openproject

TheDude

openproject

Fork

You've already forked openproject

Code Issues Pull Requests Packages Projects Releases Wiki Activity

49358 Commits

139 Branches

203 Tags

1.2 GiB

Tag: Branch: Tree: 507fa44804

12-3-1-notes-fixes

45001-component-to-show-the-list-of-non-working-days-of-year

45827-project-list-dropdown-actions-cut-off

Small-docs-fix

bug-process-documentation

bug/36827-creating-work-package-in-status-not-available-for-work-package-type

bug/41714-clicking-on-files-tab-scrolls-up-on-ios

bug/41851-blank-email-reminders-page-when-creating-account-manually

bug/43193-remove-oauth-cookie-after-successful-authorization-against-nextcloud

bug/43323-nextcloud-validation-error-in-new-storage-host-field

bug/43504-date-picker-not-working-as-expected-for-utc-time-hour-minus

bug/44924-error-in-souce-string-for-team-planner

bump/angular13

chore/file-list-padding-overwrite

chore/fix-error-toast-for-broken-oauth-data

chore/restructure-file-list-style

code-maintenance/45463-apply-rails-5-0-defaults

dev

display-skeleton-view-over-team-planner-calendar

docker-install

docs-add-details-follow-precede-gantt-distance

docs-add-details-follow-precede-gantt-distance-2

docs-update-to-notifications

docs-updates

docs-updates-for-12.5

documentation/design-system

feat/design-system

featuer/26688/in-app-notifications-table-change

feature/26688/ian-announcements

feature/37398-select-input-none-option

feature/37441-dynamic-form-v2

feature/40228-openapi-spec

feature/40228-openapi-specification-part-2

feature/41530-copying-a-project-shall-also-copy-file-links-attached-to-all-work-packages

feature/42358-standardise-date-pickers

feature/42358-standardise-date-pickers-2

feature/42358-standardise-date-pickers-drop-modal-portal

feature/43118-access-project-dropdown-entries-via-arrow-keys

feature/43638-update-team-planner-and-calendar-for-duration-and-non-working-days-rebased

feature/43644-revoke-access-to-storage-granted-by-oauth

feature/44212-new-release-teaser-block-for-123

feature/45963-remove-select-all-and-open-storage-interaction-elements-from-file-pickers

feature/api_v3_activities_index

feature/documenting-services-and-contracts

feature/ee-date-alerts

feature/file-links-oauth-connection-manager-rebased

feature/in-app-notifications-settings

feature/invite-user-modal

feature/notification_signaling

feature/openapi-spec-and-swagger-ui

feature/placeholder-users

feature/settings_api

feature/spot-list-tooltip-rework

feature/team-planner-fullcalendar

feature/translations-hierarchy

fix-column-width-including-ngselect

fix-tab-info-not-updated-in-notification-center

fix/34436-edit-backlog-date-focus-backlog-details

fix/34436-edit-backlog-date-focus-backlog-details-firefox-quirk

fix/35563-hide-boards-user-is-not-allowed

fix/36521-Saving-changes-to-user-profile-after-handling-error-message-leads-to-user-profile

