable?(path)
writable = true
-Index: redmine/lib/tasks/initializers.rake
-===================================================================
---- redmine.orig/lib/tasks/initializers.rake
-+++ redmine/lib/tasks/initializers.rake
-@@ -15,7 +15,7 @@ file 'config/initializers/secret_token.r
+--- a/lib/tasks/initializers.rake
++++ b/lib/tasks/initializers.rake
+@@ -15,7 +15,7 @@
# change this key, all old sessions will become invalid! Make sure the
# secret is at least 30 characters and all random, no regular words or
# you'll be exposed to dictionary attacks.
@@ -584,3 +558,14 @@
EOF
end
end
+--- a/app/models/import.rb
++++ b/app/models/import.rb
+@@ -78,7 +78,7 @@
+ # It is stored in tmp/imports with a random hex as filename
+ def filepath
+ if filename.present? && filename =~ /\A[0-9a-f]+\z/
+- File.join(Rails.root, "tmp", "imports", filename)
++ File.join(Redmine.root, "tmp", "imports", filename)
+ else
+ nil
+ end
diff -Nru redmine-4.0.6/debian/patches/attachments_jquery3_fix.patch redmine-4.0.7/debian/patches/attachments_jquery3_fix.patch
--- redmine-4.0.6/debian/patches/attachments_jquery3_fix.patch 1970-01-01 00:00:00.000000000 +0000
+++ redmine-4.0.7/debian/patches/attachments_jquery3_fix.patch 2020-04-20 15:30:57.000000000 +0000
@@ -0,0 +1,34 @@
+--- a/public/javascripts/attachments.js
++++ b/public/javascripts/attachments.js
+@@ -175,9 +175,9 @@
+ $(this).removeClass('fileover');
+ blockEventPropagation(e);
+
+- if ($.inArray('Files', e.dataTransfer.types) > -1) {
++ if ($.inArray('Files', e.originalEvent.dataTransfer.types) > -1) {
+ handleFileDropEvent.target = e.target;
+- uploadAndAttachFiles(e.dataTransfer.files, $('input:file.filedrop').first());
++ uploadAndAttachFiles(e.originalEvent.dataTransfer.files, $('input:file.filedrop').first());
+ }
+ }
+ handleFileDropEvent.target = '';
+@@ -185,7 +185,7 @@
+ function dragOverHandler(e) {
+ $(this).addClass('fileover');
+ blockEventPropagation(e);
+- e.dataTransfer.dropEffect = 'copy';
++ e.originalEvent.dataTransfer.dropEffect = 'copy';
+ }
+
+ function dragOutHandler(e) {
+@@ -195,10 +195,6 @@
+
+ function setupFileDrop() {
+ if (window.File && window.FileList && window.ProgressEvent && window.FormData) {
+-
+- $.event.fixHooks.dragover = { props: [ 'dataTransfer' ] };
+- $.event.fixHooks.drop = { props: [ 'dataTransfer' ] };
+-
+ $('form div.box:not(.filedroplistner)').has('input:file.filedrop').each(function() {
+ $(this).on({
+ dragover: dragOverHandler,
diff -Nru redmine-4.0.6/debian/patches/gemfile-deps-adjustment.patch redmine-4.0.7/debian/patches/gemfile-deps-adjustment.patch
--- redmine-4.0.6/debian/patches/gemfile-deps-adjustment.patch 2020-02-12 14:00:44.000000000 +0000
+++ redmine-4.0.7/debian/patches/gemfile-deps-adjustment.patch 2020-04-20 15:30:57.000000000 +0000
@@ -15,15 +15,16 @@
integrated, but it should save maintainers effort overall.
