1
0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-03-15 12:29:16 +01:00

Merge branch 'dev' for release 5.3.11

This commit is contained in:
Du Peng 2022-04-15 13:45:48 +02:00
commit f0ba7bf35c
15 changed files with 34 additions and 19 deletions

View File

@ -1,5 +1,15 @@
# Changelog Fab-manager
## v5.3.11 2022 April 15
- Fix a bug: unable to send notification mail if no set a logo
- Fix a bug: unable to switch OpenLab projets
- Fix a bug: miss smtp tls in secrets.yml
- Fix a bug: unable to show projets whom user take part in
- Fix a security issue: updated puma to 4.3.12 to fix [CVE-2022-24790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24790)
- Fix a security issue: updated moment to 2.29.2 to fix [CVE-2022-24785](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24785)
- Fix a security issue: updated nokogiri to 1.13.4 to fix [CVE-2022-24839](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24839), [CVE-2018-25032](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032), [CVE-2022-24836](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24836) and [CVE-2022-23437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23437)
## v5.3.10 2022 April 12
- Updated generate invoice reference method

View File

@ -7,7 +7,7 @@ gem 'rails', '~> 5.2.4'
# Used by rails 5.2 to reduce the app boot time by over 50%
gem 'bootsnap'
# Use Puma as web server
gem 'puma', '4.3.11'
gem 'puma', '4.3.12'
gem 'shakapacker', '6.2.0'
# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder

View File

@ -226,7 +226,7 @@ GEM
multi_xml (0.6.0)
multipart-post (2.1.1)
nio4r (2.5.8)
nokogiri (1.13.3)
nokogiri (1.13.4)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
notify_with (0.0.2)
@ -273,7 +273,7 @@ GEM
prawn-table (0.2.2)
prawn (>= 1.3.0, < 3.0.0)
public_suffix (4.0.6)
puma (4.3.11)
puma (4.3.12)
nio4r (~> 2.0)
pundit (2.1.0)
activesupport (>= 3.0.0)
@ -489,7 +489,7 @@ DEPENDENCIES
pg_search
prawn
prawn-table
puma (= 4.3.11)
puma (= 4.3.12)
pundit
railroady
rails (~> 5.2.4)

View File

@ -251,6 +251,7 @@ angular.module('application.router', ['ui.router'])
// projects
.state('app.public.projects_list', {
url: '/projects?q&page&theme_id&component_id&machine_id&from&whole_network',
reloadOnSearch: false,
views: {
'main@': {
templateUrl: '/projects/index.html',
@ -495,7 +496,7 @@ angular.module('application.router', ['ui.router'])
names: "['booking_window_start', 'booking_window_end', 'booking_move_enable', 'booking_move_delay', " +
"'booking_cancel_enable', 'booking_cancel_delay', 'subscription_explications_alert', " +
"'training_explications_alert', 'training_information_message', 'online_payment_module', " +
"'payment_gateway', 'overlapping_categories']"
"'payment_gateway', 'overlapping_categories', 'user_validation_required_training']"
}).$promise;
}]
}
@ -1073,7 +1074,9 @@ angular.module('application.router', ['ui.router'])
"'display_name_enable', 'machines_sort_by', 'fab_analytics', 'statistics_module', 'address_required', " +
"'link_name', 'home_content', 'home_css', 'phone_required', 'upcoming_events_shown', 'public_agenda_module'," +
"'renew_pack_threshold', 'pack_only_for_subscription', 'overlapping_categories', 'public_registrations'," +
"'extended_prices_in_same_day', 'recaptcha_site_key', 'recaptcha_secret_key']"
"'extended_prices_in_same_day', 'recaptcha_site_key', 'recaptcha_secret_key', 'user_validation_required', 'user_validation_required_machine', " +
"'user_validation_required_training', 'user_validation_required_subscription', 'user_validation_required_space'," +
"'user_validation_required_event', 'user_validation_required_pack', 'user_validation_required_list']"
}).$promise;
}],
privacyDraftsPromise: ['Setting', function (Setting) { return Setting.get({ name: 'privacy_draft', history: true }).$promise; }],

View File

@ -55,7 +55,7 @@ class Project < ApplicationRecord
where("state = 'published' OR (state = 'draft' AND author_statistic_profile_id = ?)", author_profile)
}
scope :user_projects, ->(author_profile) { where('author_statistic_profile_id = ?', author_profile) }
scope :collaborations, ->(collaborators_ids) { joins(:projects_users).where(projects_users: { user_id: collaborators_ids }) }
scope :collaborations, ->(collaborators_ids) { joins(:project_users).where(project_users: { user_id: collaborators_ids }) }
scope :with_machine, ->(machines_ids) { joins(:projects_machines).where(projects_machines: { machine_id: machines_ids }) }
scope :with_theme, ->(themes_ids) { joins(:projects_themes).where(projects_themes: { theme_id: themes_ids }) }
scope :with_component, ->(component_ids) { joins(:projects_components).where(projects_components: { component_id: component_ids }) }

View File

@ -30,7 +30,7 @@
</a>
<% else %>
<a href="<%= root_url %>">
<img src="<%= File.join(root_url, asset_pack_path('media/images/fabmanager-logo.png')) %>"
<img src="<%= File.join(root_url, asset_pack_path('static/fabmanager-logo.png')) %>"
alt="<%=fablab_name%>"
width="140px;" />
</a>

