Redmine

  abort "Redmine requires Bundler 1.5.0 or higher (you're using #{Bundler::VERSION}).\nPlease update with 'gem update bundler'."

end

gem "coderay", "~> 1.1.1"

gem "request_store", "1.0.5"

gem "mime-types", "~> 3.0"

gem "actionpack-xml_parser"

gem "roadie", "~> 3.2.1"

gem "mimemagic"

gem "i18n", "~> 0.7.0"

# Request at least rails-html-sanitizer 1.0.3 because of security advisories

end

group :test do

  gem "rails-dom-testing"

  gem "mocha"

  gem "simplecov", "~> 0.14.1", :require => false

  # For running UI tests

  gem "capybara"

  gem "selenium-webdriver", "~> 2.53.4"

  end

  def update_from_params

      @import.settings ||= {}

      @import.save!

    end

  end

    block_settings = params[:settings] || {}

    block_settings.each do |block, settings|

    end

    @user.pref.save

    @updated_blocks = block_settings.keys

  before_action :authorize

  def update

    end

    redirect_to settings_project_path(@project, :tab => 'activities')

    flash[:notice] = l(:notice_successful_update)

    redirect_to settings_project_path(@project, :tab => 'activities')

  end

end

    fetcher = Redmine::Search::Fetcher.new(

      @question, User.current, @scope, projects_to_search,

      :all_words => @all_words, :titles_only => @titles_only, :attachments => @search_attachments, :open_issues => @open_issues,

    )

    if fetcher.tokens.present?

  def edit

    @notifiables = Redmine::Notifiable.all

    if request.post?

      if errors.blank?

        flash[:notice] = l(:notice_successful_update)

        redirect_to settings_path(:tab => params[:tab])

        format.html {

          flash[:notice] = l(:notice_user_successful_create, :id => view_context.link_to(@user.login, user_path(@user)))

          if params[:continue]

            redirect_to new_user_path(:user => attrs)

          else

            redirect_to edit_user_path(@user)

  # Returns the javascript tags that are included in the html layout head

  def javascript_heads

    unless User.current.pref.warn_on_leaving_unsaved == '0'

      tags << "\n".html_safe + javascript_tag("$(window).load(function(){ warnLeavingUnsaved('#{escape_javascript l(:text_warn_on_leaving_unsaved)}'); });")

    end

  validates_length_of :disk_filename, :maximum => 255

  validates_length_of :description, :maximum => 255

  validate :validate_max_file_size, :validate_file_extension

  acts_as_event :title => :filename,

                :url => Proc.new {|o| {:controller => 'attachments', :action => 'show', :id => o.id, :filename => o.filename}}

  validates_presence_of :name

  validates_uniqueness_of :name

  validates_length_of :name, :maximum => 60

  safe_attributes 'name',

    'host',

  validates_length_of :name, :maximum => 30

  validates_length_of :description, :maximum => 255

  validate :validate_board

  scope :visible, lambda {|*args|

    joins(:project).

  validates_presence_of :changeset_id, :action, :path

  before_save :init_path

  before_validation :replace_invalid_utf8_of_path

  def replace_invalid_utf8_of_path

    self.path      = Redmine::CodesetUtil.replace_invalid_utf8(self.path)

  validates_presence_of :repository_id, :revision, :committed_on, :commit_date

  validates_uniqueness_of :revision, :scope => :repository_id

  validates_uniqueness_of :scmid, :scope => :repository_id, :allow_nil => true

  scope :visible, lambda {|*args|

    joins(:repository => :project).

  belongs_to :author, :class_name => 'User'

  validates_presence_of :commented, :author, :comments

  after_create :send_notification

  validates_length_of :regexp, maximum: 255

  validates_inclusion_of :field_format, :in => Proc.new { Redmine::FieldFormat.available_formats }

  validate :validate_custom_field

  before_validation :set_searchable

  before_save do |field|

  end

  after_save :handle_multiplicity_change

  after_save do |field|

      field.roles.clear

    end

  end

  # Removes multiple values for the custom field after setting the multiple attribute to false

  # We kepp the value with the highest id for each customized object

  def handle_multiplicity_change

      ids = custom_values.

        where("EXISTS(SELECT 1 FROM #{CustomValue.table_name} cve WHERE cve.custom_field_id = #{CustomValue.table_name}.custom_field_id" +