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: redmine/Gemfile
-===================================================================
---- redmine.orig/Gemfile
-+++ redmine/Gemfile
-@@ -2,18 +2,18 @@ source 'https://rubygems.org'
+--- a/Gemfile
++++ b/Gemfile
+@@ -1,20 +1,20 @@
+ source 'https://rubygems.org'
+-ruby '>= 2.3.0', '< 2.7.0' if Bundler::VERSION >= '1.12.0'
++#ruby '>= 2.3.0', '< 2.7.0' if Bundler::VERSION >= '1.12.0'
gem "bundler", ">= 1.5.0"
--gem "rails", "5.2.4.1"
+-gem 'rails', '5.2.4.2'
-gem "rouge", "~> 3.3.0"
-gem "request_store", "1.0.5"
-gem "mini_mime", "~> 1.0.1"
@@ -47,7 +48,7 @@
gem "xpath", "< 3.2.0" if RUBY_VERSION < "2.3"
# TODO: Remove the following line when #32223 is fixed
-@@ -21,11 +21,11 @@ gem "sprockets", "~> 3.7.2"
+@@ -22,11 +22,11 @@
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin]
@@ -61,7 +62,7 @@
end
# Optional gem for OpenID authentication
-@@ -37,12 +37,12 @@ end
+@@ -38,12 +38,12 @@
platforms :mri, :mingw, :x64_mingw do
# Optional gem for exporting the gantt to a PNG file, not supported with jruby
group :rmagick do
@@ -76,7 +77,7 @@
end
end
-@@ -58,13 +58,13 @@ if File.exist?(database_file)
+@@ -59,13 +59,13 @@
adapters.each do |adapter|
case adapter
when 'mysql2'
@@ -89,12 +90,12 @@
- gem "sqlite3", "~>1.3.12", :platforms => [:mri, :mingw, :x64_mingw]
+ gem "sqlite3", "~>1.3", :platforms => [:mri, :mingw, :x64_mingw]
when /sqlserver/
-- gem "tiny_tds", "~> 1.0.5", :platforms => [:mri, :mingw, :x64_mingw]
-+ gem "tiny_tds", "~> 1.0", :platforms => [:mri, :mingw, :x64_mingw]
- gem "activerecord-sqlserver-adapter", :platforms => [:mri, :mingw, :x64_mingw]
+- gem "tiny_tds", "~> 2.1.2", :platforms => [:mri, :mingw, :x64_mingw]
++ gem "tiny_tds", "~> 2.1", :platforms => [:mri, :mingw, :x64_mingw]
+ gem "activerecord-sqlserver-adapter", "~> 5.2.1", :platforms => [:mri, :mingw, :x64_mingw]
else
warn("Unknown database adapter `#{adapter}` found in config/database.yml, use Gemfile.local to load your own database gems")
-@@ -77,25 +77,6 @@ else
+@@ -78,25 +78,6 @@
warn("Please configure your config/database.yml first")
end
diff -Nru redmine-4.0.6/debian/patches/openid_optional.patch redmine-4.0.7/debian/patches/openid_optional.patch
--- redmine-4.0.6/debian/patches/openid_optional.patch 2020-02-12 00:25:58.000000000 +0000
+++ redmine-4.0.7/debian/patches/openid_optional.patch 2020-04-20 13:21:18.000000000 +0000
@@ -1,8 +1,6 @@
-Index: redmine/Gemfile
-===================================================================
---- redmine.orig/Gemfile
-+++ redmine/Gemfile
-@@ -28,12 +28,6 @@ group :ldap do
+--- a/Gemfile
++++ b/Gemfile
+@@ -29,12 +29,6 @@
gem "net-ldap", "~> 0.16"
end
@@ -15,10 +13,8 @@
platforms :mri, :mingw, :x64_mingw do
# Optional gem for exporting the gantt to a PNG file, not supported with jruby
group :rmagick do
-Index: redmine/lib/plugins/open_id_authentication/init.rb
-===================================================================
---- redmine.orig/lib/plugins/open_id_authentication/init.rb
-+++ redmine/lib/plugins/open_id_authentication/init.rb
+--- a/lib/plugins/open_id_authentication/init.rb
++++ b/lib/plugins/open_id_authentication/init.rb
@@ -1,12 +1,12 @@
-if Rails.version < '3'
- config.gem 'rack-openid', :lib => 'rack/openid', :version => '>=0.2.1'
diff -Nru redmine-4.0.6/debian/patches/series redmine-4.0.7/debian/patches/series
--- redmine-4.0.6/debian/patches/series 2020-02-07 15:36:16.000000000 +0000
+++ redmine-4.0.7/debian/patches/series 2020-04-20 13:30:41.000000000 +0000
@@ -7,3 +7,4 @@
openid_optional.patch
openid_hardcoded.patch
gantt_jquery3_fix.patch
+attachments_jquery3_fix.patch
diff -Nru redmine-4.0.6/debian/patches/use_system_jquery_libs.patch redmine-4.0.7/debian/patches/use_system_jquery_libs.patch
--- redmine-4.0.6/debian/patches/use_system_jquery_libs.patch 2020-02-12 00:25:58.000000000 +0000
+++ redmine-4.0.7/debian/patches/use_system_jquery_libs.patch 2020-04-20 13:21:18.000000000 +0000
@@ -1,6 +1,6 @@
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
-@@ -1502,9 +1502,9 @@
+@@ -1489,9 +1489,9 @@
# Returns the javascript tags that are included in the html layout head
def javascript_heads
diff -Nru redmine-4.0.6/debian/rules redmine-4.0.7/debian/rules
--- redmine-4.0.6/debian/rules 2020-02-07 15:36:16.000000000 +0000
+++ redmine-4.0.7/debian/rules 2020-04-20 13:21:17.000000000 +0000
@@ -2,7 +2,7 @@
# -*- makefile -*-
%:
- dh $@
+ dh $@ --with ruby
override_dh_auto_configure:
./debian/check-locales
diff -Nru redmine-4.0.6/debian/tests/control redmine-4.0.7/debian/tests/control
--- redmine-4.0.6/debian/tests/control 2020-02-07 15:36:16.000000000 +0000
+++ redmine-4.0.7/debian/tests/control 2020-04-20 17:31:56.000000000 +0000
@@ -1,39 +1,87 @@
+
+# WARNING: do NOT reorder the redmine dependencies or certain tesst will fail.
