From 0be8d1c44dbe52961a62e10645fb7956763bb9ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Pi=C4=8Dman?= Date: Thu, 27 Jun 2024 17:11:36 +0200 Subject: [PATCH] Digest & menu --- .rubocop.yml | 4 ++++ after_init.rb | 17 +++++++++-------- app/controllers/dmsf_controller.rb | 2 +- app/views/dmsf_workflows/_main.html.erb | 3 ++- .../controllers/account_controller_hooks.rb | 2 +- lib/redmine_dmsf/patches/attachable_patch.rb | 6 ++---- lib/redmine_dmsf/webdav/dmsf_controller.rb | 8 ++++---- test/functional/dmsf_controller_test.rb | 3 ++- test/integration/webdav/dmsf_webdav_get_test.rb | 4 +++- test/integration_test.rb | 4 ++-- 10 files changed, 30 insertions(+), 23 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index d8c10641..359aac7d 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -79,6 +79,10 @@ Naming/AccessorMethodName: Exclude: - lib/dav4rack/resource.rb +Naming/PredicateName: + Exclude: + - lib/redmine_dmsf/patches/attachable_patch.rb # Easy tests + Style/HashSyntax: EnforcedShorthandSyntax: either diff --git a/after_init.rb b/after_init.rb index 84cc2d19..2fd04eb4 100644 --- a/after_init.rb +++ b/after_init.rb @@ -47,14 +47,15 @@ def dmsf_init parent: :new_object end # Main menu extension - unless ActiveRecord::Base.connection.data_source_exists?('settings') && - Setting.plugin_redmine_dmsf['dmsf_global_menu_disabled'] - Redmine::MenuManager.map :top_menu do |menu| - menu.push :dmsf, { controller: 'dmsf', action: 'index' }, - caption: :menu_dmsf, - html: { class: 'icon-dmsf' }, - if: proc { User.current.allowed_to?(:view_dmsf_folders, nil, global: true) } - end + Redmine::MenuManager.map :top_menu do |menu| + menu.push :dmsf, { controller: 'dmsf', action: 'index' }, + caption: :menu_dmsf, + html: { class: 'icon-dmsf' }, + if: proc { + User.current.allowed_to?(:view_dmsf_folders, nil, global: true) && + ActiveRecord::Base.connection.data_source_exists?('settings') && + Setting.plugin_redmine_dmsf['dmsf_global_menu_disabled'].blank? + } end Redmine::AccessControl.map do |map| diff --git a/app/controllers/dmsf_controller.rb b/app/controllers/dmsf_controller.rb index ae76b65a..71278dc6 100644 --- a/app/controllers/dmsf_controller.rb +++ b/app/controllers/dmsf_controller.rb @@ -476,7 +476,7 @@ class DmsfController < ApplicationController # We have to create a token first to prevent an autogenerated token's value token = Token.create!(user_id: User.current.id, action: 'dmsf-webdav-digest') - token.value = Digest::MD5.hexdigest( + token.value = ActiveSupport::Digest.hexdigest( "#{User.current.login}:#{RedmineDmsf::Webdav::AUTHENTICATION_REALM}:#{params[:password]}" ) token.save diff --git a/app/views/dmsf_workflows/_main.html.erb b/app/views/dmsf_workflows/_main.html.erb index 9a636281..211cf055 100644 --- a/app/views/dmsf_workflows/_main.html.erb +++ b/app/views/dmsf_workflows/_main.html.erb @@ -23,7 +23,8 @@ <% @workflows = DmsfWorkflow.status(@status).where(project_id: @project.id).sorted %> <% @path = settings_project_path(@project, tab: 'dmsf_workflow') %>

- <%= link_to l(:label_dmsf_workflow_new), new_dmsf_workflow_path(project_id: @project&.id), class: 'icon icon-add' %> + <%= link_to l(:label_dmsf_workflow_new), new_dmsf_workflow_path(project_id: @project&.id), class: 'icon icon-add', + data: { cy: "button__new--dmsf-workflow" } %>

<% else %>
diff --git a/lib/redmine_dmsf/hooks/controllers/account_controller_hooks.rb b/lib/redmine_dmsf/hooks/controllers/account_controller_hooks.rb index e6005dc9..2e779756 100644 --- a/lib/redmine_dmsf/hooks/controllers/account_controller_hooks.rb +++ b/lib/redmine_dmsf/hooks/controllers/account_controller_hooks.rb @@ -36,7 +36,7 @@ module RedmineDmsf if controller.params[:password].present? token = Token.find_by(user_id: user.id, action: 'dmsf-webdav-digest') token ||= Token.create!