summaryrefslogtreecommitdiffstats
path: root/app/controllers/application_controller.rb
Commit message (Collapse)AuthorAgeFilesLines
...
* Sets forgery protection filter first.Jean-Philippe Lang2011-07-251-1/+2
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6315 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Typo in api_key_auth deprecation code (#8773).Jean-Philippe Lang2011-07-091-2/+2
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6208 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Separation of RSS/API auth actions.Jean-Philippe Lang2011-07-091-7/+34
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6197 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Mitigates vulnerability in API authentication introduced in r3218.Jean-Philippe Lang2011-07-061-1/+1
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6187 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Fixed: private queries should not be accessible to other users (#8729).Jean-Philippe Lang2011-07-031-0/+3
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6163 e93f8b46-1217-0410-a6f0-8f06a7374b81
* remove trailing white-spaces from app/controllers/application_controller.rb.Toshi MARUYAMA2011-05-121-35/+35
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5749 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Fix potential Execution After Redirect bugs.Toshi MARUYAMA2011-05-011-0/+1
| | | | | | | Execution After Redirect (EAR) happens when redirect in a controller is triggered but there still is code that is executed in the action. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5611 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Adds an issues visibility level on roles (#7412).Jean-Philippe Lang2011-04-111-2/+6
| | | | | | It can be set so that users only see their own issues (created or assigned). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5416 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Makes the API accepts the X-Redmine-API-Key header to hold the API key.Jean-Philippe Lang2010-12-231-3/+12
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4573 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Makes API accept offset/limit or page/limit parameters for retrieving ↵Jean-Philippe Lang2010-12-231-5/+12
| | | | | | collections. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4571 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Restores object count and adds offset/limit attributes to API responses for ↵Jean-Philippe Lang2010-12-111-0/+17
| | | | | | paginated collections (#6140). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4489 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Adds a pseudo format to api template names and overrides ↵Jean-Philippe Lang2010-12-041-1/+21
| | | | | | ActionController#default_template so that api templates are chosen automatically. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4466 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Adds a reusable method to render API response on validation failure.Jean-Philippe Lang2010-12-031-1/+13
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4455 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Adds a builder-like template system for rendering xml and json API responses.Jean-Philippe Lang2010-12-031-1/+1
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4452 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: merged error rendering methods.Jean-Philippe Lang2010-10-231-25/+17
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4286 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Improved error message when trying to access an archived project (#2995).Jean-Philippe Lang2010-10-231-2/+12
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4285 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Added ability to delete issues from different projects through contextual ↵Jean-Baptiste Barth2010-10-071-1/+1
| | | | | | menu (#5332) git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4236 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Splitted #find_issues filter in ApplicationController to #find_issues and ↵Jean-Baptiste Barth2010-09-291-6/+9
| | | | | | #check_project_uniqueness (#5332) git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4228 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: convert ProjectEnumerations to a resource on a project.Eric Davis2010-09-101-0/+7
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4075 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Use the base layout for all 403, 404, and 500 pages. #6172Eric Davis2010-08-191-3/+10
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3949 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: pull up method to ApplicationController.Eric Davis2010-08-131-0/+15
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3940 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: Pull up method to ApplicationController.Eric Davis2010-08-121-1/+17
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3938 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: extract back_url method to ApplicationController.Eric Davis2010-08-041-0/+4
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3912 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Allow js formatted responses.Eric Davis2010-07-051-0/+4
| | | | | | Otherwise they return the invalid format error (406) instead of 403, 404, or 500 git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3827 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Added JSON support to the issues API. #1214Eric Davis2010-06-051-0/+7
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3766 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: Pull up #find_optional_project to ApplicationController.Eric Davis2010-04-301-0/+10
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3716 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Fixed: 500 internal error when browsing any Redmine page in Epiphany (#5401).Jean-Philippe Lang2010-04-301-1/+2
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3702 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: pull #query_statement_invalid up to ApplicationController.Eric Davis2010-04-291-0/+9
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3696 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Fixed: API 401 response does not include WWW-Authenticate header (#5322).Jean-Philippe Lang2010-04-171-2/+2