+# autopkgtest seems to revolve dpendency in order, which leads to
+# redmine-sqlite to be installed when trying to tes another database.
+
Test-Command: debian/tests/smoke-test-apache sqlite3 apache2-passenger-host /
-Depends: redmine-sqlite, redmine, apache2, libapache2-mod-passenger, curl
+Depends: apache2,
+ curl,
+ libapache2-mod-passenger,
+ redmine-sqlite,
+ redmine
Restrictions: needs-root
Test-Command: debian/tests/smoke-test-apache postgresql apache2-passenger-host /
-Depends: postgresql, redmine-pgsql, redmine, apache2, libapache2-mod-passenger, curl
+Depends: apache2,
+ curl,
+ libapache2-mod-passenger,
+ postgresql,
+ redmine-pgsql,
+ redmine
Restrictions: needs-root
Test-Command: debian/tests/smoke-test-apache mysql2 apache2-passenger-host /
-Depends: default-mysql-server, redmine-mysql, redmine, apache2, libapache2-mod-passenger, curl
+Depends: apache2,
+ curl,
+ default-mysql-server,
+ libapache2-mod-passenger,
+ redmine-mysql,
+ redmine
Restrictions: needs-root
Test-Command: debian/tests/smoke-test-apache sqlite3 apache2-passenger-alias /redmine
-Depends: redmine-sqlite, redmine, apache2, libapache2-mod-passenger, curl
+Depends: apache2,
+ curl,
+ libapache2-mod-passenger,
+ redmine-sqlite,
+ redmine
Restrictions: needs-root
Test-Command: debian/tests/smoke-test-apache sqlite3 apache2-passenger-host / && debian/tests/plugin-assets
-Depends: redmine, redmine-plugin-custom-css, apache2, libapache2-mod-passenger, curl
+Depends: apache2,
+ curl,
+ libapache2-mod-passenger,
+ redmine,
+ redmine-plugin-custom-css
Restrictions: needs-root
Test-Command: debian/tests/smoke-test-lighttpd sqlite3 lighttpd-host / && debian/tests/plugin-assets
-Depends: redmine-sqlite, redmine, redmine-plugin-custom-css, lighttpd, ruby-fcgi, curl
+Depends: curl,
+ lighttpd,
+ redmine-sqlite,
+ redmine,
+ redmine-plugin-custom-css,
+ ruby-fcgi
Restrictions: needs-root
# not working because of https://github.com/rails/rails/issues/24393
#Test-Command: debian/tests/smoke-test-lighttpd sqlite3 lighttpd-host-alias /redmine
-#Depends: redmine-sqlite, redmine, lighttpd, ruby-fcgi, curl
+#Depends: curl,
+# lighttpd,
+# redmine-sqlite,
+# redmine,
+# ruby-fcgi
#Restrictions: needs-root
Test-Command: debian/tests/smoke-test-nginx sqlite3 nginx-host / && debian/tests/plugin-assets
-Depends: redmine-sqlite, redmine, redmine-plugin-custom-css, nginx-light, ruby-fcgi, spawn-fcgi, multiwatch, curl
+Depends: curl,
+ multiwatch,
+ nginx-light,
+ redmine-sqlite,
+ redmine,
+ redmine-plugin-custom-css,
+ ruby-fcgi,
+ spawn-fcgi
Restrictions: needs-root
# not working because of https://github.com/rails/rails/issues/24393
#Test-Command: debian/tests/smoke-test-nginx sqlite3 nginx-alias /redmine
-#Depends: redmine-sqlite, redmine, nginx-light, ruby-fcgi, spawn-fcgi, multiwatch, curl
+#Depends: curl,
+# multiwatch,
+# nginx-light,
+# redmine,
+# ruby-fcgi,
+# spawn-fcgi
#Restrictions: needs-root
Tests: install-purge-install
@@ -45,4 +93,6 @@
Restrictions: needs-root
Test-Command: /bin/true
-Depends: redmine-sqlite, redmine, dbconfig-no-thanks
+Depends: dbconfig-no-thanks,
+ redmine-sqlite,
+ redmine
diff -Nru redmine-4.0.6/debian/upstream/metadata redmine-4.0.7/debian/upstream/metadata
--- redmine-4.0.6/debian/upstream/metadata 1970-01-01 00:00:00.000000000 +0000
