Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 19 Mar 2013 16:53:57 +0100] rev 8737
prepare 3.16.1
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 19 Mar 2013 15:30:06 +0100] rev 8736
[views/primary] some inner sections should use the `limit` by default to avoid a denial of service (closes #2719110)
Today, it is possible to call .related and get a huge unlimited
database-dos-inducing resultset that will be nevertheless limited a
bit further in pure python in the `autolimited` view.
While we cannot completely avoid potential denial of services such as
these we mitigate the problem with the default ui settings: if the
inner vid is `autolimited`, then the relation result sets is computed
using the user-defined limit.
This change respects the semantics of the `autolimited` view and
shouldn't break anything.
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 19 Mar 2013 15:18:22 +0100] rev 8735
[entity] ensure the .related(entities=False) parameter is honored all the way down (closes #2755994)
As of today, such a call will always fill the relation cache by
calling .entities() on every single related rset entry.
As a consequence, the `limit` parameter handling also had to be fixed.
It was bogus in the following ways:
* not used in the related_rql, hence potentially huge database
requests, but also actually
* foolishly used in the .entities()-calling cache routine we now
bypass (this changeset ticket's main topic)
Now:
* we set a limit on the rql expression, and
* forbid caching if given a non-None limit (as we don't want to make
the cache handling code more complicated than it is already)
With this, entity.unrelated gets a better limit implementation (so the
code in related/unrelated is nice and symmetric)
Risk:
* _cw_relation_cache disappears completely, which is good, but this is
Python, so you never know ...
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 19 Mar 2013 15:17:34 +0100] rev 8734
[test/web] fix invisibly bogus test (prepares #2755994)
The test was wrong but that was cancelled out by a cache effect and
fuzzy naming.
Wiping the entity caches restores sanity: the choices list are the
same before and after the SET.
Also field.choices uses entity.unrelated but always returns related +
unrelated elements.
Hence `choice` replaces `unrelated` where it makes sense.
AssertIn is used in place of AssertTrue.
Rémi Cardona <remi.cardona@logilab.fr> [Fri, 08 Mar 2013 11:03:28 +0100] rev 8733
[cwconfig] Fix exception handling when building the cube dependency graph
UnorderableGraph exceptions do not have a 'cycles' property. A simple
cast to str does the job.
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 19 Mar 2013 12:25:18 +0100] rev 8732
[merge] backport stable fixes
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 18 Mar 2013 16:38:57 +0100] rev 8731
[test/sobject] fix test regression
Was complaining:
- * updated comment #EID (#EID)
? ^^^^
+ * updated comment #EID (duh?)
? ^^^^
in sobjects/test/unittest_supervising.
Rémi Cardona <remi.cardona@logilab.fr> [Wed, 13 Mar 2013 18:36:49 +0100] rev 8730
[web/request] Prune extraneous 'pageid' from generated ajax URL parameters (closes #2758130)
If 'pageid' is given through extraparams, it is sent twice to the
browser. On the JS side, the final URL loadxhtml() will end up using
will have 'pageid' set twice which CubicWeb will readily accept as a
list.
Pruning this parameter makes sure it is exactly once.
Rémi Cardona <remi.cardona@logilab.fr> [Wed, 13 Mar 2013 19:23:22 +0100] rev 8729
[web/component] Use global variable to point to ajax controller (part of #2758254)
Rémi Cardona <remi.cardona@logilab.fr> [Tue, 19 Mar 2013 12:24:40 +0100] rev 8728
[web] Use the new '/ajax' URL path to access the AjaxController (closes #2758254)
5a81fa526b30 took care of all the JS code, this patch cleans up the
remaining python bits.
