2016-03-08 keep track of all traceback in error handling, not just the exception message (closes #11689093)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr> [Tue, 08 Mar 2016 16:12:01 +0100] rev 11608
keep track of all traceback in error handling, not just the exception message (closes #11689093)
2015-11-25 [bwcompat] also set response headers in error cases
Julien Cristau <julien.cristau@logilab.fr> [Wed, 25 Nov 2015 12:32:59 +0100] rev 11607
[bwcompat] also set response headers in error cases I had this sitting around in my local copy, I don't remember why I needed this but it seems correct.
2016-02-29 [config] move config of the secret used to encrypt session's data ID in pyramid.ini (closes #11689082)
David Douard <david.douard@logilab.fr> [Mon, 29 Feb 2016 16:16:33 +0100] rev 11606
[config] move config of the secret used to encrypt session's data ID in pyramid.ini (closes #11689082) Introduce a new config entry (in pyramid.ini) for this (cubicweb.session.secret) to replace the (now deprecated) pyramid-session-secret (in all-in-one.conf). So we have now 3 secrets to configure: - cubicweb.session.secret: to encrypt session's data ID stored in a cookie, - cubicweb.auth.authtkt.session.secret: to encrypt auth cookie - cubicweb.auth.authtkt.persistent.secret: to encrypt persistent session auth cookie
2016-03-07 Document how to configure the "secure" flag for authentication policies
Denis Laxalde <denis.laxalde@logilab.fr> [Mon, 07 Mar 2016 10:47:11 +0100] rev 11605
Document how to configure the "secure" flag for authentication policies Closes #11376233.
2016-01-21 [tox] Let posargs override py.test args
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 21 Jan 2016 15:20:55 +0100] rev 11604
[tox] Let posargs override py.test args
2015-12-11 [tox] Use py.test
Denis Laxalde <denis.laxalde@logilab.fr> [Fri, 11 Dec 2015 17:21:58 +0100] rev 11603
[tox] Use py.test Rename test view so that py.test does not consider it as a test function.
2015-11-25 Add a tox configuration
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 25 Nov 2015 13:39:53 +0100] rev 11602
Add a tox configuration
2015-09-16 Register predicates from the predicates module
Christophe de Vienne <cdevienne@gmail.com> [Wed, 16 Sep 2015 16:39:53 +0200] rev 11601
Register predicates from the predicates module
2015-07-24 [refactoring] Move MatchIsETypePredicate to a separate module
Rabah Meradi <rabah.meradi@logilab.fr> [Fri, 24 Jul 2015 13:39:18 +0200] rev 11600
[refactoring] Move MatchIsETypePredicate to a separate module
2015-07-24 [refactoring] Move EntityResource and ETypeResource to a separate module
Rabah Meradi <rabah.meradi@logilab.fr> [Fri, 24 Jul 2015 13:40:36 +0200] rev 11599
[refactoring] Move EntityResource and ETypeResource to a separate module
2015-06-15 use CubicWeb request to execute RQL
Rabah Meradi <rabah.meradi@logilab.fr> [Mon, 15 Jun 2015 09:31:37 +0200] rev 11598
use CubicWeb request to execute RQL rset should be retrieved with cw_request, as it's then bound to it and propagate to all entities created from this rset (._cw). From there it may reach code expecting a request, not a connection (view, selector, etc).
2015-08-27 [views] Rename entities to rest_api
Rabah Meradi <rabah.meradi@logilab.fr> [Thu, 27 Aug 2015 11:25:42 +0200] rev 11597
[views] Rename entities to rest_api
2015-06-09 [routes] Add a 'cwentities' route with traversal
Christophe de Vienne <christophe@unlish.com> [Tue, 09 Jun 2015 11:34:17 +0200] rev 11596
[routes] Add a 'cwentities' route with traversal The route uses a factory that produces ETypeResource and EntityResource as a context. A 'delete' view serve as a test and demonstration. The module being experimental, it has to be explicitely included.
