review.fuel-infra Code Review - openstack-build/horizon-build.git/log

]> review.fuel-infra Code Review - openstack-build/horizon-build.git/log

Code Review / openstack-build / horizon-build.git / log

Thomas Goirand [Thu, 15 Nov 2012 08:50:33 +0000 (08:50 +0000)]

CVE-2012-5474: The file /etc/openstack-dashboard/local_settings is not world readable anymore (Closes: #693287)

Rewritten-From: e0a54a8ff5a8674ba634d6268f04903e5ed55eb3

commit | commitdiff | tree

Loic Dachary [Fri, 21 Sep 2012 13:20:55 +0000 (15:20 +0200)]

Description: Fixes a Keyerror when displaying Instances & Volumes
.
bug 1053488 prevents the display of the Instances & Volumes page for
every account with administrative permissions, once a volume has been
created and attached to an instance. While there are workarounds (
such as using an unprivileged account to display the same page ), it
affects almost all admin users deploying the current release of
horizon in Essex.
.
The source of the problem is that the relevant portion of code loops
over all existing volumes while it only has access to the instances
that are owned by the current tenant. As a consequence, it fails to
find the instance to which a volume is attached when it does not
belong to the current tenant.
.
A possible fix would be to change the behaviour of the volume list
API so that it only returns the volumes of the current tenant even
when the user has administrative rights. However, this would be a
user visible change that may have side effects beyond the current
bug.
.
The proposed patch catches the lookup error when the instance is not
found for a given volume and creates a fake instance object which
will only be used to display the name "UNKNOWN".
.
The associated test re-creates the conditions and derives from
the class that will give administrative permissions to the test
user. However, since the data is created from fixed data instead of
being actually retrieved from the API, this derivation is only
included to illustrate the purpose of the test.

Rewritten-From: 0ff59d489a66b6dc665cc25fb3a0beb7917e0cf4

commit | commitdiff | tree

Loic Dachary [Tue, 4 Sep 2012 11:58:53 +0000 (13:58 +0200)]

Add the /static/horizon alias to the apache host definition. Without
it the javascript files cannot be found and most of the dashboard
functions are not working.

Rewritten-From: f7c609305db9aba85cdb9a260547df0bb6fdc8de

commit | commitdiff | tree

Thomas Goirand [Tue, 28 Aug 2012 03:15:06 +0000 (03:15 +0000)]

CVE-2012-3540: added patch: Disallow login redirects to anywhere other than the same origin (Closes: #686050)

Rewritten-From: 4a7ac06cd28ad3d9f92e2d987d0a1846a4de0743

commit | commitdiff | tree

Thomas Goirand [Sun, 8 Jul 2012 18:05:49 +0000 (18:05 +0000)]

Edited debian/changelog

Rewritten-From: 9e65c82967cb69f1121ddaaae10baab994c4a9a4

commit | commitdiff | tree

Loic Dachary [Sat, 7 Jul 2012 20:40:24 +0000 (22:40 +0200)]

Add compression = xz to debian/gbp.conf

Rewritten-From: 27ee46d86ed4bb1f740b438569cd2d7b335b3064

commit | commitdiff | tree

Thomas Goirand [Sat, 7 Jul 2012 18:42:15 +0000 (18:42 +0000)]

Fixes debian/copyright URLs.

Rewritten-From: 1d069226ae8718fe87409da1fc0a123c936e5afc

commit | commitdiff | tree

Thomas Goirand [Sat, 7 Jul 2012 18:36:08 +0000 (18:36 +0000)]

Fixed depends field.

Rewritten-From: a564ea5d187fbbbb3582616c46facb527997a5f7

commit | commitdiff | tree

Thomas Goirand [Sat, 7 Jul 2012 18:29:01 +0000 (18:29 +0000)]

Added a get-vcs-source target in debian/rules

Rewritten-From: 74319a7c8a350c1c9255dab7395f1721deb1aa7c

commit | commitdiff | tree

Thomas Goirand [Fri, 6 Jul 2012 18:13:11 +0000 (18:13 +0000)]

Fixed missing license in debian/copyright

Rewritten-From: 2791621450baabe75ea0b54f5a9daf995c86cf08

commit | commitdiff | tree

Thomas Goirand [Fri, 6 Jul 2012 18:05:09 +0000 (18:05 +0000)]

