Serenysoft master

.github/workflows/ci.yml

@@ -40,7 +40,7 @@ jobs:
           --health-retries=5
 
     env:
-      REDMINE_VER: 5.1-stable
+      REDMINE_VER: 6.1-stable
       PLUGIN_NAME: vault
       REDMINE_GIT_REPO: https://github.com/redmine/redmine.git
       REDMINE_PATH: ${{ github.workspace }}/redmine

CHANGELOG.md

@@ -1,7 +1,29 @@
 # Changelog
-## Version: 0.10.6
+
+## Version: 0.11.0
 ### Improvements
-- Prepare for next release
+- Refactored the search page to support query-based patterns
+- Removed custom CSS styles to ensure compatibility with themes
+- Updated form components to better match Redmine visual standards
+- Adjusted UI navigation for consistency with Redmine structure
+- Integrated Select2 JavaScript component for enhanced tag selection
+- Added support for Redmine 6.1
+### Bugfix
+- Fixed misindented `end` in `keys_controller` index action causing misleading code structure
+- Fixed XSS-pattern in form view: replaced `raw` with `json_escape` for inline JSON tag data
+- Fixed `_key_fields` partial depending on `@query` instance variable; now accepts a `query` local with `@query` fallback
+- Fixed tag assignment in `create` action: tags are now set after save so the join table has a valid `key_id`
+- Fixed `update` action passing tags through mass-assignment; tags are now handled separately
+### Locales
+- Fixed broken YAML structure in `ja.yml` (all keys were incorrectly nested under `activerecord`)
+- Translated all remaining English strings in `ja.yml`
+- Added missing `key_file` model name to `de`, `es`, `fr`, `it`, `ja`, `nl` locales
+- Added missing `field_has_url`, `field_has_login`, `field_body`, `key.btn.generate` to all non-English locales
+- Added missing `key.audit_log`, `key.btn.move/edit_tags`, `key.attr.project/created_at/updated_at`, `error.key.length/not_orphaned`, `error.project.required` to all non-English locales
+- Fixed untranslated strings in `de`, `fr`, `it`, `nl`, `zh` locales
+- Added `permission_keys_all` to `ru` locale
+### Tests
+- Added `test/unit/locale_test.rb` to assert all locales contain every key defined in `en.yml`
 
 ## Version: 0.10.5
 ### Bugfix
@@ -51,10 +73,10 @@
 ### Bugfix
 - [During view/edit key no link to download file](https://github.com/noshutdown-ru/vault/issues/92)
 - [Json format export fixed to Redmine standard](https://github.com/noshutdown-ru/vault/issues/90)
-- Fixed broken filter by tags 
-- Translation fixes 
+- Fixed broken filter by tags
+- Translation fixes
 
-## Version: 0.7.3 
+## Version: 0.7.3
 ### Bugfix
 - [Fixing error viewing Key File types](https://github.com/noshutdown-ru/vault/issues/110)
 
@@ -97,7 +119,7 @@
 - Added Github Actions for CI
 
 ### Braking changes
-- Deleted code which checks Redmine version  
+- Deleted code which checks Redmine version
   - `Redmine::VERSION.to_s.start_with?`
   - 3.1/3.2/3.3/3.4/4
 
@@ -127,14 +149,14 @@
 - Added French translation.
 - [Import from backup update existing keys by name instead of create new ones.](https://github.com/noshutdown-ru/vault/pull/53)
 - [Whitelists support groups.](https://github.com/noshutdown-ru/vault/pull/51)
-### Bugfixes                   
+### Bugfixes
 - [Export keys not working on Windows.](https://github.com/noshutdown-ru/vault/pull/52)
 - [Error in redmine subdir icons display.](https://github.com/noshutdown-ru/vault/pull/47)
 
 ## Version: 0.3.11
 ### Improvements
 - [Support Redmine 4.0.* .](https://github.com/noshutdown-ru/vault/pull/45)
-### Bugfixes 
+### Bugfixes
 - [Menu admin no icon.](https://github.com/noshutdown-ru/vault/issues/46)
 
 ## Version: 0.3.10
@@ -157,19 +179,19 @@
 - [Copy to clipboard.](https://github.com/noshutdown-ru/vault/issues/28)
 
 ## Version: 0.3.7
-### Bugfixes 
+### Bugfixes
 - [Search not working.](https://github.com/noshutdown-ru/vault/issues/24)
 
 ## Version: 0.3.6
-### Bugfixes 
+### Bugfixes
 - [Undefined method 'offset'.](https://github.com/noshutdown-ru/vault/issues/23)
 
 ## Version: 0.3.5
 ### Bugfixes
 - [White lists not block user by direct link.](https://github.com/noshutdown-ru/vault/issues/22)
 
 ## Version: 0.3.4
-- [Error on searching by Name/URL (PostgreSQL).](https://github.com/noshutdown-ru/vault/issues/13) 
+- [Error on searching by Name/URL (PostgreSQL).](https://github.com/noshutdown-ru/vault/issues/13)
 - [Right click no url (Redmine 3.4).](https://github.com/noshutdown-ru/vault/issues/17)
 
