Jan 2, 2013:
- 11:01 PM Changeset  by
AccountManagerPlugin: Fix an unreported regression when disabling Trac core's LoginModule.
- 10:40 PM Changeset  by
AccountManagerPlugin: Tweak config admin panel, for clarity as well as technically.
- 10:20 PM Changeset  by
Adding the registration approval configuration option to config admin panel.
Taking care for marking all potential message parts for translation as well.
A recent suggestion by Ryan J Ollos is merged in here too, so that all kinds
of restricted accounts are clearly visible in user listings now.
- 10:02 PM Changeset  by
While simple, this might be an effective counter-measure against spammer
registrations, because intentionally it's rather hard to spot the difference
between an approved authenticated session and one with pending approval.
So I forsee more wasted resources on attacker's side to figure out, why
one still fails to spam the site even after successful registration, and
that is certainly a good thing.
Note: Due to its implementation banning is instantly effective and will
prevent even authenticated sessions from doing more than a user could in an
anonymous session, unlike the account lock provided by AccountGuard.
That wouldn't prevent authenticated sessions from continuing indefinitely,
at least until next authentication time, and this might be a rather long time,
if persistant sessions had been allowed before.
- 9:37 PM Changeset  by
Note, that any previous version of TracAnnouncer won't work with latest
AccountManagerPlugin 'trunk' code, and this already made me thinking about
a more robust change listener definition. But this is another subject.
- 9:29 PM Changeset  by
- 7:14 AM Ticket #10745 ([Patch] Add a 'Select all' checkbox to the header on the Manager User ...) created by
- Using jQuery, add the following dynamic behaviors: * A checkbox in …
- 3:39 AM Ticket #9911 (For hudson plugin Hyperlink in Time line not exactly redirecting - 404 ...) closed by
- invalid: Since there has been no further feedback, I'm assuming it was a …
- 2:41 AM Changeset  by
New hack TracTicketLimitPlugin, created by rje
Jan 1, 2013:
- 8:51 PM Ticket #10744 (Various code refactorings) created by
- I've spotted a number of issues with the code during review. The …
- 8:43 PM Ticket #10743 ([Patch] Email addresses should be mailto links) created by
- Inspired by #6259, transform the email addresses into mailto links.
- 2:04 PM AccountManagerPlugin edited by
- update to current state of development (diff)
Dec 31, 2012:
- 6:35 PM CookBook/AccountManagerPluginConfiguration edited by
- correct and reduce size of basic configuration examples (diff)
- 4:38 PM Changeset  by
- 12:08 PM Changeset  by
TracLinksPlugin: tiny fix
- 11:59 AM Changeset  by
EpochFieldPlugin: add docstring for each option
- 8:52 AM Ticket #10742 ([Patch] Rename "Update" button to "Refresh" on the Review User Account ...) created by
- When initially viewing the page, I found the term Update to be …
- 8:46 AM Changeset  by
Dec 30, 2012:
- 11:29 PM Changeset  by
- 10:50 PM Changeset  by
This is an API change to the IPasswordStore interface.
Additionally account manager now adds account details only on success of the
previous attempt to create a new password entry in primary password store.
- 10:35 PM Changeset  by
Likewise 'password_format', another depreciated option, is removed too.
Both changes have been prepared for a rather long time now, mostly to allow
for seamless store chaining. Equivalent options have been introduced before:
- 'password_file' - depreciated in favor of store-specific options
- 'htpasswd_file' for HtPasswdStore's password file in htpasswd format
- 'htdigest_file' for HtDigestStore's password file in htdigest format
- 'password_format' - obsoleted by a combination of
- 'password_store' for direct store selection including store chaining
- store-specific options for hash type selection, i.e.:
- 'htpasswd_hash_type' for HtPasswdStore
- 'db_htpasswd_hash_type' for SessionStore with IPasswordHashMethod HtPasswdHashMethod (selected by 'hash_method' in turn)
- 10:27 PM Changeset  by
This isn't visible in Trac 1.0 and below, but has been reported for latest
Trac trunk. Thanks to Ryan J Ollos for taking care.
