tagged version 3.4.7

git-svn-id: https://svn.redmine.org/redmine/tags/3.4.7@17716 e93f8b46-1217-0410-a6f0-8f06a7374b81

.github/PULL_REQUEST_TEMPLATE.md

+
+____________________________________________________________________
+
+**Do not send a pull request to this GitHub repository**.
+
+For more detail, please see [official website] wiki [Contribute].
+
+[official website]: http://www.redmine.org
+[Contribute]: http://www.redmine.org/projects/redmine/wiki/Contribute
+

.gitignore

 /.project
+/.idea
 /.loadpath
 /.powrc
 /.rvmrc

.hgignore

 syntax: glob
 
 .project
+.idea
 .loadpath
 .powrc
 .rvmrc

Gemfile

@@ -11,26 +11,24 @@ if RUBY_VERSION < "2.1"
 end
 gem "jquery-rails", "~> 3.1.4"
 gem "coderay", "~> 1.1.1"
-gem "builder", ">= 3.0.4"
 gem "request_store", "1.0.5"
 gem "mime-types", (RUBY_VERSION >= "2.0" ? "~> 3.0" : "~> 2.99")
 gem "protected_attributes"
-gem "actionpack-action_caching"
 gem "actionpack-xml_parser"
 gem "roadie-rails", "~> 1.1.1"
 gem "roadie", "~> 3.2.1"
 gem "mimemagic"
 gem "mail", "~> 2.6.4"
 
-gem "nokogiri", (RUBY_VERSION >= "2.1" ? "~> 1.7.2" : "~> 1.6.8")
+gem "nokogiri", (RUBY_VERSION >= "2.1" ? "~> 1.8.1" : "~> 1.6.8")
 gem "i18n", "~> 0.7.0"
 gem "ffi", "1.9.14", :platforms => :mingw if RUBY_VERSION < "2.0"
 
-# Request at least rails-html-sanitizer 1.0.3 because of security advisories 
+# Request at least rails-html-sanitizer 1.0.3 because of security advisories
 gem "rails-html-sanitizer", ">= 1.0.3"
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
-gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin, :jruby]
+gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin]
 gem "rbpdf", "~> 1.19.6"
 
 # Optional gem for LDAP authentication
@@ -52,16 +50,10 @@ platforms :mri, :mingw, :x64_mingw do
 
   # Optional Markdown support, not for JRuby
   group :markdown do
-    gem "redcarpet", "~> 3.3.2"
+    gem "redcarpet", "~> 3.4.0"
   end
 end
 
-platforms :jruby do
-  # jruby-openssl is bundled with JRuby 1.7.0
-  gem "jruby-openssl" if Object.const_defined?(:JRUBY_VERSION) && JRUBY_VERSION < '1.7.0'
-  gem "activerecord-jdbc-adapter", "~> 1.3.2"
-end
-
 # Include database gems for the adapters found in the database
 # configuration file
 require 'erb'
@@ -75,19 +67,13 @@ if File.exist?(database_file)
       case adapter
       when 'mysql2'
         gem "mysql2", "~> 0.4.6", :platforms => [:mri, :mingw, :x64_mingw]
-        gem "activerecord-jdbcmysql-adapter", :platforms => :jruby
-      when 'mysql'
-        gem "activerecord-jdbcmysql-adapter", :platforms => :jruby
       when /postgresql/
         gem "pg", "~> 0.18.1", :platforms => [:mri, :mingw, :x64_mingw]
-        gem "activerecord-jdbcpostgresql-adapter", :platforms => :jruby
       when /sqlite3/
         gem "sqlite3", (RUBY_VERSION < "2.0" && RUBY_PLATFORM =~ /mingw/ ? "1.3.12" : "~>1.3.12"),
                        :platforms => [:mri, :mingw, :x64_mingw]
-        gem "jdbc-sqlite3", ">= 3.8.10.1", :platforms => :jruby
-        gem "activerecord-jdbcsqlite3-adapter", :platforms => :jruby
       when /sqlserver/
-        gem "tiny_tds", "~> 0.6.2", :platforms => [:mri, :mingw, :x64_mingw]
+        gem "tiny_tds", (RUBY_VERSION >= "2.0" ? "~> 1.0.5" : "~> 0.7.0"), :platforms => [:mri, :mingw, :x64_mingw]
         gem "activerecord-sqlserver-adapter", :platforms => [:mri, :mingw, :x64_mingw]
       else
         warn("Unknown database adapter `#{adapter}` found in config/database.yml, use Gemfile.local to load your own database gems")
@@ -110,8 +96,10 @@ group :test do
   gem "rails-dom-testing"
   gem "mocha"
   gem "simplecov", "~> 0.9.1", :require => false
+  # TODO: remove this after upgrading to Rails 5
+  gem "test_after_commit", "~> 0.4.2"
   # For running UI tests
-  gem "capybara"
+  gem "capybara", '~> 2.13'
   gem "selenium-webdriver", "~> 2.53.4"
 end
 

app/controllers/account_controller.rb

 # Redmine - project management software
-# Copyright (C) 2006-2016  Jean-Philippe Lang
+# Copyright (C) 2006-2017  Jean-Philippe Lang
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -19,8 +19,10 @@ class AccountController < ApplicationController
   helper :custom_fields
   include CustomFieldsHelper
 