          " AND cve.customized_type = #{CustomValue.table_name}.customized_type AND cve.customized_id = #{CustomValue.table_name}.customized_id" +

class CustomValue < ActiveRecord::Base

  belongs_to :custom_field

  belongs_to :customized, :polymorphic => true

  after_save :custom_field_after_save_custom_value

  validates_presence_of :project, :title, :category

  validates_length_of :title, :maximum => 255

  after_create :send_notification

  include Redmine::SafeAttributes

  belongs_to :user

  after_create :deliver_security_notification_create

  after_update :destroy_tokens, :deliver_security_notification_update

  # send a security notification to user that an email has been changed (notified/not notified)

  def deliver_security_notification_update

      options = {

        message: :mail_body_security_notification_change_to,

        field: :field_mail,

        value: address

      }

      recipients = [user, address]

      options = {

        value: address

      }

    end

  # This helps to keep the account secure in case the associated email account

  # was compromised.

  def destroy_tokens

      tokens = ['recovery']

      Token.where(:user_id => user_id, :action => tokens).delete_all

    end

  validates_presence_of :name

  validates_uniqueness_of :name, :scope => :project_id

  after_create :module_enabled

  before_destroy :check_integrity

  before_save    :check_default

  validates_presence_of :name

  validates_uniqueness_of :name, :scope => [:type, :project_id]

  validates_length_of :name, :maximum => 30

  # position as the overridden enumeration

  def update_position

    super

      self.class.where.not(:parent_id => nil).update_all(

        "position = coalesce((

          select position

  validates_presence_of :lastname

  validates_uniqueness_of :lastname, :case_sensitive => false

  validates_length_of :lastname, :maximum => 255

  self.valid_statuses = [STATUS_ACTIVE]

  validates :start_date, :date => true

  validates :due_date, :date => true

  validate :validate_issue, :validate_required_fields, :validate_permissions

  scope :visible, lambda {|*args|

    joins(:project).

  before_validation :default_assign, on: :create

  before_validation :clear_disabled_fields

  before_save :close_duplicates, :update_done_ratio_from_issue_status,

  after_save :reschedule_following_issues, :update_nested_set_attributes,

             :update_parent_attributes, :delete_selected_attachments, :create_journal

  # Should be after_create but would be called before previous after_save callbacks

  after_save :after_create_from_copy

  after_destroy :update_parent_attributes

  after_create :send_notification

  # Returns a SQL conditions string used to find all issues visible by the specified user

  def self.visible_condition(user, options={})

    end

  end

    super

  ensure

    @status_was = nil

  # attr_accessible is too rough because we still want things like

  # Issue.new(:project => foo) to work

  def safe_attributes=(attrs, user=User.current)

    @attributes_set_by = user

    return unless attrs.is_a?(Hash)

      attrs['custom_fields'].select! {|c| editable_custom_field_ids.include?(c['id'].to_s)}

    end

  end

  def disabled_core_fields

    statuses

  end

  # Returns the original tracker

  def tracker_was

  end

  # Returns the users that should be notified

  def notified_users

    # Author and assignee are always notified unless they have been

    # locked or don't want to be notified

    notified = notified.select {|u| u.active? && u.notify_about?(self)}

    notified += project.notified_users

    # Move subtasks that were in the same project

    children.each do |child|

      # Change project and keep project

      child.send :project=, project, true

      unless child.save

  end

  def update_nested_set_attributes

      update_nested_set_attributes_on_parent_change

    end

    remove_instance_variable(:@parent_issue) if instance_variable_defined?(:@parent_issue)

  # Updates the nested set for when an existing issue is moved

  def update_nested_set_attributes_on_parent_change

    # delete invalid relations of all descendants

    self_and_descendants.each do |issue|

      issue.relations.each do |relation|

  # Updates start/due dates of following issues

  def reschedule_following_issues

      relations_from.each do |relation|

        relation.set_issue_to_dates

      end

    end

  end

  def clear_disabled_fields

    if tracker

      tracker.disabled_core_fields.each do |attribute|

  validates_presence_of :name

  validates_uniqueness_of :name, :scope => [:project_id]

  validates_length_of :name, :maximum => 60

  safe_attributes 'name', 'assigned_to_id'

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

class IssueCustomField < CustomField

  has_many :issues, :through => :issue_custom_values

  safe_attributes 'project_ids',

  has_many :issues, :foreign_key => 'priority_id'

  after_destroy {|priority| priority.class.compute_position_names}

  OptionName = :enumeration_issue_priorities

  validates_uniqueness_of :issue_to_id, :scope => :issue_from_id

  validate :validate_issue_relation

  before_save :handle_issue_order

  after_create  :call_issues_relation_added_callback

  after_destroy :call_issues_relation_removed_callback

    'issue_to_id'

  def safe_attributes=(attrs, user=User.current)

    return unless attrs.is_a?(Hash)

    attrs = attrs.deep_dup

  validates_uniqueness_of :name

  validates_length_of :name, :maximum => 30

  validates_inclusion_of :default_done_ratio, :in => 0..100, :allow_nil => true

  scope :sorted, lambda { order(:position) }

  scope :named, lambda {|arg| where("LOWER(#{table_name}.name) = LOWER(?)", arg.to_s.strip)}

