references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-14 03:30:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
108,460 Commits 457 Branches 316 Tags
dev
Commit Graph

258 Commits

Author SHA1 Message Date
Jan Sandbrink 191c56d8a7 Simplify hash operation 
This is mostly to appease rubocop, but also because
I think this might be a useless use of #tap. The new code is shorter
and uses less variables. I wouldn't know why the tap-version should
be preferrable.
 2026-05-04 15:47:50 +02:00
Jan Sandbrink 2cba22d34e Fix direct login for unauthenticated requests to OAuth authorize 
This triggered a "cross reaction" of sorts.

bbd4cad40 tried to fix a redirect loop by checking for the presence of
content in `flash` (assuming that this meant the presence of a text message
to be shown to the user).

0fa8b4a77 used the flash storage to forward CSP extensions so they are usable
for exactly one follow-up request. While this is an allowed usage of `flash`,
it was sufficiently far away from what it's usually used for that it threw over
expectations of the former change and consequently led to breaking the direct login
workflow.

The specs were not working as intended, because the settings-update of with_config was
effectively undone by also using with_settings in the same spec.
 2026-05-04 15:42:17 +02:00
Oliver Günther 4d731dcab6 Replace raw and explicit html_safe calls 2026-03-20 09:49:10 +01:00
Oliver Günther 94032f48b2 Fix lost password redirects 2025-12-09 11:21:56 +01:00
Klaus Zanders 1fe1a15af0 Use usernames instead of IDs to identify users on external password change 2025-12-01 10:22:07 +01:00
Alexander Brandon Coles f15be6e07f Freeze string literals in app/controllers 
rubocop -A --only Style/FrozenStringLiteralComment,Layout/EmptyLineAfterMagicComment,Style/RedundantFreeze app/controllers
 2025-07-18 17:51:00 +01:00
Pavel Balashou 2db9ef305c [#63912] Support multiple authentication provider user links 
https://community.openproject.org/work_packages/63912
 2025-06-03 10:13:00 +02:00
Oliver Günther 5e48ad2927 Lint 2024-11-05 17:13:30 +01:00
Oliver Günther bbd4001e1d Fix registration spec using turbo 2024-10-11 09:12:30 +02:00
Oliver Günther 47d62ba9df Fix renders after redirect 2024-10-11 08:43:01 +02:00
Oliver Günther 3b50663c34 Extract common functionality between account and omniauth controller 2024-09-20 10:24:01 +02:00
Oliver Günther 15dbe4b854 Add separate controller for OmniAuth 2024-09-20 10:24:00 +02:00
Ivan Kuchin 4911b8a149 remove years from copyrights (except for COPYRIGHT file) 2024-07-31 15:02:49 +02:00
ulferts fdbd6b6d5a forcing to specify allowed actions when forfeiting authorization check 2024-06-11 10:29:22 +02:00
ulferts 088329d508 attempt to focus on explicitly allowing no_authorization_required! 2024-06-10 22:42:58 +02:00
ulferts 0d78c3a279 move methods into private scope unless actions 2024-06-07 17:01:30 +02:00
ulferts ed5a162230 allow actions to be called on those not using default authorization before_actions 2024-06-07 16:55:40 +02:00
ulferts 3b2121f733 Revert "Merge remote-tracking branch 'origin/release/13.4' into dev" 
This reverts commit 40b2bbeb09, reversing
changes made to b4c6cb17cc.
 2024-03-21 11:31:17 +01:00
Ivan Kuchin 7787e457a3 Revert "Merge branch 'dev' into release/13.4" 
This reverts commit a901541269, reversing
changes made to e573ca00b7.
 2024-03-20 20:19:08 +01:00
Ivan Kuchin 9e4934cd0a change quotes using rubocop --only Style/StringLiterals,Style/QuotedSymbols -a 2024-03-20 18:05:22 +01:00
Oliver Günther 1f112eb94d Adapt account controller so that we can find existing, but e.g, locked users 2024-02-06 16:08:51 +01:00
Oliver Günther 8a938b37c1 Adapt auth_source_sso with improved finding of users 2024-02-06 16:05:58 +01:00
Christophe Bliard 8fa8584538 Run rubocop --autocorrect on all files 
Only the safe cops have run. rubocop version is 1.59.0.
 2024-01-05 15:27:09 +01:00
Christophe Bliard c795874f7f Update copyright year for 2024 
command used: `rg -l 'Copyright \(C\) 2012-202\d the OpenProject' | xargs -n 100 sed -i -r 's/Copyright \(C\) 2012-202. the OpenProject/Copyright (C) 2012-2024 the OpenProject/'`
 2024-01-02 16:23:54 +01:00
Oliver Günther 01cbb3ef1a Fix activation of invited users during sharing 
https://community.openproject.org/work_packages/51262
 2023-12-07 14:23:05 +01:00
Oliver Günther 1a4bc24480 Inform users about external password change 
https://community.openproject.org/work_packages/36011
 2023-08-17 08:20:24 +02:00
Oliver Günther e7674b4103 Remove type and auth_method_name 2023-07-27 08:16:43 +02:00
Oliver Günther e32d2d0058 Remove AuthSource base namespace, model 2023-07-27 08:16:43 +02:00
Oliver Günther d0bda1d8fb Make internal login route easier, allowing POST /login without session 
The session flag got removed after the first redirect, breaking the login
 2023-07-12 11:58:57 +02:00
Oliver Günther f3cfae7a01 Remove internal login flag after login action 2023-06-15 08:58:22 +02:00
Oliver Günther e128d83c0e Disable internal login if direct provider not enabled 2023-06-15 08:58:21 +02:00
Oliver Günther 0a69ce2878 Add internal login 2023-06-15 08:58:21 +02:00
Christophe Bliard 21a696ef9b Update copyright information for 2023 2022-12-30 15:51:26 +01:00
Christophe Bliard 9c7d115bde Fix flickering tests and deprecation warnings 
In some examples of `spec/controllers/account_controller_spec.rb`,
`Setting.self_registration?` was not mocked. If such example is run first,
it would fail.

