Merge remote-tracking branch 'origin/release/7.4' into dev

pull/6155/head
Oliver Günther 7 years ago
commit 700675e316
No known key found for this signature in database
GPG Key ID: 88872239EB414F99
  1. 1
      .pkgr.yml
  2. 9
      app/controllers/projects_controller.rb
  3. 3
      app/helpers/application_helper.rb
  4. 11
      config/initializers/warden.rb
  5. 2
      config/locales/en.yml
  6. 66
      docs/operations/upgrading/upgrading-postgresql.md
  7. 2
      lib/api/root.rb
  8. 45
      lib/open_project/authentication/strategies/warden/anonymous_fallback.rb
  9. 4
      lib/open_project/static/links.rb
  10. 34
      lib/tasks/cron.rake
  11. 3
      packaging/cron/openproject-hourly-tasks
  12. 83
      spec/controllers/projects_controller_spec.rb

@ -21,6 +21,7 @@ targets:
- sqlite3-devel
before_precompile: "packaging/setup"
crons:
- packaging/cron/openproject-hourly-tasks
- packaging/cron/openproject-clear-old-sessions
- packaging/cron/openproject-clear-uploaded-files
services:

@ -63,6 +63,15 @@ class ProjectsController < ApplicationController
@projects = load_projects query
@custom_fields = ProjectCustomField.visible(User.current)
respond_to do |format|
format.atom do
head(:gone)
end
format.html do
render action: :index
end
end
end
current_menu_item :index do

@ -514,13 +514,14 @@ module ApplicationHelper
done = (pcts[1] || closed) - closed
width = options[:width] || '100px;'
legend = options[:legend] || ''
total_progress = options[:hide_total_progress] ? '' : t(:total_progress)
content_tag :span do
progress = content_tag :span, class: 'progress-bar', style: "width: #{width}" do
concat content_tag(:span, '', class: 'inner-progress closed', style: "width: #{closed}%")
concat content_tag(:span, '', class: 'inner-progress done', style: "width: #{done}%")
end
progress + content_tag(:span, "#{legend}% #{l(:total_progress)}", class: 'progress-bar-legend')
progress + content_tag(:span, "#{legend}% #{total_progress}", class: 'progress-bar-legend')
end
end

@ -9,10 +9,11 @@ require 'open_project/authentication/strategies/warden/session'
WS = OpenProject::Authentication::Strategies::Warden
strategies = [
[:basic_auth_failure, WS::BasicAuthFailure, 'Basic'],
[:global_basic_auth, WS::GlobalBasicAuth, 'Basic'],
[:user_basic_auth, WS::UserBasicAuth, 'Basic'],
[:session, WS::Session, 'Session']
[:basic_auth_failure, WS::BasicAuthFailure, 'Basic'],
[:global_basic_auth, WS::GlobalBasicAuth, 'Basic'],
[:user_basic_auth, WS::UserBasicAuth, 'Basic'],
[:anonymous_fallback, WS::AnonymousFallback, 'Basic'],
[:session, WS::Session, 'Session']
]
strategies.each do |name, clazz, auth_scheme|
@ -25,5 +26,5 @@ api_v3_options = {
store: false
}
OpenProject::Authentication.update_strategies(API_V3, api_v3_options) do |_strategies|
[:global_basic_auth, :user_basic_auth, :basic_auth_failure, :session]
%i[global_basic_auth user_basic_auth basic_auth_failure session anonymous_fallback]
end

@ -976,6 +976,8 @@ en:
boards: "Community forum"
newsletter: "Security alerts / Newsletter"
links:
configuration_guide: 'Configuration guide'
instructions_after_registration: "You can sign in as soon as your account has been activated by clicking %{signin}."
instructions_after_logout: "You can sign in again by clicking %{signin}."

@ -0,0 +1,66 @@
## OpenProject PostgreSQL migration guide to 9.6
This guide will lead you to the steps of upgrading your system PostgreSQL version to 9.6.
OpenProject 7.4.0 requires PostgreSQL 9.5+, so we're recommending to install to 9.6 directly.
If you're upgrading to 7.4.0 without a 9.5+ database, your upgrade process will be terminated with a 'Database incompatibility warning'. You should not
Since Ubuntu 14.04 (still supported by OpenProject) is still running on PostgreSQL 9.3., we're showing the
upgrade process for this distribution. Debian oldstable also uses PostgreSQL 9.4. as well.
### Preparations for the upgrade
Stop the current OpenProject workers
``` bash
service openproject stop
```
### Install the newer PostgreSQL version
For Ubuntu 14.04:
```bash
sudo add-apt-repository "deb http://apt.postgresql.org/pub/repos/apt/ trusty-pgdg main"
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get install postgresql-9.6
```
For other versions of Ubuntu, see this answer on AskUbuntu:
https://askubuntu.com/questions/831292
Or check the download for repositories from PostgreSQL:
https://www.postgresql.org/download/
### Upgrade of PostgreSQL
Stop the old cluster:
``` bash
pg_dropcluster 9.6 main --stop
```
Upgrade the cluster to 9.6
``` bash
pg_upgradecluster -v 9.6 9.3 main
```
Remove the old cluster
``` bash
pg_dropcluster 9.3 main
```
Lastly, remove the ubuntu-provided version of 9.3:
``` bash
apt-get remove postgres postgresql-9.3
```
### Upgrade OpenProject

@ -108,8 +108,6 @@ module API
content_type = request.content_type
error!('Missing content-type header', 406) unless content_type.present?
# Allow JSON and JSON+HAL per default
# and anything that each endpoint may optionally add to that
if content_type.present?