+++ redmine-4.0.7/debian/upstream/metadata 2020-04-20 12:43:02.000000000 +0000
@@ -0,0 +1,7 @@
+---
+Archive: GitHub
+Bug-Database: https://www.redmine.org/projects/redmine/issues
+Bug-Submit: https://www.redmine.org/projects/redmine/issues/new
+Changelog: https://www.redmine.org/projects/redmine/wiki/Changelog
+Repository: https://github.com/redmine/redmine.git
+Repository-Browse: https://github.com/redmine/redmine
diff -Nru redmine-4.0.6/debian/watch redmine-4.0.7/debian/watch
--- redmine-4.0.6/debian/watch 2020-02-07 15:36:16.000000000 +0000
+++ redmine-4.0.7/debian/watch 2020-04-20 12:43:02.000000000 +0000
@@ -1,2 +1,2 @@
-version=3
+version=4
https://github.com/redmine/redmine/releases .*/(.*)\.tar\.gz
diff -Nru redmine-4.0.6/doc/CHANGELOG redmine-4.0.7/doc/CHANGELOG
--- redmine-4.0.6/doc/CHANGELOG 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/doc/CHANGELOG 2020-04-06 16:53:54.000000000 +0000
@@ -4,6 +4,74 @@
Copyright (C) 2006-2017 Jean-Philippe Lang
http://www.redmine.org/
+== 2020-04-06 v4.0.7
+
+=== [Attachments]
+
+* Defect #32656: Drag and drop objects from Outlook to Redmine deletes the objects
+* Defect #32785: X-Sendfile header field is not set if rack 2.1.0 is installed
+
+=== [Custom fields]
+
+* Defect #33085: Unable to update the values of a custom field for enumerations when multiple values option is enabled
+
+=== [Database]
+
+* Defect #30285: Microsoft SQL server support is broken
+
+=== [Documentation]
+
+* Patch #32787: Redmine 4.0 no longer supports Ruby 2.2
+
+=== [Gantt]
+
+* Defect #19248: End markers in gantt PDF are misaligned
+* Defect #23645: Gantt bars for single-day tasks may be rendered wrongly in PDF
+
+=== [Issues workflow]
+
+* Defect #33059: "Role" dropdown in Workflow page is unexpectedly expanded when selecting "all"
+
+=== [REST API]
+
+* Defect #33113: Default version and assignee are not exposed via projects API
+
+=== [Rails support]
+
+* Patch #33196: Update Rails to 5.2.4.2
+
+=== [Ruby support]
+
+* Patch #32788: Specify supported Ruby version in Gemfile and doc/INSTALL
+
+=== [SCM]
+
+* Defect #32449: Diff view for .js files in repositories is broken
+
+=== [Security]
+
+* Defect #32850: XSS vulnerability due to missing back_url validation
+* Defect #32934: XSS vulnerabilities in textile inline links
+* Defect #33075: Time entries csv export should check issue visibility
+
+=== [Time tracking]
+
+* Defect #33052: Missing subject and tracker name in CSV export of time entries report
+
+=== [Translations]
+
+* Patch #32917: Bulgarian translation
+
+=== [UI]
+
+* Defect #32772: Tabs are displayed on two lines when the total width of the tabs is greater than 2000px
+* Defect #32829: HTML entity is used in CSS string
+* Patch #33068: Update copyright year in the footer to 2020
+
+=== [UI - Responsive]
+
+* Feature #33156: Allow zooming on mobile devices
+
== 2019-12-20 v4.0.6
=== [Attachments]
diff -Nru redmine-4.0.6/doc/INSTALL redmine-4.0.7/doc/INSTALL
--- redmine-4.0.6/doc/INSTALL 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/doc/INSTALL 2020-04-06 16:53:54.000000000 +0000
@@ -7,7 +7,7 @@
== Requirements
-* Ruby >= 2.2.2
+* Ruby 2.3, 2.4, 2.5, 2.6
* RubyGems
* Bundler >= 1.5.0
diff -Nru redmine-4.0.6/Gemfile redmine-4.0.7/Gemfile