2015-09-16 Added tag 0.5.0, debian/0.5.0-1 for changeset 61f69ac2d6bc
Christophe de Vienne <cdevienne@gmail.com> [Wed, 16 Sep 2015 15:48:37 +0200] rev 11595
Added tag 0.5.0, debian/0.5.0-1 for changeset 61f69ac2d6bc
2015-08-10 [pkg] 0.5.0
Christophe de Vienne <cdevienne@gmail.com> [Mon, 10 Aug 2015 17:42:47 +0200] rev 11594
[pkg] 0.5.0
2015-08-07 [auth] Authtkt http_only and secure by default
Christophe de Vienne <cdevienne@gmail.com> [Fri, 07 Aug 2015 11:59:07 +0200] rev 11593
[auth] Authtkt http_only and secure by default The test suite is now full 'https'. Closes #4731765
2015-08-07 [auth] Make the configuration cookies completely configurable
Christophe de Vienne <cdevienne@gmail.com> [Fri, 07 Aug 2015 11:52:08 +0200] rev 11592
[auth] Make the configuration cookies completely configurable Also transfert the secret setting from all-in-one.conf to pyramid.ini, with backward compatibility. Closes #5999625
2015-08-03 Added tag 0.4.1, debian/0.4.1-1 for changeset 398b2c840e14
Julien Cristau <julien.cristau@logilab.fr> [Mon, 03 Aug 2015 18:11:10 +0200] rev 11591
Added tag 0.4.1, debian/0.4.1-1 for changeset 398b2c840e14
2015-08-03 [pkg] 0.4.1
Christophe de Vienne <christophe@unlish.com> [Mon, 03 Aug 2015 16:27:16 +0200] rev 11590
[pkg] 0.4.1
2015-07-24 [core] Adjust cw<3.21 compatibility
Christophe de Vienne <christophe@unlish.com> [Fri, 24 Jul 2015 16:59:13 +0200] rev 11589
[core] Adjust cw<3.21 compatibility Most of cubibweb < 3.21 expects a ClientConnection as the main connection. Related to #5731814 Closes #5878592
2015-07-24 [bwcompat] Make the error handler optional
Christophe de Vienne <christophe@unlish.com> [Fri, 24 Jul 2015 14:21:13 +0200] rev 11588
[bwcompat] Make the error handler optional Closes #5739625
2015-07-06 [doc] Document embedding in a pyramid app
Christophe de Vienne <christophe@unlish.com> [Mon, 06 Jul 2015 14:51:06 +0200] rev 11587
[doc] Document embedding in a pyramid app
2015-07-06 [config] Move most config code to a includeme()
Christophe de Vienne <christophe@unlish.com> [Mon, 06 Jul 2015 14:16:55 +0200] rev 11586
[config] Move most config code to a includeme() The goal is to make it easier to use pyramid_cubicweb from a pyramid application.
2015-07-06 [doc] Anonymous access is not mandatory anymore
Christophe de Vienne <christophe@unlish.com> [Mon, 06 Jul 2015 13:17:07 +0200] rev 11585
[doc] Anonymous access is not mandatory anymore
2015-07-23 Added tag 0.4.0, debian/0.4.0-1 for changeset 897a149e8208
Julien Cristau <julien.cristau@logilab.fr> [Thu, 23 Jul 2015 17:56:59 +0200] rev 11584
Added tag 0.4.0, debian/0.4.0-1 for changeset 897a149e8208
2015-07-23 [pkg] add debian/watch
Julien Cristau <julien.cristau@logilab.fr> [Thu, 23 Jul 2015 17:56:32 +0200] rev 11583
[pkg] add debian/watch
2015-07-23 [pkg] 0.4.0
Julien Cristau <julien.cristau@logilab.fr> [Thu, 23 Jul 2015 17:48:39 +0200] rev 11582
[pkg] 0.4.0
2015-07-23 [pkg] add python-pyramid-multiauth dependency to debian package
Julien Cristau <julien.cristau@logilab.fr> [Thu, 23 Jul 2015 17:45:37 +0200] rev 11581
[pkg] add python-pyramid-multiauth dependency to debian package Closes #5576182
2015-06-25 [core] adjust cnx handling for cubicweb 3.21
Julien Cristau <julien.cristau@logilab.fr> [Thu, 25 Jun 2015 09:51:32 +0200] rev 11580
[core] adjust cnx handling for cubicweb 3.21 Closes #5731814
2015-06-30 set httponly on session cookie
Julien Cristau <julien.cristau@logilab.fr> [Tue, 30 Jun 2015 11:15:03 +0200] rev 11579
set httponly on session cookie
2015-06-30 [bwcompat] use cubicweb error views (closes #4545130)
Julien Cristau <julien.cristau@logilab.fr> [Tue, 30 Jun 2015 11:15:54 +0200] rev 11578
[bwcompat] use cubicweb error views (closes #4545130)
2015-06-18 Added tag 0.3.1, debian/0.3.1-1 for changeset 6df91cb85ecc
David Douard <david.douard@logilab.fr> [Thu, 18 Jun 2015 10:49:34 +0200] rev 11577
Added tag 0.3.1, debian/0.3.1-1 for changeset 6df91cb85ecc
2015-06-18 [pkg] 0.3.1
David Douard <david.douard@logilab.fr> [Thu, 18 Jun 2015 10:46:09 +0200] rev 11576
[pkg] 0.3.1
2015-04-29 Handle absence of anonymous user
Denis Laxalde <denis@laxalde.org> [Wed, 29 Apr 2015 22:46:17 +0200] rev 11575
Handle absence of anonymous user Set cw_session and then cw_cnx request attributes to None in case anonymous connection is not allowed (i.e. no "anon" user in config). Then catch AuthenticationError in CubicWebPyramidHandler and return the 'login' view. Closes #4751862.
