Christophe de Vienne <christophe@unlish.com> [Mon, 15 Sep 2014 17:23:22 +0200] rev 9995
[wsgi] If multipart cannot parse the POST content, let it pass.
multipart can only parse html form data. It the content_type is, for example,
"application/json", get_posted_data should not fail but just stop trying to
read the content.
Closes #4421845
Rémi Cardona <remi.cardona@logilab.fr> [Mon, 01 Sep 2014 14:56:00 +0200] rev 9994
[devtools] Fix JS tests' HTML code
Rémi Cardona <remi.cardona@logilab.fr> [Mon, 01 Sep 2014 10:22:46 +0200] rev 9993
[devtools] "Keep" some temporary files/dirs around to help with debugging
The whole QUnitTestCase runs with an @with_tempdir so it's redundant
anyway.
Rémi Cardona <remi.cardona@logilab.fr> [Fri, 01 Aug 2014 19:28:44 +0200] rev 9992
[devtools] Fix Firefox launcher in QUnitTestCase (closes #4294727)
The main changes are:
- stop creating the profile, firefox will create it
- point firefox to a profile directory instead of giving it a profile name
(this has the added bonus of not polluting the user's profile list)
- start firefox once and kill it 5 seconds later to let it finish its profile
creation (along with system-wide extensions setup)
Rémi Cardona <remi.cardona@logilab.fr> [Thu, 25 Sep 2014 17:38:51 +0200] rev 9991
[devtools] allow cross-origin requests for qunit
We have a mix of file:// html and http:// ajax calls. Which we should
at some point fix to all be http, but. Related to #4294727.
Julien Cristau <julien.cristau@logilab.fr> [Thu, 25 Sep 2014 15:49:13 +0200] rev 9990
merge 3.19.4 in 3.20 branch
Christophe de Vienne <christophe@unlish.com> [Mon, 15 Sep 2014 17:24:18 +0200] rev 9989
[cors] Fix CORS headers generators
The Access-Control-Allow-* and Access-Control-Expose-Headers are response
headers, not request headers.
Hence, we need generators for them. Closes #4412575.
Christophe de Vienne <christophe@unlish.com> [Tue, 09 Sep 2014 22:14:20 +0200] rev 9988
[wsgi] Fix posted files filename reading
The filenames are parsed by multipart.parse_form_data, which does the unicode
decoding. Trying to re-decode the filename was leading to an error.
Christophe de Vienne <christophe@unlish.com> [Tue, 23 Sep 2014 11:18:56 +0200] rev 9987
[pkg] Depend on Pillow instead of PIL
The Pillow library is becoming the de-facto replacement for PIL.
It also is way simpler to install with pip than PIL.
Closes #4411354.
Julien Cristau <julien.cristau@logilab.fr> [Thu, 25 Sep 2014 14:42:00 +0200] rev 9986
Added tag cubicweb-version-3.19.4, cubicweb-debian-version-3.19.4-1, cubicweb-centos-version-3.19.4-1 for changeset c4e740e50fc7
Julien Cristau <julien.cristau@logilab.fr> [Thu, 25 Sep 2014 14:24:20 +0200] rev 9985
[pkg] 3.19.4
Julien Cristau <julien.cristau@logilab.fr> [Wed, 24 Sep 2014 18:04:30 +0200] rev 9984
merge 3.18.6 into 3.19
Julien Cristau <julien.cristau@logilab.fr> [Wed, 24 Sep 2014 17:35:59 +0200] rev 9983
Added tag cubicweb-version-3.18.6, cubicweb-debian-version-3.18.6-1, cubicweb-centos-version-3.18.6-1 for changeset d91501356742
Julien Cristau <julien.cristau@logilab.fr> [Wed, 24 Sep 2014 15:08:44 +0200] rev 9982
[pkg] 3.18.6
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 28 Jan 2014 15:27:59 +0100] rev 9981
[hooks/security] allow edition of attributes with permissive permissions
If an attribute has more permissive security rules than the entity
type itself, we should be green and not deny action because of an
early global entity permission check (with the more restrictive
rules).