(user_id: user.id, action: 'dmsf-webdav-digest') - token.value = Digest::MD5.hexdigest( + token.value = ActiveSupport::Digest.hexdigest( "#{user.login}:#{RedmineDmsf::Webdav::AUTHENTICATION_REALM}:#{controller.params[:password]}" ) token.save diff --git a/lib/redmine_dmsf/patches/attachable_patch.rb b/lib/redmine_dmsf/patches/attachable_patch.rb index 4101f52b..bf0b5cb7 100644 --- a/lib/redmine_dmsf/patches/attachable_patch.rb +++ b/lib/redmine_dmsf/patches/attachable_patch.rb @@ -23,13 +23,11 @@ module RedmineDmsf # Attachable module AttachablePatch ################################################################################################################## - # Overriden methods + # Overridden methods - def attachments? + def has_attachments? super || (defined?(dmsf_files) && dmsf_files.any?) || (defined?(dmsf_links) && dmsf_links.any?) end - - alias has_attachments? attachments? end end end diff --git a/lib/redmine_dmsf/webdav/dmsf_controller.rb b/lib/redmine_dmsf/webdav/dmsf_controller.rb index ef567208..b1f1dfc5 100644 --- a/lib/redmine_dmsf/webdav/dmsf_controller.rb +++ b/lib/redmine_dmsf/webdav/dmsf_controller.rb @@ -43,7 +43,7 @@ module RedmineDmsf response.status = status.code if status.code == 401 time_stamp = Time.now.to_i - h_once = Digest::MD5.hexdigest("#{time_stamp}:#{SecureRandom.hex(32)}") + h_once = ActiveSupport::Digest.hexdigest("#{time_stamp}:#{SecureRandom.hex(32)}") nonce = Base64.strict_encode64("#{time_stamp}#{h_once}") response['WWW-Authenticate'] = %(Digest realm="#{authentication_realm}", nonce="#{nonce}", algorithm="MD5", qop="auth") @@ -90,11 +90,11 @@ module RedmineDmsf end ha1 = token.value end - ha2 = Digest::MD5.hexdigest("#{request.env['REQUEST_METHOD']}:#{uri}") + ha2 = ActiveSupport::Digest.hexdigest("#{request.env['REQUEST_METHOD']}:#{uri}") required_response = if qop - Digest::MD5.hexdigest("#{ha1}:#{nonce}:#{nc}:#{cnonce}:#{qop}:#{ha2}") + ActiveSupport::Digest.hexdigest("#{ha1}:#{nonce}:#{nc}:#{cnonce}:#{qop}:#{ha2}") else - Digest::MD5.hexdigest("#{ha1}:#{nonce}:#{ha2}") + ActiveSupport::Digest.hexdigest("#{ha1}:#{nonce}:#{ha2}") end if required_response == response User.current = user diff --git a/test/functional/dmsf_controller_test.rb b/test/functional/dmsf_controller_test.rb index 32686eed..39bca9fe 100644 --- a/test/functional/dmsf_controller_test.rb +++ b/test/functional/dmsf_controller_test.rb @@ -667,7 +667,8 @@ class DmsfControllerTest < RedmineDmsf::Test::TestCase assert_redirected_to my_account_path token = Token.find_by(user_id: @jsmith.id, action: 'dmsf-webdav-digest') assert token - assert_equal Digest::MD5.hexdigest("jsmith:#{RedmineDmsf::Webdav::AUTHENTICATION_REALM}:jsmith"), token.value + assert_equal ActiveSupport::Digest.hexdigest("jsmith:#{RedmineDmsf::Webdav::AUTHENTICATION_REALM}:jsmith"), + token.value end def test_reset_digest_unauthorized diff --git a/test/integration/webdav/dmsf_webdav_get_test.rb b/test/integration/webdav/dmsf_webdav_get_test.rb index 1d2f8902..1ed99d4d 100644 --- a/test/integration/webdav/dmsf_webdav_get_test.rb +++ b/test/integration/webdav/dmsf_webdav_get_test.rb @@ -46,7 +46,9 @@ class DmsfWebdavGetTest < RedmineDmsf::Test::IntegrationTest assert_response :unauthorized end # Right digest - digest = Digest::MD5.hexdigest("#{@jsmith_user.login}:#{RedmineDmsf::Webdav::AUTHENTICATION_REALM}:jsmith") + digest = ActiveSupport::Digest.hexdigest( + "#{@jsmith_user.login}:#{RedmineDmsf::Webdav::AUTHENTICATION_REALM}:jsmith" + ) token ||= Token.create!(user_id: @jsmith_user.id, action: 'dmsf-webdav-digest') token.value = digest assert token.save diff --git a/test/integration_test.rb b/test/integration_test.rb index 149bd106..79a61ef0 100644 --- a/test/integration_test.rb +++ b/test/integration_test.rb @@ -136,10 +136,10 @@ module RedmineDmsf uri = options[:uri] || path_info credentials[uri] = uri @request.env['ORIGINAL_FULLPATH'] = path_info - ha2 = Digest::MD5.hexdigest("GET:#{target}") + ha2 = ActiveSupport::Digest.hexdigest("GET:#{target}") nonce = ActionController::HttpAuthentication::Digest.nonce(Rails.configuration.secret_key_base) ha1 = options.delete(:digest) - credentials[:response] = Digest::MD5.hexdigest("#{ha1}:#{nonce}:#{ha2}") + credentials[:response] = ActiveSupport::Digest.hexdigest("#{ha1}:#{nonce}:#{ha2}") "Digest #{credentials.sort_by { |x| x[0].to_s }.map { |v| "#{v[0]}=#{v[1]}" }.join(',')}" end end