fix/37509/modal-position-relative

fix/39123-mobile-tab-overflow

fix/39833-work-package-parent-shrink

fix/41437-project-selector

fix/41535-datepicker-overflow

fix/42397-project-filter-is-not-applied-in-embedded-table

fix/43085/default-cf-value-filter

fix/43230-toggle-disabled-state-not-defined

fix/43259-the-list-style-in-the-nextcloud-section-is-not-correct

fix/44197-sort-workpackages-by-updated-at

fix/44846-custom-field-multi-select

fix/45586/totp-clock-error-discoverability

fix/activity-change-detection

fix/activity-tab-spec

fix/api-spec-storage-files

fix/attachments-drag-n-drop-chrome

fix/comment-number-cut-off-on-moblie

fix/custom-plugin-frozen

fix/improve_scheduling_performance-with-simpler_sql

fix/inline-wp-button-macro

fix/json_serialize_delayed_job

fix/missing-omniauth-strategy

fix/notification_and_wp_visiblity_check_performance

fix/op-sidemenu-href

fix/op-sidemenu-onpush

fix/rails_7_scope_merging_on_index

fix/re-enable-rake-task

fix/reject-invalid-host-headers

fix/remove-differential-building

fix/run-url-github

fix/selector_for_board_specs

fix/storybook-zone-aware-promise

fix/update_robot_txt

fix/whitelist_date_on_config_yaml_load

fix/wysiwyg-changes_wo_ckeditor

hal_presenter_demo

housekeeping/update-rxjs

implementation-wp-quick-add-modal-component

implementation/42204-add-file-links-collection-to-work-package-resource

implementation/42379-add-endpoint-to-update-cache-with-live-data

implementation/42843-add-authorization-state-to-storages-api-endpoint

implementation/43693-add-file-link-list-component-to-new-work-package-form

implementation/45083-update-look-of-activity-items-in-activity-module-for-project-and-work-packages

integration/outdated_10.5

packaging/sles15

refactor/autocompleters

refactor/hal-resource-2

refactor/handle-prettier-dependency

release/11.2

release/11.3

release/11.4

release/12.0

release/12.1

release/12.2

release/12.3

release/12.4

revert-10203-fix/ldap-sync-mutex

revert-9332-feature/37472-dynamic-forms-v2-flat-resources_links-model

spike/fullcalendar-resources

spike/hotwire

spike/try-removing-shoulda

stable/10

stable/11

stable/12

stable/5

stable/6

stable/7

stable/8

stable/9

task/41010-add-configure-work-packages-forms-(headlines)-(premium-feature)

