Commit Graph

741 Commits

Author SHA1 Message Date
Igor Scheller fc773b25b3 Use 403 forbidden on shifts json, atom export and ical export 2019-10-13 13:15:08 +02:00
Igor Scheller 8f8130634e Show normal login page after registration, added msg() template function 2019-10-08 15:28:23 +02:00
Igor Scheller 85e4403392 Rooms: Save times as Worklog and notify on room deletion 2019-09-18 04:27:59 +02:00
Igor Scheller a02f5e61be Edit user: Prevent overwriting first and last name if temporary disabled 2019-08-24 12:53:26 +02:00
Igor Scheller 100602437f User admin: Allow setting new groups if user has none assigned 2019-08-24 11:58:57 +02:00
msquare 3ce3129b6e feature: disable lastname+prename in config 2019-08-24 10:56:59 +02:00
Igor Scheller 69b3a2440c Admin user: Show force active status in log 2019-08-22 23:26:00 +02:00
msquare a5f838d56a fix back button on shift create preview 2019-08-19 22:05:10 +02:00
msquare ead2b1582b add overnight shift creation feature flag 2019-08-17 18:46:03 +02:00
Yannik Enss 770202e03d Declare summary of atom feed items as HTML
RFC4287 Section 3.1.1 requires HTML content to be declared
as such with the "type" attribute, this commit adds that attribute
to the generated atom feeds.
2019-08-15 23:42:44 +02:00
msquare 76a7ceb27b fixes #635: set end of the last created shift to the official end inestead of first shift change on next day 2019-08-15 21:14:54 +02:00
msquare d376c0d038 fix edit user error 2019-08-04 17:55:07 +02:00
msquare 1b3781cb2f format admin_arrive dates accordingly as in user list 2019-07-25 19:02:08 +02:00
msquare 0c51d3c487 make shift calendar printable 2019-07-24 20:57:27 +02:00
Igor Scheller bcce2625a8 Implemented AuthController for login
* Moved /login functionality to AuthController
* Refactored password handling logic to use the Authenticator
2019-07-08 01:57:59 +02:00
Igor Scheller 6ed891fc04 Added logout via AuthController 2019-06-12 10:24:02 +02:00
Igor Scheller ead56a89fe Only show the shift "Comment" field for own entries 2019-06-04 21:23:34 +02:00
Igor Scheller 4e709d0d23 Log messages without inline HTML 2019-06-03 20:33:09 +02:00
Igor Scheller e7f10d846e Escape log messages 2019-06-03 20:33:09 +02:00
msquare f6a87535a0 add help button to ical export for android, fixes #402 2019-05-05 15:23:13 +02:00
msquare 4f1cef546e better nick validation, fixes #429 2019-04-28 14:39:49 +02:00
Igor Scheller 79c92da8c1 Formatting
```bash
php-cs-fixer fix --allow-risky=yes --rules=@PSR2,psr4,mb_str_functions.php_unit_construct,php_unit_ordered_covers,trailing_comma_in_multiline_array --rules='{"array_syntax": {"syntax":"short"}}' [tests/|src/]
```
2019-04-25 18:17:19 +02:00
Igor Scheller 7c3a0c70e8 Bugfix: default value for planned_arrival_date and don't overwrite dect
Fixed registration form formatting
Fixed profile request attributes fallback values
2019-04-25 17:56:23 +02:00
Janne Heß 79b30fa3a8 Support disabling the planned arrival
We also use Engelsystem for single-day events, and the planned
arrival/departure feature doesn't make sense for us.
2019-04-23 21:05:56 +02:00
Janne Heß 665e444e88 Support disabling the DECT field
It's a really chaos-event-specific feature and is confusing for many
people on non-chaos events.
2019-04-23 12:43:45 +02:00
Igor Scheller 69c47dcc42 admin-free: Improved formattig 2019-04-21 17:54:10 +02:00
Janne Heß 69ac1b2d21 Support disabling the arrival feature
Setting `autoarrive` to true will now cause all newly registered angels
to be automatically confirmed as arrived.
