- 17 Feb, 2017 1 commit
-
-
Jacopo authored
The Done button will change to an Undo button and the line item will be greyed out. Bold links will be unbolded. The user can undo the task by clicking the Undo button.
-
- 13 Feb, 2017 1 commit
-
-
Rémy Coutable authored
Also, don't use limit in subquery, MySQL don't like that. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 08 Feb, 2017 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 03 Feb, 2017 1 commit
-
-
Oswaldo Ferreira authored
-
- 16 Jan, 2017 1 commit
-
-
Adam Niedzielski authored
It improves performance in dashboard milestone index page by passing a hint to "IssuesFinder". "IssuesFinder" generates a more performant query when it is limited to authorized projects for user. In the dashboard we already limit the projects to these authorized for user (see "Dashboard::ApplicationController#projects"), so we can safely pass this option to "IssuesFinder".
-
- 06 Jan, 2017 1 commit
-
-
Adam Niedzielski authored
-
- 23 Dec, 2016 1 commit
-
-
Tiago Botelho authored
-
- 21 Dec, 2016 2 commits
-
-
Tiago Botelho authored
-
Tiago Botelho authored
-
- 11 Nov, 2016 2 commits
-
-
Josep Llaneras authored
-
Josep Llaneras authored
-
- 19 Oct, 2016 3 commits
-
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
- 19 Aug, 2016 1 commit
-
-
Felipe Artur authored
-
- 18 Aug, 2016 3 commits
-
-
Ahmad Sherif authored
-
Ahmad Sherif authored
Follow-up on 52b0c26
-
Ahmad Sherif authored
-
- 12 Aug, 2016 1 commit
-
-
Paco Guzman authored
We’re being kept up to date the counter data but we’re not using it. The only thing which is not real if is the number of projects that the user read changes the number of todos can be stale for some time. The counters will be sync just after the user receives a new todo or mark any as done
-
- 12 Jul, 2016 1 commit
-
-
Paco Guzman authored
-
- 24 Jun, 2016 1 commit
-
-
Rémy Coutable authored
The issue was with the `User#groups` and `User#projects` associations which goes through the `User#group_members` and `User#project_members`. Initially I chose to use a secure approach by storing the requester's user ID in `Member#created_by_id` instead of `Member#user_id` because I was aware that there was a security risk since I didn't know the codebase well enough. Then during the review, we decided to change that and directly store the requester's user ID into `Member#user_id` (for the sake of simplifying the code I believe), meaning that every `group_members` / `project_members` association would include the requesters by default... My bad for not checking that all the `group_members` / `project_members` associations and the ones that go through them (e.g. `Group#users` and `Project#users`) were made safe with the `where(requested_at: nil)` / `where(members: { requested_at: nil })` scopes. Now they are all secure. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 17 Jun, 2016 2 commits
-
-
Douglas Barbosa Alexandre authored
-
Paco Guzman authored
- As todos are created/updated inside the TodoService we repopulate the cache just there for both pending/done todos - Todos as mark as done from the TodosController we update cache there too - All the added methods are kept in the User class for cohesion
-
- 03 Jun, 2016 2 commits
-
-
James Lopez authored
This reverts commit 3e991230.
-
James Lopez authored
# Conflicts: # app/models/project.rb
-
- 10 May, 2016 1 commit
-
-
Sean McGivern authored
`User#starred_projects` doesn't perform any visibility checks. This has a couple of problems: 1. It assumes a user can always view all of their starred projects in perpetuity (project not changed to private, access revoked, etc.). 2. It assumes that we'll only ever allow a user to star a project they can view. This is currently the case, but bugs happen. Add `User#viewable_starred_projects` to filter the starred projects by those the user either has explicit access to, or are public or internal. Then use that in all places where we list the user's starred projects.
-
- 03 May, 2016 1 commit
-
-
Alfredo Sumaran authored
-
- 01 Apr, 2016 1 commit
-
-
Alfredo Sumaran authored
-
- 30 Mar, 2016 1 commit
-
-
Alfredo Sumaran authored
-
- 23 Mar, 2016 3 commits
-
-
Rémy Coutable authored
-
Rémy Coutable authored
-
Rémy Coutable authored
-
- 19 Mar, 2016 1 commit
-
-
Robert Speicher authored
-
- 18 Mar, 2016 1 commit
-
-
Douglas Barbosa Alexandre authored
-
- 17 Mar, 2016 3 commits
-
-
Phil Hughes authored
-
Phil Hughes authored
Removes the group if empty
-
Jacob Schatz authored
Fixes #13656 A good first step and boring solution.
-
- 16 Mar, 2016 1 commit
-
-
Mehmet Emin İNAÇ authored
`render nothing: true` has been deprecated. For more information see [pr](https://github.com/rails/rails/pull/20336)
-
- 10 Mar, 2016 1 commit
-
-
Josh Frye authored
-
- 04 Mar, 2016 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-