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 19 Mar 2013 10:08:20 +0100] rev 8727
[devtools/httptest] fix syntax error introduced by ce5ae7b80d2c
Rémi Cardona <remi.cardona@logilab.fr> [Tue, 12 Mar 2013 19:24:43 +0100] rev 8726
[component] Fix URL generation for navigation component (closes #2464832)
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 12 Mar 2013 12:08:22 +0100] rev 8725
merge with another default heads
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 12 Mar 2013 12:04:51 +0100] rev 8724
Merge stable into default (NON-TRIVIAL)
- dropping __future__ statement added by d2472948da9c
- added migration from 407acc41beb5 to migration file for 3.16.1
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Fri, 08 Feb 2013 18:36:00 +0100] rev 8723
maintain python2.5 compatibility
Julien Cristau <julien.cristau@logilab.fr> [Fri, 18 Jan 2013 11:36:21 +0100] rev 8722
[schema/workflow] one more typo fix
Also add proper migration.
Julien Cristau <julien.cristau@logilab.fr> [Fri, 22 Feb 2013 11:17:02 +0100] rev 8721
[devtools] add http_publish to CubicWebTC (closes #2565882)
Fakes a http request, without overriding the normal error handling.
Returns the request object so the caller can check for errors.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 18 Jan 2013 12:47:40 +0100] rev 8720
[testlib] url_publish should give url to the request and the rset returned by the path evaluator to ctrl_publish. Closes #2557468
Also, url_publish now accepts a `data` argument to simulate POST of values.
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Fri, 22 Feb 2013 19:36:40 +0100] rev 8719
[towards py3k] import reduce() from functools (part of #2711624)
Pierre-Yves David <pierre-yves.david@logilab.fr> [Mon, 11 Mar 2013 18:37:01 +0100] rev 8718
merge stable fix into default
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 09 Jan 2013 18:37:48 +0100] rev 8717
[doc] document dbapi.Connection
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 08 Mar 2013 09:15:09 +0100] rev 8716
[c-c shell] fix command description (-P option is gone long ago)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 11 Mar 2013 14:46:09 +0100] rev 8715
[hooks/syncschema] do not crash when adding a new entity type (closes #2741643)
The previous version assumed META_RTYPES provide relation definitions
for all entity types.
pwatteyne [Tue, 29 Jan 2013 16:57:44 +0100] rev 8714
[views/debug] Do not show all web sessions without CNX, just count them (closes #2602161)
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 05 Mar 2013 15:37:37 +0100] rev 8713
[facets js] use $ instead of jQuery and other small cleanups
Julien Cristau <julien.cristau@logilab.fr> [Thu, 17 Jan 2013 15:42:09 +0100] rev 8712
[devtools/httptest] allow sending other types of requests besides GET
Pierre-Yves David <pierre-yves.david@logilab.fr> [Fri, 08 Mar 2013 18:43:42 +0100] rev 8711
merge with stable
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Mon, 04 Mar 2013 17:22:57 +0100] rev 8710
[ext/rest] fix docstring of rql_role()
Vincent Michel <vincent.michel@logilab.fr> [Fri, 08 Mar 2013 18:04:40 +0100] rev 8709
[web application] Fix missing self. in error_handler
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 18 Dec 2012 12:42:56 +0100] rev 8708
[ldapfeed] all options of a source should be in the same group, else you get AssertionError on c-c add-source. Closes #2538398
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Wed, 20 Feb 2013 16:13:21 +0100] rev 8707
[sources] fix classes that inherit from AbstractSource (closes #2718669)
Julien Cristau <julien.cristau@logilab.fr> [Thu, 24 Jan 2013 10:28:49 +0100] rev 8706
[login] don't redirect to http url if we allow anonymous on https
Closes #2583913
Jérôme Roy <jerome.roy@logilab.fr> [Mon, 25 Feb 2013 11:34:58 +0100] rev 8705
Correct typo in example
Julien Cristau <julien.cristau@logilab.fr> [Mon, 25 Feb 2013 18:02:11 +0100] rev 8704
[testlib] make test_view load the json data
Closes #2721472
Rémi Cardona <remi.cardona@logilab.fr> [Mon, 11 Feb 2013 12:06:16 +0100] rev 8703
[etwist] Properly escape traceback output (closes #2712042)
Stop using StringIO in the process as well.
Rémi Cardona <remi.cardona@logilab.fr> [Mon, 11 Feb 2013 11:26:08 +0100] rev 8702
[dbapi] Stop shadowing exceptions in get_repository() (closes #2710515)
Exceptions are already handled higher up in the stack so there's no
reason to handle them here. Furthermore, non-ConnectionError exceptions
would get hidden, making debugging harder.
