From 9fade7ac6867f0f204751911ea119c2bf73ebfc0 Mon Sep 17 00:00:00 2001
From: Marcel Folaron <47038998+marcelfolaron@users.noreply.github.com>
Date: Tue, 23 Apr 2024 00:10:03 -0400
Subject: [PATCH 1/3] [fix] editors with manager project roles were seeing
company menu point. (403 on click though)
---
app/Domain/Menu/Templates/headMenu.blade.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app/Domain/Menu/Templates/headMenu.blade.php b/app/Domain/Menu/Templates/headMenu.blade.php
index f8b3b1819..12c2148f6 100644
--- a/app/Domain/Menu/Templates/headMenu.blade.php
+++ b/app/Domain/Menu/Templates/headMenu.blade.php
@@ -164,7 +164,7 @@ class="active"
data-tippy-content="{{ __('popover.my_work') }}"
>{!! __('menu.my_work') !!}
- @if ($login::userIsAtLeast("manager"))
+ @if ($login::userIsAtLeast("manager", true))
Date: Tue, 23 Apr 2024 00:13:56 -0400
Subject: [PATCH 2/3] [fix] global role check for plugin modules
---
app/Domain/Plugins/Controllers/Details.php | 5 +++++
app/Domain/Plugins/Controllers/Marketplace.php | 5 +++++
app/Domain/Plugins/Controllers/Myapps.php | 2 +-
3 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/app/Domain/Plugins/Controllers/Details.php b/app/Domain/Plugins/Controllers/Details.php
index 80ac7a7f2..84c86daeb 100644
--- a/app/Domain/Plugins/Controllers/Details.php
+++ b/app/Domain/Plugins/Controllers/Details.php
@@ -3,6 +3,8 @@
namespace Leantime\Domain\Plugins\Controllers;
use Leantime\Core\Controller;
+use Leantime\Domain\Auth\Models\Roles;
+use Leantime\Domain\Auth\Services\Auth;
use Leantime\Domain\Plugins\Services\Plugins as PluginService;
use Symfony\Component\HttpFoundation\Response;
@@ -27,6 +29,9 @@ public function init(PluginService $pluginService): void
*/
public function get(): Response
{
+
+ Auth::authOrRedirect([Roles::$owner, Roles::$admin], true);
+
if (! $this->incomingRequest->query->has('id')) {
throw new \Exception('Plugin Identifier is required');
}
diff --git a/app/Domain/Plugins/Controllers/Marketplace.php b/app/Domain/Plugins/Controllers/Marketplace.php
index 1f24688dc..a45dbc2e9 100644
--- a/app/Domain/Plugins/Controllers/Marketplace.php
+++ b/app/Domain/Plugins/Controllers/Marketplace.php
@@ -3,6 +3,8 @@
namespace Leantime\Domain\Plugins\Controllers;
use Leantime\Core\Controller;
+use Leantime\Domain\Auth\Models\Roles;
+use Leantime\Domain\Auth\Services\Auth;
use Leantime\Domain\Plugins\Services\Plugins as PluginService;
use Symfony\Component\HttpFoundation\Response;
@@ -27,6 +29,9 @@ public function init(
*/
public function get(): Response
{
+
+ Auth::authOrRedirect([Roles::$owner, Roles::$admin], true);
+
$this->tpl->assign('plugins', []);
return $this->tpl->display('plugins.marketplace');
diff --git a/app/Domain/Plugins/Controllers/Myapps.php b/app/Domain/Plugins/Controllers/Myapps.php
index 671654929..09e5a1a64 100644
--- a/app/Domain/Plugins/Controllers/Myapps.php
+++ b/app/Domain/Plugins/Controllers/Myapps.php
@@ -23,7 +23,7 @@ class Myapps extends Controller
*/
public function init(PluginService $pluginService): void
{
- Auth::authOrRedirect([Roles::$owner, Roles::$admin]);
+ Auth::authOrRedirect([Roles::$owner, Roles::$admin], true);
$this->pluginService = $pluginService;
}
From fb6f64ddfce1c60fa47b4938a499b90848d12d44 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
Date: Tue, 23 Apr 2024 04:15:48 +0000
Subject: [PATCH 3/3] [Changelog CI] Add Changelog for Version 3.1.1
---
CHANGELOG.md | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 86 insertions(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 07dc66cb2..0f428a6fd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,91 @@
# Version: 3.1.1
+* [c1cfd20](https://github.com/Leantime/leantime/commit/c1cfd200349679b17f98f2a62a9054fa639b800b): [Changelog CI] Add Changelog for Version 3.1.1
+* [c73e858](https://github.com/Leantime/leantime/commit/c73e8586f8d5d16cd0db0571e21a4cf03045042c): fix: upgrade @sentry/browser from 7.108.0 to 7.109.0
+
+Snyk has created this PR to upgrade @sentry/browser from 7.108.0 to 7.109.0.
