AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,454 Commits 2 Branches 0 Tags 86 MiB
Commit Graph

690 Commits

Author SHA1 Message Date
Frédéric Guillot 463dfbf4fe Fix incorrect parameter encoding when using URLs rewriting 
A parameter with quotes or other special characters should be url encoded.

Incorrect encoding could happen when using search queries like this one:

modified:">=2023-04-01"
 2023-04-19 21:37:19 -07:00
Frédéric Guillot d3f38d1bf2 Add support for task links in Markdown headings 
If a text block matches #(\d+) it will be interpreted as a task link instead
of a heading.

Closes #5017
 2023-04-18 21:17:45 -07:00
Frédéric Guillot d3948e89a9 Trigger EVENT_MOVE_COLUMN event when moving task to another swimlane 
Fixes #4581
 2023-04-07 16:35:21 -07:00
Frédéric Guillot 38e82fe5e5 Duplicate external links when duplicating tasks 
Fixes #4748
 2023-04-06 20:51:57 -07:00
mundry 59a4c7f73b
Duplicate attachments & external links during task duplication & importing 2023-03-24 19:48:32 -07:00
Frédéric Guillot 18ed87cbd3 Filtering by category does not show results when the category name is a number 
Fixes #4789
 2023-03-04 14:50:12 -08:00
Frédéric Guillot b138a99ce3 Better handling of max file upload size according to PHP settings 
- Allow unlimited size
- Better parsing of PHP size

Fixes #4896
 2023-03-02 20:51:47 -08:00
Joe Nahmias 87e9a770c8 fix(test): searching with trailing space returns data on MSSQL 
Microsoft SQL Server automatically pads the shorter of two strings of
unequal length with spaces prior to comparisons. Thus, searching for
username = 'test ' (unexpectedly) matches a row where username = 'test'.

Since kanboard does not rely on this behavior or its absence, simply
remove the test as unecessary to avoid this differing result amongst the
various database backends.

Ref: https://support.microsoft.com/en-us/topic/inf-how-sql-server-compares-strings-with-trailing-spaces-b62b1a2d-27d3-4260-216d-a605719003b0
 2023-02-20 19:23:53 -08:00
peter af8159b4bb Allow full name to be retrieved by SSO ReverseProxy 
Expand on #4585 by also getting the user's full name from the Reverse Proxy:
If a ReverseProxy provides more than REMOTE_USER, such as email, it might
as well also provide the user's full name.
 2023-02-18 17:28:39 -08:00
jnahmias 83a8415d99 Use assertEqualsWithDelta() to test time_spent 
Timing, clock skew, and network conditions can cause slight skew in the generated/expected timestamps in the unit test vs. actual recorded timestamps in the database. This can cause flakiness in the tests due to sporadic failures when things don't perfectly align. To fix this, we change assertEquals() to assertEqualsWithDelta() with a small (3 second) delta to account for this potential delay.
 2023-02-16 18:23:20 -08:00
Frédéric Guillot d0941ccd4e Update task time spent/estimated when removing a subtask 
Fixes #3811
 2023-02-13 20:52:39 -08:00
Frédéric Guillot bd8bcfbc37 Always trim the username before saving changes in the database 
Fixes #4742
 2023-02-12 19:30:23 -08:00
Joe Nahmias 8b550ff552 tests(odbc): skip ProjectModelTest::testCreationForAllLanguages due to bug in pdo_odbc 2022-10-29 21:11:15 -07:00
Joe Nahmias ab353a3d8f tests: configure unit tests to run on MSSQL [odbc/dblib] 2022-10-29 21:11:15 -07:00
Joe Nahmias 338d02a2f6 tests: add test start/end markers to log and dump all SQL at end 2022-10-29 21:11:15 -07:00
Joe Nahmias af4fd62b55 fix(tests): use assertEqualsWithDelta() when checking currency rate 
it is stored as a real (float) value, so needs a delta comparison
 2022-10-29 21:11:15 -07:00
Joe Nahmias e9f040d1c6 fix(tests): ensure translations are unloaded on error 2022-10-29 21:11:15 -07:00
Christoph Reiter 0b8a270bbb tests: port assertEquals() with delta to assertEqualsWithDelta() 
assertEquals() in phpunit 9.5 no longer takes a delta parameter
and has assertEqualsWithDelta() as a replacement. This means
float get compared without a delta atm, and a recent phpunit
release (9.5.25) has made float comparisons stricter resulting in
test suite errors such as:

1) SubtaskTimeTrackingModelTest::testCalculateSubtaskTime
Total spent
Failed asserting that 3.3000000000000003 matches expected 3.3.
tests/units/Model/SubtaskTimeTrackingModelTest.php:186

This replaces all assertEquals() calls that pass a delta value
with assertEqualsWithDelta().
 2022-10-10 18:57:22 -07:00
irdc 4b76bc5b32
Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data 
* Use a HMAC to sign and validate CSRF tokens, instead of generating random
ones and storing them in the session data. Reduces number of writes to
sessions table and fixes kanboard issue #4942.
* Added missing CSRF check for starting/stopping subtask timers.