  # Updates issues closed_on attribute when an existing status is set as closed.

  def handle_is_closed_change

      # First we update issues that have a journal for when the current status was set,

      # a subselect is used to update all issues with a single query

      subquery = Journal.joins(:details).

  belongs_to :user

  has_many :details, :class_name => "JournalDetail", :dependent => :delete_all, :inverse_of => :journal

  attr_accessor :indice

  acts_as_event :title => Proc.new {|o| status = ((s = o.new_status) ? " (#{s})" : nil); "#{o.issue.tracker} ##{o.issue.id}#{status}: #{o.issue.subject}" },

                :description => :notes,

class JournalDetail < ActiveRecord::Base

  belongs_to :journal

  def custom_field

    if property == 'cf'

  validates_presence_of :principal, :project

  validates_uniqueness_of :user_id, :scope => :project_id

  validate :validate_role

  before_destroy :set_issue_category_nil, :remove_from_project_default_assigned_to

  validates_presence_of :role

  validate :validate_role_member

  def validate_role_member

    errors.add :role_id, :invalid if role && !role.member?

  acts_as_tree :counter_cache => :replies_count, :order => "#{Message.table_name}.created_on ASC"

  acts_as_attachable

  belongs_to :last_reply, :class_name => 'Message'

  acts_as_searchable :columns => ['subject', 'content'],

                     :preload => {:board => :project},

  end

  def update_messages_board

      Message.where(["id = ? OR parent_id = ?", root.id, root.id]).update_all({:board_id => board_id})

      Board.reset_counters!(board_id)

    end

  end

  validates_presence_of :title, :description

  validates_length_of :title, :maximum => 60

  validates_length_of :summary, :maximum => 255

  acts_as_attachable :edit_permission => :manage_news,

                     :delete_permission => :manage_news

                :url => Proc.new {|o| {:controller => 'projects', :action => 'show', :id => o}},

                :author => nil

  validates_presence_of :name, :identifier

  validates_uniqueness_of :identifier, :if => Proc.new {|p| p.identifier_changed?}

  validates_length_of :name, :maximum => 255

  validates_exclusion_of :identifier, :in => %w( new )

  validate :validate_parent

  before_destroy :delete_all_members

  scope :has_module, lambda {|mod|

    scope

  end

  # Will create a new Project specific Activity or update an existing one

  #

  # This will raise a ActiveRecord::Rollback if the TimeEntryActivity

    :if => lambda {|project, user| project.parent.nil? || project.parent.visible?(user)}

  def safe_attributes=(attrs, user=User.current)

    return unless attrs.is_a?(Hash)

    attrs = attrs.deep_dup

  def update_inherited_members

    if parent

        remove_inherited_member_roles

        add_inherited_member_roles

        remove_inherited_member_roles

      end

    end

  serialize :sort_criteria, Array

  serialize :options, Hash

  validates_presence_of :name

  validates_length_of :name, :maximum => 255

  validates :visibility, :inclusion => { :in => [VISIBILITY_PUBLIC, VISIBILITY_ROLES, VISIBILITY_PRIVATE] }

  end

  after_save do |query|

      query.roles.clear

    end

  end

  # Add multiple filters using +add_filter+

  def add_filters(fields, operators, values)

      fields.each do |field|

        add_filter(field, operators[field], values && values[field])

      end

require 'redmine/scm/adapters/bazaar_adapter'

class Repository::Bazaar < Repository

  validates_presence_of :url, :log_encoding

  def self.human_attribute_name(attribute_key_name, *args)

require 'redmine/scm/adapters/filesystem_adapter'

class Repository::Filesystem < Repository

  validates_presence_of :url

  def self.human_attribute_name(attribute_key_name, *args)

require 'redmine/scm/adapters/git_adapter'

class Repository::Git < Repository

  validates_presence_of :url

  safe_attributes 'report_last_commit'

           lambda {order("#{Changeset.table_name}.id DESC")},

           :foreign_key => 'repository_id'

  validates_presence_of :url

  # number of changesets to fetch at once

require 'redmine/scm/adapters/subversion_adapter'

class Repository::Subversion < Repository

  validates_presence_of :url

  validates_format_of :url, :with => %r{\A(http|https|svn(\+[^\s:\/\\]+)?|file):\/\/.+}i