+
+See this package in npm:
+https://www.npmjs.com/package/@sentry/browser
+
+See this project in Snyk:
+https://app.snyk.io/org/broskees/project/c3e7f2a0-597b-4965-a7cf-7e6ea71043ae?utm_source=github&utm_medium=referral&page=upgrade-pr
+* [9e4ca51](https://github.com/Leantime/leantime/commit/9e4ca514b4292187f7c9dde8bd386a1c3f15c0cb): Update release.yml
+
+Include new changelog generator
+* [fc14219](https://github.com/Leantime/leantime/commit/fc1421939789c0ce752da7bac9dd13e0f65f6158): Update staticAnalysis.yml
+* [1efab6f](https://github.com/Leantime/leantime/commit/1efab6f770f211608d0705e7b48d84020f9223e8): [Changelog CI] Add Changelog for Version 3.1.1
+* [1177b61](https://github.com/Leantime/leantime/commit/1177b61e1d41bca0e43fab614a36db791132a4ac): Update changelog.yml
+* [a7eee7c](https://github.com/Leantime/leantime/commit/a7eee7c8574b08c3f16d4dd2bad35acd1a7feb21): Update changelog.yml
+* [2783376](https://github.com/Leantime/leantime/commit/27833765b17852fba7cfa71be5421af2c8265bfc): Update changelog.yml
+* [92efc6f](https://github.com/Leantime/leantime/commit/92efc6f4f68445c0fac5ff0a3fbb72ed9b831ae3): Create changelogConfig.yml
+* [7b4bb81](https://github.com/Leantime/leantime/commit/7b4bb81239d63d51dc542d8419f7fe68b51931b6): Update changelog.yml
+* [17f9b1e](https://github.com/Leantime/leantime/commit/17f9b1e6bbf0e9db982748b5a8874dfbea1b8eeb): Update changelog.yml
+* [127f1a5](https://github.com/Leantime/leantime/commit/127f1a596f1c305fdf6e9c39d1eeb4d3667247cf): Update changelog.yml
+* [a0c6f99](https://github.com/Leantime/leantime/commit/a0c6f99be571ad8fdc81dcb0328f9f920f479498): Create changelog.yml
+* [ad0a182](https://github.com/Leantime/leantime/commit/ad0a182421de58538a5401cf38aead77f71e9eb3): fix: upgrade gridstack from 10.1.1 to 10.1.2
+
+Snyk has created this PR to upgrade gridstack from 10.1.1 to 10.1.2.
+
+See this package in npm:
+https://www.npmjs.com/package/gridstack
+
+See this project in Snyk:
+https://app.snyk.io/org/broskees/project/c3e7f2a0-597b-4965-a7cf-7e6ea71043ae?utm_source=github&utm_medium=referral&page=upgrade-pr
+* [93e34db](https://github.com/Leantime/leantime/commit/93e34dbb67665b50287b82c8c9e63b74f5878540): Fix cache ratelimiter issue on install, fix plugin issue
+* [a386020](https://github.com/Leantime/leantime/commit/a386020d8edbb39a409bdb1555b30dd9ba3a2041): fix: upgrade uppy from 3.23.0 to 3.24.0
+
+Snyk has created this PR to upgrade uppy from 3.23.0 to 3.24.0.
