[packaging] don't compress txt files (closes #2558496)

[wf/test] fix tests broken by changes from another patch which have slipped there

[merge] backport stable

[web/test] fix stale reference to the changelog view (closes #2423532)

Added tag cubicweb-debian-version-3.15.8-1 for changeset 4ef457479337

Added tag cubicweb-version-3.15.8 for changeset 459d0c48dfaf

[test] fix possible views test (closes #2544358)

prepare 3.15.8

[ldapfeed] if a deactivated user becomes available again in its source, reactivate it (closes #2542776) * cwusers that see their ldap source counterpart disappear are deactivated * until now they were not activated again on reappearance * note this behaviour in the doc

[ldaputils,ldapparser] correctly compute "deleted" users (closes #2542083) * in ldaputils.py, removal of an unneeded method (checking existence of an object in the ldap, but not using the configuration filters) * in the ldapparser, memoize the (filtered) search so as to serve both .process and .is_deleted * add a non regression test for the 'user-filter' source config entry + deletion

[dataimport] new ignore_errors argument to ucsvreader, default to False. Closes #2547200

[ldapsource] keep python 2.5 compatibility (closes #2541602)

[ldapuser2ldapfeed] .values -> .iteritems (closes #2542872)

[ldap tests] cleanup in preparation of #2542083

[ldapparser] demote warning level (actually important user info can leak there) (prepares #2542083)

Remove changelog view (closes #2423532)

[dataimport] Allow to replace escape char in the create_copyfrom_buffer

[doc] fix function name FTIRANK

[json] enable jsonexport selection on empty rsets (closes #2544358)

[test] fix req default value handling in CubicWebTC.view (closes #2544376) It's no more than the standard ``if rset`` vs. ``if rset is None`` error.

[ajax] fix attribute lookup (closes #2491038)

[server] add debugging for Hooks & Operations (closes #2470048)

[dataimport] Add SQL Store for faster import - works ONLY with Postgres for now, as it requires "copy from" command - closes #2410822 This store will use: - copy from for massive insertions. - execute from for update. The API of this store is similar to the other stores.

[test] swap order in assert of `test_users_and_groups_non_readable_by_guests` unittest2 order is (expected, got), not the opposite. This help test report readbility.

[test] fix server/querier/build_descr1 test. There is no self.transaction of TestCase. I assumed the test writer meant a session. This seems to make the test pass.

[server] make `test_bfss_fs_importing_transparency` less verbose on failure Dumping the whole content of a file on failure is a bit annoying. We only print the bad version here (it's usually the file path).

[entity] drop redundant cache update This ``cw_attr_cache`` update is redundant, ``_cw_update_attr_cache`` already do this step.

[cw-ctl] silence msgcat and msgfmt (closes #2527594)

Added tag cubicweb-debian-version-3.15.7-1 for changeset c5400558f370

Added tag cubicweb-version-3.15.7 for changeset d8916cee7b70

prepare 3.15.7

[migration] fix crash when adding a new meta relation type. Closes #2532483

[ldapfeed] fix connection leak (closes #2532528)

[zmq] add an introductive docstring on ZMQComm

[server config] on quick start, system source is still activated. Closes #2535714

[web] use `inline` `Content-Disposition` by default (closes #2535734) since known time we have been serving static file with a `filename` parameter on the `Content-Disposition` header. But since d74addac92bb we explicitly serve file as attachment if a filename is provided. However this is valid to have `inline` disposition and `filename` parameter. This changeset revert this part of d74addac92bb, going back to `inlined` by default. `IDownloadable` code explicitly request `attachment` content to preserve expected behavior.

[web] allow configuration of the Content-disposition value The `set_content_type` function now takes and optional `disposition` parameter to control the value of this HTTP header. Use of `Content-disposition: inline` with a filename parameter are valid, so the presence of filename does not allows to choose between `attachment` and `inline`

[downloadable] fix filename HTTP header for simple name with space (closes #2535715) Since d74addac92bb, we export simple ascii filename without any encoding in the `filename` parameter of the `Content-Disposition` header. If this name contains space this will fails, the parameter value will be truncated at the space position. (eg. `filename=jungle babar.txt` read as `jungle`) We need to quote the filename to prevent this (eg. `filename="jungle babar.txt"`). Then literal quote and backslash needs to be escaped too. The new escaping is correct according this extensive test case data base: http://greenbytes.de/tech/tc2231/

merge fixes from stable

Added tag cubicweb-debian-version-3.15.6-1 for changeset b05e156b8fe7

Added tag cubicweb-version-3.15.6 for changeset 0163bd9f4880

prepare 3.15.6

[web] add a digital signature to error form (closes #2522526) Simple (and quite weak) implementation of a digital signature of the content to be submited by email in the error report view generated by ErrorView. The signature is a simple hmac hash computed using a secret key (generated at repository startup) and the "secret" form content to be included in the notification email. The controller can then check this content has not been modified or forged by a malicious user.

[web/views] bugfix: the mime type is text/plain, not text/txt (closes #2526345)

[doc] fix of personnal etc directory in book

[web] add a Forbidden exception This is similar to the Unauthorized exception, but generates a 403 error instead of a 401 (Unauthorized)

[web] add a ``anonymize-jsonp-queries`` option in file configuration (closes #2465388) This option controls connection anonymizing before executing any query for CSRF / safety reason.

[downloadable] fix filename in HTTP header (closes #2522325, #2522324) Before this changeset we use the `filename` header with utf8 encoded filename all the time. However RFC6266 says: The parameters "filename" and "filename*" differ only in that "filename*" uses the encoding defined in [RFC5987], allowing the use of characters not present in the ISO-8859-1 character set ([ISO-8859-1]). Therefore, we alter the code to: 1. Use `filename` and `ascii` encoding whenever possible, 2. use `filename*` with `utf8` encoding otherwise (with a filename fallback for old browser) We also switch the `content-disposition` value to attachement if filename is specified, this will result as a mandatory download according to RFC6266. This mandatory download is the expected behavior. We changes the filename encoding to RFC5987 which is simpler, supported by all and modern browser (including IE from version 6) and does not suffer from the continuation issue. (see ticket #2522324 for details)