- 10:04 PM Changeset  by
This is a nice web-UI simplification. Thanks to Ryan J Ollos for suggestion
and patch code.
- 10:03 PM Ticket #10741 ([Patch] Provide indicator for verification status of email addresses ...) created by
- The verification status of an email address for an individual user can …
- 9:56 PM Ticket #10738 (XmlRpcPlugin does not respect ITicketManipulators) reopened by
- Oh. No, update() cannot create tickets - there is a create() …
- 8:45 PM Ticket #10740 ([Patch] Checkbox columns are too wide on the Accounts: Cleanup page) created by
- In Trac 1.1.1dev (and probably some earlier versions), the column of …
- 5:09 PM CookBook/AccountManagerPluginConfiguration edited by
- correct basic examples regarding 'lost password' procedure - disabled … (diff)
- 3:02 PM CookBook/AccountManagerPluginConfiguration edited by
- Syntax highlighting. (diff)
- 2:49 PM Ticket #10739 ([Patch] Move Back to Accounts button to the contextual navigation) created by
- The attached patch moves the Back to Accounts button on the …
- 11:13 AM Ticket #10738 (XmlRpcPlugin does not respect ITicketManipulators) closed by
- worksforme: No it shouldn't. Not if you use the 'new-style' update that supports …
- 10:37 AM Ticket #10738 (XmlRpcPlugin does not respect ITicketManipulators) created by
- I have an ITicketManipulator to restrict ticket creation for a …
- 1:52 AM CookBook/AccountManagerPluginConfiguration edited by
- add link to lost/new password procedure explanation (diff)
- 1:51 AM AccountManagerPlugin/AuthStores edited by
- add link to lost/new password procedure explanation (diff)
- 1:40 AM AccountManagerPlugin/Modules edited by
- add more details about the new lost/new password procedure (diff)
Dec 29, 2012:
- 6:23 PM ContextChromePlugin edited by
- Fixed typo. (diff)
- 3:27 PM Ticket #10735 (Uses depreciated AccountManagerPlugin options) created by
- In multiprojectcommitticketupdaterplugin/0.12/testing some …
- 3:13 PM HtGroupEditorPlugin edited by
- remove obsolete example configuration for AccountManagerPlugin and … (diff)
- 3:04 PM Ticket #10734 (Uses depreciated AccountManagerPlugin options) created by
- In htgroupsplugin/trunk/README.txt some configuration examples show …
- 12:50 PM ContextChromePlugin edited by
- 12:41 PM ContextChromePlugin edited by
Dec 28, 2012:
- 2:54 PM Ticket #10733 (Ghostly milestones) created by
- When create new ticket, in milestones dropdown menu deleted previously …
- 1:43 AM Changeset  by
Otherwise admin users couldn't create new user accounts with this check
enabled for the new user registration procedure.
Background: There's no way to pass that check there, because the hidden field
isn't supplied to user admin panel, but to the registration form exclusively.
- 1:34 AM Changeset  by
Keeping 'no empty password' for user education, but only showing it on password
validation failure. But the story has only just started:
Additionally AccountModule did not check for password change success on
forced password change, unconditionally removing permission lock-down and
reporting password update even on failure. Thanks to Ryan J. Ollos for testing
and providing a detailed description of this behavior.
Closing yet another way to bypass a forced password change by just repeating
the old password as new password, what isn't accepted anymore now.
Admin users may continue to create password-less accounts. Still successful
authentication with acct_mgr.LoginModule required another change to prevent
unconditionally failed logins because of the empty password.
Dec 27, 2012:
- 8:02 PM RemoteTicketConditionalCreatePlugin edited by
- Added syntax highlighting. (diff)
- 7:45 PM Changeset  by
- 7:40 PM Ticket #10325 (Clarify license and add COPYING file to source) closed by
- fixed: (In ) Fixes #10325, Refs #10331, #10333: * Added 3-Clause BSD …
- 7:39 PM Changeset  by
- Added 3-Clause BSD license text.