task/42684-project-settings-change-screenshot-and-customize-text

task/42759-new-wording-for-note-in-the-english-user-guide

task/43309-edit-forum-section-in-user-guide

task/43662-edit-work-package-faq

task/44235-user-guide-notification-typo-fix

task/44256-user-guide-calculate-work-package-progress-with-work-package-status

update-style-guide-screenshots

wizard-test

11.2.1

2.4.0

release/3.0.0

sprint/2014_08

sprint/2014_09

sprint/2014_10

sprint/2014_11

sprint/2014_12

sprint/2014_13

sprint/2014_16

sprint/2014_18

sprint/2015_01

sprint/2015_02

sprint/2015_03

sprint/2015_04

v10.0.0

v10.0.1

v10.0.2

v10.1.0

v10.2.0

v10.2.1

v10.2.2

v10.3.0

v10.3.1

v10.4.0

v10.4.1

v10.5

v10.5.0

v10.5.1

v10.6.0

v10.6.1

v10.6.2

v10.6.3

v10.6.4

v10.6.5

v11.0.0

v11.0.1

v11.0.2

v11.0.3

v11.0.4

v11.1.0

v11.1.1

v11.1.2

v11.1.3

v11.1.4

v11.2.0

v11.2.1

v11.2.2

v11.2.3

v11.2.4

v11.3.0

v11.3.1

v11.3.2

v11.3.3

v11.3.4

v11.3.5

v11.4.0

v11.4.1

v12.0.0

v12.0.1

v12.0.10

v12.0.2

v12.0.3

v12.0.4

v12.0.5

v12.0.6

v12.0.7

v12.0.8

v12.0.9

v12.1.0

v12.1.1

v12.1.2

v12.1.3

v12.1.4

v12.1.5

v12.1.6

v12.2.0

v12.2.1

v12.2.2

v12.2.3

v12.2.4

v12.2.5

v12.3.0

v12.3.1

v12.3.2

v12.3.3

v12.3.4

v12.4.0

v12.4.1

v12.4.2

v12.4.3

v3.0.0

v3.0.1

v3.0.11

v3.0.12

v3.0.13

v3.0.14

v3.0.15

v3.0.16

v3.0.17

v3.0.2

v3.0.3

v3.0.4

v3.0.8

v4.0.0

v4.0.1

v4.0.10

v4.0.11

v4.0.12

v4.0.2

v4.0.3

v4.0.4

v4.0.5

v4.0.6

v4.0.7

v4.0.8

v4.0.9

v4.1.0

v4.1.0-beta

v4.1.1

v4.1.2

v4.1.3

v4.1.4

v4.2.0

v4.2.1

v4.2.2

v4.2.3

v4.2.4

v4.2.5

v4.2.6

v4.2.7

v4.2.8

v4.2.9

v5.0.0

v5.0.1

v5.0.10

v5.0.11

v5.0.12

v5.0.13

v5.0.14

v5.0.15

v5.0.16

v5.0.17

v5.0.18

v5.0.19

v5.0.2

v5.0.20

v5.0.3

v5.0.4

v5.0.5

v5.0.6

v5.0.7

v5.0.8

v5.0.9

v6.0.0

v6.0.1

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.1.0

v6.1.1

v6.1.2

v6.1.3

v6.1.4

v6.1.5

v7.0.0

v7.0.1

v7.0.2

v7.0.3

v7.1.0

v7.2.0

v7.2.1

v7.2.2

v7.2.3

v7.3.0

v7.3.1

v7.3.2

v7.4.0

v7.4.1

v7.4.2

v7.4.3

v7.4.4

v7.4.5

v7.4.6

v7.4.7

v8.0.0

v8.0.1

v8.0.2

v8.1.0

v8.2.0

v8.2.1

v8.3.0

v8.3.1

v8.3.2

v8.3.3-pre

v9.0.0

v9.0.0-pre

v9.0.1

v9.0.2

v9.0.2-pre

v9.0.3

v9.0.4

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '507fa44804'

${ noResults }

Commit Graph

12 Commits (507fa44804d922ecda202c6f187e46d0118b263e)

Author	SHA1	Message	Date
Oliver Günther	7d8526d77f	Allow Session requests on GET without frontend header This is required since now attachments are displayed through apiv3 URLs. GET requests are safe to request without the header present.	6 years ago
ulferts	c88b0b85c4	return proper WWW Authenticate header on missing credentials (#6150 ) An anonymous_fallback is introduced and registered to be the last strategy for warden. That strategy will always apply and it will always return the anonymous user. The better way would be to only apply the strategy if login is not required. That way we would still be able to return a 403 when credentials are missing but would no longer need to have 401 handlers outside of warden. That duplicity caused the missing header in the first place. It would however require us to handle the realm in the strategy and by that increase the coupling between the strategy and the application. [ci skip]	7 years ago
Oliver Günther	988d96c241	Restrict session API authentication to X-Requested-With	7 years ago
Oliver Günther	5d84add246	Expire sessions in warden auth scope	7 years ago
Oliver Günther	0fbb9c6168	Provide configuration option for basic auth API access This adds: 1. A configuration option `apiv3_enable_basic_auth` to determine whether v3 may use the basic auth strategies 2. Extensions to the warden strategies to disable them unless configured	8 years ago
Alex Coles	a6212fb304	Fix syntax (w/Rubocop) in lib code Signed-off-by: Alex Coles <alex@alexbcoles.com>	9 years ago
Markus Kahl	1d0146dfda	amended comment	10 years ago
Markus Kahl	be08d64991	do nothing when configuration is missing altogether	10 years ago
Markus Kahl	2a465785d1	allow digit-only but not empty passwords	10 years ago
Markus Kahl	28c81dfad0	use existing method to find user via api key	10 years ago
Markus Kahl	4957750270	wrapped comment	10 years ago
Markus Kahl	7e40c11ca4	moved strategies; refactoring	10 years ago