 ## Version: 0.3.3
@@ -180,7 +202,7 @@
 ### Features
 - Added support Redmine 3.4 .
 - Added copy by click on the fields: url, login.
-- Added China translation. 
+- Added China translation.
 - Added Dutch translation.
 - Added Italian translation.
 ### Bugfixes

app/controllers/keys_controller.rb

@@ -7,6 +7,8 @@ class KeysController < ApplicationController
 
   helper :sort
   include SortHelper
+  helper :queries
+  include QueriesHelper
 
   def index
     unless Setting.plugin_vault['use_redmine_encryption'] ||
@@ -17,42 +19,45 @@ def index
       end
     end
 
-    sort_init 'name', 'asc'
-    sort_update 'name' => "#{Vault::Key.table_name}.name"
+    retrieve_query(Vault::KeyQuery)
+    sort_init(@query.sort_criteria.empty? ? [['name', 'asc']] : @query.sort_criteria)
+    sort_update(@query.sortable_columns)
+    @query.sort_criteria = sort_criteria.to_a
+    @search = params[:search].to_s
 
-    @keys = @project.keys
-    @keys = @keys.order(sort_clause)
-    @keys = @keys.select { |key| key.whitelisted?(User.current, @project) }
-    @keys = [] if @keys.nil? # hack for decryption
+    if @query.valid?
+      @limit = per_page_option
 
-    # Filter by tag if query parameter contains #tagname
-    @query = params[:query]
-    if @query && !@query.empty? && @query.match(/#/)
-      tag_string = (@query.match(/(#)([^,]+)/))[2]
-      tag = Vault::Tag.find_by_name(tag_string)
-      @keys = tag.nil? ? [] : @keys.select { |key| key.tags.include?(tag) }
-    end
+      scoped_keys = @query.results_scope(
+        search: @search,
+        order: sort_clause
+      )
 
-    @limit = per_page_option
-    @key_count = @keys.count
-    @key_pages = Paginator.new @key_count, @limit, params[:page]
-    @offset ||= @key_pages.offset
+      all_visible_keys = scoped_keys.to_a.select { |key| key.whitelisted?(User.current, @project) }
+      @key_count = all_visible_keys.size
+      @key_pages = Paginator.new(@key_count, @limit, params[:page])
+      @offset ||= @key_pages.offset
+      @keys = all_visible_keys.drop(@offset).first(@limit)
+      @keys.each(&:decrypt!)
 
-    if @key_count > 0
-      @keys = @keys.drop(@offset).first(@limit)
-    end
-
-    @keys.map(&:decrypt!)
-
-    respond_to do |format|
-      format.html
-      format.pdf do
-        unless User.current.allowed_to?(:export_keys, @project)
-          render_error t("error.user.not_allowed")
-          return
+      respond_to do |format|
+        format.html do
+          render partial: 'list', layout: false if request.xhr?
+        end
+        format.pdf do
+          unless User.current.allowed_to?(:export_keys, @project)
+            render_error t("error.user.not_allowed")
+            return
+          end
         end
+        format.json { render json: { keys: @keys } }
+      end
+    else
+      respond_to do |format|
+        format.html { render template: 'keys/index', layout: !request.xhr? }
+        format.any(:pdf) { render plain: '' }
+        format.json { render_validation_errors(@query) }
       end
-      format.json { render json: { keys: @keys } }
     end
   end
 
@@ -128,14 +133,14 @@ def create
     save_file if key_params[:file]
     @key = Vault::Key.new
     @key.safe_attributes = key_params.except(:tags)
-    @key.tags = key_params[:tags]
     @key.project = @project
     @key.audit_user = User.current
 
     self.update_wishlist
 
     respond_to do |format|
       if @key.save
+        @key.tags = key_params[:tags]
         format.html { redirect_to project_keys_path(@project), notice: t('notice.key.create.success') }
         format.json { render json: { key: @key }, status: :created, location: project_key_path(@project, @key) }
       else
@@ -152,7 +157,7 @@ def update
       @key.safe_attributes = key_params.except(:tags)
       @key.audit_user = User.current
 
-      if @key.update(key_params)
+      if @key.update(key_params.except(:tags))
         @key.tags = key_params[:tags]
         format.html { redirect_to project_keys_path(@project), notice: t('notice.key.update.success') }
         format.json { render json: { key: @key }, status: :ok }

app/controllers/vault_settings_controller.rb

@@ -19,10 +19,10 @@ def save
 
     # Check if encryption setting is changing
     old_encrypt_files = Setting.plugin_vault['encrypt_files']
-    new_encrypt_files = params[:settings][:encrypt_files]
+    new_encrypt_files = settings['encrypt_files']
 
     # Save settings first
-    Setting.send "plugin_vault=", params[:settings]
+    Setting.send "plugin_vault=", settings
 
     # Handle encryption state change
     if old_encrypt_files != new_encrypt_files