- jQuery UI 1.8.23 is used in Trac 0.12 and later. jQuery UI 1.6 is used in Trac 0.11.1 through Trac 0.11.7 (Trac 0.11.1 is the minimum version supported by the plugin).
- Renamed BACKLOGS_VIEW permission to BACKLOG_VIEW.
- Combined code in backlog-rw.js and backlog-ro.js to backlog.js.
- Added skeleton code for an admin panel.
- Added skeleton for unit tests.
- 7:21 PM PrivateWikiPlugin edited by
- 6:32 PM Ticket #10732 (Use Sortable widget from jQuery UI) created by
- jQuery UI 1.6 can be used with jQuery 1.2.6, which would make the …
- 2:59 PM Changeset  by
- 2:54 PM Changeset  by
Refs #10728: Proper email for new maintainer.
- 2:52 PM Ticket #10731 (Templates don't follow common naming convention) created by
- The templates don't follow the common naming convention for Trac …
- 2:48 PM Changeset  by
Refs #10728: New maintainer.
- 2:47 PM PeerReviewPlugin edited by
- Completed adoption steps. Refs #10728. (diff)
- 2:19 PM Ticket #10728 (Requesting to adopt PeerReviewPlugin) closed by
- fixed: Replying to anonymous: > That's up to you to decide . …
- 2:47 AM AccountManagerPlugin edited by
- announce latest maintenance release, adjust next development targets … (diff)
- 2:30 AM Ticket #10730 (AccountGuard.lock_time effectively disables account locking) closed by
- fixed: (In ) AccountManagerPlugin: Publish maintenance release 0.4.2, …
- 2:30 AM Changeset  by
This is another update for current stable acct_mgr-0.4 to immediatly push the
fix broken account locking.
- 2:11 AM Changeset  by
This has been broken by recent account guard re-work, or worse (if earlier).
Another unit test in addition to the corrected one account for this regession.
- 1:56 AM Ticket #10730 (AccountGuard.lock_time effectively disables account locking) created by
- Even worse: This has been backed by a plain-wrong unit test assertion …
Dec 26, 2012:
- 10:22 PM Tickets #5964,8545,10134,10625,10700,10701 batch updated by
- fixed: (In ) AccountManagerPlugin: Publish maintenance release 0.4.1, …
- 10:22 PM Changeset  by
This is an update for current stable acct_mgr-0.4 with a number of fixes for
issues resolved within the last weeks, i.e.:
- a final fix for Single-Sign-On functionality (refs #9676),
- a long-standing HttpAuth login issue and
- one for acct_mgr.LoginModule, that is relevant if used with web-servers, that evaluate the REMOTE_USER environment variable.
Changeset  is included, that may require a Trac db fix-up.
Run python ./contrib/fix-session_attribute-failed_logins.py <env> once on any
Trac environment, that had account locking enabled with time constraints
- 9:54 PM Changeset  by
another small fix
- 9:42 PM RemoteTicketConditionalCreatePlugin edited by
- 9:41 PM RemoteTicketConditionalCreatePlugin edited by
- 9:39 PM Changeset  by
small fix if update_on_close is missing or empty.
- 9:25 PM Changeset  by
added another feature to update the remote ticket when "escalated" ticket has been closed.
- 8:02 AM Changeset  by
Bumped version to 2.2dev.v. Added text of 3-Clause BSD license.
- 6:36 AM Ticket #10729 (Templates have hard-coded paths to stylesheets.) created by
- For example, peerReviewBrowser.html contains: […]
- 6:17 AM Ticket #8286 (Make proper use of the Trac database API) closed by
- fixed: (In ) Fixes #8286: * Removed obsolete dbEscape function and …
- 6:17 AM Changeset  by
- Removed obsolete dbEscape function and unnecessary imports.
- Formatted some SQL statements per Trac guidelines (1).
- 5:46 AM Ticket #10728 (Requesting to adopt PeerReviewPlugin) created by
- I'd like to request to adopt the PeerReviewPlugin if the maintainer no …