fixes #5436 - provisioning templates are world accessible

(cherry picked from commit aa0ebe8eef311875695135c1714cb09225e8cd13)

fixes #4457 - Session fixation, new session IDs are not generated on login (CVE-2014-0090)

(cherry picked from commit cfa4b52638173b9cf77ee1a5fd0c3a273f875209)

Conflicts:
test/functional/users_controller_test.rb

fixes #4456 - XSS on 500 error page and bookmark name causing render error (CVE-2014-0089)

(cherry picked from commit 69e46d6d6eb230f3aa4236838999284dfffccb6e)

Fixes #4680 - Don't append periods to unqualified unmanaged hosts

(cherry picked from commit 014c9ab5eb9bb9b8d655d48a8ccd540613390788)

Revert "Fixes #2270 - Detect all OpenStack IPs and test which allows SSH"

This reverts commit eb1bba78e89b21ac1e935c2cfd7dbf7c23e1c646.

In light of #4616 and #4710, further issues with this change were found which
means we need more time to solve it completely and ensure full cross-provider...

Revert "Fixes #4616 - Add a Fog mixin for looking up EC2 IP addresses"

This reverts commit 97c45d66a0066b6abbf486511aa4f93c67e52007.

fixes #4669 - HostMailer summary method refers to undefined variable

(cherry picked from commit 7966448c3cf6ae6194e6800e570668d3c65d2c25)

fixes #4314 - ignore default scope ordering on host search by puppet class

(cherry picked from commit a44dd0943b5ccc2c2e9a0ce264e4b2f38b5edd4d)

Conflicts:
app/models/concerns/hostext/search.rb

fixes #4626 - update Facter calls for 2.0 compatibility

(cherry picked from commit 312042b0ddd557fb42f67ba7424020b8dde72da2)

Conflicts:
app/models/setting/general.rb
app/models/setting/provisioning.rb

Fixes #4616 - Add a Fog mixin for looking up EC2 IP addresses

(cherry picked from commit 4963a970e3ee2a91835f4ab5a493179d96cdeedf)

fixes #3475 - make it possible to force the 401 status.

(cherry picked from commit 5eb2fa6ec0997b31b95d413c64c6bc3b2cfe552e)

fixes #4565 - puppet class free-text search is now significantly faster

(cherry picked from commit 0126385b4469accf2474ab3db0ef43f8d7b63558)

fixes #4194, #4459 - add main_app to root_path references for isolated engines

(cherry picked from commit 33b384f2b29363014608ac1b85061b5a8b4791d5)

fixes #4442 - returning nil plays nice with try_to_login.

(cherry picked from commit a416bb573dedf6c34592afec17fbbec96691a5e6)

fixes #4485 prevents undefined method when cloning a host

(cherry picked from commit cdbbf1c231c9148d2b6ed252d920a8676c176702)

fixes #4524 - The logged in user should be the default one in create new hosts

(cherry picked from commit 19579f872c1b4a512500f8e07f0b066180574e4e)

fixes #4245 - return HTTP body for oVirt SSL CA certificate

(cherry picked from commit 2e417b5824b4e5283586119052aed7b4953e468e)

i18n - extracting new, updating rails, pulling from tx

Fixes #2270 - Detect all OpenStack IPs and test which allows SSH

(cherry picked from commit 1b110b37dd4a332ee0682e33daaaa848da8bcad7)

fixes #4125 [Openstack] - host with auto assigned IPs can't be deleted

(cherry picked from commit fd3f24f8e05d8f4ab64bc61168fc4e0ead455025)

fixes #3567 Editing an oVirt compute resource can throw errors loading quotas while loading page

(cherry picked from commit 2e66b04a2c92bc40fea1bfdc7f0414435754f49b)

fixes #4268 - don't search for host with nil IP on hostname spoofing

(cherry picked from commit 1e0fd283180dc6bda30c880898cdea69cb579194)

Conflicts:
test/fixtures/hosts.yml

Fixes #4221: add :dependent => :destroy for compute profiles on compute resource

(cherry picked from commit 6e7682a967c9e3dc37d244146b22d7dc2cb7103e)

fixes #3845 - user login session ending clears chosen organization

(cherry picked from commit f639fdcfb04d2795396d66e64cfb58e300a63188)

fixes #3903 - fixed menu links when relative URLs are set

(cherry picked from commit 9b6e45e951a8287f2edab48ebd20f18680671abf)

fixes #3596 - validation error when user with hostgroup subscription creates a new hostgroup

