tagged version 0.8.6

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/tags/0.8.6@3002 e93f8b46-1217-0410-a6f0-8f06a7374b81

app/controllers/account_controller.rb

@@ -35,6 +35,10 @@ class AccountController < ApplicationController
     events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
     @events_by_day = events.group_by(&:event_date)
     
+    if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty?
+      render_404 and return
+    end
+    
   rescue ActiveRecord::RecordNotFound
     render_404
   end

app/controllers/issues_controller.rb

@@ -43,6 +43,10 @@ class IssuesController < ApplicationController
   helper :timelog
   include Redmine::Export::PDF
 
+  verify :method => :post,
+         :only => :destroy,
+         :render => { :nothing => true, :status => :method_not_allowed }
+           
   def index
     retrieve_query
     sort_init 'id', 'desc'
@@ -147,6 +151,7 @@ class IssuesController < ApplicationController
         attach_files(@issue, params[:attachments])
         flash[:notice] = l(:notice_successful_create)
         Mailer.deliver_issue_add(@issue) if Setting.notified_events.include?('issue_added')
+        call_hook(:controller_issues_new_after_save, { :params => params, :issue => @issue})
         redirect_to(params[:continue] ? { :action => 'new', :tracker_id => @issue.tracker } :
                                         { :action => 'show', :id => @issue })
         return
@@ -194,6 +199,7 @@ class IssuesController < ApplicationController
           flash[:notice] = l(:notice_successful_update)
           Mailer.deliver_issue_edit(journal) if Setting.notified_events.include?('issue_updated')
         end
+        call_hook(:controller_issues_edit_after_save, { :params => params, :issue => @issue, :time_entry => @time_entry, :journal => journal})
         redirect_to(params[:back_to] || {:action => 'show', :id => @issue})
       end
     end

app/controllers/messages_controller.rb

@@ -46,6 +46,7 @@ class MessagesController < ApplicationController
       @message.sticky = params[:message]['sticky']
     end
     if request.post? && @message.save
+      call_hook(:controller_messages_new_after_save, { :params => params, :message => @message})
       attach_files(@message, params[:attachments])
       redirect_to :action => 'show', :id => @message
     end
@@ -58,6 +59,7 @@ class MessagesController < ApplicationController
     @reply.board = @board
     @topic.children << @reply
     if !@reply.new_record?
+      call_hook(:controller_messages_reply_after_save, { :params => params, :message => @reply})
       attach_files(@reply, params[:attachments])
     end
     redirect_to :action => 'show', :id => @topic

app/controllers/news_controller.rb

@@ -65,6 +65,7 @@ class NewsController < ApplicationController
       flash[:notice] = l(:label_comment_added)
       redirect_to :action => 'show', :id => @news
     else
+      show
       render :action => 'show'
     end
   end

app/controllers/timelog_controller.rb

@@ -197,6 +197,9 @@ class TimelogController < ApplicationController
     render_403 and return if @time_entry && !@time_entry.editable_by?(User.current)
     @time_entry ||= TimeEntry.new(:project => @project, :issue => @issue, :user => User.current, :spent_on => Date.today)
     @time_entry.attributes = params[:time_entry]
+    
+    call_hook(:controller_timelog_edit_before_save, { :params => params, :time_entry => @time_entry })
+    
     if request.post? and @time_entry.save
       flash[:notice] = l(:notice_successful_update)
       redirect_back_or_default :action => 'details', :project_id => @time_entry.project

app/controllers/wiki_controller.rb

@@ -82,6 +82,7 @@ class WikiController < ApplicationController
       @content.author = User.current
       # if page is new @page.save will also save content, but not if page isn't a new record
       if (@page.new_record? ? @page.save : @content.save)
+        call_hook(:controller_wiki_edit_after_save, { :params => params, :page => @page})
         redirect_to :action => 'index', :id => @project, :page => @page.title
       end
     end

app/helpers/application_helper.rb

@@ -159,7 +159,7 @@ module ApplicationHelper
 
   # Truncates and returns the string as a single line
   def truncate_single_line(string, *args)
-    truncate(string, *args).gsub(%r{[\r\n]+}m, ' ')
+    truncate(string.to_s, *args).gsub(%r{[\r\n]+}m, ' ')
   end
 