Only if one attribute with the entity-level permission rules is edited
will the global check be performed.
Note:
* the "if action == 'delete'" check at the entry of
check_entity_attributes is a guard for a condition currently not
happening in cubicweb itself (but application hooks could
conceivably call this function with a 'delete' action)
Closes #3489895.
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 29 Jul 2014 14:40:29 +0200] rev 9980
Almost backout afcd46716d6a which breaks _select_best raising an ambiguity exception in debug mode.
The problem is, before afcd4, *tests* ran in debug mode and we want
this (e.g. we want to show, rather than swallow, select ambigüities).
We juste replace the bogus __init__(vreg.config) by __init__(True), which is
practically equivalent and also much more clear.
Julien Cristau <julien.cristau@logilab.fr> [Fri, 12 Sep 2014 09:49:01 +0200] rev 9979
[server] fix anonymous_user predicate in tests
devtools' TestServerConfiguration overrides the anonymous_user method,
but not the anonymous-user config option, so testing for the latter
would give the wrong result. Closes #3996664.
Rémi Cardona <remi.cardona@logilab.fr> [Mon, 28 Jul 2014 16:05:19 +0200] rev 9978
[entities] cw_rest_attr_info() should only consider required attributes (closes #3766717)
This prevents CW from choosing unique but non-required attributes. None/NULL is
a poor choice for RESTful URIs.
Damien Garaud <damien.garaud@logilab.fr> [Fri, 08 Aug 2014 13:05:07 +0200] rev 9977
[views] csvexport accept an empty rset (closes #4236928)
When you tried to apply the 'csvexport' view on an empty rset, the view
couldn't be selected and you got a HTTP 500 error.
Also add two new test cases.
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 11 Sep 2014 16:43:20 +0200] rev 9976
[views] Display attributes in entity creation form based on "add" permission
Previously, the "update" permission was used. Hence in case the latter is
more restrictive that the "add" permission, an user may not be able to set
such an attribute, despite she may have "add" permission on it.
As a result of the change of permissions action in `editable_attributes`
method (add/update depending on whether the entity is being created or
modified), the "eid" attribute would have shown up in the edition form. To
avoid this, it is moved in the "hidden" section (where it should arguably
belong anyways).
Closes #4342844.
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 18 Sep 2014 11:03:39 +0200] rev 9975
[datafeed] Commit after all deletions in datafeed parser
This avoids misleading validation error because schema constraints could be
temporarily broken depending on the deletion order.
Closes #4372127.
Julien Cristau <julien.cristau@logilab.fr> [Tue, 23 Sep 2014 17:34:36 +0200] rev 9974
[schema] CWComputedRType is a schema type
Hide it from the default views.
Julien Cristau <julien.cristau@logilab.fr> [Tue, 23 Sep 2014 14:19:11 +0200] rev 9973
[doc] proofreading CWEP002 section
Anthony Truchet <anthony.truchet@logilab.fr> [Mon, 10 Feb 2014 11:03:43 +0100] rev 9972
[CWEP002] document computed relations and attributes
Related to #3546717.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 28 Aug 2014 17:41:34 +0200] rev 9971
[CWEP002 migration] support sync_schema_props_perms for computed attribute
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 22 Jul 2014 11:00:21 +0200] rev 9970
[CWEP002 migration] support drop_relation_type/drop_relation_definition/drop_attribute for computed attributes
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 28 Aug 2014 18:31:18 +0200] rev 9969
[CWEP002 migration] support add_relation_type/add_attribute for computed attributes
Related to #3546717.
Lea Capgen <lea.capgen@logilab.fr> [Tue, 16 Sep 2014 15:28:35 +0200] rev 9968
[CWEP002] properly handle serialization of computed attributes
Until this cset, only serialization of computed attribute's formula was
handled (thanks to the relation definition's properties dict).
