10-patches.rb
154 lines
| 4.7 KiB
| text/x-ruby
|
RubyLexer
|
r8114 | # Patches active_support/core_ext/load_error.rb to support 1.9.3 LoadError message | ||
if RUBY_VERSION >= '1.9.3' | ||||
MissingSourceFile::REGEXPS << [/^cannot load such file -- (.+)$/i, 1] | ||||
end | ||||
|
r1609 | |||
|
r3121 | require 'active_record' | ||
|
r2430 | |||
module ActiveRecord | ||||
class Base | ||||
include Redmine::I18n | ||||
|
r6572 | |||
|
r2430 | # Translate attribute names for validation errors display | ||
|
r8166 | def self.human_attribute_name(attr, *args) | ||
|
r6006 | l("field_#{attr.to_s.gsub(/_id$/, '')}", :default => attr) | ||
|
r2430 | end | ||
end | ||||
end | ||||
module ActionView | ||||
module Helpers | ||||
module DateHelper | ||||
# distance_of_time_in_words breaks when difference is greater than 30 years | ||||
def distance_of_date_in_words(from_date, to_date = 0, options = {}) | ||||
from_date = from_date.to_date if from_date.respond_to?(:to_date) | ||||
to_date = to_date.to_date if to_date.respond_to?(:to_date) | ||||
distance_in_days = (to_date - from_date).abs | ||||
I18n.with_options :locale => options[:locale], :scope => :'datetime.distance_in_words' do |locale| | ||||
case distance_in_days | ||||
|
r2902 | when 0..60 then locale.t :x_days, :count => distance_in_days.round | ||
|
r2430 | when 61..720 then locale.t :about_x_months, :count => (distance_in_days / 30).round | ||
|
r2902 | else locale.t :over_x_years, :count => (distance_in_days / 365).floor | ||
|
r2430 | end | ||
end | ||||
end | ||||
end | ||||
end | ||||
end | ||||
|
r1609 | |||
ActionView::Base.field_error_proc = Proc.new{ |html_tag, instance| "#{html_tag}" } | ||||
|
r2337 | |||
module AsynchronousMailer | ||||
|
r7726 | # Adds :async_smtp and :async_sendmail delivery methods | ||
# to perform email deliveries asynchronously | ||||
|
r2337 | %w(smtp sendmail).each do |type| | ||
define_method("perform_delivery_async_#{type}") do |mail| | ||||
Thread.start do | ||||
send "perform_delivery_#{type}", mail | ||||
|
r6572 | end | ||
|
r2337 | end | ||
end | ||||
|
r7726 | |||
# Adds a delivery method that writes emails in tmp/emails for testing purpose | ||||
def perform_delivery_tmp_file(mail) | ||||
dest_dir = File.join(Rails.root, 'tmp', 'emails') | ||||
Dir.mkdir(dest_dir) unless File.directory?(dest_dir) | ||||
File.open(File.join(dest_dir, mail.message_id.gsub(/[<>]/, '') + '.eml'), 'wb') {|f| f.write(mail.encoded) } | ||||
end | ||||
|
r2337 | end | ||
ActionMailer::Base.send :include, AsynchronousMailer | ||||
|
r4069 | |||
|
r4784 | module TMail | ||
|
r7743 | # TMail::Unquoter.convert_to_with_fallback_on_iso_8859_1 introduced in TMail 1.2.7 | ||
# triggers a test failure in test_add_issue_with_japanese_keywords(MailHandlerTest) | ||||
|
r4784 | class Unquoter | ||
class << self | ||||
alias_method :convert_to, :convert_to_without_fallback_on_iso_8859_1 | ||||
|
r4069 | end | ||
end | ||||
|
r7743 | |||
# Patch for TMail 1.2.7. See http://www.redmine.org/issues/8751 | ||||
class Encoder | ||||
def puts_meta(str) | ||||
add_text str | ||||
end | ||||
end | ||||
|
r4069 | end | ||
|
r4340 | |||
module ActionController | ||||
module MimeResponds | ||||
class Responder | ||||
def api(&block) | ||||
any(:xml, :json, &block) | ||||
end | ||||
end | ||||
end | ||||
|
r9584 | |||
# CVE-2012-2660 | ||||
# https://groups.google.com/group/rubyonrails-security/browse_thread/thread/f1203e3376acec0f | ||||
|
r9666 | # CVE-2012-2694 | ||
# https://groups.google.com/group/rubyonrails-security/browse_thread/thread/8c82d9df8b401c5e | ||||
|
r9584 | class Request | ||
protected | ||||
# Remove nils from the params hash | ||||
def deep_munge(hash) | ||||
|
r9666 | keys = hash.keys.find_all { |k| hash[k] == [nil] } | ||
keys.each { |k| hash[k] = nil } | ||||
|
r9584 | hash.each_value do |v| | ||
case v | ||||
when Array | ||||
v.grep(Hash) { |x| deep_munge(x) } | ||||
|
r9666 | v.compact! | ||
|
r9584 | when Hash | ||
deep_munge(v) | ||||
end | ||||
end | ||||
hash | ||||
end | ||||
def parse_query(qs) | ||||
deep_munge(super) | ||||
end | ||||
end | ||||
|
r4340 | end | ||
|
r9666 | |||
# CVE-2012-2695 | ||||
# https://groups.google.com/group/rubyonrails-security/browse_thread/thread/9782f44c4540cf59 | ||||
module ActiveRecord | ||||
class Base | ||||
class << self | ||||
def sanitize_sql_hash_for_conditions(attrs, default_table_name = quoted_table_name, top_level = true) | ||||
attrs = expand_hash_conditions_for_aggregates(attrs) | ||||
conditions = attrs.map do |attr, value| | ||||
table_name = default_table_name | ||||
if not value.is_a?(Hash) | ||||
attr = attr.to_s | ||||
# Extract table name from qualified attribute names. | ||||
if attr.include?('.') and top_level | ||||
attr_table_name, attr = attr.split('.', 2) | ||||
attr_table_name = connection.quote_table_name(attr_table_name) | ||||
else | ||||
attr_table_name = table_name | ||||
end | ||||
attribute_condition("#{attr_table_name}.#{connection.quote_column_name(attr)}", value) | ||||
elsif top_level | ||||
sanitize_sql_hash_for_conditions(value, connection.quote_table_name(attr.to_s), false) | ||||
else | ||||
raise ActiveRecord::StatementInvalid | ||||
end | ||||
end.join(' AND ') | ||||
replace_bind_variables(conditions, expand_range_bind_variables(attrs.values)) | ||||
end | ||||
alias_method :sanitize_sql_hash, :sanitize_sql_hash_for_conditions | ||||
end | ||||
end | ||||
end | ||||