openproject

Commit Graph

Author	SHA1	Message	Date
Markus Kahl	f7355c1820	include ForbiddenAttributeProtection in correct file (model instead of controller)	11 years ago
Markus Kahl	01ac1315f9	safe mass assignment in member#create	11 years ago
Markus Kahl	c84afbdce3	use permitted params for member update	11 years ago
Philipp Tessenow	b7e5eba60b	we have to set @query.project before adding filters, so that we can determine which filters the user may set	11 years ago
Johannes Wollert	16a54ea416	pretend to be a nested ressource when searching for stuff	11 years ago
Hagen Schink	55b27b1477	Uses permitted params in wiki controller	11 years ago
Jens Ulferts	adb62846a4	replaces rjs and inline js with unobstrusive js	11 years ago
Philipp Tessenow	864aa7132f	less duplicated code in queries logic	11 years ago
Philipp Tessenow	c5480569c4	prepare_query need to be called AFTER update_attributes to ensure invariants	11 years ago
Philipp Tessenow	1970491ef8	use permitted params in QueryControllier	11 years ago
Philipp Tessenow	23c513dc0b	it should not be possible anymore to update/create enumerations so that they have a non existent type	11 years ago
Philipp Tessenow	f099413192	introduce render_400 (bad request) method in application controller	11 years ago
Philipp Tessenow	80dd8836b4	let the at.js textarea autocompletion look like the usual work-package auto-completion	11 years ago
Hagen Schink	5857f0f6ef	Adapts acts as event modifications	11 years ago
Philipp Tessenow	d7844da23f	add issue number autocomplete for textareas	11 years ago
Philipp Tessenow	10d79bebd2	feed permitted params to mass assignments in enumerations_controller	11 years ago
Philipp Tessenow	860eb61fda	use permitted_params for group_controller	11 years ago
Till Breuer	43aee95699	Fix work packages controller spec after changing the query default filter setup	11 years ago
Till Breuer	1d09b8db50	Introduce query filter objects (WIP)	11 years ago
Jens Ulferts	d57b56a53e	streamlines configuration of relative_url_root * includes relative_url_root into OpenProject::Configuration * ensures loading in environment so that it is also used for asset precompiling	11 years ago
Jens Ulferts	4f512dccd2	moves relative url root functionality into own module	11 years ago
Hagen Schink	dba223e029	Fixes specs by renaming event properties	11 years ago
Hagen Schink	67f9bf6966	Simplifies censor method	11 years ago
Hagen Schink	6a62ddc40e	Changes event data structure	11 years ago
Hagen Schink	ef52b1b559	Fixes custom field assignment	11 years ago
Hagen Schink	0750133318	Removes references to 'deleted_at' column	11 years ago
jwollert	56bb5ea7b8	make clear we don't actually need that param	11 years ago
jwollert	0bcab2069e	select2 autocompletion for projects' responsible	11 years ago
Till Breuer	16c225f0f2	Only show query menu item links in projects	11 years ago
jwollert	1a62df78e0	fix unchecked dynamic rendering in copy projects controller	11 years ago
jwollert	9351b63a36	fixes unchecked param -> symbol conversion	11 years ago
Till Breuer	ac92678f21	Fix redirect path after wiki menu item creation	11 years ago
Philipp Tessenow	6acf1c64bd	when having a wrong custom_field_type redirect to general custom_field page	11 years ago
Philipp Tessenow	abd35622e3	make custom_fields Rails3ish - use ressource in routes.rb - use *_custom_field_path paths - use strong parameters everywhere	11 years ago
Philipp Tessenow	71043d0d2f	whitelist params for custom_fields	11 years ago
Philipp Tessenow	236a2cd668	use permitted params for Status#create/update	11 years ago
Till Breuer	6fef6001da	Perform individual parameter whitelisting during work package bulk update	11 years ago
Till Breuer	e43506b7a1	Fix work_packages/bulk#update if no work package params are passed	11 years ago
Till Breuer	e34b674dcf	Use permitted params instead of safe attributes in work packages bulk controller... ... to allow for cost_object_id updates (fixes #2591)	11 years ago
Michael Frister	b9a0cbac9d	API v2: Improve status index performance Always return all statuses, don't filter by statuses used in visible projects or by statuses visible in specific projects.	11 years ago
Philipp Tessenow	79d7a270c0	move common code of reports_controller and timelog_controller into a common helper	11 years ago
Christian Ratz	45419a7531	fixed #3030 Users preferences for order of comments is ignored on wp comments	11 years ago
Till Breuer	4d5259e688	Add flash notice after successful query_menu_items#create	11 years ago
Till Breuer	c52518ec12	Update specification of redirect after query_menu_items#create	11 years ago
Till Breuer	aa895306bd	Use strong parameters in menu item controllers	11 years ago
Till Breuer	ceec532871	Remove explicit passing of objects from query_menu_items#edit since they aren't used by the view	11 years ago
Till Breuer	f47e5cb0ba	Don't show flash on query_menu_items#create, prevent error on double submission	11 years ago
Till Breuer	c5b26e920a	Use current_menu_item from menu item controller mix in to select query menu items	11 years ago
Till Breuer	f130d8be4c	Add query menu items controller spec, respecify redirect after create	11 years ago
Till Breuer	dd8319e91b	Add authorization check to query menu items controller Permissions based on queries	11 years ago

1 2 3 4 5 ...

1957 Commits (3f3f64154201efca52c3e6047efe530310110644)