  # Checks if the SCM is enabled when creating a repository

  validate :repo_create_validation, :on => :create

  validate :validate_repository_path

  safe_attributes 'identifier',

    'login',

  serialize :permissions, ::Role::PermissionsAttributeCoder

  store :settings, :accessors => [:permissions_all_trackers, :permissions_tracker_ids]

  validates_presence_of :name

  validates_uniqueness_of :name

  validates_numericality_of :value, :only_integer => true, :if => Proc.new { |setting|

    (s = available_settings[setting.name]) && s['format'] == 'int'

  }

  # Hash used to cache setting values

  @cached_settings = {}

  belongs_to :user

  belongs_to :activity, :class_name => 'TimeEntryActivity'

  acts_as_customizable

  acts_as_event :title => Proc.new { |o|

                  related   = o.issue if o.issue && o.issue.visible?

class Token < ActiveRecord::Base

  belongs_to :user

  validates_uniqueness_of :value

  before_create :delete_previous_tokens, :generate_new_token

  has_and_belongs_to_many :custom_fields, :class_name => 'IssueCustomField', :join_table => "#{table_name_prefix}custom_fields_trackers#{table_name_suffix}", :association_foreign_key => 'custom_field_id'

  acts_as_positioned

  validates_presence_of :default_status

  validates_presence_of :name

  validates_uniqueness_of :name

  attr_accessor :last_before_login_on

  attr_accessor :remote_ip

  LOGIN_LENGTH_LIMIT = 60

  MAIL_LENGTH_LIMIT = 60

        case mail_notification

        when 'selected', 'only_my_events'

          # user receives notifications for created/assigned issues on unselected projects

        when 'only_assigned'

        when 'only_owner'

          object.author == self

        end

  # This helps to keep the account secure in case the associated email account

  # was compromised.

  def destroy_tokens

      tokens = ['recovery', 'autologin', 'session']

      Token.where(:user_id => id, :action => tokens).delete_all

    end

    }

    deliver = false

       deliver = true

       options[:message] = :mail_body_security_notification_add

    elsif (admin? && destroyed? && active?) ||      # active admin user was deleted

          deliver = true

          options[:message] = :mail_body_security_notification_remove

  belongs_to :user

  serialize :others

  before_save :set_others_hash, :clear_unused_block_settings

  safe_attributes 'hide_mail',

  validates :effective_date, :date => true

  validates_inclusion_of :status, :in => VERSION_STATUSES

  validates_inclusion_of :sharing, :in => VERSION_SHARINGS

  scope :named, lambda {|arg| where("LOWER(#{table_name}.name) = LOWER(?)", arg.to_s.strip)}

  scope :like, lambda {|arg|

  # Update the issue's fixed versions. Used if a version's sharing changes.

  def update_issues_from_sharing_change

          VERSION_SHARINGS.index(sharing).nil? ||

        Issue.update_versions_from_sharing_change self

      end

    end

  validates_presence_of :user

  validates_uniqueness_of :user_id, :scope => [:watchable_type, :watchable_id]

  validate :validate_user

  # Returns true if at least one object among objects is watched by user

  def self.any_watched?(objects, user)

  validates_presence_of :start_page

  validates_format_of :start_page, :with => /\A[^,\.\/\?\;\|\:]*\z/

  validates_length_of :start_page, maximum: 255

  before_destroy :delete_redirects

  belongs_to :author, :class_name => 'User'

  validates_presence_of :text

  validates_length_of :comments, :maximum => 1024, :allow_nil => true

  acts_as_versioned

  class Version

    belongs_to :page, :class_name => '::WikiPage'

    belongs_to :author, :class_name => '::User'

    acts_as_event :title => Proc.new {|o| "#{l(:label_wiki_edit)}: #{o.page.title} (##{o.version})"},

                  :description => :comments,

  def send_notification

    # new_record? returns false in after_save callbacks

      if Setting.notified_events.include?('wiki_content_added')

        Mailer.wiki_content_added(self).deliver

      end

      if Setting.notified_events.include?('wiki_content_updated')

        Mailer.wiki_content_updated(self).deliver

      end

  validates_uniqueness_of :title, :scope => :wiki_id, :case_sensitive => false

  validates_length_of :title, maximum: 255

  validates_associated :content

  validate :validate_parent_title

  before_destroy :delete_redirects

  end

  def safe_attributes=(attrs, user=User.current)

    return unless attrs.is_a?(Hash)

    attrs = attrs.deep_dup

  # Moves child pages if page was moved

  def handle_children_move

      children.each do |child|

        child.wiki_id = wiki_id

        child.redirect_existing_links = redirect_existing_links

  validates_presence_of :wiki_id, :title, :redirects_to

  validates_length_of :title, :redirects_to, :maximum => 255

  before_save :set_redirects_to_wiki_id

  belongs_to :new_status, :class_name => 'IssueStatus'

  validates_presence_of :role, :tracker

  # Copies workflows from source to targets

  def self.copy(source_tracker, source_role, target_trackers, target_roles)

