diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/Auth/Ldap.php | 39 | ||||
| -rw-r--r-- | app/Controller/Base.php | 2 | ||||
| -rw-r--r-- | app/Controller/Board.php | 2 | ||||
| -rw-r--r-- | app/Controller/Comment.php | 15 | ||||
| -rw-r--r-- | app/Controller/Task.php | 2 | ||||
| -rw-r--r-- | app/Controller/Taskstatus.php | 2 | ||||
| -rw-r--r-- | app/Core/Base.php | 5 | ||||
| -rw-r--r-- | app/Core/Plugin/Base.php | 11 | ||||
| -rw-r--r-- | app/Helper/Hook.php | 1 | ||||
| -rw-r--r-- | app/Model/Comment.php | 5 | ||||
| -rw-r--r-- | app/Model/Notification.php | 4 | ||||
| -rw-r--r-- | app/Model/UserSession.php | 22 | ||||
| -rw-r--r-- | app/ServiceProvider/ClassProvider.php | 2 | ||||
| -rw-r--r-- | app/Template/app/filters_helper.php | 2 | ||||
| -rw-r--r-- | app/Template/task/comments.php | 22 |
15 files changed, 107 insertions, 29 deletions
diff --git a/app/Auth/Ldap.php b/app/Auth/Ldap.php index a3c7522c..3a48c402 100644 --- a/app/Auth/Ldap.php +++ b/app/Auth/Ldap.php @@ -31,6 +31,17 @@ class Ldap extends Base } /** + * Get LDAP bind type + * + * @access public + * @return integer + */ + public function getLdapBindType() + { + return LDAP_BIND_TYPE; + } + + /** * Get LDAP server port * * @access public @@ -265,7 +276,7 @@ class Ldap extends Base public function connect() { if (! function_exists('ldap_connect')) { - $this->logger->error('The PHP LDAP extension is required'); + $this->logger->error('LDAP: The PHP LDAP extension is required'); return false; } @@ -277,7 +288,7 @@ class Ldap extends Base $ldap = ldap_connect($this->getLdapServer(), $this->getLdapPort()); if ($ldap === false) { - $this->logger->error('Unable to connect to the LDAP server'); + $this->logger->error('LDAP: Unable to connect to the LDAP server'); return false; } @@ -287,7 +298,7 @@ class Ldap extends Base ldap_set_option($ldap, LDAP_OPT_TIMELIMIT, 1); if (LDAP_START_TLS && ! @ldap_start_tls($ldap)) { - $this->logger->error('Unable to use ldap_start_tls()'); + $this->logger->error('LDAP: Unable to use ldap_start_tls()'); return false; } @@ -301,16 +312,15 @@ class Ldap extends Base * @param resource $ldap * @param string $username * @param string $password - * @param string $ldap_type * @return boolean */ - public function bind($ldap, $username, $password, $ldap_type = LDAP_BIND_TYPE) + public function bind($ldap, $username, $password) { - if ($ldap_type === 'user') { - $ldap_username = $this->getLdapUserPattern($username); + if ($this->getLdapBindType() === 'user') { + $ldap_username = sprintf($this->getLdapUsername(), $username); $ldap_password = $password; } - else if ($ldap_type === 'proxy') { + else if ($this->getLdapBindType() === 'proxy') { $ldap_username = $this->getLdapUsername(); $ldap_password = $this->getLdapPassword(); } @@ -320,6 +330,8 @@ class Ldap extends Base } if (! @ldap_bind($ldap, $ldap_username, $ldap_password)) { + $this->logger->error('LDAP: Unable to bind to server with: '.$ldap_username); + $this->logger->error('LDAP: bind type='.$this->getLdapBindType()); return false; } @@ -337,8 +349,11 @@ class Ldap extends Base */ public function getProfile($ldap, $username, $password) { - $entries = $this->executeQuery($ldap, $this->getLdapUserPattern($username)); + $user_pattern = $this->getLdapUserPattern($username); + $entries = $this->executeQuery($ldap, $user_pattern); + if ($entries === false) { + $this->logger->error('LDAP: Unable to get user profile: '.$user_pattern); return false; } @@ -346,6 +361,10 @@ class Ldap extends Base return $this->prepareProfile($ldap, $entries, $username); } + if (DEBUG) { + $this->logger->debug('LDAP: wrong password for '.$entries[0]['dn']); + } + return false; } @@ -442,7 +461,7 @@ class Ldap extends Base */ private function executeQuery($ldap, $query) { - $sr = ldap_search($ldap, $this->getLdapBaseDn(), $query, $this->getProfileAttributes()); + $sr = @ldap_search($ldap, $this->getLdapBaseDn(), $query, $this->getProfileAttributes()); if ($sr === false) { return false; } diff --git a/app/Controller/Base.php b/app/Controller/Base.php index 480976b0..e0fd59cb 100644 --- a/app/Controller/Base.php +++ b/app/Controller/Base.php @@ -80,7 +80,7 @@ abstract class Base extends \Core\Base private function sendHeaders($action) { // HTTP secure headers - $this->response->csp(array('style-src' => "'self' 'unsafe-inline'", 'img-src' => '* data:')); + $this->response->csp($this->container['cspRules']); $this->response->nosniff(); $this->response->xss(); diff --git a/app/Controller/Board.php b/app/Controller/Board.php index 840db05b..a2cde287 100644 --- a/app/Controller/Board.php +++ b/app/Controller/Board.php @@ -195,7 +195,7 @@ class Board extends Base $task = $this->getTask(); $this->response->html($this->template->render('board/tooltip_comments', array( - 'comments' => $this->comment->getAll($task['id']) + 'comments' => $this->comment->getAll($task['id'], $this->userSession->getCommentSorting()) ))); } diff --git a/app/Controller/Comment.php b/app/Controller/Comment.php index 81fd7215..cf0af615 100644 --- a/app/Controller/Comment.php +++ b/app/Controller/Comment.php @@ -183,4 +183,19 @@ class Comment extends Base $this->response->redirect($this->helper->url->to('task', 'show', array('task_id' => $task['id'], 'project_id' => $task['project_id']), 'comments')); } + + /** + * Toggle comment sorting + * + * @access public + */ + public function toggleSorting() + { + $task = $this->getTask(); + + $order = $this->userSession->getCommentSorting() === 'ASC' ? 'DESC' : 'ASC'; + $this->userSession->setCommentSorting($order); + + $this->response->redirect($this->helper->url->href('task', 'show', array('task_id' => $task['id'], 'project_id' => $task['project_id']), false, 'comments')); + } } diff --git a/app/Controller/Task.php b/app/Controller/Task.php index 0770fcd1..8e577839 100644 --- a/app/Controller/Task.php +++ b/app/Controller/Task.php @@ -68,7 +68,7 @@ class Task extends Base 'project' => $this->project->getById($task['project_id']), 'files' => $this->file->getAllDocuments($task['id']), 'images' => $this->file->getAllImages($task['id']), - 'comments' => $this->comment->getAll($task['id']), + 'comments' => $this->comment->getAll($task['id'], $this->userSession->getCommentSorting()), 'subtasks' => $subtasks, 'links' => $this->taskLink->getAllGroupedByLabel($task['id']), 'task' => $task, diff --git a/app/Controller/Taskstatus.php b/app/Controller/Taskstatus.php index 9260b658..1768b773 100644 --- a/app/Controller/Taskstatus.php +++ b/app/Controller/Taskstatus.php @@ -30,8 +30,6 @@ class Taskstatus extends Base public function open() { $task = $this->getTask(); - $redirect = $this->request->getStringParam('redirect'); - $this->changeStatus($task, 'open', t('Task opened successfully.'), t('Unable to open this task.')); $this->renderTemplate($task, 'task_status/open'); } diff --git a/app/Core/Base.php b/app/Core/Base.php index 71d54413..7503e840 100644 --- a/app/Core/Base.php +++ b/app/Core/Base.php @@ -34,6 +34,7 @@ use Pimple\Container; * @property \Integration\Sendgrid $sendgrid * @property \Integration\SlackWebhook $slackWebhook * @property \Integration\Smtp $smtp + * @property \Formatter\ProjectGanttFormatter $projectGanttFormatter * @property \Formatter\TaskFilterGanttFormatter $taskFilterGanttFormatter * @property \Formatter\TaskFilterAutoCompleteFormatter $taskFilterAutoCompleteFormatter * @property \Formatter\TaskFilterCalendarFormatter $taskFilterCalendarFormatter @@ -53,6 +54,10 @@ use Pimple\Container; * @property \Model\LastLogin $lastLogin * @property \Model\Link $link * @property \Model\Notification $notification + * @property \Model\NotificationType $notificationType + * @property \Model\NotificationFilter $notificationFilter + * @property \Model\OverdueNotification $overdueNotification + * @property \Model\WebNotification $webNotification * @property \Model\Project $project * @property \Model\ProjectActivity $projectActivity * @property \Model\ProjectAnalytic $projectAnalytic diff --git a/app/Core/Plugin/Base.php b/app/Core/Plugin/Base.php index a72a0cd6..1b7ac8f5 100644 --- a/app/Core/Plugin/Base.php +++ b/app/Core/Plugin/Base.php @@ -19,6 +19,17 @@ abstract class Base extends \Core\Base abstract public function initialize(); /** + * Override default CSP rules + * + * @access public + * @param array $rules + */ + public function setContentSecurityPolicy(array $rules) + { + $this->container['cspRules'] = $rules; + } + + /** * Returns all classes that needs to be stored in the DI container * * @access public diff --git a/app/Helper/Hook.php b/app/Helper/Hook.php index bf879878..dc76e5e7 100644 --- a/app/Helper/Hook.php +++ b/app/Helper/Hook.php @@ -16,7 +16,6 @@ class Hook extends \Core\Base * @access public * @param string $type * @param string $hook - * @param array $variables * @return string */ public function asset($type, $hook) diff --git a/app/Model/Comment.php b/app/Model/Comment.php index e3ffc1be..c1c800c3 100644 --- a/app/Model/Comment.php +++ b/app/Model/Comment.php @@ -34,9 +34,10 @@ class Comment extends Base * * @access public * @param integer $task_id Task id + * @param string $sorting ASC/DESC * @return array */ - public function getAll($task_id) + public function getAll($task_id, $sorting = 'ASC') { return $this->db ->table(self::TABLE) @@ -51,7 +52,7 @@ class Comment extends Base User::TABLE.'