   def html_hours(text)
@@ -385,7 +385,7 @@ module ApplicationHelper
     #     export:some/file -> Force the download of the file
     #  Forum messages:
     #     message#1218 -> Link to message with id 1218
-    text = text.gsub(%r{([\s\(,\-\>]|^)(!)?(attachment|document|version|commit|source|export|message)?((#|r)(\d+)|(:)([^"\s<>][^\s<>]*?|"[^"]+?"))(?=(?=[[:punct:]]\W)|\s|<|$)}) do |m|
+    text = text.gsub(%r{([\s\(,\-\>]|^)(!)?(attachment|document|version|commit|source|export|message)?((#|r)(\d+)|(:)([^"\s<>][^\s<>]*?|"[^"]+?"))(?=(?=[[:punct:]]\W)|,|\s|<|$)}) do |m|
       leading, esc, prefix, sep, oid = $1, $2, $3, $5 || $7, $6 || $8
       link = nil
       if esc.nil?

app/helpers/wiki_helper.rb

@@ -36,7 +36,7 @@ module WikiHelper
           words_add += 1
         else
           del_at = pos unless del_at
-          deleted << ' ' + change[2]
+          deleted << ' ' + h(change[2])
           words_del	 += 1
         end
       end

app/models/changeset.rb

@@ -112,6 +112,8 @@ class Changeset < ActiveRecord::Base
           journal = issue.init_journal(user || User.anonymous, l(:text_status_changed_by_changeset, csettext))
           issue.status = fix_status
           issue.done_ratio = done_ratio if done_ratio
+          Redmine::Hook.call_hook(:model_changeset_scan_commit_for_issue_ids_pre_issue_update,
+                                  { :changeset => self, :issue => issue })
           issue.save
           Mailer.deliver_issue_edit(journal) if Setting.notified_events.include?('issue_updated')
         end

app/models/mail_handler.rb

@@ -168,7 +168,7 @@ class MailHandler < ActionMailer::Base
       @keywords[attr]
     else
       @keywords[attr] = begin
-        if (options[:override] || @@handler_options[:allow_override].include?(attr.to_s)) && plain_text_body.gsub!(/^#{attr}:[ \t]*(.+)\s*$/i, '')
+        if (options[:override] || @@handler_options[:allow_override].include?(attr.to_s)) && plain_text_body.gsub!(/^#{attr}[ \t]*:[ \t]*(.+)\s*$/i, '')
           $1.strip
         elsif !@@handler_options[:issue][attr].blank?
           @@handler_options[:issue][attr]

app/models/query.rb

@@ -368,9 +368,9 @@ class Query < ActiveRecord::Base
         Time.now.at_beginning_of_week
       sql = "#{db_table}.#{db_field} BETWEEN '%s' AND '%s'" % [connection.quoted_date(from), connection.quoted_date(from + 7.days)]
     when "~"
-      sql = "#{db_table}.#{db_field} LIKE '%#{connection.quote_string(value.first)}%'"
+      sql = "LOWER(#{db_table}.#{db_field}) LIKE '%#{connection.quote_string(value.first.to_s.downcase)}%'"
     when "!~"
-      sql = "#{db_table}.#{db_field} NOT LIKE '%#{connection.quote_string(value.first)}%'"
+      sql = "LOWER(#{db_table}.#{db_field}) NOT LIKE '%#{connection.quote_string(value.first.to_s.downcase)}%'"
     end
     
     return sql

app/views/account/show.rhtml

@@ -10,7 +10,7 @@
 		<li><%=l(:field_mail)%>: <%= mail_to(h(@user.mail), nil, :encode => 'javascript') %></li>
 	<% end %>
 	<% for custom_value in @custom_values %>
-	<% if !custom_value.value.empty? %>
+	<% if !custom_value.value.blank? %>
     <li><%= custom_value.custom_field.name%>: <%=h show_value(custom_value) %></li>
 	<% end %>
 	<% end %>
@@ -29,6 +29,7 @@
 <% end %>
 </ul>
 <% end %>
+<%= call_hook :view_account_left_bottom, :user => @user %>
 </div>
 
 <div class="splitcontentright">
@@ -64,6 +65,7 @@
 		<%= auto_discovery_link_tag(:atom, :controller => 'projects', :action => 'activity', :user_id => @user, :format => :atom, :key => User.current.rss_key) %>
 <% end %>
 <% end %>
+<%= call_hook :view_account_right_bottom, :user => @user %>
 </div>
 