Co-authored-by: Willemijn Coene <willemijn@irdc.nl>
 2022-09-17 17:23:41 -07:00
Frédéric Guillot f68996b9c7 Remove assertion to avoid flaky test 2022-09-16 18:08:32 -07:00
Frédéric Guillot b433519686 Rename default branch from master to main 2022-08-11 21:57:19 -07:00
Frédéric Guillot f5bb55bdb8
PHP 8 Compatibility 2022-02-05 11:49:03 -08:00
Libin Pan c6ae9f3f24
Duplicate tags when moving and duplicating tasks to another project 2021-06-07 19:36:08 -07:00
Frédéric Guillot cc6f1db846 Avoid user enumeration by using avatar image url 2021-06-05 17:07:43 -07:00
Frédéric Guillot 31ce583743 Write RememberMe cookie only after 2FA has been validated 2021-04-04 17:57:47 -07:00
operateur404 d382e2e4be
LDAP protocol/host/port configuration by URL; make BASE_DN optional 
PHP ldap_connect($host, $port) function signature is deprecated: https://www.php.net/manual/en/function.ldap-connect.php

Querying an AD Global Catalog across an entire forest requires an empty base DN
 2021-02-03 18:49:50 -08:00
Eskiso 4d1205a0fe
Don't force role of user if no ldap groups defined 
We should not force role of user on LDAP logins if there are not Manager/Admin groups defined, return null to get the one from database as before.
 2020-12-02 22:44:39 -08:00
Michael af9aec88a5
Add hidden accessible titles 2020-10-05 21:29:48 -07:00
JayBeeDe e3e9cabd8b
Added setting that makes possible any new LDAP user to be Manager by default 2020-10-04 12:11:07 -07:00
Michael Vickers b24d05df76 Add aria-label to user mention 2020-10-04 10:43:18 -07:00
Michael Vickers d418115adc Hide user name from screen readers 2020-10-04 10:42:01 -07:00
Michael Vickers 33531d47c2 Add aria-label to letter avatars 2020-10-04 10:42:01 -07:00
mildis 33c3b32cda
Allow email to be retrieve by SSO ReverseProxy 
If REMOTE_EMAIL header is set, use it as user email.
If REVERSE_PROXY_DEFAULT_DOMAIN is set but not REMOTE_EMAIL, use the current construct.
 2020-08-28 22:59:59 -07:00
Frédéric Guillot d636cec8f3 Run integration tests on Github Actions 2020-06-13 15:14:24 -07:00
mildis 9e1e4ea381
Allow use of the user's DN as the group filter substitution 2020-05-21 20:57:30 -07:00
Franky Van Liedekerke 791c4abd57
Copy subtask assignee when duplicating a subtask 
Closes #4469
 2020-04-26 11:29:26 -07:00
Timo 027f875ac6
Save task list order in user session 2020-04-22 20:40:39 -07:00
Manfred Hoffmann 5e70e96772
Replace last occurences of "private" with "personal" 2020-04-06 20:36:20 -07:00
Timo 490bcd17d8
Add new event subtask.create_update 2020-04-05 14:50:11 -07:00
Frédéric Guillot 1ee17e995a Setup GitHub Actions 2020-04-04 17:31:52 -07:00
Frédéric Guillot c12bbb1613 Fix grammatical errors 
Fixes #4420
 2020-02-29 16:34:38 -08:00
Andre Nathan c8a617cfcb
Add per-project and per-swimlane task limits 
This change allows projects and swimlanes to be configured with task limits that apply to their whole scope (i.e. all active tasks in a project or swimlane, respectively), as opposed to the usual per-column task limits.
 2020-02-25 20:26:31 -08:00
Slade 0360c57c79
Update regex to detect external links with attachments 
Fixes #4359
 2020-02-05 18:46:13 -08:00
Andre Nathan e59ab08af3 Allow task limits to be applied per-swimlane 2020-02-04 20:16:35 -08:00
Timo 64397f45fa Kanboard now requires PHP >= 7.2 since other versions are deprecated 2020-01-14 12:02:31 -08:00
Rafael de Camargo c0d8407d9a Fix automatic action condition check 
Checks for source column instead of current column because the condition 
is "moved away"
Closes #4277
 2019-08-27 20:51:27 -07:00
Rafael de Camargo c6df7c081a Fixes task assignee filter test 
The query must be reset before every filter apply
 2019-08-27 20:28:58 -07:00
Rafael de Camargo 1731211908 Add tests for task link and subtask assignee filters 2019-08-27 20:28:58 -07:00
Rafael de Camargo 4d07628054 Add hash to image url to force browser to update profile when changed 
Closes #4241
 2019-08-27 20:19:51 -07:00
Rafael de Camargo 7283bfaef6 Implements check for duplicate default categories 2019-07-23 15:41:13 -07:00