##// END OF EJS Templates
jro_apps » redmine
RSS
Fixed: svn or ldap password can be found in clear text in the html source in editing mode....
Jean-Philippe Lang -
r929:457c9a8e727d
parent child
Show More
Show file before | Show file after | Hide comments
@@ -1,80 +1,83
1 # redMine - project management software
1 # redMine - project management software
2 # Copyright (C) 2006 Jean-Philippe Lang
2 # Copyright (C) 2006 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 require 'coderay'
18 require 'coderay'
19 require 'coderay/helpers/file_type'
19 require 'coderay/helpers/file_type'
20 require 'iconv'
20 require 'iconv'
21
21
22 module RepositoriesHelper
22 module RepositoriesHelper
23 def syntax_highlight(name, content)
23 def syntax_highlight(name, content)
24 type = CodeRay::FileType[name]
24 type = CodeRay::FileType[name]
25 type ? CodeRay.scan(content, type).html : h(content)
25 type ? CodeRay.scan(content, type).html : h(content)
26 end
26 end
27
27
28 def to_utf8(str)
28 def to_utf8(str)
29 return str if /\A[\r\n\t\x20-\x7e]*\Z/n.match(str) # for us-ascii
29 return str if /\A[\r\n\t\x20-\x7e]*\Z/n.match(str) # for us-ascii
30 @encodings ||= Setting.repositories_encodings.split(',').collect(&:strip)
30 @encodings ||= Setting.repositories_encodings.split(',').collect(&:strip)
31 @encodings.each do |encoding|
31 @encodings.each do |encoding|
32 begin
32 begin
33 return Iconv.conv('UTF-8', encoding, str)
33 return Iconv.conv('UTF-8', encoding, str)
34 rescue Iconv::Failure
34 rescue Iconv::Failure
35 # do nothing here and try the next encoding
35 # do nothing here and try the next encoding
36 end
36 end
37 end
37 end
38 str
38 str
39 end
39 end
40
40
41 def repository_field_tags(form, repository)
41 def repository_field_tags(form, repository)
42 method = repository.class.name.demodulize.underscore + "_field_tags"
42 method = repository.class.name.demodulize.underscore + "_field_tags"
43 send(method, form, repository) if repository.is_a?(Repository) && respond_to?(method)
43 send(method, form, repository) if repository.is_a?(Repository) && respond_to?(method)
44 end
44 end
45
45
46 def scm_select_tag(repository)
46 def scm_select_tag(repository)
47 container = [[]]
47 container = [[]]
48 REDMINE_SUPPORTED_SCM.each {|scm| container << ["Repository::#{scm}".constantize.scm_name, scm]}
48 REDMINE_SUPPORTED_SCM.each {|scm| container << ["Repository::#{scm}".constantize.scm_name, scm]}
49 select_tag('repository_scm',
49 select_tag('repository_scm',
50 options_for_select(container, repository.class.name.demodulize),
50 options_for_select(container, repository.class.name.demodulize),
51 :disabled => (repository && !repository.new_record?),
51 :disabled => (repository && !repository.new_record?),
52 :onchange => remote_function(:url => { :controller => 'repositories', :action => 'edit', :id => @project }, :method => :get, :with => "Form.serialize(this.form)")
52 :onchange => remote_function(:url => { :controller => 'repositories', :action => 'edit', :id => @project }, :method => :get, :with => "Form.serialize(this.form)")
53 )
53 )
54 end
54 end
55
55
56 def with_leading_slash(path)
56 def with_leading_slash(path)
57 path ||= ''
57 path ||= ''
58 path.starts_with?("/") ? "/#{path}" : path
58 path.starts_with?("/") ? "/#{path}" : path
59 end
59 end
60
60
61 def subversion_field_tags(form, repository)
61 def subversion_field_tags(form, repository)
62 content_tag('p', form.text_field(:url, :size => 60, :required => true, :disabled => (repository && !repository.root_url.blank?)) +
62 content_tag('p', form.text_field(:url, :size => 60, :required => true, :disabled => (repository && !repository.root_url.blank?)) +
63 '<br />(http://, https://, svn://, file:///)') +
63 '<br />(http://, https://, svn://, file:///)') +
64 content_tag('p', form.text_field(:login, :size => 30)) +
64 content_tag('p', form.text_field(:login, :size => 30)) +
65 content_tag('p', form.password_field(:password, :size => 30))
65 content_tag('p', form.password_field(:password, :size => 30, :name => 'ignore',
66 :value => ((repository.new_record? || repository.password.blank?) ? '' : ('x'*15)),
67 :onfocus => "this.value=''; this.name='repository[password]';",
68 :onchange => "this.name='repository[password]';"))
66 end
69 end
67
70
68 def darcs_field_tags(form, repository)
71 def darcs_field_tags(form, repository)
69 content_tag('p', form.text_field(:url, :label => 'Root directory', :size => 60, :required => true, :disabled => (repository && !repository.new_record?)))
72 content_tag('p', form.text_field(:url, :label => 'Root directory', :size => 60, :required => true, :disabled => (repository && !repository.new_record?)))
70 end
73 end
71
74
72 def mercurial_field_tags(form, repository)
75 def mercurial_field_tags(form, repository)
73 content_tag('p', form.text_field(:url, :label => 'Root directory', :size => 60, :required => true, :disabled => (repository && !repository.root_url.blank?)))
76 content_tag('p', form.text_field(:url, :label => 'Root directory', :size => 60, :required => true, :disabled => (repository && !repository.root_url.blank?)))