 <% html_title @user.name %>

app/views/common/feed.atom.rxml

@@ -21,10 +21,10 @@ xml.feed "xmlns" => "http://www.w3.org/2005/Atom" do
       author = item.event_author if item.respond_to?(:event_author)
       xml.author do
         xml.name(author)
-        xml.email(author.mail) if author.respond_to?(:mail) && !author.mail.blank?
+        xml.email(author.mail) if author.is_a?(User) && !author.mail.blank? && !author.pref.hide_mail
       end if author
       xml.content "type" => "html" do
-        xml.text! textilizable(item.event_description)
+        xml.text! textilizable(item, :event_description, :only_path => false)
       end
     end
   end

app/views/issues/changes.rxml

@@ -15,7 +15,7 @@ xml.feed "xmlns" => "http://www.w3.org/2005/Atom" do
       xml.updated change.created_on.xmlschema
       xml.author do
         xml.name change.user.name
-        xml.email(change.user.mail)
+        xml.email(change.user.mail) if change.user.is_a?(User) && !change.user.mail.blank? && !change.user.pref.hide_mail
       end
       xml.content "type" => "html" do
         xml.text! '<ul>'
@@ -23,7 +23,7 @@ xml.feed "xmlns" => "http://www.w3.org/2005/Atom" do
           xml.text! '<li>' + show_detail(detail, false) + '</li>'
         end
         xml.text! '</ul>'
-        xml.text! textilizable(change.notes) unless change.notes.blank?
+        xml.text! textilizable(change, :notes, :only_path => false) unless change.notes.blank?
       end
     end
   end

app/views/journals/_notes_form.rhtml

@@ -1,6 +1,6 @@
 <% form_remote_tag(:url => {}, :html => { :id => "journal-#{@journal.id}-form" }) do %>
-    <%= text_area_tag :notes, h(@journal.notes), :class => 'wiki-edit', 
-                                                 :rows => (@journal.notes.blank? ? 10 : [[10, @journal.notes.length / 50].max, 100].min) %>
+    <%= text_area_tag :notes, @journal.notes, :class => 'wiki-edit', 
+                                              :rows => (@journal.notes.blank? ? 10 : [[10, @journal.notes.length / 50].max, 100].min) %>
     <%= call_hook(:view_journals_notes_form_after_notes, { :journal => @journal}) %>
     <p><%= submit_tag l(:button_save) %>
     <%= link_to l(:button_cancel), '#', :onclick => "Element.remove('journal-#{@journal.id}-form'); " +

app/views/mailer/reminder.text.html.rhtml

@@ -2,7 +2,7 @@
 
 <ul>
 <% @issues.each do |issue| -%>
-    <li><%=h "#{issue.project} - #{issue.tracker} ##{issue.id}: #{issue.subject}" %></li>
+  <li><%=h issue.project %> - <%=link_to("#{issue.tracker} ##{issue.id}", :controller => 'issues', :action => 'show', :id => issue, :only_path => false)%>: <%=h issue.subject %></li>
 <% end -%>
 </ul>
 

app/views/projects/settings/_versions.rhtml

@@ -14,7 +14,7 @@
     <td><%= link_to h(version.name), :controller => 'versions', :action => 'show', :id => version %></td>
     <td align="center"><%= format_date(version.effective_date) %></td>
     <td><%=h version.description %></td>
-    <td><%= link_to(version.wiki_page_title, :controller => 'wiki', :page => Wiki.titleize(version.wiki_page_title)) unless version.wiki_page_title.blank? || @project.wiki.nil? %></td>
+    <td><%= link_to(h(version.wiki_page_title), :controller => 'wiki', :page => Wiki.titleize(version.wiki_page_title)) unless version.wiki_page_title.blank? || @project.wiki.nil? %></td>
     <td align="center"><%= link_to_if_authorized l(:button_edit), { :controller => 'versions', :action => 'edit', :id => version }, :class => 'icon icon-edit' %></td>
     <td align="center"><%= link_to_if_authorized l(:button_delete), {:controller => 'versions', :action => 'destroy', :id => version}, :confirm => l(:text_are_you_sure), :method => :post, :class => 'icon icon-del' %></td>
     </tr>

app/views/projects/show.rhtml

@@ -11,7 +11,7 @@
 	<li><%=l(:field_parent)%>: <%= link_to h(@project.parent.name), :controller => 'projects', :action => 'show', :id => @project.parent %></li>
 	<% end %>
 	<% @project.custom_values.each do |custom_value| %>
-	<% if !custom_value.value.empty? %>
+	<% if !custom_value.value.blank? %>
 	   <li><%= custom_value.custom_field.name%>: <%=h show_value(custom_value) %></li>
 	<% end %>
 	<% end %>

app/views/roles/edit.rhtml

@@ -1,4 +1,4 @@
-<h2><%=l(:label_role)%>: <%= @role.name %></h2> 
+<h2><%=l(:label_role)%>: <%=h @role.name %></h2> 
 