2019-03-09 13:53:08 +01:00
Janne Heß afa4506e11 Support alternative home sites 2019-03-09 13:52:13 +01:00
msquare 60ad343b22 fixes #178: Show not only next but also last shift in free angels view 2019-01-13 16:04:44 +01:00
Igor Scheller 1bb2c57842 comments: Don't strip characters
closes #510 (htmlentities-like content in a comment gets removed)
2018-12-28 23:08:39 +01:00
Igor Scheller 6df3dc8489 questions: Don't strip content from messages
closes #545 ("=" removed in Questions & Answers)
2018-12-28 23:08:39 +01:00
Igor Scheller 012d5a4722 Don't strip characters from direct messages 2018-12-28 23:08:39 +01:00
Igor Scheller 540efef63e active angels: Bugfix and prevent errors when searching double spaces 2018-12-28 21:39:23 +01:00
msquare db26412e6c fixes #549: fill missing arrival dates and prevent setting arrival by admin-user instead of admin-arrive 2018-12-27 19:08:35 +01:00
Igor Scheller acd9ec6966 add multiple shifts: Fix hour regex and sorting, cleanup and formatting 2018-12-26 19:49:01 +01:00
Igor Scheller 36830c43e7 Fix warning if searching two whitespaces and formatting 2018-12-26 19:39:40 +01:00
Igor Scheller 31d9efb2b8 Bugfix: Edit user: Show groups list if angel has no rights 2018-12-25 14:46:14 +01:00
Igor Scheller d214525e24 Sort Angels Alphabetical
closes #541 (Shift Signup: Sort Angels Alphabetical)
2018-12-25 10:25:32 +01:00
jwacalex 8c5b52aa11 reformatted code due to guidelines 2018-12-22 12:10:16 +01:00
jwacalex 60a9c15454 first draft for #536 2018-12-22 12:10:16 +01:00
Igor Scheller b1d8fede46 user: allow up to 40 characters for dect numbers
closes #309 (EPVPN number in DECT field is shortened)
closes #529 (For dect numbers are only 5 digits allowed)
2018-12-22 12:03:24 +01:00
Igor Scheller c5621b82cf Implemented /metrics endpoint and reimplemented /stats
closes #418 (/metrics endpoint)

Usage:
```yaml
scrape_configs:
  - job_name: 'engelsystem'
    static_configs:
    - targets: ['engelsystem.example.com:80']
```
2018-12-19 22:36:42 +01:00
Igor Scheller 204ff4c0e7 rooms admin: Set a maximum character length
closes #525 (Room names with more than 35 characters dispatch a team of untrained monkeys)
2018-12-18 13:22:10 +01:00
msquare 93b819025c fix margin of form submit in tables 2018-12-09 12:51:48 +01:00
MichiK 252f003b94 Really fix the data/timepicker CSS and JS
Attaching the timepicker to the input instead of the sorrounding div didn't
turn out as expected. Therefore, I used the same mechanism for DOM attachment
and lazy initialization for the timepicker like for the datepicker.

Instead of trying to load the CSS through webpack and some JS voodoo, it's
a lot simpler to just include it via the normal base theme CSS. This works.
In addition, I noticed that there is an easier way to read the current locale.
No need to do this twice via different ways.

This closes #516.