View File

@ -509,7 +509,7 @@ fr:
important_notes: "Informations importantes"
address_and_legal_information: "Adresse et informations légales"
invoice_reference: "Référence facture"
invoice_reference_is_required: "La référence facture est requis."
invoice_reference_is_required: "La référence facture est requise."
text: "texte"
year: "Année"
month: "Mois"

View File

@ -109,7 +109,7 @@ zu:
slots: "crwdns20302:0crwdne20302:0"
slots_of: "crwdns20304:0crwdne20304:0"
minutes: "crwdns20288:0crwdne20288:0"
deleted_user: "Deleted user"
deleted_user: "crwdns22454:0crwdne22454:0"
#import external iCal calendar
icalendar:
icalendar_import: "crwdns6855:0crwdne6855:0"
@ -509,7 +509,7 @@ zu:
important_notes: "crwdns7385:0crwdne7385:0"
address_and_legal_information: "crwdns7387:0crwdne7387:0"
invoice_reference: "crwdns7389:0crwdne7389:0"
invoice_reference_is_required: "Invoice reference is required."
invoice_reference_is_required: "crwdns22456:0crwdne22456:0"
text: "crwdns21060:0crwdne21060:0"
year: "crwdns7391:0crwdne7391:0"
month: "crwdns7393:0crwdne7393:0"

View File

@ -283,7 +283,7 @@ de:
do_you_want_to_change_NAME_s_booking_slot_initially_planned_at: "Möchten Sie den {NAME}-Buchungsplatz ändern? Ursprünglich geplant um:"
cancel_this_reservation: "Reservierung stornieren"
i_want_to_change_date: "Ich möchte das Datum ändern"
deleted_user: "Deleted user"
deleted_user: "deleted user"
#user public profile
public_profile:
last_activity_html: "Letzte Aktivität <br><strong>am {DATE}</strong>"

View File

@ -283,7 +283,7 @@ fr:
do_you_want_to_change_NAME_s_booking_slot_initially_planned_at: "Souhaitez-vous changer le créneau de réservation de {NAME}, initialement prévu au :"
cancel_this_reservation: "Annuler cette réservation"
i_want_to_change_date: "Je veux changer de date"
deleted_user: "l'utilisateur supprimé"
deleted_user: "utilisateur supprimé"
#user public profile
public_profile:
last_activity_html: "Dernière activité <br><strong>le {DATE}</strong>"

View File

@ -283,7 +283,7 @@ zu:
do_you_want_to_change_NAME_s_booking_slot_initially_planned_at: "crwdns9825:0{NAME}crwdne9825:0"
cancel_this_reservation: "crwdns9827:0crwdne9827:0"
i_want_to_change_date: "crwdns9829:0crwdne9829:0"
deleted_user: "deleted user"
deleted_user: "crwdns22458:0crwdne22458:0"
#user public profile
public_profile:
last_activity_html: "crwdns9843:0{DATE}crwdne9843:0"

View File

@ -53,7 +53,7 @@ zu:
i_ve_reserved: "crwdns3269:0crwdne3269:0"
length_must_be_slot_multiple: "crwdns3271:0%{MIN}crwdne3271:0"
must_be_associated_with_at_least_1_machine: "crwdns3273:0crwdne3273:0"
deleted_user: "Deleted user"
deleted_user: "crwdns22460:0crwdne22460:0"
#members management
members:
unable_to_change_the_group_while_a_subscription_is_running: "crwdns3275:0crwdne3275:0"

View File

@ -88,6 +88,7 @@ staging:
smtp_authentication: <%= ENV["SMTP_AUTHENTICATION"] %>
smtp_enable_starttls_auto: <%= ENV["SMTP_ENABLE_STARTTLS_AUTO"] %>
smtp_openssl_verify_mode: <%= ENV["SMTP_OPENSSL_VERIFY_MODE"] %>
smtp_tls: <%= ENV["SMTP_TLS"] %>
time_zone: <%= ENV["TIME_ZONE"] %>
week_starting_day: <%= ENV["WEEK_STARTING_DAY"] %>
d3_date_format: <%= ENV.fetch("D3_DATE_FORMAT", '%y-%m-%d').dump %>
@ -132,6 +133,7 @@ production:
smtp_authentication: <%= ENV["SMTP_AUTHENTICATION"] %>
smtp_enable_starttls_auto: <%= ENV["SMTP_ENABLE_STARTTLS_AUTO"] %>
smtp_openssl_verify_mode: <%= ENV["SMTP_OPENSSL_VERIFY_MODE"] %>
smtp_tls: <%= ENV["SMTP_TLS"] %>
week_starting_day: <%= ENV["WEEK_STARTING_DAY"] %>
d3_date_format: <%= ENV.fetch("D3_DATE_FORMAT", '%y-%m-%d').dump %>
uib_date_format: <%= ENV["UIB_DATE_FORMAT"] %>

View File

@ -1,6 +1,6 @@
{
"name": "fab-manager",
"version": "5.3.10",
"version": "5.3.11",
"description": "Fab-manager is the FabLab management solution. It provides a comprehensive, web-based, open-source tool to simplify your administrative tasks and your marker's projects.",
"keywords": [
"fablab",

View File

@ -4834,9 +4834,9 @@ moment-timezone@0.5:
moment ">= 2.9.0"
moment@2.29, "moment@>= 2.9.0", "moment@>=2.8.0 <3.0.0":
version "2.29.1"
resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.1.tgz#b2be769fa31940be9eeea6469c075e35006fa3d3"
integrity sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==
version "2.29.2"
resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4"
integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==
ms@2.0.0:
version "2.0.0"