2015-05-19 [debian] Add python-wsgicors dependency as it is now available
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 19 May 2015 08:38:08 +0200] rev 11574
[debian] Add python-wsgicors dependency as it is now available
2015-05-11 Update Changes for version 0.3.0
Christophe de Vienne <christophe@unlish.com> [Mon, 11 May 2015 17:06:36 +0200] rev 11573
Update Changes for version 0.3.0
2015-05-11 Added tag pyramid-cubicweb-version-0.3.0, pyramid-cubicweb-debian-version-0.3.0-1 for changeset a80e076d3f42
Christophe de Vienne <christophe@unlish.com> [Mon, 11 May 2015 15:45:14 +0200] rev 11572
Added tag pyramid-cubicweb-version-0.3.0, pyramid-cubicweb-debian-version-0.3.0-1 for changeset a80e076d3f42
2015-05-11 Fix debugtoolbar pkg name
Christophe de Vienne <christophe@unlish.com> [Mon, 11 May 2015 15:34:05 +0200] rev 11571
Fix debugtoolbar pkg name
2015-05-11 Set version 0.3.0
Christophe de Vienne <christophe@unlish.com> [Mon, 11 May 2015 15:22:24 +0200] rev 11570
Set version 0.3.0
2015-02-24 [doc] update changes list
Christophe de Vienne <christophe@unlish.com> [Tue, 24 Feb 2015 17:19:58 +0100] rev 11569
[doc] update changes list
2015-05-08 Rollback 'uncommitable' cnx
Christophe de Vienne <christophe@unlish.com> [Fri, 08 May 2015 11:38:07 +0200] rev 11568
Rollback 'uncommitable' cnx Closes #5343870
2015-04-29 [debug] The debug mode now set pyramid.reload_templates
Christophe de Vienne <christophe@unlish.com> [Wed, 29 Apr 2015 13:09:06 +0200] rev 11567
[debug] The debug mode now set pyramid.reload_templates
2015-04-25 Use pyramid flash queue for messages
Christophe de Vienne <christophe@unlish.com> [Sat, 25 Apr 2015 20:50:57 +0200] rev 11566
Use pyramid flash queue for messages Use a 'cubicweb' flash queue and make sure it contains only one message so that the behavior is the same as cubicweb. Also, the 'message' property now returns both the cubicweb flash queue and the default flash queue. One big difference with the former behaviour is that messages set with set_message will survive a redirection, making set_redirect_message useless in most case. Closes #5298654
2015-02-25 [doc] Document the new authentication stack
Christophe de Vienne <christophe@unlish.com> [Wed, 25 Feb 2015 22:40:39 +0100] rev 11565
[doc] Document the new authentication stack
2015-04-28 Allow tests to override pyramid_settings
Christophe de Vienne <christophe@unlish.com> [Tue, 28 Apr 2015 11:04:03 +0200] rev 11564
Allow tests to override pyramid_settings Closes #5307426
2015-04-29 Make debug mode usable without pyramid_debugtoolbar
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 29 Apr 2015 11:39:35 +0200] rev 11563
Make debug mode usable without pyramid_debugtoolbar Add the latter in Debian recommends along the way. Closes #5310434.