74 end
77 end
75
78
76 def cvs_field_tags(form, repository)
79 def cvs_field_tags(form, repository)
77 content_tag('p', form.text_field(:root_url, :label => 'CVSROOT', :size => 60, :required => true, :disabled => !repository.new_record?)) +
80 content_tag('p', form.text_field(:root_url, :label => 'CVSROOT', :size => 60, :required => true, :disabled => !repository.new_record?)) +
78 content_tag('p', form.text_field(:url, :label => 'Module', :size => 30, :required => true, :disabled => !repository.new_record?))
81 content_tag('p', form.text_field(:url, :label => 'Module', :size => 30, :required => true, :disabled => !repository.new_record?))
79 end
82 end
80 end
83 end
Show file before | Show file after | Hide comments
@@ -1,45 +1,48
1 <%= error_messages_for 'auth_source' %>
1 <%= error_messages_for 'auth_source' %>
2
2
3 <div class="box">
3 <div class="box">
4 <!--[form:auth_source]-->
4 <!--[form:auth_source]-->
5 <p><label for="auth_source_name"><%=l(:field_name)%> <span class="required">*</span></label>
5 <p><label for="auth_source_name"><%=l(:field_name)%> <span class="required">*</span></label>
6 <%= text_field 'auth_source', 'name' %></p>
6 <%= text_field 'auth_source', 'name' %></p>
7
7
8 <p><label for="auth_source_host"><%=l(:field_host)%> <span class="required">*</span></label>
8 <p><label for="auth_source_host"><%=l(:field_host)%> <span class="required">*</span></label>
9 <%= text_field 'auth_source', 'host' %></p>
9 <%= text_field 'auth_source', 'host' %></p>
10
10
11 <p><label for="auth_source_port"><%=l(:field_port)%> <span class="required">*</span></label>
11 <p><label for="auth_source_port"><%=l(:field_port)%> <span class="required">*</span></label>
12 <%= text_field 'auth_source', 'port', :size => 6 %> <%= check_box 'auth_source', 'tls' %> LDAPS</p>
12 <%= text_field 'auth_source', 'port', :size => 6 %> <%= check_box 'auth_source', 'tls' %> LDAPS</p>
13
13
14 <p><label for="auth_source_account"><%=l(:field_account)%></label>
14 <p><label for="auth_source_account"><%=l(:field_account)%></label>
15 <%= text_field 'auth_source', 'account' %></p>
15 <%= text_field 'auth_source', 'account' %></p>
16
16
17 <p><label for="auth_source_account_password"><%=l(:field_password)%></label>
17 <p><label for="auth_source_account_password"><%=l(:field_password)%></label>
18 <%= password_field 'auth_source', 'account_password' %></p>
18 <%= password_field 'auth_source', 'account_password', :name => 'ignore',
19 :value => ((@auth_source.new_record? || @auth_source.account_password.blank?) ? '' : ('x'*15)),
20 :onfocus => "this.value=''; this.name='auth_source[account_password]';",
21 :onchange => "this.name='auth_source[account_password]';" %></p>
19
22
20 <p><label for="auth_source_base_dn"><%=l(:field_base_dn)%> <span class="required">*</span></label>
23 <p><label for="auth_source_base_dn"><%=l(:field_base_dn)%> <span class="required">*</span></label>
21 <%= text_field 'auth_source', 'base_dn', :size => 60 %></p>
24 <%= text_field 'auth_source', 'base_dn', :size => 60 %></p>
22 </div>
25 </div>
23
26
24 <div class="box">
27 <div class="box">
25 <p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label>
28 <p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label>
26 <%= check_box 'auth_source', 'onthefly_register' %></p>
29 <%= check_box 'auth_source', 'onthefly_register' %></p>
27
30
28 <p>
31 <p>
29 <fieldset><legend><%=l(:label_attribute_plural)%></legend>
32 <fieldset><legend><%=l(:label_attribute_plural)%></legend>
30 <p><label for="auth_source_attr_login"><%=l(:field_login)%> <span class="required">*</span></label>
33 <p><label for="auth_source_attr_login"><%=l(:field_login)%> <span class="required">*</span></label>
31 <%= text_field 'auth_source', 'attr_login', :size => 20 %></p>
34 <%= text_field 'auth_source', 'attr_login', :size => 20 %></p>
32
35
33 <p><label for="auth_source_attr_firstname"><%=l(:field_firstname)%></label>
36 <p><label for="auth_source_attr_firstname"><%=l(:field_firstname)%></label>
34 <%= text_field 'auth_source', 'attr_firstname', :size => 20 %></p>
37 <%= text_field 'auth_source', 'attr_firstname', :size => 20 %></p>
35
38
36 <p><label for="auth_source_attr_lastname"><%=l(:field_lastname)%></label>
39 <p><label for="auth_source_attr_lastname"><%=l(:field_lastname)%></label>
37 <%= text_field 'auth_source', 'attr_lastname', :size => 20 %></p>
40 <%= text_field 'auth_source', 'attr_lastname', :size => 20 %></p>
38
41
39 <p><label for="auth_source_attr_mail"><%=l(:field_mail)%></label>
42 <p><label for="auth_source_attr_mail"><%=l(:field_mail)%></label>
40 <%= text_field 'auth_source', 'attr_mail', :size => 20 %></p>
43 <%= text_field 'auth_source', 'attr_mail', :size => 20 %></p>
41 </fieldset>
44 </fieldset>
42 </p>
45 </p>
43 </div>
46 </div>
44 <!--[eoform:auth_source]-->
47 <!--[eoform:auth_source]-->
45
48
General Comments 0
You need to be logged in to leave comments. Login now