2018-12-08 21:14:20 +01:00
MichiK 7e53c45890 Change the color of "reset" in admin_arrive 2018-12-07 17:26:44 +01:00
MichiK ed5ee3235e Add timepickers in shifts view 2018-12-05 18:43:51 +01:00
Igor Scheller c33940f64a Moved permission checks to Authenticator class 2018-12-02 12:53:31 +01:00
Igor Scheller 944c29b964 Require POST for sending forms
* Ensure that the form is submitted with a post request
* Replaced several links with forms

Closes #494 (Security Vulnerability)
2018-11-21 19:24:36 +01:00
Igor Scheller 23c0fae36f Added csrf middleware 2018-11-21 19:24:36 +01:00
msquare 8236989be0 fix missing unique mail validation on user register 2018-11-18 12:13:00 +01:00
Igor Scheller 15751f9c7a Fix error when accessing undefined date
Closes #491 (Edit User fails when User never logged in before)
2018-11-02 18:03:40 +01:00
Igor Scheller 88f3bafa5e Replaced `Auth()` with `auth()` 2018-10-31 13:43:23 +01:00
Igor Scheller 82b22160fd Fixed error if shirt size is not configured 2018-10-31 13:43:23 +01:00
Igor Scheller a2aaba9cab User: Bugfixes & code cleanup 2018-10-31 13:43:23 +01:00
Igor Scheller d7aea575ff Replaced more sql queries and old data 2018-10-31 13:43:23 +01:00
Igor Scheller 57932be428 Moved arrival_date to state 2018-10-31 13:43:23 +01:00
Igor Scheller 4e09ee3eb2 Replaced more user related stuff
(Contains some buggy stuff too...)
2018-10-31 13:43:23 +01:00
Igor Scheller 7c6afc2bfe Removed `User($id)` function 🎉 2018-10-31 13:43:23 +01:00
Igor Scheller 89e62c95a7 Changed more functions 🎉 2018-10-31 13:43:23 +01:00
Igor Scheller b069a938c6 Changed user_link and some other user functions to use the user id 2018-10-31 13:43:23 +01:00
Igor Scheller 2dcb7cc2de Replaced some global `$user` variables 2018-10-31 13:43:23 +01:00
Igor Scheller 90e1a94962 Make application name configurable
* Added app_name configuration option
* Extended `EngelsystemMailer` to prepend the application name to all mails

Closes #426
2018-10-30 22:50:22 +01:00
Igor Scheller 7f61dc95be EventConfig: Merge event configuration from database to global config 2018-10-30 21:13:56 +01:00
Igor Scheller 66038eda14 Merge branch 'twig-templates' 2018-09-23 20:11:37 +02:00
Nos- b2303c0723 Tried to fix inputfields for date, email, tel 2018-09-23 11:48:09 +02:00
Igor Scheller 2a134e6c0b Config: Removed nightshifts query 2018-09-23 11:40:53 +02:00
Igor Scheller 0734807eef Merge remote-tracking branch 'MyIgel/logentry-model' 2018-09-16 12:06:18 +02:00
Igor Scheller d0abc27c07 Merge remote-tracking branch 'MyIgel/translations' 2018-09-15 14:58:31 +02:00
Igor Scheller c1a1180d1f Moved frontend, templates and lang to resources 2018-09-10 18:22:48 +02:00
Igor Scheller 222c9fed7d Merge remote-tracking branch 'MyIgel/templating' 2018-09-09 12:11:12 +02:00
Igor Scheller 9d34f371cb Added CreditsController 2018-09-03 15:42:51 +02:00
Igor Scheller ac48332166 Models: Added LogEntry model 2018-08-31 03:24:54 +02:00
Bot e8f8fc7f5f Replaced gettext translation `_()` with `__()` that uses the Translator class 2018-08-29 23:46:32 +02:00
Igor Scheller acfe72cb91 Removed translation from config file 2018-08-29 23:46:32 +02:00
Igor Scheller bb3d16d273 Added Twig template renderer, closes #338 2018-08-29 23:46:11 +02:00
Igor Scheller 175c335810 Db::selectOne() should return null if result is empty 2018-08-29 18:11:35 +02:00
Igor Scheller d93ace2eae Prevent object serialization in session 2018-08-20 21:08:06 +02:00
Igor Scheller d6c8f1a614 Merge branch 'master' to 'rebuild-database' 2018-08-20 21:07:57 +02:00