(cherry picked from commit de7cb88710f028bc33ae9257d185abf0b73554d5)

fixes #4159 Thin provisioning for VMware disks in compute profiles can't be saved

(cherry picked from commit 2058a91d5effb143a66f5677d6882cba4a9258ae)

fixes #4307 New VMware VM creation does not respect NIC type selection

(cherry picked from commit 461e6b003bc00d6d62e20d8f1c5e5c860ebdaaba)

fixes #3496 vSphere: add support for selectable SCSI controller

(cherry picked from commit 41ee835f2c872d09cd09af2179ef3bc2327e6b02)

fixes #3980 - Compute profiles not rendering Openstack attributes correctly

(cherry picked from commit 88daf556e39ad9c0d3bdebbe9f88ce5ff49010f6)

fixes #3519 - taxonomies include authorization module

(cherry picked from commit 14fdd9046dd3b85979bf95b4d0019e00051e35c2)

fixes #4298 - ldap auth should accept parens in firstname or surname

(cherry picked from commit 3065cbc2df440c77e20abeed9fa525221fdcb12f)

fixes #4304 - corrected strange search for host_id parameter

(cherry picked from commit e72b0a7748d9eeec537bfe9b5da202432b243ba2)

fixes #2726 - smart class parameter override fails validation

(cherry picked from commit cfc2bb662f49d8216c2388ab35dd87af295474d0)

fixes #4234 - cannot edit host's puppet parameters

(cherry picked from commit 130f301a508ae31549145e5fa9b176f42dc20995)

fixes #4220 dashboard and report-show pages chart-frame is not in place.

(cherry picked from commit cbce647fa4d83b5ea4f5a5d35313914811a4e891)

refs #2314 - more choices in memory drop down

(cherry picked from commit f7d5a22e0fd28c3689273c03b652d91b6ed661ae)

refs #2816: Prevent diff viewer on report page from overflowing to be outside the parent modal

(cherry picked from commit 76ab06280f6ebe78b358763deff233c277ed2c61)

templates - sync from community-templates

(cherry picked from commit 6d755dd05f00a7f52b7bb3f791438b688ce54ba7)

i18n - extracting new, updating rails, pulling from tx

fixes #4173 - don't update CR attrs when none available, taken from GH-1184

(cherry picked from commit ec4ff916ebefa8fc0d4ac41548d02407e7cf8fac)

fixes #4120 - fix border-collapse:collapse tables in Firefox with disappearing lines

(cherry picked from commit f615c7cc90ba95508c4e15709c2ac321c777b556)

Fixes #4196 "Power ON this machine" disappeared for new VMWare hosts

(cherry picked from commit 39505a60be16d5af7f1c42e5ef175bec27607190)

fixes #4189 - Facts charts are not rendered

(cherry picked from commit ccb763a6fdfbd68330599932fdc705d8922be299)

fixes #4188 - api/v2/status incorrectly shows api_version: 1

(cherry picked from commit 36b32e9352b7a9c23dd012efeb83cbc1bf37abdc)

fixes #2866 - Changing a hostgroup name doesn't update associated Smart Variable matchers

(cherry picked from commit 709ad8d6f425e0817d3faef2cc629af1458cb1c9)

fixes #3960 - wrap APIv2 errors in an "error" node

(cherry picked from commit 0f7d219a4a65cd795eecd05117b08511d9025de2)

fixes #3697, #3701 - more comprehensive field validations

(cherry picked from commit 4bae5cedb8ab562b6c397234c5cb1cfd604fde74)

Fixes #4032 - Use object.id for comparisons

(cherry picked from commit 409ce13e71b5a23178e109b0fb240fc2e2c6ff94)

fixes #4152 - fix syntax error in _form.html.erb for hosts and hostgroups

(cherry picked from commit 378c65e5af8ff131ae1701c78934d6bbd0a055e9)

fixes #3955 - added param_true? and snippet_if_exist template methods

(cherry picked from commit 3701a8d1c6d698ea8c57321eed2f87c74bd57728)

fixes #3828 - set language locale for API messages and error responses

(cherry picked from commit 5a864bedb5d9bbbb68788169aa0f0396a312ac16)

fixes #3826: no more sql errors when trying to search for environments (also domains, operatingsystems, and models)

