1. 09 Dec, 2014 8 commits
  2. 08 Dec, 2014 1 commit
    • Robert Lyon's avatar
      Fixing up group homepage problem (Bug #1396565) · 7d6192f8
      Robert Lyon authored
      A mistake was made where a user was allowed to add more than one
      "group pages" block to the group homepage. This wasn't a problem until
      we added pagination to the "group pages" block.
      This patch attempts to clean up that error and merge any existing
      multiple block instances into one "group pages" block instance.
      Change-Id: I38acada835a4c245c97f0008543519a9dd2072a3
      Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
  3. 04 Dec, 2014 14 commits
  4. 03 Dec, 2014 2 commits
  5. 27 Nov, 2014 4 commits
  6. 25 Nov, 2014 4 commits
  7. 24 Nov, 2014 6 commits
  8. 20 Nov, 2014 1 commit
    • Robert Lyon's avatar
      Session is not invalidating after password change (Bug #1363873) · f103c650
      Robert Lyon authored
      - Create an account, say User A and logout as admin.
      - In one browser login (this will be the hacker user)
      - In another browser reset pass via forgotten pass link
      What should happen:
      User in browser two should be able to reset pass then navigate about
      as when normally logged in. User in browser one should be forced to
      login again as their user sessionid is not valid anymore.
      Before patch:
      malicious user still has access until $USER->logout_time time expires
      After patch:
      malicious user foreced to re-login straight away on next page load
      Change-Id: I42ad907e5ffa7c128742a159116cf20dc6cd9b8a
      Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>