 <% labelled_tabular_form_for :role, @role, :url => { :action => 'edit' }, :html => {:id => 'role_form'} do |f| %>
 <%= render :partial => 'form', :locals => { :f => f } %>

app/views/users/_memberships.rhtml

@@ -4,6 +4,7 @@
 	  <th><%= l(:label_project) %></th>
 	  <th><%= l(:label_role) %></th>
 	  <th style="width:15%"></th>
+      <%= call_hook(:view_users_memberships_table_header, :user => @user )%>
 	</thead>
 	<tbody>
 	<% @memberships.each do |membership| %>
@@ -19,6 +20,7 @@
     <td align="center">
       <%= link_to l(:button_delete), {:action => 'destroy_membership', :id => @user, :membership_id => membership }, :method => :post, :class => 'icon icon-del' %>
     </td>
+      <%= call_hook(:view_users_memberships_table_row, :user => @user, :membership => membership, :roles => @roles, :projects => @projects )%>
 	</tr>
 	</tbody>
 <% end; reset_cycle %>

app/views/versions/show.rhtml

@@ -1,5 +1,6 @@
 <div class="contextual">
 <%= link_to_if_authorized l(:button_edit), {:controller => 'versions', :action => 'edit', :id => @version}, :class => 'icon icon-edit' %>
+<%= call_hook(:view_versions_show_contextual, { :version => @version, :project => @project }) %>
 </div>
 
 <h2><%= h(@version.name) %></h2>

app/views/wiki/special_date_index.rhtml

@@ -20,11 +20,11 @@
 <% unless @pages.empty? %>
 <p class="other-formats">
 <%= l(:label_export_to) %>
-<span><%= link_to 'Atom', {:controller => 'projects', :action => 'activity', :id => @project, :show_wiki_pages => 1, :format => 'atom', :key => User.current.rss_key}, :class => 'feed' %></span>
+<span><%= link_to 'Atom', {:controller => 'projects', :action => 'activity', :id => @project, :show_wiki_edits => 1, :format => 'atom', :key => User.current.rss_key}, :class => 'feed' %></span>
 <span><%= link_to 'HTML', {:action => 'special', :page => 'export'}, :class => 'html' %></span>
 </p>
 <% end %>
 
 <% content_for :header_tags do %>
-<%= auto_discovery_link_tag(:atom, :controller => 'projects', :action => 'activity', :id => @project, :show_wiki_pages => 1, :format => 'atom', :key => User.current.rss_key) %>
+<%= auto_discovery_link_tag(:atom, :controller => 'projects', :action => 'activity', :id => @project, :show_wiki_edits => 1, :format => 'atom', :key => User.current.rss_key) %>
 <% end %>

app/views/wiki/special_page_index.rhtml

@@ -13,11 +13,11 @@
 <% unless @pages.empty? %>
 <p class="other-formats">
 <%= l(:label_export_to) %>
-<span><%= link_to 'Atom', {:controller => 'projects', :action => 'activity', :id => @project, :show_wiki_pages => 1, :format => 'atom', :key => User.current.rss_key}, :class => 'feed' %></span>
+<span><%= link_to 'Atom', {:controller => 'projects', :action => 'activity', :id => @project, :show_wiki_edits => 1, :format => 'atom', :key => User.current.rss_key}, :class => 'feed' %></span>
 <span><%= link_to 'HTML', {:action => 'special', :page => 'export'} %></span>
 </p>
 <% end %>
 
 <% content_for :header_tags do %>
-<%= auto_discovery_link_tag(:atom, :controller => 'projects', :action => 'activity', :id => @project, :show_wiki_pages => 1, :format => 'atom', :key => User.current.rss_key) %>
+<%= auto_discovery_link_tag(:atom, :controller => 'projects', :action => 'activity', :id => @project, :show_wiki_edits => 1, :format => 'atom', :key => User.current.rss_key) %>
 <% end %>

config/initializers/bigdecimal-segfault-fix.rb

@@ -0,0 +1,30 @@
+# Copyright (c) 2009 Michael Koziarski <michael@koziarski.com>
+# 
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+require 'bigdecimal'
+
+alias BigDecimalUnsafe BigDecimal
+
+
+# This fixes CVE-2009-1904 however it removes legitimate functionality that your
+# application may depend on.  You are *strongly* advised to upgrade your ruby
+# rather than relying on this fix for an extended period of time.
+
+def BigDecimal(initial, digits=0)
+  if initial.size > 255 || initial =~ /e/i
+    raise "Invalid big Decimal Value"
+  end
+  BigDecimalUnsafe(initial, digits)
+end
+

doc/CHANGELOG

@@ -4,6 +4,33 @@ Redmine - project management software
 Copyright (C) 2006-2009  Jean-Philippe Lang
 http://www.redmine.org/
 