We now:
* properly serialize/deserialize attribute's formula
* test first if the database has been migrated and contains related
column or not
Related to #3546717
Sylvain Thénault [Tue, 16 Sep 2014 16:39:23 +0200] rev 9967
[CWEP002] Add support for computed attribute synchronization
Related to #3546717.
Test and handle the behaviour with several formulas and identified use cases. To
do so add a birth year and a computed attribute age to Person in the test
schema.
Laura Médioni <laura.medioni@logilab.fr> [Mon, 28 Apr 2014 14:11:23 +0200] rev 9966
[CWEP002] Add schema finalization checks for computed attributes
``finalize_computed_attributes`` essentially checks that computed attributes
types match with the type declaration of the attribute.
Related to #3546717.
Denis Laxalde <denis.laxalde@logilab.fr> [Mon, 16 Jun 2014 10:08:32 +0200] rev 9965
[CWEP002] Account for attribute formula in schema bootstrap
This isn't enough to have computed attribute support, it is only in order not to
crash when yams 0.40 is used.
Related to #3546717.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 28 Aug 2014 07:44:29 +0200] rev 9964
[CWEP002 migration] support sync_schema_props_perms for computed relations
Laura Médioni <laura.medioni@logilab.fr> [Thu, 28 Aug 2014 08:02:15 +0200] rev 9963
[CWEP002 migration] support add_relation_type for computed relations
Related to #3546717.
Laura Médioni <laura.medioni@logilab.fr> [Thu, 28 Aug 2014 07:55:33 +0200] rev 9962
[CWEP002 migration] support drop_relation_type for computed relations
Related to #3546717.
Laura Médioni <laura.medioni@logilab.fr> [Thu, 28 Aug 2014 07:49:31 +0200] rev 9961
[CWEP002 migration] properly raise exception on (add|drop)_relation_definition for computed relation
Related to #3546717
Laura Médioni <laura.medioni@logilab.fr> [Fri, 27 Jun 2014 12:00:17 +0200] rev 9960
[hooks] do not abuse of inheritance for CWRType hooks
Just copy the selector to ease readability.
Laura Médioni <laura.medioni@logilab.fr> [Mon, 16 Jun 2014 10:08:18 +0200] rev 9959
[schema serial] add some comments
Laura Médioni <laura.medioni@logilab.fr> [Mon, 16 Jun 2014 10:07:57 +0200] rev 9958
[schema] define full_rql on RQLExpression class
without it, we may have an error while displaying error which occured during
some expression initialization because this attribute is not yet defined while
used in the __str__ method.
Laura Médioni <laura.medioni@logilab.fr> [Fri, 29 Aug 2014 07:44:13 +0200] rev 9957
[schema] properly raise BadSchemaDefinition
when some expression mains variables may not be guessed
Lea Capgen <lea.capgen@logilab.fr> [Thu, 28 Aug 2014 18:29:14 +0200] rev 9956
[CWEP002] properly handle serialization of computed relations
We now:
* have CWComputedRelation in the bootstrap schema to store computed relations
* properly serialize/deserialize it
* test first if the database has been migrated and contains the related table
Related to #3546717
[jcr: adjust unittest_querier to pass with the added entity type]
Denis Laxalde <denis.laxalde@logilab.fr> [Fri, 27 Jun 2014 16:11:53 +0200] rev 9955
[CWEP002] Plug the computed relation rewriter in the querier
Related to #3546717.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 13 Feb 2014 13:58:28 +0100] rev 9954
[CWEP002] refactor rql read security checking
Split 'check_read_perms' into 'check_relations_perms' which checks relations
'read' permissions and 'get_local_checks' which build dictionary of local
security checks (rql expression) for variables.
