These changes are already included in Redmine 5.0.3. We recommend you use version 5.0.3 and above. Also, if you have a problem with an error, add class XXX (example 'Date') to the exceptions, then please write us so that we can make full corrections.
This fix is related to the new Hash serialization. The error itself looks like this:
Completed 500 Internal Server Error in 129ms (ActiveRecord: 22.2ms) Psych::DisallowedClass (Tried to load unspecified class: ActionController::Parameters):
And it is related to:
For the plugin to work correctly, you need to make changes in the following file of the Redmine itself. Please open config/application.rb. Go to line 35. Add into:
config.active_record.yaml_column_permitted_classes
the following line
ActionController::Parameters
Don't forget to add a comma above. It looks like this:
config.active_record.yaml_column_permitted_classes = [
Symbol,
ActiveSupport::HashWithIndifferentAccess,
ActionController::Parameters
]
Save change. Restart your Redmine.
Also, depending on your specific Redmine version, please check if that the value yaml_column_permitted_classes is declared again further down in the config file, so it is declared twice in this way. In such situation, you have to disable the second yaml_column_permitted_classes and now the plugin will start working as expected.
config.active_record.yaml_column_permitted_classes = [
Date,
Time,
Symbol,
ActiveSupport::HashWithIndifferentAccess,
ActionController::Parameters
]
config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob"
# Allow ActiveSupport::HashWithIndifferentAccess because it was
# disallowed with Rails 6.1.6.4 security update. Whilst they have
# re-added support for Symbol but not for other things, so allowing
# here explicitly.
config.active_record.yaml_column_permitted_classes = [Symbol,
ActiveSupport::HashWithIndifferentAccess]