+== 2009-11-04 v0.8.6
+
+* Change links to closed issues to be a grey color
+* Change subversion adapter to not cache authentication and run non interactively
+* Fixed: Custom Values with a nil value cause HTTP error 500
+* Fixed: Failure to convert HTML entities when editing an Issue reply
+* Fixed: Error trying to show repository when there are no comments in a changeset
+* Fixed: account/show/:user_id should not be accessible for other users not in your projects
+* Fixed: XSS vulnerabilities
+* Fixed: IssuesController#destroy should accept POST only
+* Fixed: Inline images in wiki headings
+
+
+== 2009-09-13 v0.8.5
+
+* Incoming mail handler : Allow spaces between keywords and colon
+* Do not require a non-word character after a comma in Redmine links
+* Include issue hyperlinks in reminder emails
+* Prevent nil error when retrieving svn version
+* Various plugin hooks added
+* Add plugins information to script/about
+* Fixed: 500 Internal Server Error is raised if add an empty comment to the news
+* Fixed: Atom links for wiki pages are not correct
+* Fixed: Atom feeds leak email address
+* Fixed: Case sensitivity in Issue filtering
+* Fixed: When reading RSS feed, the inline-embedded images are not properly shown
+
 
 == 2009-05-17 v0.8.4
 

lang/es.yml

@@ -681,6 +681,6 @@ text_user_mail_option: "De los proyectos no seleccionados, sólo recibirá notif
 text_user_wrote: '%s escribió:'
 text_wiki_destroy_confirmation: ¿Seguro que quiere borrar el wiki y todo su contenido?
 text_workflow_edit: Seleccionar un flujo de trabajo para actualizar
-text_plugin_assets_writable: Plugin assets directory writable
-warning_attachments_not_saved: "%d file(s) could not be saved."
-button_create_and_continue: Create and continue
+text_plugin_assets_writable: Se puede escribir en el directorio de extensiones activas
+warning_attachments_not_saved: "No pudieron guardarse %d fichero(s)."
+button_create_and_continue: Crear y continuar

lib/redcloth3.rb

@@ -907,7 +907,7 @@ class RedCloth3 < String
     end
 
     IMAGE_RE = /
-            (<p>|\s|^)           # start of line?
+            (>|\s|^)           # start of line?
             \!                   # opening
             (\<|\=|\>)?          # optional alignment atts
             (#{C})               # optional style,class atts

lib/redmine/about.rb

@@ -0,0 +1,16 @@
+module Redmine
+  class About
+    def self.print_plugin_info
+      plugins = Redmine::Plugin.registered_plugins
+
+      if !plugins.empty?
+        column_with = plugins.map {|internal_name, plugin| plugin.name.length}.max
+        puts "\nAbout your Redmine plugins"
+
+        plugins.each do |internal_name, plugin|
+          puts sprintf("%-#{column_with}s   %s", plugin.name, plugin.version)
+        end
+      end
+    end
+  end
+end

lib/redmine/scm/adapters/subversion_adapter.rb

@@ -37,7 +37,7 @@ module Redmine
             version = nil
             shellout(cmd) do |io|
               # Read svn version in first returned line
-              if m = io.gets.match(%r{((\d+\.)+\d+)})
+              if m = io.gets.to_s.match(%r{((\d+\.)+\d+)})
                 version = m[0].scan(%r{\d+}).collect(&:to_i)
               end
             end
@@ -224,6 +224,7 @@ module Redmine
           str = ''
           str << " --username #{shell_quote(@login)}" unless @login.blank?
           str << " --password #{shell_quote(@password)}" unless @login.blank? || @password.blank?
+          str << " --no-auth-cache --non-interactive"
           str
         end
       end

lib/redmine/version.rb

@@ -4,7 +4,7 @@ module Redmine
   module VERSION #:nodoc:
     MAJOR = 0
     MINOR = 8
-    TINY  = 4
+    TINY  = 6
     