--- redmine-4.0.6/Gemfile 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/Gemfile 2020-04-06 16:53:54.000000000 +0000
@@ -1,8 +1,9 @@
source 'https://rubygems.org'
+ruby '>= 2.3.0', '< 2.7.0' if Bundler::VERSION >= '1.12.0'
gem "bundler", ">= 1.5.0"
-gem "rails", "5.2.4.1"
+gem 'rails', '5.2.4.2'
gem "rouge", "~> 3.3.0"
gem "request_store", "1.0.5"
gem "mini_mime", "~> 1.0.1"
@@ -64,8 +65,8 @@
when /sqlite3/
gem "sqlite3", "~>1.3.12", :platforms => [:mri, :mingw, :x64_mingw]
when /sqlserver/
- gem "tiny_tds", "~> 1.0.5", :platforms => [:mri, :mingw, :x64_mingw]
- gem "activerecord-sqlserver-adapter", :platforms => [:mri, :mingw, :x64_mingw]
+ gem "tiny_tds", "~> 2.1.2", :platforms => [:mri, :mingw, :x64_mingw]
+ gem "activerecord-sqlserver-adapter", "~> 5.2.1", :platforms => [:mri, :mingw, :x64_mingw]
else
warn("Unknown database adapter `#{adapter}` found in config/database.yml, use Gemfile.local to load your own database gems")
end
diff -Nru redmine-4.0.6/lib/redmine/helpers/gantt.rb redmine-4.0.7/lib/redmine/helpers/gantt.rb
--- redmine-4.0.6/lib/redmine/helpers/gantt.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/lib/redmine/helpers/gantt.rb 2020-04-06 16:53:54.000000000 +0000
@@ -581,7 +581,7 @@
coords[:bar_start] = 0
end
if end_date < self.date_to
- coords[:end] = end_date - self.date_from
+ coords[:end] = end_date - self.date_from + 1
coords[:bar_end] = end_date - self.date_from + 1
else
coords[:bar_end] = self.date_to - self.date_from + 1
@@ -820,7 +820,7 @@
if coords[:end]
style = ""
style << "top:#{params[:top]}px;"
- style << "left:#{coords[:end] + params[:zoom]}px;"
+ style << "left:#{coords[:end]}px;"
style << "width:15px;"
output << view.content_tag(:div, ' '.html_safe,
:style => style,
@@ -865,21 +865,24 @@
height /= 2 if markers
# Renders the task bar, with progress and late
if coords[:bar_start] && coords[:bar_end]
+ width = [1, coords[:bar_end] - coords[:bar_start]].max
params[:pdf].SetY(params[:top] + 1.5)
params[:pdf].SetX(params[:subject_width] + coords[:bar_start])
params[:pdf].SetFillColor(200, 200, 200)
- params[:pdf].RDMCell(coords[:bar_end] - coords[:bar_start], height, "", 0, 0, "", 1)
+ params[:pdf].RDMCell(width, height, "", 0, 0, "", 1)
if coords[:bar_late_end]
+ width = [1, coords[:bar_late_end] - coords[:bar_start]].max
params[:pdf].SetY(params[:top] + 1.5)
params[:pdf].SetX(params[:subject_width] + coords[:bar_start])
params[:pdf].SetFillColor(255, 100, 100)
- params[:pdf].RDMCell(coords[:bar_late_end] - coords[:bar_start], height, "", 0, 0, "", 1)
+ params[:pdf].RDMCell(width, height, "", 0, 0, "", 1)
end
if coords[:bar_progress_end]
+ width = [1, coords[:bar_progress_end] - coords[:bar_start]].max
params[:pdf].SetY(params[:top] + 1.5)
params[:pdf].SetX(params[:subject_width] + coords[:bar_start])
params[:pdf].SetFillColor(90, 200, 90)
- params[:pdf].RDMCell(coords[:bar_progress_end] - coords[:bar_start], height, "", 0, 0, "", 1)
+ params[:pdf].RDMCell(width, height, "", 0, 0, "", 1)
end
end
# Renders the markers
@@ -940,7 +943,7 @@
params[:image].polygon(x - 4, y, x, y - 4, x + 4, y, x, y + 4)
end
if coords[:end]
- x = params[:subject_width] + coords[:end] + params[:zoom]
+ x = params[:subject_width] + coords[:end]
y = params[:top] - height / 2