Added missing (build-)dependencies

Rewritten-From: c72b6bad0008f3c9a4f2a85c5afa210a68b5b0b3

commit | commitdiff | tree

Loic Dachary [Fri, 29 Jun 2012 15:26:57 +0000 (17:26 +0200)]

Add Loic Dachary to uploaders

Rewritten-From: fc79a2aabf2a2aad9140d4b36ce1d9f407d1c499

commit | commitdiff | tree

Loic Dachary [Fri, 29 Jun 2012 15:25:00 +0000 (17:25 +0200)]

undo unannounced push that was commited after work start was advertised on #debian-openstack

Rewritten-From: b01d2cdd4ef28cf92e2e8b3455d330b45e3a5514

commit | commitdiff | tree

Julien Danjou [Fri, 29 Jun 2012 08:42:44 +0000 (10:42 +0200)]

Don't listen on a new port by default

Rewritten-From: 32c6ca71f9c88d59377763d809fe536cb40930c8

commit | commitdiff | tree

Julien Danjou [Fri, 29 Jun 2012 08:39:16 +0000 (10:39 +0200)]

Add /static alias (Closes: #679440)

Rewritten-From: 0d048797b9ad99575c373221829ca5dfc682c02b

commit | commitdiff | tree

Julien Danjou [Fri, 29 Jun 2012 08:39:13 +0000 (10:39 +0200)]

Remove useless empty file

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: fa982d4bb9eb555b6d9d041e1ff004264c165f3d

commit | commitdiff | tree

Julien Danjou [Mon, 25 Jun 2012 11:12:48 +0000 (13:12 +0200)]

Set correct release date

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 02b9e3cd02ee4756d48313532b25815d87a9dd60

commit | commitdiff | tree

Julien Danjou [Mon, 25 Jun 2012 11:12:48 +0000 (13:12 +0200)]

Release

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: e752a028799eefcf058c7fb881d9f1d8479b4978

commit | commitdiff | tree

Julien Danjou [Mon, 25 Jun 2012 11:05:06 +0000 (13:05 +0200)]

Fix clean target

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: bd19b97d7adfc4fd4ced86298d85c8f346fe5d6a

commit | commitdiff | tree

Mehdi Abaakouk [Fri, 22 Jun 2012 09:56:16 +0000 (11:56 +0200)]

Say that is a new upstream release

Rewritten-From: f60d778e6bebc82cd631247a19927e4bed3966b4

commit | commitdiff | tree

Mehdi Abaakouk [Fri, 22 Jun 2012 09:47:23 +0000 (11:47 +0200)]

Add Mehdi Abaakouk as Uploader

Rewritten-From: 45ff1383d6a572ec1a7c9e546de506e4312f767e

commit | commitdiff | tree

Mehdi Abaakouk [Fri, 22 Jun 2012 09:45:36 +0000 (11:45 +0200)]

Clean horizon user home directory on purge. Closes: #668760

Rewritten-From: 6dfac1e841e93716cf02eedc5a0a7c0a49ac8e4c

commit | commitdiff | tree

Mehdi Abaakouk [Fri, 22 Jun 2012 07:36:57 +0000 (09:36 +0200)]

Add gbp configuration file

Rewritten-From: 85dc72e499f5530a803a8b7c7374a4f6f72358e5

commit | commitdiff | tree

Mehdi Abaakouk [Fri, 22 Jun 2012 07:34:04 +0000 (09:34 +0200)]

Remove patches fixed upstream: CVE_2012-2094, CVE_2012-2144

Rewritten-From: be4c9ee0e7fa4740ee48ed3ca8249aeabb1ae1a1

commit | commitdiff | tree

Julien Danjou [Thu, 21 Jun 2012 09:30:53 +0000 (11:30 +0200)]

Remove useless dependency on openstackx

Rewritten-From: 1b3cab6f10b1ffa05498775c1309578ba7dccd5e

commit | commitdiff | tree

Ghe Rivero [Sat, 5 May 2012 10:03:24 +0000 (12:03 +0200)]

Fixed CVE_2012-2144. Closes: #671604

Rewritten-From: aad1f7ced2f6b5a40754f0d95a0d166e9e44403d

commit | commitdiff | tree

Ghe Rivero [Tue, 17 Apr 2012 17:39:27 +0000 (19:39 +0200)]

fix CVE_2012-2094

Rewritten-From: 4d2bcc69a337c0089b09c642afaf384c150b63d2

commit | commitdiff | tree

Julien Danjou [Mon, 16 Apr 2012 14:14:58 +0000 (16:14 +0200)]