     # Branch values:
     # * official release: nil

public/stylesheets/application.css

@@ -76,7 +76,7 @@ a, a:link, a:visited{ color: #2A5685; text-decoration: none; }
 a:hover, a:active{ color: #c61a1a; text-decoration: underline;}
 a img{ border: 0; }
 
-a.issue.closed, a.issue.closed:link, a.issue.closed:visited { text-decoration: line-through; }
+a.issue.closed, a.issue.closed:link, a.issue.closed:visited { color: #999; text-decoration: line-through; }
 
 /***** Tables *****/
 table.list { border: 1px solid #e4e4e4;  border-collapse: collapse; width: 100%; margin-bottom: 4px; }

script/about

@@ -1,3 +1,6 @@
 #!/usr/bin/env ruby
 require File.dirname(__FILE__) + '/../config/boot'
-require 'commands/about'
+$LOAD_PATH.unshift "#{RAILTIES_PATH}/builtin/rails_info"
+require 'commands/about'
+
+Redmine::About.print_plugin_info

test/fixtures/attachments.yml

@@ -109,4 +109,16 @@ attachments_009:
   filename: version_file.zip
   author_id: 2
   content_type: application/octet-stream
+attachments_010: 
+  created_on: 2006-07-19 21:07:27 +02:00
+  container_type: Issue
+  container_id: 2
+  downloads: 0
+  disk_filename: 060719210727_picture.jpg
+  digest: b91e08d0cf966d5c6ff411bd8c4cc3a2
+  id: 10
+  filesize: 452
+  filename: picture.jpg
+  author_id: 2
+  content_type: image/jpeg
   

test/fixtures/journals.yml

@@ -13,4 +13,11 @@ journals_002:
   journalized_type: Issue
   user_id: 2
   journalized_id: 1
+journals_003: 
+  created_on: <%= 1.days.ago.to_date.to_s(:db) %>
+  notes: "A comment with inline image: !picture.jpg!"
+  id: 3
+  journalized_type: Issue
+  user_id: 2
+  journalized_id: 2
   

test/fixtures/mail_handler/ticket_with_spaces_between_attribute_and_separator.eml

@@ -0,0 +1,43 @@
+Return-Path: <jsmith@somenet.foo>
+Received: from osiris ([127.0.0.1])
+	by OSIRIS
+	with hMailServer ; Sun, 22 Jun 2008 12:28:07 +0200
+Message-ID: <000501c8d452$a95cd7e0$0a00a8c0@osiris>
+From: "John Smith" <jsmith@somenet.foo>
+To: <redmine@somenet.foo>
+Subject: New ticket on a given project
+Date: Sun, 22 Jun 2008 12:28:07 +0200
+MIME-Version: 1.0
+Content-Type: text/plain;
+	format=flowed;
+	charset="iso-8859-1";
+	reply-type=original
+Content-Transfer-Encoding: 7bit
+X-Priority: 3
+X-MSMail-Priority: Normal
+X-Mailer: Microsoft Outlook Express 6.00.2900.2869
+X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
+
+Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Maecenas imperdiet 
+turpis et odio. Integer eget pede vel dolor euismod varius. Phasellus 
+blandit eleifend augue. Nulla facilisi. Duis id diam. Class aptent taciti 
+sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. In 
+in urna sed tellus aliquet lobortis. Morbi scelerisque tortor in dolor. Cras 
+sagittis odio eu lacus. Aliquam sem tortor, consequat sit amet, vestibulum 
+id, iaculis at, lectus. Fusce tortor libero, congue ut, euismod nec, luctus 
+eget, eros. Pellentesque tortor enim, feugiat in, dignissim eget, tristique 
+sed, mauris. Pellentesque habitant morbi tristique senectus et netus et 
+malesuada fames ac turpis egestas. Quisque sit amet libero. In hac habitasse 
+platea dictumst.
+
+Nulla et nunc. Duis pede. Donec et ipsum. Nam ut dui tincidunt neque 
+sollicitudin iaculis. Duis vitae dolor. Vestibulum eget massa. Sed lorem. 
+Nullam volutpat cursus erat. Cras felis dolor, lacinia quis, rutrum et, 
+dictum et, ligula. Sed erat nibh, gravida in, accumsan non, placerat sed, 
+massa. Sed sodales, ante fermentum ultricies sollicitudin, massa leo 
+pulvinar dui, a gravida orci mi eget odio. Nunc a lacus.
+
+Project : onlinestore
+Tracker: Feature request
+category : Stock management
+priority: Urgent