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3679 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: Change the different find_object filters to share a common method.Eric Davis2010-03-171-0/+14
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3597 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: Split the find_object methods to prep for a larger refactoring.Eric Davis2010-03-161-1/+10
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3591 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: Decouple failed attachments and the flash messagesEric Davis2010-03-031-0/+5
| | | | | | | | | | | Attachment#attach_files will no longer need to return a flash message, instead it will put unsaved attachments into object#unsaved_attachments where the calling object can access them. A utility method #render_attachment_warning_if_needed is included for setting the standard flash warning. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3528 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: Moved ApplicationController#attach_files to the Attachment modelEric Davis2010-03-021-21/+0
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3523 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Converted the REDMINE_SUPPORTED_SCM constant to a classEric Davis2010-02-161-1/+1
| | | | | | | | | | Now SCMs can be added or removed using a simple API, instead of being hardcoded: Redmine::Scm::Base.add('ScmName') Redmine::Scm::Base.delete('ScmName') git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3440 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Refactor: Pull up several #find_project methods to ApplicationControllerEric Davis2010-02-051-0/+7
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3370 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Adds a log message when an API call raises an InvalidAuthenticityToken error.Jean-Philippe Lang2010-01-171-0/+7
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3332 e93f8b46-1217-0410-a6f0-8f06a7374b81
* XML REST API for Projects (#296).Jean-Philippe Lang2010-01-141-0/+1
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3313 e93f8b46-1217-0410-a6f0-8f06a7374b81
* XML REST API for issues that provides CRUD operations for Issues (#1214).Jean-Philippe Lang2010-01-131-6/+23
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3310 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Added an Admin setting to enable/disable the REST web service. (#3920)Eric Davis2009-12-231-1/+1
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3220 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Added support for HTTP Basic access to the API. (#3920)Eric Davis2009-12-231-3/+12
| | | | | | | | | A user can authenticate using either their: * username/password * api-key/random git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3219 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Allow authenticating with an API token via XML or JSON. (#3920)Eric Davis2009-12-231-1/+7
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3218 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Removes "xxx and return" calls (#4446).Jean-Philippe Lang2009-12-181-2/+4
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3185 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Adds an admin layout that displays the admin menu in the sidebar.Jean-Philippe Lang2009-12-171-1/+1
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3176 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Display an error when authenticity token is invalid.Jean-Philippe Lang2009-11-251-0/+6
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3094 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Remove broken cookies after upgrade from 0.8.x to prevent an error from ↵Jean-Philippe Lang2009-11-251-1/+12
| | | | | | Rails (#4292). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3093 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Reset session on login/logout (#4248).Jean-Philippe Lang2009-11-211-1/+1
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3080 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Protect controllers from potential CSRF attacks. #4216Eric Davis2009-11-141-0/+1
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3051 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Fix 500 errors with a POST request that requires a login. #4216Eric Davis2009-11-141-1/+7
| | | | git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3050 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Contextual quick search (#3263).Jean-Philippe Lang2009-10-211-0/+1
| | | | | | Eg. when viewing issues, the quick search will search issues only. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2943 e93f8b46-1217-0410-a6f0-8f06a7374b81
* Upgraded to Rails 2.3.4 (#3597)Eric Davis2009-09-131-0/+251
* Ran the Rails upgrade * Upgraded to Rails Engines 2.3.2 * Added a plugin to let Engines override application views. * Converted tests to use the new classes: ** ActionController::TestCase for functional ** ActiveSupport::TestCase for units * Converted ActiveRecord::Error message to a string. * ActiveRecord grouping returns an ordered hash which doesn't have #sort! * Updated the I18n storage_units format. * Added some default initializers from a fresh rails app * Changed the order of check_box_tags and hidden_field_tags. The hidden tag needs to appear first in Rails 2.3, otherwise it will override any value in the check_box_tag. * Removed the custom handler for when the cookie store is tampered with. Rails 2.3 removed the TamperedWithCookie exception and instead Rails will not load the data from it when it's been tampered with (e.g. no user login). * Fixed mail layouts, 2.3 has problems with implicit multipart emails that use layouts. Also removed some custom Redmine mailer code. * Fixed a bug that occurred in tests where the "required" span tag would be added to the :field_status translation. This resulted in an email string of: <li>Status<span class="required"> *</span><span class="required"> *</span> Instead of: <li>Status: New</li> git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2887 e93f8b46-1217-0410-a6f0-8f06a7374b81
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-14 04:56:14 +0000