Typo

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 10efb8cf91d09856fba9a5173d4d0f4b2cf6552e

commit | commitdiff | tree

Julien Danjou [Mon, 16 Apr 2012 14:12:29 +0000 (16:12 +0200)]

Make openstack-dashboard depends on the same version of python-django-horizon

Rewritten-From: 8d63702b602a9a7c9f56b737f16d05871932e272

commit | commitdiff | tree

Ghe Rivero [Mon, 9 Apr 2012 07:30:43 +0000 (09:30 +0200)]

New upstream release

Rewritten-From: 288cf0871bc70bd6e6efaacc431564e72209769e

commit | commitdiff | tree

Ghe Rivero [Wed, 4 Apr 2012 08:46:40 +0000 (10:46 +0200)]

New upstream release

Rewritten-From: 3fc07ce9926303ba7479b8f8b8e70b1a9616ff0c

commit | commitdiff | tree

Ghe Rivero [Fri, 23 Mar 2012 12:17:51 +0000 (13:17 +0100)]

Initial nginx support

Rewritten-From: e22eefaa0d37c92ead4b82343a4aecd3341981c2

commit | commitdiff | tree

Ghe Rivero [Tue, 20 Mar 2012 17:30:14 +0000 (18:30 +0100)]

New upstream release

Rewritten-From: 6aac0c9d8815910f650a284e85ca54b3b7c7db44

commit | commitdiff | tree

Ghe Rivero [Thu, 15 Mar 2012 15:59:11 +0000 (16:59 +0100)]

openstack-dashboard-apache depends on openstack-dashboard

Rewritten-From: e64a981fcf80a552c5464da335e840666f1ef675

commit | commitdiff | tree

Ghe Rivero [Fri, 9 Mar 2012 07:09:33 +0000 (08:09 +0100)]

Added python-iso8601 to depends. Closes: #663168

Rewritten-From: 44de87349388185535a193a744802f6e7c3c5551

commit | commitdiff | tree

Ghe Rivero [Tue, 6 Mar 2012 07:16:17 +0000 (08:16 +0100)]

Create horizon user/group and use it on apache wsgi

Rewritten-From: 1088d76799644ec67892bbb4bb2c00528da617e5

commit | commitdiff | tree

Ghe Rivero [Mon, 5 Mar 2012 09:16:33 +0000 (10:16 +0100)]

Removed pkg_data patch. Included upstream

Rewritten-From: 31d570922eefc73d8f9bcc5237ca4b40b2aa5ee9

commit | commitdiff | tree

Ghe Rivero [Fri, 2 Mar 2012 07:43:36 +0000 (08:43 +0100)]

New upstream release

Rewritten-From: aeed1c559ab49856d0c9683a0a499aff03aa6fcd

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 16:58:56 +0000 (17:58 +0100)]

moved apache config to virtualhost:8080

Rewritten-From: 9c8ff5d721d297b91892ffe7c7ea093dd105bf79

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 16:03:07 +0000 (17:03 +0100)]

Put apache conf inside a virtualhost

Rewritten-From: 379cd80311a92d39422748c37dce14b094a43c7e

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 12:19:21 +0000 (13:19 +0100)]

Added files to git

Rewritten-From: e84b6616ad7a3e43fc24aeb1aa5724d997b32b1a

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 12:15:59 +0000 (13:15 +0100)]

Fix apache conf file name

Rewritten-From: a9b081163eef8afae8ce735992633eea98e706ab

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 12:13:26 +0000 (13:13 +0100)]

Initial apache2 support

Rewritten-From: 9197834f2dd05590b747ec12b1f6c9d036d956bb

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 11:48:52 +0000 (12:48 +0100)]

Some final tweaking for pkg_data patch

Rewritten-From: c3ee0c1a0aea4cea6414e5e8de7d1fed43e62abc

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 11:35:58 +0000 (12:35 +0100)]

Revert django-packages changes. Not ready yet

Rewritten-From: 8035a4357d383749b4b9a7986abf43219d372052

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 11:32:02 +0000 (12:32 +0100)]

Added csv, template and mo files

Rewritten-From: 6ff9f1e63a5ca3dff7c143a7b907a647813eed83

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 11:24:03 +0000 (12:24 +0100)]