test/fixtures/users.yml

@@ -96,5 +96,53 @@ users_006:
   mail_notification: false
   login: ''
   type: AnonymousUser
+users_007: 
+  id: 7
+  created_on: 2006-07-19 19:33:19 +02:00
+  status: 1
+  last_login_on: 
+  language: ''
+  hashed_password: 1
+  updated_on: 2006-07-19 19:33:19 +02:00
+  admin: false
+  mail: someone@foo.bar
+  lastname: One
+  firstname: Some
+  auth_source_id: 
+  mail_notification: false
+  login: someone
+  type: User
+users_008: 
+  id: 8
+  created_on: 2006-07-19 19:33:19 +02:00
+  status: 1
+  last_login_on: 
+  language: 'it'
+  hashed_password: 1
+  updated_on: 2006-07-19 19:33:19 +02:00
+  admin: false
+  mail: miscuser8@foo.bar
+  lastname: Misc
+  firstname: User
+  auth_source_id: 
+  mail_notification: false
+  login: miscuser8
+  type: User
+users_009: 
+  id: 9
+  created_on: 2006-07-19 19:33:19 +02:00
+  status: 1
+  last_login_on: 
+  language: 'it'
+  hashed_password: 1
+  updated_on: 2006-07-19 19:33:19 +02:00
+  admin: false
+  mail: miscuser9@foo.bar
+  lastname: Misc
+  firstname: User
+  auth_source_id: 
+  mail_notification: false
+  login: miscuser9
+  type: User
 
   

test/functional/account_controller_test.rb

@@ -37,13 +37,30 @@ class AccountControllerTest < Test::Unit::TestCase
     assert_template 'show'
     assert_not_nil assigns(:user)
   end
+
+  def test_show_should_not_fail_when_custom_values_are_nil
+    user = User.find(2)
+
+    # Create a custom field to illustrate the issue
+    custom_field = CustomField.create!(:name => 'Testing', :field_format => 'text')
+    custom_value = user.custom_values.build(:custom_field => custom_field).save!
+
+    get :show, :id => 2
+    assert_response :success
+  end
   
+
   def test_show_inactive
     get :show, :id => 5
     assert_response 404
     assert_nil assigns(:user)
   end
   
+  def test_show_should_not_reveal_users_with_no_visible_activity_or_project
+    get :show, :id => 9
+    assert_response 404
+  end
+  
   def test_login_should_redirect_to_back_url_param
     # request.uri is "test.host" in test environment
     post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.host%2Fissues%2Fshow%2F1'

test/functional/issues_controller_test.rb

@@ -255,6 +255,14 @@ class IssuesControllerTest < Test::Unit::TestCase
                                 :child => { :tag => 'legend', 
                                             :content => /Notes/ } }
   end
+  
+  def test_show_atom
+    get :show, :id => 2, :format => 'atom'
+    assert_response :success
+    assert_template 'changes'
+    # Inline image
+    assert @response.body.include?("&lt;img src=\"http://test.host/attachments/download/10\" alt=\"\" /&gt;")
+  end
 
   def test_show_export_to_pdf
     get :show, :id => 3, :format => 'pdf'

test/functional/news_controller_test.rb

@@ -118,6 +118,15 @@ class NewsControllerTest < Test::Unit::TestCase
     assert_equal User.find(2), comment.author
   end
   
+  def test_empty_comment_should_not_be_added
+    @request.session[:user_id] = 2
+    assert_no_difference 'Comment.count' do
+      post :add_comment, :id => 1, :comment => { :comments => '' }
+      assert_response :success
+      assert_template 'show'
+    end
+  end
+  
   def test_destroy_comment
     comments_count = News.find(1).comments.size
     @request.session[:user_id] = 2

test/functional/projects_controller_test.rb

@@ -68,6 +68,16 @@ class ProjectsControllerTest < Test::Unit::TestCase
     assert_equal Project.find_by_identifier('ecookbook'), assigns(:project)
   end
   
+  def test_show_should_not_fail_when_custom_values_are_nil
+    project = Project.find_by_identifier('ecookbook')
+    project.custom_values.first.update_attribute(:value, nil)
+    get :show, :id => 'ecookbook'
+    assert_response :success
+    assert_template 'show'
+    assert_not_nil assigns(:project)
+    assert_equal Project.find_by_identifier('ecookbook'), assigns(:project)
+  end
+  
   def test_private_subprojects_hidden
     get :show, :id => 'ecookbook'
     assert_response :success

test/unit/helpers/application_helper_test.rb

@@ -79,6 +79,19 @@ class ApplicationHelperTest < HelperTestCase
     to_test.each { |text, result| assert_equal "<p>#{result}</p>", textilizable(text) }
   end
   