.email' ) ->join(User::TABLE, 'id', 'user_id') - ->orderBy(self::TABLE.'.date_creation', 'ASC') + ->orderBy(self::TABLE.'.date_creation', $sorting) ->eq(self::TABLE.'.task_id', $task_id) ->findAll(); } diff --git a/app/Model/Notification.php b/app/Model/Notification.php index dbd60a2f..525e7f13 100644 --- a/app/Model/Notification.php +++ b/app/Model/Notification.php @@ -113,7 +113,7 @@ class Notification extends Base */ public function saveSettings($user_id, array $values) { - // $this->db->startTransaction(); + $this->db->startTransaction(); if (isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1) { $this->enableNotification($user_id); @@ -130,7 +130,7 @@ class Notification extends Base $this->disableNotification($user_id); } - // $this->db->closeTransaction(); + $this->db->closeTransaction(); } /** diff --git a/app/Model/UserSession.php b/app/Model/UserSession.php index 1ae3fdf4..4c0364ce 100644 --- a/app/Model/UserSession.php +++ b/app/Model/UserSession.php @@ -154,4 +154,26 @@ class UserSession extends Base { $_SESSION['board_collapsed'][$project_id] = $collapsed; } + + /** + * Set comments sorting + * + * @access public + * @param string $order + */ + public function setCommentSorting($order) + { + $this->session['comment_sorting'] = $order; + } + + /** + * Get comments sorting direction + * + * @access public + * @return string + */ + public function getCommentSorting() + { + return $this->session['comment_sorting'] ?: 'ASC'; + } } diff --git a/app/ServiceProvider/ClassProvider.php b/app/ServiceProvider/ClassProvider.php index 8a959638..5d157749 100644 --- a/app/ServiceProvider/ClassProvider.php +++ b/app/ServiceProvider/ClassProvider.php @@ -126,5 +126,7 @@ class ClassProvider implements ServiceProviderInterface }; $container['pluginLoader'] = new Loader($container); + + $container['cspRules'] = array('style-src' => "'self' 'unsafe-inline'", 'img-src' => '* data:'); } } diff --git a/app/Template/app/filters_helper.php b/app/Template/app/filters_helper.php index 529aa6a5..71b57a8c 100644 --- a/app/Template/app/filters_helper.php +++ b/app/Template/app/filters_helper.php @@ -1,7 +1,7 @@ <div class="dropdown filters"> <i class="fa fa-caret-down"></i> <a href="#" class="dropdown-menu"><?= t('Filters') ?></a> <ul> - <li><a href="#" class="filter-helper" data-filter="<?= isset($reset) ? $reset : '' ?>" title="<?= t('Keyboard shortcut: "%s"', 'r') ?>"><?= t('Reset filters') ?></a></li> + <li><a href="#" class="filter-helper filter-reset" data-filter="<?= isset($reset) ? $reset : '' ?>" title="<?= t('Keyboard shortcut: "%s"', 'r') ?>"><?= t('Reset filters') ?></a></li> <li><a href="#" class="filter-helper" data-filter="status:open assignee:me"><?= t('My tasks') ?></a></li> <li><a href="#" class="filter-helper" data-filter="status:open assignee:me due:tomorrow"><?= t('My tasks due tomorrow') ?></a></li> <li><a href="#" class="filter-helper" data-filter="status:open due:today"><?= t('Tasks due today') ?></a></li> diff --git a/app/Template/task/comments.php b/app/Template/task/comments.php index a09862f9..070de320 100644 --- a/app/Template/task/comments.php +++ b/app/Template/task/comments.php @@ -1,7 +1,13 @@ <?php if (! empty($comments)): ?> <div id="comments" class="task-show-section"> <div class="page-header"> - <h2><?= t('Comments') ?></h2> + <h2> + <?= t('Comments') ?> + <span class="comment-sorting"> + <i class="fa fa-sort"></i> + <?= $this->url->link(t('change sorting'), 'comment', 'toggleSorting', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?> + </span> + </h2> </div> <?php foreach ($comments as $comment): ?> @@ -16,13 +22,13 @@ <?php if (! isset($not_editable)): ?> <?= $this->render('comment/create', array( - 'skip_cancel' => true, - 'values' => array( - 'user_id' => $this->user->getId(), - 'task_id' => $task['id'], - ), - 'errors' => array(), - 'task' => $task + 'skip_cancel' => true, + 'values' => array( + 'user_id' => $this->user->getId(), + 'task_id' => $task['id'], + ), + 'errors' => array(), + 'task' => $task )) ?> <?php endif ?> </div> |