stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-06-10 05:29:13 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,286 Commits 4 Branches 0 Tags
0a2da7731ad7d1cf7c0164a455457d91ba767e83
Commit Graph

54 Commits

Author SHA1 Message Date
Tim Almdal
7aa03e59ba Merge branch 'master' of git@github.com:gallery/gallery3 2009-07-30 19:25:43 -07:00
Bharat Mediratta
19d89f94f9 Remove debug statements 2009-07-30 09:57:24 -07:00
Bharat Mediratta
031a19724a Update golden file 2009-07-30 09:55:09 -07:00
Tim Almdal
a7f4d7aced Revert commit 078c77a62b and change the 
tag_event:item_edit_form to use the new Form_Script library to inject
script into a form.

Signed-off-by: Tim Almdal <tnalmdal@shaw.ca>
 2009-07-28 21:00:25 +08:00
Tim Almdal
2e8f73d4e9 Revert commit 078c77a62b and change the 
tag_event:item_edit_form to use the new Form_Script library to inject
script into a form.
 2009-07-28 05:40:28 -07:00
Tim Almdal
2f969c80eb Create A Forge Script element. Form_Script allows the specification 
of either a url to a script file or in line text which will be included
in a script block.

Signed-off-by: Tim Almdal <tnalmdal@shaw.ca>
 2009-07-28 12:04:23 +08:00
Tim Almdal
4550969101 Create A Forge Script element. Form_Script allows the specification 
of either a url to a script file or in line text which will be included
in a script block.
 2009-07-27 20:59:58 -07:00
Tim Almdal
1f014aae6c Allow a theme to override the page refresh mechanism. Create a new 
javascript lib (gallery.reload.js) which defines the functions
gallery_reload() and gallery_location(new_location).  They just
do a window.location.reload() and window.location = new_location.

This change breaks the assumption that all themes will handle page reloads
the same and allows the theme to customize the page refresh.
 2009-07-27 12:39:12 -07:00
Bharat Mediratta
b3fe70e654 Updated. 2009-07-27 11:34:27 -07:00
Tim Almdal
5fd82a2ede Back out the fix for ticket #452 
Revert "Changed access::user_can to force the owner of an item to have"

This reverts commit 0b97cfd6f0.
 2009-07-27 11:13:20 -07:00
Andy Staudacher
570e0b0267 Merge branch 'master' of git://github.com/rledisez/gallery3 into rledisez/master 2009-07-26 22:45:53 -07:00
Tim Almdal
0b97cfd6f0 Changed access::user_can to force the owner of an item to have 
view permission on the parent. Added a whitelist of allowable
owner permissions.

If the requested permission is view and the user requesting access
is the owner, check that they have view permission to the parent.
 2009-07-26 09:29:29 -07:00
Romain LE DISEZ
23bb6eb7e3 Rename columns that use reserved SQL words : items.left and items.right 2009-07-25 19:06:54 +02:00
Tim Almdal
078c77a62b Add tag autocomplete to the album and photo edit pop up dialogs. 
This required putting a wrapper view around the forms and passing
this view as the parameter to the item_edit_form event.  The view
contains a $script variable that the modules can add script to be
included in the form html when rendered as part of the ajax response.
 2009-07-24 14:18:15 -07:00
Tim Almdal
fa1d32e646 Partial implementation of ticket #80. Provide auto complete and suggestions on the tag add form in the tag sidebar block. Updated the xss golden file as well. Still to do figure out how toget it into the edit popup dialog 2009-07-24 11:24:43 -07:00
Bharat Mediratta
0e9b80d2ef Updated golden file 2009-07-23 16:20:40 -07:00
Tim Almdal
d4104a23ec Add explicit unit tests for access::user_can 2009-07-22 15:16:56 -07:00
Bharat Mediratta
59e410bb79 Updated for movieplayer.html.php update 2009-07-21 07:25:34 -07:00
Bharat Mediratta
8a6556b30b Fix a bug where moved items don't properly inherit permissions from 
their new target.  After each move, recalculate the permissions for
the new parent's hierarchy.

Fixes ticket #552
 2009-07-17 08:14:08 -07:00
Bharat Mediratta
43324fd12a Update golden file to match recent changes in event code. 2009-07-16 12:29:01 -07:00
Bharat Mediratta
5b3b675b6d Non-trivial changes to the event handling code: 
1) The item_updated event no longer takes the old and new items.
   Instead we overload ORM to track the original data and make
   that available via the item.  This will allow us to move event
   publishing down into the API methods which in turn will give us
   more stability since we won't require each controller to remember
   to do it.