Igor Scheller 864a086900 Prevent object serialization in session 2018-08-07 16:54:08 +02:00
msquare 0f1da65f2a
Merge pull request #421 from MyIgel/master
Prevent empty string after $tokens = explode(' ', $search);
2018-01-22 20:48:59 +01:00
msquare 2e1c2cf3b5 remove br between shift filter checkboxes 2018-01-22 20:45:31 +01:00
Igor Scheller fe58e4f422 database: updated checks for selectOne 2018-01-14 17:47:26 +01:00
Igor Scheller b2e5b5c44d Prevent empty string after $tokens = explode(' ', $search); 2018-01-03 01:47:34 +01:00
msquare 73ed2308c1 use user tshirt count 2017-12-30 13:59:41 +01:00
msquare b3ca550ed0 simplify t-shirt statistics 2017-12-30 13:40:24 +01:00
msquare 0314ba19e3 make got t-shirt always available 2017-12-30 13:37:26 +01:00
msquare c961269bb7 better hour formatting 2017-12-30 12:07:10 +01:00
msquare ee9fbda098 add work date to work log 2017-12-29 18:57:11 +01:00
msquare 86a38a3372 add user work log entries feature 2017-12-29 17:19:27 +01:00
msquare e7b0e9934d add shift filter buttons at the top 2017-12-29 16:20:30 +01:00
msquare 8c64532902 fix ical export description 2017-12-27 15:06:39 +01:00
Igor Scheller 6ceec76e7d feature request: filter angel types based on account settings, closes #362 2017-12-27 13:43:46 +01:00
msquare abf4b1da30 check if logged in before sign up 2017-12-27 11:35:26 +01:00
Igor Scheller 6953090e7d 392: Show warning message when editing html news without proper permissions to save them, Closes #392 2017-12-26 14:35:33 +01:00
Bot 952c7892f3 Formatting & Docstrings 2017-12-25 23:51:15 +01:00
klemens a6cf4c9ce9 spelling fixes 2017-12-25 21:29:00 +01:00
msquare 81b4e9d2bc solve problem with autobreaks in news text when building html tables 2017-12-20 23:46:04 +01:00
msquare 34da670b6f solve problem with autobreaks in news text when building html tables 2017-12-20 23:42:37 +01:00
msquare 2b52d24c59 solve problem with autobreaks in news text when building html tables 2017-12-20 23:40:46 +01:00
msquare 9969208be2 solve problem with autobreaks in news text when building html tables 2017-12-20 23:35:06 +01:00
msquare a0f70d9819 solve problem with autobreaks in news text when building html tables 2017-12-20 23:21:03 +01:00
msquare a1c032642f introduce new shift signup state for not arrived angels 2017-12-20 23:12:17 +01:00
msquare 1289101f6e rewrite controller for creating shift entries 2017-12-20 00:42:58 +01:00
msquare fd85034e7f redo shift signoff and icons for delete/confirm/acknowledgment questions 2017-12-19 20:58:01 +01:00
msquare 952dc6921a undo of fix #382: XXE DoS in engelsystem - the feature is actually needed for xcal files 2017-12-14 14:56:29 +01:00
msquare a8cf4b9ddf fix #382: XXE DoS in engelsystem 2017-12-13 16:59:28 +01:00
msquare 5278be1f0f add link to public dashboard from shift view 2017-12-13 12:53:07 +01:00
msquare d5631297dc better logging of needed angeltypes for shifts and rooms 2017-12-12 20:04:36 +01:00
msquare afb77d22ba move room db queries to model 2017-12-10 18:56:40 +01:00
msquare aae8c77ed1 fix #212: Duplicate entry for Room name 2017-12-10 18:36:53 +01:00
msquare dbf6e64a2c change write permission check to catch exceptions 2017-12-10 18:10:28 +01:00
msquare 4143680297 remove room number and visible flag, rename pentabarf to frab and introduce map/c3nav integration as well as markdown description for rooms 2017-12-10 15:02:37 +01:00
msquare 9e04e2d4a0 fix age validation 2017-11-29 17:41:12 +01:00
Igor Scheller 0b45d2a88f #366 Feature: Time Interval Buttons (on Shifts page), closes #366 2017-11-29 13:30:41 +01:00