2015-02-25 [auth] Use a second authtkt policy for 'rememberme'
Christophe de Vienne <christophe@unlish.com> [Thu, 26 Feb 2015 00:56:32 +0100] rev 11562
[auth] Use a second authtkt policy for 'rememberme' The former solution was buggy because the expire time of the auth cookie, if set through 'remember', was lost on the first cookie reissuing. The new approach, make possible thanks to multiauth, use two different cookies. One for session bounded authentication (no 'rememberme'), and one for long lasting authentication (w 'rememberme'). The choice between the two of them is done by adding a 'persistent' argument to the top-level 'security.remember' call. Passing this argument will inhibate a policy or the other. The two policies are (a little) configurable through the 'cubicweb.auth.authtkt.[session|persistent].*' variables. Related to #4985962
2015-02-12 [auth] Use pyramid_multiauth
Christophe de Vienne <christophe@unlish.com> [Thu, 12 Feb 2015 19:21:39 +0100] rev 11561
[auth] Use pyramid_multiauth It makes it easier to finely tune what parts of the default authentication stack we want to use or not. It also makes it possible for any cube to add its own policy in addition to the others. Related to #4985962
2015-04-09 [auth] remove dead code (closes #5230746)
David Douard <david.douard@logilab.fr> [Thu, 09 Apr 2015 23:58:38 +0200] rev 11560
[auth] remove dead code (closes #5230746)
2015-02-23 [login] Test the login views
Christophe de Vienne <christophe@unlish.com> [Mon, 23 Feb 2015 17:17:43 +0100] rev 11559
[login] Test the login views
2015-02-24 Fix project homepage url
Christophe de Vienne <christophe@unlish.com> [Tue, 24 Feb 2015 17:19:37 +0100] rev 11558
Fix project homepage url
2015-01-21 Replace the '_' with '-' in the package name
Christophe de Vienne <christophe@unlish.com> [Wed, 21 Jan 2015 14:31:30 +0100] rev 11557
Replace the '_' with '-' in the package name The change was made manually on pypi (see https://sourceforge.net/p/pypi/support-requests/459/)
2015-02-10 On exceptions from CW, copy headers
Christophe de Vienne <christophe@unlish.com> [Tue, 10 Feb 2015 16:35:06 +0100] rev 11556
On exceptions from CW, copy headers Closes #4939219
2015-02-10 [doc] fix pyramid-auth-secret conf sample
Christophe de Vienne <christophe@unlish.com> [Tue, 10 Feb 2015 10:23:20 +0100] rev 11555
[doc] fix pyramid-auth-secret conf sample
2015-02-02 [doc] Update change list
Christophe de Vienne <christophe@unlish.com> [Mon, 02 Feb 2015 13:46:28 +0100] rev 11554
[doc] Update change list
2015-01-27 [core] Protect session data from unwanted loading.
Christophe de Vienne <christophe@unlish.com> [Wed, 28 Jan 2015 00:00:05 +0100] rev 11553
[core] Protect session data from unwanted loading. Use specialised Session and Connection types that forward their 'data' and 'session_data' attributes to the pyramid request.session attribute. This forwarding is done with properties, instead of copying a reference, which allow to access request.session (and the session factory) if and only if Session.data or Connection.session_data is accessed. In some cases, most notably the static resources requests, it can mean no access the session during the request handling, which saves a request to the session persistence layer. Closes #4891437
2015-01-26 [core] Use tools.cached_user_build for better performances
Christophe de Vienne <christophe@unlish.com> [Mon, 26 Jan 2015 18:06:58 +0100] rev 11552
[core] Use tools.cached_user_build for better performances Closes #4870347
2015-01-26 [doc] Document tools
Christophe de Vienne <christophe@unlish.com> [Mon, 26 Jan 2015 18:04:57 +0100] rev 11551
[doc] Document tools Related to #4870347
2015-01-26 [tools] Provide a faster build_user
Christophe de Vienne <christophe@unlish.com> [Mon, 26 Jan 2015 17:59:10 +0100] rev 11550
[tools] Provide a faster build_user The main trick is to use a cache of user entities. To do so, a few tools are needed since the entities are not supposed to be copied around between connexions. Related to #4870347
2015-01-23 Added tag pyramid_cubicweb-version-0.2.1, pyramid_cubicweb-debian-version-0.2.1-1 for changeset 1ae61c25299a
Christophe de Vienne <christophe@unlish.com> [Fri, 23 Jan 2015 14:00:02 +0100] rev 11549
Added tag pyramid_cubicweb-version-0.2.1, pyramid_cubicweb-debian-version-0.2.1-1 for changeset 1ae61c25299a
2015-01-23 Prepare version 0.2.1
Christophe de Vienne <christophe@unlish.com> [Fri, 23 Jan 2015 12:57:16 +0100] rev 11548
Prepare version 0.2.1
2015-01-21 [cors] Fix 'headers' and 'methods' parameters
Christophe de Vienne <christophe@unlish.com> [Wed, 21 Jan 2015 17:28:30 +0100] rev 11547
[cors] Fix 'headers' and 'methods' parameters Closes #4849874
2015-01-21 Fix the 0.2.0 release date
Christophe de Vienne <christophe@unlish.com> [Wed, 21 Jan 2015 15:14:11 +0100] rev 11546
Fix the 0.2.0 release date
2015-01-21 Change project url
Christophe de Vienne <christophe@unlish.com> [Wed, 21 Jan 2015 15:13:43 +0100] rev 11545
Change project url
(0) -10000 -3000 -1000 -300 -100 -64 +64 +100 +300 +1000 tip