params[:image].fill('blue')
params[:image].polygon(x - 4, y, x, y - 4, x + 4, y, x, y + 4)
diff -Nru redmine-4.0.6/lib/redmine/version.rb redmine-4.0.7/lib/redmine/version.rb
--- redmine-4.0.6/lib/redmine/version.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/lib/redmine/version.rb 2020-04-06 16:53:54.000000000 +0000
@@ -5,7 +5,7 @@
module VERSION
MAJOR = 4
MINOR = 0
- TINY = 6
+ TINY = 7
# Branch values:
# * official release: nil
diff -Nru redmine-4.0.6/lib/redmine/wiki_formatting/textile/redcloth3.rb redmine-4.0.7/lib/redmine/wiki_formatting/textile/redcloth3.rb
--- redmine-4.0.6/lib/redmine/wiki_formatting/textile/redcloth3.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/lib/redmine/wiki_formatting/textile/redcloth3.rb 2020-04-06 16:53:54.000000000 +0000
@@ -848,8 +848,12 @@
url=url[0..-2] # discard closing parenth from url
post = ")"+post # add closing parenth to post
end
+
+ url = htmlesc(url.dup)
+ next all if url.downcase.start_with?('javascript:')
+
atts = pba( atts )
- atts = " href=\"#{ htmlesc url }#{ slash }\"#{ atts }"
+ atts = " href=\"#{ url }#{ slash }\"#{ atts }"
atts << " title=\"#{ htmlesc title }\"" if title
atts = shelve( atts ) if atts
@@ -970,6 +974,10 @@
url, url_title = check_refs( url )
next m unless uri_with_safe_scheme?(url)
+ if href
+ href = htmlesc(href.dup)
+ next m if href.downcase.start_with?('javascript:')
+ end
out = ''
out << "" if href
diff -Nru redmine-4.0.6/public/javascripts/attachments.js redmine-4.0.7/public/javascripts/attachments.js
--- redmine-4.0.6/public/javascripts/attachments.js 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/public/javascripts/attachments.js 2020-04-06 16:53:54.000000000 +0000
@@ -185,6 +185,7 @@
function dragOverHandler(e) {
$(this).addClass('fileover');
blockEventPropagation(e);
+ e.dataTransfer.dropEffect = 'copy';
}
function dragOutHandler(e) {
@@ -195,6 +196,7 @@
function setupFileDrop() {
if (window.File && window.FileList && window.ProgressEvent && window.FormData) {
+ $.event.fixHooks.dragover = { props: [ 'dataTransfer' ] };
$.event.fixHooks.drop = { props: [ 'dataTransfer' ] };
$('form div.box:not(.filedroplistner)').has('input:file.filedrop').each(function() {
diff -Nru redmine-4.0.6/public/stylesheets/application.css redmine-4.0.7/public/stylesheets/application.css
--- redmine-4.0.6/public/stylesheets/application.css 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/public/stylesheets/application.css 2020-04-06 16:53:54.000000000 +0000
@@ -1034,7 +1034,7 @@
/***** Tabs *****/
#content .tabs {height: 2.6em; margin-bottom:1.2em; position:relative; overflow:hidden;}
-#content .tabs ul {margin:0; position:absolute; bottom:0; padding-left:0.5em; width: 2000px; border-bottom: 1px solid #bbbbbb;}
+#content .tabs ul {margin:0; position:absolute; bottom:0; padding-left:0.5em; min-width: 2000px; width: 100%; border-bottom: 1px solid #bbbbbb;}
#content .tabs ul li {
float:left;
list-style-type:none;
@@ -1295,7 +1295,7 @@
vertical-align: middle;
}
.icon-only::after {
- content: " ";
+ content: "\a0";
}
.icon-add { background-image: url(../images/add.png); }
diff -Nru redmine-4.0.6/test/functional/application_controller_test.rb redmine-4.0.7/test/functional/application_controller_test.rb