2) ORM class now tracks the original values.  It doesn't track
   the original relationships (no need for that, yet)

3) Added new events:
     item_deleted
     group_deleted
     user_deleted
 2009-07-16 11:19:34 -07:00
Bharat Mediratta
b46998e392 Update Xss_Security_Test to know about p::purify() and checkpoint the 
golden file.
 2009-07-16 10:24:10 -07:00
Bharat Mediratta
e2a9a1d284 Add quotes around all values that contain spaces in them, and add a 
test to make sure that we continue to do so.

This makes sure that we don't have problems with 5.3 which treats the
literal "on" as a boolean.
 2009-07-13 10:36:55 -07:00
Tim Almdal
f6d847739a Update the source so the third party code passes the File Structure Test 2009-07-03 14:18:45 -07:00
Bharat Mediratta
d8e776cc88 Checkpoint. 2009-06-30 19:12:46 -07:00
Bharat Mediratta
77a78b4990 Revert to serializing and deserializing data. The cache table can't 
accept PHP constructs like arrays (the tests were choking on this).

Update tests to reflect the new `key` column.
 2009-06-29 20:53:55 -07:00
Bharat Mediratta
df17d576ab Checkpoint. 2009-06-29 20:33:34 -07:00
Tim Almdal
a0c07d4b54 Clean up code (i.e. preamble, tabs) from the caching implementation so the unit tests pass 2009-06-28 07:49:35 -07:00
Tim Almdal
52ecdcdff2 Implemented a Database driver for the Kohana Cache library. Rather then writing our own caching algorithm, we can leverage the Kohana library. This has the added advantage of allowing the administrator to replace the default caching with a 3rd party caching algorithm. 2009-06-27 23:24:23 -07:00
Bharat Mediratta
d8fe96d70b Update version comparison to match latest gallery module version 2009-06-22 13:48:19 -07:00
Bharat Mediratta
a5eb5e3e80 Updated 2009-06-22 13:25:46 -07:00
Bharat Mediratta
fc64a55f2e Golden file update 2009-06-10 00:14:55 -07:00
Bharat Mediratta
bccaad92bb Update xss golden file 2009-06-06 14:50:51 -07:00
Andy Staudacher
329bd8caa1 Remove source code copy artefact 2009-06-05 18:31:15 -07:00
Andy Staudacher
4fcad78f54 Update golden file of Xss test 2009-06-05 16:10:08 -07:00
Bharat Mediratta
54927248b0 Updated for csrf in admin.html.php 2009-06-04 22:10:45 -07:00
Bharat Mediratta
743b321154 Change "CLEAN" to an empty string to see if it's better visually. 
Looks like it is.
 2009-06-04 12:23:12 -07:00
Bharat Mediratta
1acc64add7 Update xss clean list 2009-06-04 12:22:41 -07:00
Tim Almdal
dbeceb333b Improve test isolation so that Albums_Controller_Test doesn't fail when run with Photos_Controller_Test 2009-06-02 14:19:03 -07:00
Bharat Mediratta
ffb3abdcac Restore "view" permissions on the root album in teardown. 2009-06-02 13:37:19 -07:00
Tim Almdal
4f50357a38 fix the xss_security_test in regards to the renaming of thumb_tag, resize_tag and move_tag. 2009-06-02 12:56:36 -07:00
Bharat Mediratta
0ec3f1b830 Update for changes to admin_users_group.html.php 2009-05-31 19:32:13 -07:00
Bharat Mediratta
897ca2806d Updated for renamed variable 2009-05-31 01:22:48 -07:00
Bharat Mediratta
e30b45be07 Merge branch 'master' of git://github.com/gallery/gallery3 2009-05-31 01:15:11 -07:00
Bharat Mediratta
af0031e029 Xss scanner golden file. Up to date. 2009-05-31 01:10:52 -07:00
Bharat Mediratta
a049de28ac Update the clean/dirty format, check all ffiles instead of just one (which was for debugging) 2009-05-31 00:13:28 -07:00
Bharat Mediratta
ad81861c33 First pass at an XSS security test, along with the "p" helper which 
can clean HTML output.
 2009-05-31 00:11:02 -07:00
Tim Almdal
45d58c8680 Remove the test images from the gallery module and move it to the developer module in -contrib 2009-05-31 00:10:04 -07:00
Bharat Mediratta
1a095fffe5 Prepend all code files we copy from Gallery2 and put into var with our 
code preamble for security.

Update File_Structure_Test::code_files_start_with_preamble_test to
check all the php files in var, too.
 2009-05-28 02:19:53 -07:00
Bharat Mediratta
c8aa9ed440 Update tests to reflect cache-buster param on thumbnail urls. 2009-05-28 01:58:41 -07:00