+  def test_inline_images_inside_tags
+    raw = <<-RAW
+h1. !foo.png! Heading
+
+Centered image:
+
+p=. !bar.gif!
+RAW
+
+    assert textilizable(raw).include?('<img src="foo.png" alt="" />')
+    assert textilizable(raw).include?('<img src="bar.gif" alt="" />')
+  end
+  
   def test_acronyms
     to_test = {
       'this is an acronym: GPL(General Public License)' => 'this is an acronym: <acronym title="General Public License">GPL</acronym>',
@@ -122,6 +135,8 @@ class ApplicationHelperTest < HelperTestCase
     
     changeset_link = link_to('r1', {:controller => 'repositories', :action => 'revision', :id => 'ecookbook', :rev => 1},
                                    :class => 'changeset', :title => 'My very first commit')
+    changeset_link2 = link_to('r2', {:controller => 'repositories', :action => 'revision', :id => 'ecookbook', :rev => 2},
+                                    :class => 'changeset', :title => 'This commit fixes #1, #2 and references #1 & #3')
     
     document_link = link_to('Test document', {:controller => 'documents', :action => 'show', :id => 1},
                                              :class => 'document')
@@ -139,6 +154,9 @@ class ApplicationHelperTest < HelperTestCase
       '#3, #3 and #3.'              => "#{issue_link}, #{issue_link} and #{issue_link}.",
       # changesets
       'r1'                          => changeset_link,
+      'r1.'                         => "#{changeset_link}.",
+      'r1, r2'                      => "#{changeset_link}, #{changeset_link2}",
+      'r1,r2'                       => "#{changeset_link},#{changeset_link2}",
       # documents
       'document#1'                  => document_link,
       'document:"Test document"'    => document_link,

test/unit/mail_handler_test.rb

@@ -92,6 +92,21 @@ class MailHandlerTest < Test::Unit::TestCase
     assert issue.description.include?('Lorem ipsum dolor sit amet, consectetuer adipiscing elit.')
   end
   
+  def test_add_issue_with_spaces_between_attribute_and_separator
+    issue = submit_email('ticket_with_spaces_between_attribute_and_separator.eml', :allow_override => 'tracker,category,priority')
+    assert issue.is_a?(Issue)
+    assert !issue.new_record?
+    issue.reload
+    assert_equal 'New ticket on a given project', issue.subject
+    assert_equal User.find_by_login('jsmith'), issue.author
+    assert_equal Project.find(2), issue.project
+    assert_equal 'Feature request', issue.tracker.to_s
+    assert_equal 'Stock management', issue.category.to_s
+    assert_equal 'Urgent', issue.priority.to_s
+    assert issue.description.include?('Lorem ipsum dolor sit amet, consectetuer adipiscing elit.')
+  end
+
+  
   def test_add_issue_with_attachment_to_specific_project
     issue = submit_email('ticket_with_attachment.eml', :issue => {:project => 'onlinestore'})
     assert issue.is_a?(Issue)

test/unit/query_test.rb

@@ -150,15 +150,17 @@ class QueryTest < Test::Unit::TestCase
 
   def test_operator_contains
     query = Query.new(:project => Project.find(1), :name => '_')
-    query.add_filter('subject', '~', ['string'])
-    assert query.statement.include?("#{Issue.table_name}.subject LIKE '%string%'")
-    find_issues_with_query(query)
+    query.add_filter('subject', '~', ['uNable'])
+    assert query.statement.include?("LOWER(#{Issue.table_name}.subject) LIKE '%unable%'")
+    result = find_issues_with_query(query)
+    assert result.empty?
+    result.each {|issue| assert issue.subject.downcase.include?('unable') }
   end
   
   def test_operator_does_not_contains
     query = Query.new(:project => Project.find(1), :name => '_')
-    query.add_filter('subject', '!~', ['string'])
-    assert query.statement.include?("#{Issue.table_name}.subject NOT LIKE '%string%'")
+    query.add_filter('subject', '!~', ['uNable'])
+    assert query.statement.include?("LOWER(#{Issue.table_name}.subject) NOT LIKE '%unable%'")
     find_issues_with_query(query)
   end