+  self.main_menu = false
+
   # prevents login action to be filtered by check_if_login_required application scope filter
-  skip_before_filter :check_if_login_required, :check_password_change
+  skip_before_action :check_if_login_required, :check_password_change
 
   # Overrides ApplicationController#verify_authenticity_token to disable
   # token verification on openid callbacks
@@ -40,7 +42,7 @@ class AccountController < ApplicationController
       end
     end
   rescue AuthSourceException => e
-    logger.error "An error occured when authenticating #{params[:username]}: #{e.message}"
+    logger.error "An error occurred when authenticating #{params[:username]}: #{e.message}"
     render_error :message => e.message
   end
 
@@ -78,20 +80,25 @@ class AccountController < ApplicationController
         return
       end
       if request.post?
-        @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
-        if @user.save
-          @token.destroy
-          Mailer.password_updated(@user, { remote_ip: request.remote_ip })
-          flash[:notice] = l(:notice_account_password_updated)
-          redirect_to signin_path
-          return
+        if @user.must_change_passwd? && @user.check_password?(params[:new_password])
+          flash.now[:error] = l(:notice_new_password_must_be_different)
+        else
+          @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
+          @user.must_change_passwd = false
+          if @user.save
+            @token.destroy
+            Mailer.password_updated(@user, { remote_ip: request.remote_ip })
+            flash[:notice] = l(:notice_account_password_updated)
+            redirect_to signin_path
+            return
+          end
         end
       end
       render :template => "account/password_recovery"
       return
     else
       if request.post?
-        email = params[:mail].to_s
+        email = params[:mail].to_s.strip
         user = User.find_by_mail(email)
         # user not found
         unless user
@@ -131,7 +138,7 @@ class AccountController < ApplicationController
       user_params = params[:user] || {}
       @user = User.new
       @user.safe_attributes = user_params
-      @user.pref.attributes = params[:pref] if params[:pref]
+      @user.pref.safe_attributes = params[:pref]
       @user.admin = false
       @user.register
       if session[:auth_source_registration]
@@ -145,7 +152,6 @@ class AccountController < ApplicationController
           redirect_to my_account_path
         end
       else
-        @user.login = params[:user][:login]
         unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
           @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
         end
@@ -274,13 +280,13 @@ class AccountController < ApplicationController
   end
 
   def set_autologin_cookie(user)
-    token = Token.create(:user => user, :action => 'autologin')
+    token = user.generate_autologin_token
     secure = Redmine::Configuration['autologin_cookie_secure']
     if secure.nil?
       secure = request.ssl?
     end
     cookie_options = {
-      :value => token.value,
+      :value => token,
       :expires => 1.year.from_now,
       :path => (Redmine::Configuration['autologin_cookie_path'] || RedmineApp::Application.config.relative_url_root || '/'),
       :secure => secure,

app/controllers/activities_controller.rb

 # Redmine - project management software
-# Copyright (C) 2006-2016  Jean-Philippe Lang
+# Copyright (C) 2006-2017  Jean-Philippe Lang
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -17,7 +17,7 @@
 
 class ActivitiesController < ApplicationController
   menu_item :activity
-  before_filter :find_optional_project
+  before_action :find_optional_project
   accept_rss_auth :index
 
   def index

app/controllers/admin_controller.rb

 # Redmine - project management software
-# Copyright (C) 2006-2016  Jean-Philippe Lang
+# Copyright (C) 2006-2017  Jean-Philippe Lang
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -17,13 +17,12 @@
 
 class AdminController < ApplicationController
   layout 'admin'
+  self.main_menu = false
   menu_item :projects, :only => :projects
   menu_item :plugins, :only => :plugins
   menu_item :info, :only => :info
 
-  before_filter :require_admin
-  helper :sort
-  include SortHelper
+  before_action :require_admin
 
   def index
     @no_configuration_data = Redmine::DefaultData::Loader::no_data?
@@ -34,7 +33,10 @@ class AdminController < ApplicationController
 
     scope = Project.status(@status).sorted
     scope = scope.like(params[:name]) if params[:name].present?
-    @projects = scope.to_a
+
+    @project_count = scope.count
+    @project_pages = Paginator.new @project_count, per_page_option, params['page']
+    @projects = scope.limit(@project_pages.per_page).offset(@project_pages.offset).to_a
 
     render :action => "projects", :layout => false if request.xhr?
   end
@@ -72,7 +74,6 @@ class AdminController < ApplicationController
   end
 
   def info
-    @db_adapter_name = ActiveRecord::Base.connection.adapter_name
     @checklist = [
       [:text_default_administrator_account_changed, User.default_admin_account_changed?],
       [:text_file_repository_writable, File.writable?(Attachment.storage_path)],

app/controllers/application_controller.rb

 # Redmine - project management software
-# Copyright (C) 2006-2016  Jean-Philippe Lang