Added .js to pkg_data patch

Rewritten-From: a945f679cc4f7df7a20c5f8acd7600a128d51d31

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 11:11:15 +0000 (12:11 +0100)]

Fixed pkg_data

Rewritten-From: 7f79464cd2d29f592c62d46e87f861ae44677509

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 11:03:58 +0000 (12:03 +0100)]

Added MANIFEST.in file to pkg_data patch

Rewritten-From: 8a09b1721ccb4535b2ee5b118c25738a491c29ee

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 10:50:30 +0000 (11:50 +0100)]

Included pkg_data patch

Rewritten-From: ea59dd1a7d642aac5820ce637ac85bc370369dff

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 10:47:51 +0000 (11:47 +0100)]

Merge branch 'debian/experimental' of git+ssh://git.debian.org/git/openstack/horizon into debian/experimental

Rewritten-From: 59335b11208ae82f86c83a19e3c0d6405f5ddacb

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 10:36:49 +0000 (11:36 +0100)]

Updated apache conf to new directories

Rewritten-From: 42ed11e479e8516408c098bcb049cec70221a5d9

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 10:36:49 +0000 (11:36 +0100)]

Updated apache conf to new directories

Rewritten-From: 33ac25ca9bbbb983b514e790d66d508bbd9b3a04

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 10:31:03 +0000 (11:31 +0100)]

create apache2 dir

Rewritten-From: 3ecafb353bf0dc443d2f6c466d49a1f2ff9d2931

commit | commitdiff | tree

Ghe Rivero [Thu, 1 Mar 2012 10:28:12 +0000 (11:28 +0100)]

Initial apache2 support

Rewritten-From: c74412c5cd0b4b4e0dc9dc5db93f3b6232b2b06d

commit | commitdiff | tree

Ghe Rivero [Wed, 29 Feb 2012 17:52:32 +0000 (18:52 +0100)]

Added symlink to config files

Rewritten-From: e70e78bc947e2f64580c7b6c50909b54b9fc5702

commit | commitdiff | tree

Ghe Rivero [Wed, 29 Feb 2012 17:32:46 +0000 (18:32 +0100)]

Added local_settings.py file

Rewritten-From: f30dff40ff6524455dfdab4f99a2975a539b28b8

commit | commitdiff | tree

Ghe Rivero [Wed, 29 Feb 2012 12:49:07 +0000 (13:49 +0100)]

openstack-dashboards jquery no longer needed

Rewritten-From: 6109bda16e8b99dba4fc84538a7d145400c98ee7

commit | commitdiff | tree

Ghe Rivero [Wed, 29 Feb 2012 12:40:35 +0000 (13:40 +0100)]

fixed openstack-dashboard locations

Rewritten-From: edb3e5611a442d59ff1cb1b2d6a67e373dd1e49e

commit | commitdiff | tree

Ghe Rivero [Wed, 29 Feb 2012 11:34:31 +0000 (12:34 +0100)]

Copy new settings

Rewritten-From: 9635a6dab66367b62204ab715977da0d896d9a96

commit | commitdiff | tree

Ghe Rivero [Wed, 29 Feb 2012 09:03:52 +0000 (10:03 +0100)]

fix rules file. No more separate setup.py files

Rewritten-From: 092861292f6bbb55bf21a07e3027ddb0acf6bb04

commit | commitdiff | tree

Ghe Rivero [Mon, 13 Feb 2012 18:47:13 +0000 (19:47 +0100)]

Replaced quantum-client to python-quantunclient in Depends

Rewritten-From: a581faf178883a5a245cf39893719418822e447a

commit | commitdiff | tree

Ghe Rivero [Sun, 29 Jan 2012 09:26:06 +0000 (10:26 +0100)]

Added manage.py to openstack-dashboard pkg

Rewritten-From: dc8350404f4695278ab7100bdea9b9f5354128e3

commit | commitdiff | tree

Ghe Rivero [Sun, 29 Jan 2012 09:22:42 +0000 (10:22 +0100)]

Fixed typo in lib-jquery

Rewritten-From: a857bb7abb940176db2975890f2dfd7f03280870

commit | commitdiff | tree

Ghe Rivero [Thu, 26 Jan 2012 13:37:54 +0000 (14:37 +0100)]

New upstream release

Rewritten-From: 1c7ef12c7aa362803d4617ba049e47fed2866015

commit | commitdiff | tree

Ghe Rivero [Thu, 29 Dec 2011 08:12:01 +0000 (09:12 +0100)]