+
+See this package in npm:
+https://www.npmjs.com/package/uppy
+
+See this project in Snyk:
+https://app.snyk.io/org/broskees/project/c3e7f2a0-597b-4965-a7cf-7e6ea71043ae?utm_source=github&utm_medium=referral&page=upgrade-pr
+* [97f788a](https://github.com/Leantime/leantime/commit/97f788af38325c39182650e17756a373599cc55e): fix: upgrade htmx.org from 1.9.10 to 1.9.11
+
+Snyk has created this PR to upgrade htmx.org from 1.9.10 to 1.9.11.
+
+See this package in npm:
+https://www.npmjs.com/package/htmx.org
+
+See this project in Snyk:
+https://app.snyk.io/org/broskees/project/c3e7f2a0-597b-4965-a7cf-7e6ea71043ae?utm_source=github&utm_medium=referral&page=upgrade-pr
+* [4486328](https://github.com/Leantime/leantime/commit/44863288fc4213e073978a2138eee63e42d86f43): fix: upgrade @sentry/webpack-plugin from 2.14.2 to 2.16.0
+
+Snyk has created this PR to upgrade @sentry/webpack-plugin from 2.14.2 to 2.16.0.
+
+See this package in npm:
+https://www.npmjs.com/package/@sentry/webpack-plugin
+
+See this project in Snyk:
+https://app.snyk.io/org/broskees/project/c3e7f2a0-597b-4965-a7cf-7e6ea71043ae?utm_source=github&utm_medium=referral&page=upgrade-pr
+* [28c5c49](https://github.com/Leantime/leantime/commit/28c5c49fc430874ed902746e3becf36920c47cf4): fix: upgrade @sentry/browser from 7.104.0 to 7.108.0
+
+Snyk has created this PR to upgrade @sentry/browser from 7.104.0 to 7.108.0.
+
+See this package in npm:
+https://www.npmjs.com/package/@sentry/browser
+
+See this project in Snyk:
+https://app.snyk.io/org/broskees/project/c3e7f2a0-597b-4965-a7cf-7e6ea71043ae?utm_source=github&utm_medium=referral&page=upgrade-pr
+* [cd79ec1](https://github.com/Leantime/leantime/commit/cd79ec11dbecbb05346961b472652d74786d93a0): Added mew middleware methods to secure Leantime
+* [fd5d7c4](https://github.com/Leantime/leantime/commit/fd5d7c496575f150754b60c64a4e593e3e11e386): Fix calendar dates
+* [aa79983](https://github.com/Leantime/leantime/commit/aa799830bcaa17232e37d77dda4185146507ef91): Fixes misc issues
+
+- Open redirect
+- File management
+- adds version to plugin page
+* [8ab7cff](https://github.com/Leantime/leantime/commit/8ab7cff1eb4996a71084bc67e13c7731a9c44ae2): Session improvements
+* [c8eba42](https://github.com/Leantime/leantime/commit/c8eba42be0ff007f0b6c8ca7565174781c7367e2): Update README.md
+
+Update install info
+* [000d8fc](https://github.com/Leantime/leantime/commit/000d8fcb60c08258b36bc906c704be22e6b73c02): fix incorrect symbol in the translation for zh-CN
+* [57738c3](https://github.com/Leantime/leantime/commit/57738c32bf969f76a496d3a34b84d6a7b82e45e7): Update Plugins
+
+
+# Version: 3.1.1
+
* [1177b61](https://github.com/Leantime/leantime/commit/1177b61e1d41bca0e43fab614a36db791132a4ac): Update changelog.yml
* [a7eee7c](https://github.com/Leantime/leantime/commit/a7eee7c8574b08c3f16d4dd2bad35acd1a7feb21): Update changelog.yml
* [2783376](https://github.com/Leantime/leantime/commit/27833765b17852fba7cfa71be5421af2c8265bfc): Update changelog.yml