    # Do not include all helpers

    config.action_controller.include_all_helpers = false

    # Sets the Content-Length header on responses with fixed-length bodies

    config.middleware.insert_after Rack::Sendfile, Rack::ContentLength

    end

  end

  class Relation ; undef open ; end

end

module ActionView

        unless asset_id.blank?

          source += "?#{asset_id}"

        end

      end

      alias :path_to_asset :asset_path_with_asset_id

            if File.exist? path

              exist = true

            else

              if File.exist? path

                exist = true

              end

# Add new mime types for use in respond_to blocks:

  get 'projects/:id/repository/:repository_id/statistics', :to => 'repositories#stats'

  get 'projects/:id/repository/:repository_id/graph', :to => 'repositories#graph'

  get 'projects/:id/repository/:repository_id/revisions/:rev', :to => 'repositories#revision'

  get 'projects/:id/repository/:repository_id/revision', :to => 'repositories#revision'

  post   'projects/:id/repository/:repository_id/revisions/:rev/issues', :to => 'repositories#add_related_issue'

    get "projects/:id/repository/:repository_id/revisions/:rev/#{action}(/*path)",

        :controller => 'repositories',

        :action => action,

  end

  get 'projects/:id/repository/statistics', :to => 'repositories#stats'

  get 'projects/:id/repository/graph', :to => 'repositories#graph'

  get 'projects/:id/repository/revisions', :to => 'repositories#revisions'

  get 'projects/:id/repository/revisions/:rev', :to => 'repositories#revision'

  get 'projects/:id/repository/revision', :to => 'repositories#revision'

    get "projects/:id/repository/revisions/:rev/#{action}(/*path)",

        :controller => 'repositories',

        :action => action,

  end

  %w(browse entry raw changes annotate diff).each do |action|

    get "projects/:id/repository/:repository_id/#{action}(/*path)",

        :controller => 'repositories',

        :action => action,

  end

  %w(browse entry raw changes annotate diff).each do |action|

    get "projects/:id/repository/#{action}(/*path)",

        :controller => 'repositories',

        :action => action,

  end

  get 'projects/:id/repository/:repository_id', :to => 'repositories#show', :path => nil

  get 'projects/:id/repository', :to => 'repositories#show', :path => nil

  # additional routes for having the file name at the end of url

  get 'attachments/download/:id/:filename', :to => 'attachments#download', :id => /\d+/, :filename => /.*/, :as => 'download_named_attachment'

  get 'attachments/download/:id', :to => 'attachments#download', :id => /\d+/

  get 'attachments/thumbnail/:id(/:size)', :to => 'attachments#thumbnail', :id => /\d+/, :size => /\d+/, :as => 'thumbnail'

  match 'uploads', :to => 'attachments#upload', :via => :post

  Dir.glob File.expand_path("#{Redmine::Plugin.directory}/*") do |plugin_dir|

    file = File.join(plugin_dir, "config/routes.rb")

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  class User < ActiveRecord::Base

  end

  # model removed

  # model removed

  class Permission < ActiveRecord::Base; end

  # model removed

  class Permission < ActiveRecord::Base; end

  # model removed

  class Permission < ActiveRecord::Base; end

  def self.up

    add_column :issues, :start_date, :date

    add_column :issues, :done_ratio, :integer, :default => 0, :null => false

  # model removed

  class Permission < ActiveRecord::Base; end

  # model removed, but needed for data migration

  class IssueHistory < ActiveRecord::Base; belongs_to :issue; end

  def self.up

    create_table :user_preferences do |t|

      t.column "user_id", :integer, :default => 0, :null => false

  def self.up

    add_column :user_preferences, :hide_mail, :boolean, :default => false

  end

  def self.up

    create_table :comments do |t|

      t.column :commented_type, :string, :limit => 30, :default => "", :null => false

  def self.up

    add_column :news, :comments_count, :integer, :default => 0, :null => false

  end

  # model removed

  class Permission < ActiveRecord::Base; end

  def self.up

    create_table :queries, :force => true do |t|

      t.column "project_id", :integer

  # model removed

  class Permission < ActiveRecord::Base; end