@ -0,0 +1,45 @@
require 'warden/basic_auth'
module OpenProject
module Authentication
module Strategies
module Warden
# Intended to be used as the last strategy in warden so that the
# anonymous user is returned if no other strategy applies
class AnonymousFallback < ::Warden::Strategies::BasicAuth
def self.configuration
@configuration ||= {}
end
def self.user
User.anonymous
end
def username
nil
end
def password
nil
end
##
# Always valid unless session based. We are using it as a fallback after all.
def valid?
!session
end
def authenticate_user(_username, _password)
self.class.user
end
private
def session
env['rack.session']
end
end
end
end
end
end

@ -50,6 +50,10 @@ module OpenProject
href: 'https://www.openproject.org/help/',
label: 'homescreen.links.user_guides'
},
configuration_guide: {
href: 'https://www.openproject.org/operations/configuration/',
label: 'links.configuration_guide'
},
glossary: {
href: 'https://www.openproject.org/help/glossary/',
label: 'homescreen.links.glossary'

@ -0,0 +1,34 @@
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2017 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2017 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
namespace 'openproject:cron' do
desc 'An hourly cron job hook for plugin functionality'
task :hourly do
# Does nothing by default
end
end

@ -0,0 +1,3 @@
APP_NAME="_APP_NAME_"
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
55 * * * * root ${APP_NAME} run rake -s openproject:cron:hourly >> /var/log/${APP_NAME}/cron-hourly.log 2>&1

@ -161,70 +161,79 @@ describe ProjectsController, type: :controller do
end
end
describe 'index' do
describe 'index.html' do
let(:project_a) { FactoryGirl.create(:project, name: 'Project A', is_public: false, status: true) }
let(:project_b) { FactoryGirl.create(:project, name: 'Project B', is_public: false, status: true) }
let(:project_c) { FactoryGirl.create(:project, name: 'Project C', is_public: true, status: true) }
let(:project_d) { FactoryGirl.create(:project, name: 'Project D', is_public: true, status: false) }
let(:projects) { [project_a, project_b, project_c, project_d] }
before do
@project_a = FactoryGirl.create(:project, name: 'Project A', is_public: false, status: true)
@project_b = FactoryGirl.create(:project, name: 'Project B', is_public: false, status: true)
@project_c = FactoryGirl.create(:project, name: 'Project C', is_public: true, status: true)
@project_d = FactoryGirl.create(:project, name: 'Project D', is_public: true, status: false)
Role.anonymous
projects
login_as(user)
get 'index'
end
context 'as admin' do
let(:user) { FactoryGirl.build(:admin) }
before do
allow(User).to receive(:current).and_return user
get 'index'
shared_examples_for 'successful index' do
it 'is success' do
expect(response).to be_success
end
it 'renders the index template' do
expect(response).to render_template 'index'
end
end
context 'as admin' do
let(:user) { FactoryGirl.build(:admin) }
it_behaves_like 'successful index'
it "shows all active projects" do
expect(assigns(:projects)).to include(@project_a)
expect(assigns(:projects)).to include(@project_b)
expect(assigns(:projects)).to include(@project_c)
expect(assigns(:projects)).not_to include(@project_d)
expect(assigns[:projects])
.to match_array [project_a, project_b, project_c]
end
end
context 'as anonymous user' do
let(:user) { User.anonymous }
before do
Role.anonymous
allow(User).to receive(:current).and_return user
get 'index'
expect(response).to be_success
expect(response).to render_template 'index'
end
it_behaves_like 'successful index'
it "shows only (active) public projects" do
expect(assigns(:projects)).not_to include(@project_a)
expect(assigns(:projects)).not_to include(@project_b)
expect(assigns(:projects)).to include(@project_c)
expect(assigns(:projects)).not_to include(@project_d)
expect(assigns[:projects])
.to match_array [project_c]
end
end
context 'as user' do
let(:user) { FactoryGirl.build(:user, member_in_project: @project_b) }
let(:user) { FactoryGirl.build(:user, member_in_project: project_b) }
before do
allow(User).to receive(:current).and_return user
get 'index'
expect(response).to be_success
expect(response).to render_template 'index'
end
it_behaves_like 'successful index'
it "shows (active) public projects and those in which the user is member of" do
expect(assigns(:projects)).not_to include(@project_a)
expect(assigns(:projects)).to include(@project_b)
expect(assigns(:projects)).to include(@project_c)
expect(assigns(:projects)).not_to include(@project_d)
expect(assigns[:projects])
.to match_array [project_b, project_c]
end
end
end
describe 'index.html' do
let(:user) { FactoryGirl.build(:admin) }
before do
login_as(user)
get 'index', format: 'atom'
end
it 'is 410 GONE' do
expect(response.response_code)
.to eql 410
end
end
describe 'settings' do
render_views

Loading…
Cancel
Save