(cherry picked from commit 145db8634df9fbc3ffb51b80093809c5aecd0f6e)

fixes #3925 - create apipie param_groups for API v2 to DRY documentation

(cherry picked from commit 2be84f3d773e74b5cc37841284ec216996fd0b51)

fixes #3920 - prevent 500 ScopedSearch errors on the API, raise UI errors correctly

(cherry picked from commit f9bc5a8e5934aac9bd8d5488f84717d33e359501)

fixes #359 - hostname spoofing for unattended installation templates

(cherry picked from commit 5b70f0e0232bff3e580923f485bc0bd1816d9279)

fixes #3760 - API v2 define metadata @total for each controller

(cherry picked from commit 6f9438866488180e196ff18e1372cf0773afe7b9)

Conflicts:
foreman.spec

fixes #4023 - API v2 - compute resources partials should should attribute alias names and not database column names

(cherry picked from commit 8a0ffcfaa900079d628253ee7f9de2feec182914)

fixes #3998 - API v2 error on /api/compute_resources, missing gce.json.rabl

(cherry picked from commit 9926d4d3f87e439d2eaa36f5d54b07d71c57c3fe)

fixes #4132 - helper select_f missing option for :multiple => true to increase width

(cherry picked from commit 52667febe83f247b9a166c233a9bde1f62f72607)

fixes #3867 - Wrong Compute Resource type shown on overview

(cherry picked from commit 2ebd2f227aef16da62c7884065bb9b47a846c9a3)

fixes #3940 - extlogout page layout fixed

(cherry picked from commit b4b12197e4ffecfe97b14f3ecd5631b26ebd9489)

fixes #2231 - hostgroup deletion is restricted to hostgroups without children

(cherry picked from commit 8c68024ac619121312680ee8afc467857155e71d)

Fixes #4022: Make api puppetrun a PUT for REST standards

(cherry picked from commit bc11c17bcc66fbec3a71be920efa4de32d508ecb)

fixes #3515 - API handles not found objects with 404

(cherry picked from commit 46338cd73c542ecc3aa045b45e831434792c710e)

i18n - extracting new, updating rails, pulling from tx

templates - sync from community-templates

Fixes #4031 - change TFTP record on build flag change

Fixes #4024: Virtual machine state indicator is not correctly positioned for rackspace CR's

fixes #4019 Compute Resource -> New Image renders on Compute Profiles tab

Fixes #4020 - enable @static to work on all OS template types

Fixes #4014 - Correctly use to_label when showing OSs

fixes #3906 - Support for Junos ZTP

fixes #3099 - Adding parameters to locations and organizations

fixes #3937 - correct title wording Editing to Edit

Fixes #3927 - Allow VMs to provision via user-data

fixes #3984 - use __ instead of _ for i18n to avoid conflict with underscore.js

refs #3811 alerts messages cleanup and minor refactoring

Fixes wrong os family caused by 'becomes' refs #3962

fixes #3975 - add audit to classes Domain, Subnet, SmartProxy, Role, Usergroup, AuthSource, Image, Bookmark that were not audited

fixes #3709 - explicitly say puppet environments vs just 'environments'

i18n - extracting new, updating rails, pulling from tx

Fixes #3962 - Refactor class overwriting

fixes #3967 - reworded message for OpenStack form

fixes #3178 - add feature for compute profiles for hostgroups and hosts

fixes #3528 - Populate first name, last name, and email, if available.

fixes #3658 - support smart proxy's chef proxy feature

fixes #3261 - use the action the host is about to perform for power action notifications

fixes #3937 - correct title wording for Compute Resources and Smart Proxies

fixes #3942 - restoring multiple="true" in org edit form

fixes #1489 - add AIX family and facts importer support

refs #3935 - fixes hash style to support ruby 1.87

fixes #3935 new login page RCUE style

fixes #3896 Retrieve OVirt CA certificate via same URL scheme as API URL by disabling SSL verification

refs #3811 - additional bootstrap 3 updates/fixes

• css renamed alert-error is now alert-danger
• spinner progress indicators are back
• fixed progress bar on create host

fixes #3932 incorrect volume delete label

fixes #3853 - allow rabl template override to be specified

3853-taxonomy-rabl - changed style of override

fixes #2794 - set api_version and app_info in v1 and v2 base_controllers

fixes #3928 - API v2 - update os_default_templates for operating system

fixes #3858 No menus shown for non-admin users