Same for `spec/features/auth/login_spec.rb` and `Settings.autologin?`.

Fix it by using with `with_settings` helper.

Fix deprecation warnings seen when using `Setting.xxx?` when the setting
xxx is not a boolean.
 2022-10-26 15:48:48 +02:00
Dmitrii fbeb65c1ed [#41851] Blank Email reminders page when creating account manually 2022-08-08 14:47:15 +02:00
Christophe Bliard 48a4f1b6ad lint with rubocop --autocorrect (safe cops only) 2022-06-02 10:40:10 +02:00
Christophe Bliard a33524ef6d remove ruby magic comment for utf-8 
ruby interprets source encoding as utf-8 since 2.0.0, making magic comment redundant and useless
 2022-03-10 19:36:58 +01:00
Christophe Bliard bc8d423ec2 update copyright information for 2022 2022-03-01 17:05:59 +01:00
Oliver Günther 048e9476b3 Use SetAttributesService when retrieving user 2022-01-10 16:36:59 +01:00
Oliver Günther 62c646af50 [40511] Retrieve user from login instead of passing it to session 
https://community.openproject.org/wp/40511
 2022-01-10 14:40:10 +01:00
Oliver Günther 6e18a3a2d9 [39460] Don't show a flash message if errors are being shown 
https://community.openproject.org/work_packages/39460
 2021-11-03 16:14:47 +01:00
Oliver Günther ccfa29c728 Move license and copyright docs to root, fix names and references 2021-09-02 21:50:46 +02:00
Oliver Günther b7696a6c5c [37553] Make user run through authentication stages after header SSO (#9458) 
https://community.openproject.org/wp/37553
 2021-07-19 08:44:58 +01:00
Oliver Günther 0fa8b4a77b Forward CSP extensions to login controller (#9047) 
* Forward CSP extensions to login controller

* Extend spec for double auth code

* stabilize spec

On my machine, since I have an s3 bucket configured, the spec failed

Co-authored-by: ulferts <jens.ulferts@googlemail.com>
 2021-03-01 22:18:03 +01:00
ulferts 1bdd2ab9ae safe automatic fixes by rubocop (#8994) 2021-02-11 16:02:18 +01:00
luz paz 3683042c9b Fix typos in user facing and non-user facing code 
Found via `codespell v2.1.dev0`
 2021-01-24 15:08:21 +01:00
ulferts 6140f4c7e9 update copyright to 2021 (#8925) 
Updates the copyright to 2021 for all files that have a copyright. Files in our source code without the copyright header still do not receive one automatically. Additionally, backlisted files are also excluded.

Previously the copyright of chiliproject which references redmine stated a copyright of redmine up to and including 2017 which is not true for the code we have in here. Because of that I changed that to 2013
 2021-01-13 17:47:45 +01:00
ulferts 5968c0b18a Fix/replace custom i18n function (#8681) 
* replace custom i18n function calls

* remove custom i18n method
 2020-09-16 11:26:15 +02:00
Oliver Günther 6881f3d347 [33696] Retain autologin cookied request in session 
https://community.openproject.com/wp/33696
 2020-09-11 08:37:16 +02:00
Oliver Günther 4856cf8522 Review feedback 2020-09-10 15:47:05 +02:00