--- redmine-4.0.6/test/functional/application_controller_test.rb 1970-01-01 00:00:00.000000000 +0000
+++ redmine-4.0.7/test/functional/application_controller_test.rb 2020-04-06 16:53:54.000000000 +0000
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# Redmine - project management software
+# Copyright (C) 2006-2020 Jean-Philippe Lang
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+require File.expand_path('../../test_helper', __FILE__)
+
+class ApplicationControllerTest < Redmine::ControllerTest
+ def test_back_url_should_remove_utf8_checkmark_from_referer
+ @request.set_header 'HTTP_REFERER', "/path?utf8=\u2713&foo=bar"
+ assert_equal "/path?foo=bar", @controller.back_url
+ end
+end
diff -Nru redmine-4.0.6/test/functional/enumerations_controller_test.rb redmine-4.0.7/test/functional/enumerations_controller_test.rb
--- redmine-4.0.6/test/functional/enumerations_controller_test.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/test/functional/enumerations_controller_test.rb 2020-04-06 16:53:54.000000000 +0000
@@ -82,6 +82,21 @@
assert_equal "sample", Enumeration.find_by(:name => 'Sample').custom_field_values.last.value
end
+ def test_create_with_multiple_select_list_custom_fields
+ custom_field = IssuePriorityCustomField.generate!(:field_format => 'list', :multiple => true, :possible_values => ['1', '2', '3', '4'])
+ assert_difference 'IssuePriority.count' do
+ post :create, :params => {
+ :enumeration => {
+ :type => 'IssuePriority',
+ :name => 'Sample',
+ :custom_field_values => {custom_field.id.to_s => ['1', '2']}
+ }
+ }
+ end
+ assert_redirected_to '/enumerations'
+ assert_equal ['1', '2'].sort, Enumeration.find_by(:name => 'Sample').custom_field_values.last.value.sort
+ end
+
def test_create_with_failure
assert_no_difference 'IssuePriority.count' do
post :create, :params => {
diff -Nru redmine-4.0.6/test/functional/timelog_controller_test.rb redmine-4.0.7/test/functional/timelog_controller_test.rb
--- redmine-4.0.6/test/functional/timelog_controller_test.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/test/functional/timelog_controller_test.rb 2020-04-06 16:53:54.000000000 +0000
@@ -138,6 +138,19 @@
assert_select 'select[name=?]', 'time_entry[project_id]'
end
+ def test_get_edit_should_validate_back_url
+ @request.session[:user_id] = 2
+
+ get :edit, :params => {:id => 2, :project_id => nil, :back_url => '/valid'}
+ assert_response :success
+ assert_select 'a[href=?]', '/valid', {:text => 'Cancel'}
+
+ get :edit, :params => {:id => 2, :project_id => nil, :back_url => 'invalid'}
+ assert_response :success
+ assert_select 'a[href=?]', 'invalid', {:text => 'Cancel', :count => 0}
+ assert_select 'a[href=?]', '/projects/ecookbook/time_entries', {:text => 'Cancel'}
+ end
+
def test_post_create
@request.session[:user_id] = 3
assert_difference 'TimeEntry.count' do
@@ -1257,4 +1270,17 @@
assert_not_nil line
assert_include "#{issue.tracker} #1: #{issue.subject}", line
end
+
+ def test_index_csv_should_fill_issue_column_with_issue_id_if_issue_that_is_not_visible
+ @request.session[:user_id] = 3
+ issue = Issue.generate!(:author_id => 1, :is_private => true)
+ entry = TimeEntry.generate!(:issue => issue, :comments => "Issue column content test")
+
+ get :index, :params => {:format => 'csv'}
+ assert_not issue.visible?