Merge branch 'debian/unstable' of git+ssh://git.debian.org/git/openstack/horizon into debian/unstable

Rewritten-From: 54b63c99f5597e6a4e4e27b949c74af8cac1dc6f

commit | commitdiff | tree

Ghe Rivero [Thu, 29 Dec 2011 08:11:48 +0000 (09:11 +0100)]

Removes embedded jquery.js from openstack-dashboard

Rewritten-From: 4e71ec1300da0fa7ba5619fb2699eb97722c2c83

commit | commitdiff | tree

Julien Danjou [Mon, 19 Dec 2011 08:44:00 +0000 (09:44 +0100)]

Rebuild to not depends on python-openstack-compute

Rewritten-From: 28711415f2935e35ab808dcf31e1b74c0cea1a03

commit | commitdiff | tree

Julien Danjou [Fri, 16 Dec 2011 09:16:29 +0000 (10:16 +0100)]

New upstream release

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 9fee07e1fa290f0bb66382f9bc8c0dca33e22c13

commit | commitdiff | tree

Julien Danjou [Wed, 30 Nov 2011 13:42:53 +0000 (14:42 +0100)]

Add forwarding URL to fix_django.wsgi_sys.path patch

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 370e49590541e4d71fb3bed31b2dc00d59f6e80a

commit | commitdiff | tree

Julien Danjou [Wed, 30 Nov 2011 13:38:23 +0000 (14:38 +0100)]

Fix templates installation

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 51ef67edf9ca4cfff5d7b7fd24904b2838a3ff9b

commit | commitdiff | tree

Julien Danjou [Wed, 30 Nov 2011 13:38:09 +0000 (14:38 +0100)]

Add missing dependency on python-dateutil

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 024c375355c0ccee4e0535e019bcf9cfcdf55cd4

commit | commitdiff | tree

Julien Danjou [Wed, 30 Nov 2011 11:21:19 +0000 (12:21 +0100)]

Set remove_django_mailer patch URL

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 4dbea62f8f8ff82a76b4d38b8dc44ff376067b15

commit | commitdiff | tree

Julien Danjou [Wed, 30 Nov 2011 11:18:32 +0000 (12:18 +0100)]

Add missing dependency on mox

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 418d4c67a50f06af31ebe5e1e7fe6d2b2b3f482e

commit | commitdiff | tree

Julien Danjou [Wed, 30 Nov 2011 11:13:50 +0000 (12:13 +0100)]

Add a patch to remove django mailer dependency

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 53a045fe50fb0c4b288daffad617f2aa1c98aec9

commit | commitdiff | tree

Julien Danjou [Wed, 30 Nov 2011 11:08:07 +0000 (12:08 +0100)]

Fix dependencies

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 3c1816cf29861011d01f6dbc88dd183f210674cd

commit | commitdiff | tree

Julien Danjou [Tue, 29 Nov 2011 14:58:20 +0000 (15:58 +0100)]

Fix build-dependencies

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 8d4846d4a6cde9e1a8cd61babddf01ba04800ad1

commit | commitdiff | tree

Julien Danjou [Mon, 28 Nov 2011 15:51:25 +0000 (16:51 +0100)]

Add missing dependency on python-cloudfiles

Rewritten-From: ca2616f14834d66a90d34f57378b2ab8d1df1e06

commit | commitdiff | tree

Julien Danjou [Mon, 28 Nov 2011 15:18:47 +0000 (16:18 +0100)]

Add missing dependencies

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: a2a0910e019affa600bdc396abd22f7a64cfabc4

commit | commitdiff | tree

Julien Danjou [Mon, 28 Nov 2011 14:16:14 +0000 (15:16 +0100)]

Store settings.py in /etc

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 86b4d9b2893646f57d2b4b1d20202eb40125fb5e

commit | commitdiff | tree

Julien Danjou [Mon, 28 Nov 2011 14:16:14 +0000 (15:16 +0100)]

Store settings.py in /etc

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 085680d939a966d339433795ac4eed0416d5dfa9

commit | commitdiff | tree

Julien Danjou [Fri, 25 Nov 2011 14:52:57 +0000 (15:52 +0100)]

Import Debian packaging

Signed-off-by: Julien Danjou <julien@danjou.info>
Rewritten-From: 63c37af215fe1ff5ca477394d0a1fb9a507bbb0c

RSS Atom