msquare bb2681a7c8 add validation of dect numbers 2017-11-21 19:00:42 +01:00
msquare 15c50ab315 fix minor cody style issues (codacy) 2017-11-19 15:13:48 +01:00
msquare 86e41e2949 change logging of needed angeltypes for created shifts 2017-11-19 13:55:18 +01:00
msquare 4eedad6c89 fix problem with default values on registration 2017-11-19 12:03:29 +01:00
msquare f9ab269758 fix problem with default values on registration 2017-11-19 12:02:11 +01:00
msquare 6b74705f37 fix problem with default values on registration 2017-11-19 12:00:42 +01:00
msquare d8de02db34 fix problem with default values on registration 2017-11-19 11:59:37 +01:00
msquare 59cd65cb50 fix problem with validation of planned arrival date 2017-11-19 11:58:19 +01:00
msquare 7df64c82a6 fix problem with bools in queries 2017-11-19 11:52:39 +01:00
msquare c62833bb51 fix problem with default value when registering 2017-11-19 11:45:22 +01:00
msquare eec161a852 fix problem with default age when registering 2017-11-19 11:34:12 +01:00
msquare 50f24271eb fix all redirects to home (because of new urls redirect to ? wont work anymore) 2017-11-19 10:45:08 +01:00
Igor Scheller 4817658862 Merge branch 'noc0lour:fix_setup_bugs', closes #335 2017-09-25 20:25:00 +02:00
Igor Scheller 945fcb079a Added registration_enabled configuration 2017-09-20 12:18:08 +02:00
Igor Scheller e6ed8a3017 Changed LogEntries table: Use log level instead of nick name 2017-09-19 19:45:02 +02:00
Igor Scheller 8c81adc8e8 Implemented container 2017-08-31 17:30:54 +02:00
Igor Scheller 0a20883aa8 Reimplementation of 2840bb619 (signup requires arrival), closes #330 2017-08-31 12:32:08 +02:00
Igor Scheller 2bd127c011 Use symfony session 2017-08-30 19:57:01 +02:00
Igor Scheller 96f1d9fd54 Bugfixes 2017-08-30 15:35:12 +02:00
Bot a473a56f1d Formatting 2017-08-30 00:22:02 +02:00
Igor Scheller d0074cf006 Merge remote-tracking branch 'engelsystem/feature-igel-rewrite'
# Conflicts:
#	includes/controller/angeltypes_controller.php
#	includes/pages/admin_groups.php
#	includes/pages/user_settings.php
#	includes/sys_page.php
#	src/Exceptions/Handler.php
#	src/Http/Request.php
2017-08-29 23:16:41 +02:00
Igor Scheller 3002ed9e93 Security: Only allow angels with admin_news_html privilege to use HTML 2017-08-29 22:22:53 +02:00
Igor Scheller cc01c906ba #336: Integration of symfony/http-foundation request 2017-08-29 21:52:07 +02:00
Igor Scheller 73175e2b64 #337: Added routing 2017-08-28 17:34:00 +02:00
Andrej Rode 5f305121a4 fix order by not in select clause for >mysql-5.7 2017-08-16 00:45:56 +02:00
msquare f82e5456d2 dried code by introducing selectOne for select queries with only one result line expected 2017-07-28 20:11:09 +02:00
msquare 69a1ee2bfe use glyph bool icons on room list 2017-07-28 19:49:32 +02:00
msquare a0af8d4624 further switching to db exceptions instead of return false 2017-07-28 19:15:52 +02:00
msquare 5794c4cab8 clear delete queries from false resuls 2017-07-28 18:50:00 +02:00
msquare a157004f4a handle failed db queries in Db class 2017-07-23 11:46:54 +02:00
Igor Scheller e1762e7764 replaced template_render with dynamic renderer class 2017-07-20 02:30:53 +02:00
Igor Scheller d4ad70804b Removed overwhelmed page 2017-07-20 02:10:53 +02:00
Igor Scheller 7d5d905fcf Moved $themes array to config 2017-07-20 01:14:28 +02:00
Igor Scheller 3a1e460249 Changed $_GET, $_POST and $_REQUEST to use the Request object 2017-07-19 11:44:16 +02:00
Igor Scheller 68da2a4eb8 Renamed "default_theme" config to "theme" 2017-03-02 08:11:52 +01:00