+ line = response.body.split("\n").detect {|l| l.include?(entry.comments)}
+ assert_not_nil line
+ assert_not_include "#{issue.tracker} ##{issue.id}: #{issue.subject}", line
+ assert_include "##{issue.id}", line
+ end
end
diff -Nru redmine-4.0.6/test/functional/timelog_report_test.rb redmine-4.0.7/test/functional/timelog_report_test.rb
--- redmine-4.0.6/test/functional/timelog_report_test.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/test/functional/timelog_report_test.rb 2020-04-06 16:53:54.000000000 +0000
@@ -258,6 +258,21 @@
assert_equal 'Total time,"","",154.25,8.65,162.90', lines.last
end
+ def test_report_csv_should_fill_issue_criteria_with_tracker_id_and_subject
+ get :report, :params => {
+ :project_id => 1,
+ :columns => 'month',
+ :from => "2007-01-01",
+ :to => "2007-06-30",
+ :criteria => ["issue"],
+ :format => "csv"
+ }
+
+ assert_response :success
+ lines = @response.body.chomp.split("\n")
+ assert lines.detect {|line| line.include?('Bug #1: Cannot print recipes')}
+ end
+
def test_csv_big_5
str_utf8 = "\xe4\xb8\x80\xe6\x9c\x88".force_encoding('UTF-8')
str_big5 = "\xa4@\xa4\xeb".force_encoding('Big5')
diff -Nru redmine-4.0.6/test/functional/workflows_controller_test.rb redmine-4.0.7/test/functional/workflows_controller_test.rb
--- redmine-4.0.6/test/functional/workflows_controller_test.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/test/functional/workflows_controller_test.rb 2020-04-06 16:53:54.000000000 +0000
@@ -92,8 +92,8 @@
get :edit, :params => {:role_id => 'all', :tracker_id => 'all'}
assert_response :success
- assert_select 'select[name=?][multiple=multiple]', 'role_id[]' do
- assert_select 'option[selected=selected]', Role.all.select(&:consider_workflow?).count
+ assert_select 'select[name=?]', 'role_id[]' do
+ assert_select 'option[selected=selected][value=all]'
end
assert_select 'select[name=?]', 'tracker_id[]' do
assert_select 'option[selected=selected][value=all]'
diff -Nru redmine-4.0.6/test/helpers/application_helper_test.rb redmine-4.0.7/test/helpers/application_helper_test.rb
--- redmine-4.0.6/test/helpers/application_helper_test.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/test/helpers/application_helper_test.rb 2020-04-06 16:53:54.000000000 +0000
@@ -1790,11 +1790,6 @@
assert !result.html_safe?
end
- def test_back_url_should_remove_utf8_checkmark_from_referer
- stubs(:request).returns(stub(:env => {'HTTP_REFERER' => "/path?utf8=\u2713&foo=bar"}))
- assert_equal "/path?foo=bar", back_url
- end
-
def test_hours_formatting
set_language_if_valid 'en'
diff -Nru redmine-4.0.6/test/integration/api_test/projects_test.rb redmine-4.0.7/test/integration/api_test/projects_test.rb
--- redmine-4.0.6/test/integration/api_test/projects_test.rb 2019-12-20 11:44:02.000000000 +0000
+++ redmine-4.0.7/test/integration/api_test/projects_test.rb 2020-04-06 16:53:54.000000000 +0000
@@ -94,6 +94,8 @@
assert_kind_of Hash, json
assert_kind_of Hash, json['project']
assert_equal 1, json['project']['id']
+ assert_equal false, json['project'].has_key?('default_version')
+ assert_equal false, json['project'].has_key?('default_assignee')
end
test "GET /projects/:id.xml with hidden custom fields should not display hidden custom fields" do
@@ -138,6 +140,29 @@
assert_select 'enabled_modules[type=array] enabled_module[name=issue_tracking]'
end
+ def test_get_project_with_default_version_and_assignee
+ user = User.find(3)
+ version = Version.find(1)
+ Project.find(1).update!(default_assigned_to_id: user.id, default_version_id: version.id)
+
+ get '/projects/1.json'
+
+ json = ActiveSupport::JSON.decode(response.body)
+ assert_kind_of Hash, json
+ assert_kind_of Hash, json['project']
+ assert_equal 1, json['project']['id']
+
+ assert json['project'].has_key?('default_assignee')
+ assert_equal 2, json['project']['default_assignee'].length
+ assert_equal user.id, json['project']['default_assignee']['id']
+ assert_equal user.name, json['project']['default_assignee']['name']
+
+ assert json['project'].has_key?('default_version')
+ assert_equal 2, json['project']['default_version'].length
+ assert_equal version.id, json['project']['default_version']['id']
+ assert_equal version.name, json['project']['default_version']['name']
+ end
+
test "POST /projects.xml with valid parameters should create the project" do
with_settings :default_projects_modules => ['issue_tracking', 'repository'] do
assert_difference('Project.count') do