| Age | Commit message (Collapse) | Author |
|---|
|
"display_all" is too coarse, and we should be letting event handlers
make the appropriate decision on what to display and when. This
duplicates some code, but it's now very clear in the event handlers
what's getting shown.
Throw a 404 if we try to view the user profile for a missing user.
The only feature change in this should be that we now display the
name, full name and website for a user to any other registered user,
which makes sense since these are typically public fields.
Don't show any of the edit buttons unless identity::is_writable()
|
|
This reverts commit 409121942590e12692eaf4e6e9e8b71bfe5ed60c.
|
|
Also fixed a UI bug: No longer showing the edit user buttons to admins in the profile view (to be consistent with the requirements in the controller).
|
|
attributes, use & not &)
|
|
active authentication every 20 minutes to access the admin area.
Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
|
|
|
|
separate from a successful or failed login.
1) Rename user_login_failed event to user_authenticate_failed
2) Rename failed_logins table to failed_auth (bump Gallery module to
v27 to rename the table)
3) auth::too_many_failed_logins -> auth::too_many_failures
4) auth::record_failed_auth_attempts -> auth::record_failed_attempts
auth::clear_failed_auth_attempts -> auth::clear_failed_attempts
|
|
|
|
minute after there have been 5 consecutive failed login attempts.
Fix for ticket #589.
|
|
quick menu knows where to send you after the action is done.
|
|
|
|
Also clean the subject line and email message body of the contact user email.
|
|
Conflicts:
modules/gallery/tests/Access_Helper_Test.php
|
|
of locale tags to be consistent with the user edit form.
|
|
Conflicts:
modules/gallery/libraries/MY_ORM.php
|
|
The show_user_profile is used to provide content to the user profile page. Add the list of the users comments to the profile page.
|
|
user in messages or pages.
Partial fix for ticket #889 and a fix for #931.
|
|
Conflicts:
modules/gallery/tests/xss_data.txt
|
|
user menu. Since the information displayed is identical in both admin and
theme views, it makes sense to combine the generation to it is done in a common
location.
|
|
|
|
providers are installed in the admin module screen.
|
|
install and switch to a different identity provider.
|
|
|
|
way and rejects submissions that change under the normalization step)
|
|
|
|
approach.
- Rearrange Simple_Uploader_Controller::add_photo() to validate
the form early in the process, and switch to using model based
validation.
- Move thumbnail generation into gallery_event::item_created() so
that it's decoupled from the model.
- Delete photo::create() and move all of its logic into
Item_Model::save().
- Add Item_Model::$data_file to track the data file associated
with new movies and photos.
- Do some cleanup on the validation callbacks -- it turns out the
2nd argument is the field name not the value.
|
|
approach depended on having an $item, which is not the case on all
pages (eg: tag pages). Also, check the CSRF in the logout controller,
else you can use the logout link as a blind forwarder.
|
|
guess how to send the user back. Instead, proxy the originating item
id through the edit forms so that we can tell exactly what page we
were on when we began editing. If we were viewing the item, then
redirect to its new url (in case it changed) to fix ticket #745. But
if we were viewing some other item, then just stay on the current page
to fix #940.
The page_type approach didn't work because you'd have the same
"collection" page_type when doing a context menu edit for an album.
|
|
was returning an empty string. This fixes ticket #955.
|
|
|
|
|
|
Convert all open_paren() calls to and_open() or or_open() as appropriate.
|
|
|
|
will provide the same values. This change corrects that assumption and moves the management of the theme options, including creating the form and updating the theme options into the theme."
This reverts commit 1692ee130887a6ad1ba68aa34a96ad36161600f9.
|
|
provide the same values. This change corrects that assumption and moves the management of the theme options, including creating the form and updating the theme options into the theme.
|
|
types, and a subtype for specifics. Currently the top level bucket
collection, item, other
Here are the core subtypes so far:
collection: album, search, tag
item: movie, photo
other: login, reset, comment-fragment, comment
It's legal to create new page_subtypes whenever you want. Use the
appropriate page_type to get the coarse grain behavior that you want.
|
|
|
|
and logout portions of the banner to be rendered by the Theme_View::user_menu callback. This fires the user_menu event. Fixes Ticket #871.
|
|
change the order of operations in gallery_event::gallery_ready() so
that we load users before themes. Fixes ticket #836.
|
|
"user_deleted" events to use ORM or the Kohana query builder to build the database update calls instead of coding the sql directly.
|
|
User/Groups administration a first level menu item. As discussed via -devel mailing list.
|
|
subscription, items and tasks.
|
|
* For items and tasks the owner id is set to admin
* For notification subscriptions, the subscription is deleted
* For comments, I've extracted the user name, email and url and set the guest_name, guest_email and guest_url columns while setting the author_id to identity::guest()->id
Fix for ticket #777.
|
|
|
|
hang other user related module administartion menu links.
|
|
|
|
|
|
branch.
|
|
|
|
flipping back and forth between branches.
|
