diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 3b18bab40e..fe94f6b973 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -18,16 +18,6 @@ Layout/ArgumentAlignment: Layout/DotPosition: Enabled: false -# This cop supports safe auto-correction (--auto-correct). -Layout/EmptyLineAfterGuardClause: - Exclude: - - 'db/migrate/101_populate_changesets_user_id.rb' - - 'lib/redmine/default_data/loader.rb' - - 'lib/redmine/safe_attributes.rb' - - 'lib/redmine/string_array_diff/diff.rb' - - 'lib/redmine/string_array_diff/diffable.rb' - - 'lib/redmine/wiki_formatting/textile/redcloth3.rb' - # This cop supports safe auto-correction (--auto-correct). # Configuration parameters: EmptyLineBetweenMethodDefs, EmptyLineBetweenClassDefs, EmptyLineBetweenModuleDefs, AllowAdjacentOneLineDefs, NumberOfEmptyLines. Layout/EmptyLineBetweenDefs: diff --git a/db/migrate/101_populate_changesets_user_id.rb b/db/migrate/101_populate_changesets_user_id.rb index 7e7d81d4f2..4e5e478d6c 100644 --- a/db/migrate/101_populate_changesets_user_id.rb +++ b/db/migrate/101_populate_changesets_user_id.rb @@ -3,6 +3,7 @@ def self.up committers = Changeset.connection.select_values("SELECT DISTINCT committer FROM #{Changeset.table_name}") committers.each do |committer| next if committer.blank? + if committer.strip =~ /^([^<]+)(<(.*)>)?$/ username, email = $1.strip, $3 u = User.find_by_login(username) diff --git a/lib/redmine/default_data/loader.rb b/lib/redmine/default_data/loader.rb index e86f1e87d7..184c87bf36 100644 --- a/lib/redmine/default_data/loader.rb +++ b/lib/redmine/default_data/loader.rb @@ -39,6 +39,7 @@ def no_data? # Raises a RecordNotSaved exception if something goes wrong def load(lang=nil, options={}) raise DataAlreadyLoaded.new("Some configuration data is already loaded.") unless no_data? + set_language_if_valid(lang) workflow = !(options[:workflow] == false) diff --git a/lib/redmine/safe_attributes.rb b/lib/redmine/safe_attributes.rb index 2d7ab63f07..f0793fc061 100644 --- a/lib/redmine/safe_attributes.rb +++ b/lib/redmine/safe_attributes.rb @@ -52,6 +52,7 @@ def safe_attributes(*args) # book.safe_attributes(book.author) # => ['title', 'pages', 'isbn'] def safe_attribute_names(user=nil) return @safe_attribute_names if @safe_attribute_names && user.nil? + names = [] self.class.safe_attributes.collect do |attrs, options| if options[:if].nil? || options[:if].call(self, user || User.current) @@ -87,6 +88,7 @@ def safe_attributes=(attrs, user=User.current) end return unless attrs.is_a?(Hash) + self.attributes = delete_unsafe_attributes(attrs, user) end end diff --git a/lib/redmine/string_array_diff/diff.rb b/lib/redmine/string_array_diff/diff.rb index 4b54fb740b..16637f7ae1 100644 --- a/lib/redmine/string_array_diff/diff.rb +++ b/lib/redmine/string_array_diff/diff.rb @@ -70,6 +70,7 @@ def Diff.lcs(a, b) (astart..afinish).each { |aindex| aelem = a[aindex] next unless bmatches.has_key? aelem + k = nil bmatches[aelem].reverse_each { |bindex| if k && (thresh[k] > bindex) && (thresh[k-1] < bindex) diff --git a/lib/redmine/string_array_diff/diffable.rb b/lib/redmine/string_array_diff/diffable.rb index e09afc3db6..5271ecfc54 100644 --- a/lib/redmine/string_array_diff/diffable.rb +++ b/lib/redmine/string_array_diff/diffable.rb @@ -72,6 +72,7 @@ def replacenextlarger(value, high = nil) index = (high+low)/2 found = self[index] return nil if value == found + if value > found low = index + 1 else diff --git a/lib/redmine/wiki_formatting/textile/redcloth3.rb b/lib/redmine/wiki_formatting/textile/redcloth3.rb index 2816e1c90d..68cea1da67 100644 --- a/lib/redmine/wiki_formatting/textile/redcloth3.rb +++ b/lib/redmine/wiki_formatting/textile/redcloth3.rb @@ -567,6 +567,7 @@ def block_textile_lists( text ) if depth.last.length > tl.length (depth.length - 1).downto(0) do |i| break if depth[i].length == tl.length + lines[line_id - 1] << "\n\t\n\t" depth.pop end @@ -962,6 +963,7 @@ def inline_textile_image( text ) url, url_title = check_refs( url ) next m unless uri_with_safe_scheme?(url.partition('?').first) + if href href = htmlesc(href.dup) next m if href.downcase.start_with?('javascript:') @@ -1195,6 +1197,7 @@ def clean_html( text, tags = BASIC_TAGS ) if raw[3] =~ /#{prop}\s*=\s*#{q}([^#{q2}]+)#{q}/i attrv = $1 next if prop == 'src' and attrv =~ %r{^(?!http)\w+:} + pcs << "#{prop}=\"#{$1.gsub('"', '\\"')}\"" break end