This allows to check relations 'read' permissions earlier in the process and so
to prepare insertion of the rql rewriter: we want to check permissions of the
computed relation, not permissions of relations introduced by the associated
rule, to conform to the CWEP.
Related to #3546717
Sylvain Thénault <sylvain.thenault@logilab.fr> [Mon, 16 Jun 2014 10:22:24 +0200] rev 9953
[CWEP002] introduce RQLRelationRewriter
Refactor existing RQLRewriter for later reuse of rewriting relation as specified
by CWEP002. Work is different because we simply want to replace a relation by
another rql snippet and we don't have to bother with EXISTS, subqueries and all.
This rewriter is not yet plugged into the querier.
Depends on yams 0.40 API.
Related to #3546717
Lea Capgen <lea.capgen@logilab.fr>, Sylvain Thénault <sylvain.thenault@logilab.fr>, Denis Laxalde <denis.laxalde@logilab.fr> [Fri, 12 Sep 2014 14:46:11 +0200] rev 9952
[CWEP002] Add schema finalization checks for computed relations (rules)
Related to #3546717
Rémi Cardona <remi.cardona@logilab.fr> [Fri, 12 Sep 2014 14:10:03 +0200] rev 9951
[schema] add utility function to build a CubicWebSchema from a namespace
Will be useful for testing computed attributes and relations.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 28 Aug 2014 18:12:28 +0200] rev 9950
Fix test migration crash waiting to happen due to inferred relations
Avoid crashing when a relation definition which is already known (due to
being inferred) gets explicitly added. As explained in a comment, this
would deserve more thinking, but at least this fixes a test failure with
computed relations.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 28 Aug 2014 07:42:10 +0200] rev 9949
fix typo in syncschema hooks
Julien Cristau <julien.cristau@logilab.fr> [Tue, 16 Sep 2014 18:01:51 +0200] rev 9948
[test] Make test_undo_api less random
The order in which hooks are run is not predictable if they have the
same 'order' attribute, which is the case for SetOwnershipHook and
SetInitialStateHook. So don't assume in_state will be set before
created_by.
Julien Cristau <julien.cristau@logilab.fr> [Wed, 17 Sep 2014 13:43:31 +0200] rev 9947
merge 3.17.17 into 3.18 branch
Christophe de Vienne <christophe@unlish.com> [Wed, 10 Sep 2014 21:28:33 +0200] rev 9946
[wsgi] Fix unicode decoding in POST
The application/x-www-form-urlencoded sent by firefox or chrome is utf-8
encoded BEFORE being urlencoded.
Hence, decoding must urldecode THEN decode the utf-8 string, and not the
other way around.
Christophe de Vienne <christophe@unlish.com> [Thu, 21 Aug 2014 22:42:48 +0200] rev 9945
[wsgi] add the --debug / -D option to the wsgi command
Christophe de Vienne <christophe@unlish.com> [Mon, 08 Sep 2014 10:55:30 +0200] rev 9944
[wsgi] Fix multiple variables reading in params
Closes #4306081
Christophe de Vienne <christophe@unlish.com> [Tue, 02 Sep 2014 13:00:47 +0200] rev 9943
[wsgi] Set self.vreg
Closes #4306049
Christophe de Vienne <christophe@unlish.com> [Tue, 02 Sep 2014 10:31:13 +0200] rev 9942
[wsgi] Add missing import
Closes #4305988
Christophe de Vienne <christophe@unlish.com> [Tue, 02 Sep 2014 10:30:28 +0200] rev 9941
[wsgi] Fix https detection
- 'HTTPS' is not part of wsgi, it is a CGI variable. The right wsgi variable
is 'wsgi.url_scheme'
- Force https if url starts with '/https/' (and remove the prefix from the
path.
Closes #4305985
Christophe de Vienne <christophe@unlish.com> [Thu, 24 Jul 2014 20:57:14 +0200] rev 9940
[wsgi] Re-set the request content after calling the inherited constructor.
Closes #4191813