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 25 Feb 2013 11:18:14 +0100] rev 8701
[cwvreg] complete cw.web.uicfg cleanup callback (closes #2718217)
1dd655788ece introduced insufficient backward compat support
When cubes directly import uicfg from cubicweb.web (or uihelper) this
also creates a reference in the parent cubicweb.web namespace. This
must be cleaned up as reloaded cubes will take back this reference and
the old versions of its appobjects.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 28 Feb 2013 11:19:36 +0100] rev 8700
[book] fix typo.
remove spurious `i`
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Sat, 16 Feb 2013 21:46:24 +0100] rev 8699
[towards py3k] fix bug introduced by 0bb18407c053
Anthony Truchet <anthony.truchet@logilab.fr> [Tue, 21 Feb 2012 18:23:23 +0100] rev 8698
[doc] Book entry for the undo functionnality.
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Thu, 14 Feb 2013 16:45:07 +0100] rev 8697
[toward py3k] rewrite has_key() (part of #2711624)
The `has_key` method is not in Python3K but dict supports __contains__ check for
ages.
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Thu, 14 Feb 2013 16:01:24 +0100] rev 8696
[toward py3k] rewrite dict.keys() and dict.values() (part of #2711624)
Python 3K will only expose iterators.
http://docs.python.org/3.0/whatsnew/3.0.html#views-and-iterators-instead-of-lists
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Thu, 14 Feb 2013 15:38:25 +0100] rev 8695
[toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
The older form is not necessary since we dropped python 2.5 compability. This
will help Python 3.3 experimentation.
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Thu, 14 Feb 2013 15:39:23 +0100] rev 8694
[toward-py3k] remove import with_statement (part of #2711624)
They are unneeded since we dropped python 2.5 compatibility. This will help
Python 3.3 experimentation.
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Thu, 14 Feb 2013 15:29:20 +0100] rev 8693
pkg: drop python 2.5 compatibility (closes #2711624)
2.5 is not common anymore. Dropping compatibility will help moving to a code
base compatible with Python 3.3
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 14 Feb 2013 15:21:23 +0100] rev 8692
devtools: improve qunit timeout message
Make the message clearer, shorter and properly wrapped.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 14 Feb 2013 14:26:33 +0100] rev 8691
merge default into stable
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Tue, 12 Feb 2013 11:35:15 +0100] rev 8690
[devtools] fix broken windmill test case
David Douard <david.douard@logilab.fr> [Thu, 31 Jan 2013 18:34:31 +0100] rev 8689
Added tag cubicweb-debian-version-3.15.9-1 for changeset 29fbc632a696
David Douard <david.douard@logilab.fr> [Thu, 31 Jan 2013 18:34:30 +0100] rev 8688
Added tag cubicweb-version-3.15.9 for changeset 8bfc0753f1da
David Douard <david.douard@logilab.fr> [Fri, 25 Jan 2013 17:56:15 +0100] rev 8687
Added tag cubicweb-debian-version-3.16.0-1 for changeset 853237d1daf6
David Douard <david.douard@logilab.fr> [Fri, 25 Jan 2013 17:56:14 +0100] rev 8686
Added tag cubicweb-version-3.16.0 for changeset 6c7c2a02c9a0
David Douard <david.douard@logilab.fr> [Fri, 25 Jan 2013 17:52:02 +0100] rev 8685
3.15.9
Aurelien Campeas <aurelien.campeas@logilab.fr> [Fri, 25 Jan 2013 16:44:07 +0100] rev 8684
[ldap test] fix bad merge
Aurelien Campeas <aurelien.campeas@logilab.fr> [Fri, 25 Jan 2013 14:33:40 +0100] rev 8683
[merge] backport stable fixes
Aurelien Campeas <aurelien.campeas@logilab.fr> [Fri, 25 Jan 2013 13:28:23 +0100] rev 8682
[cwctl] fix cubicweb-ctl shell command (closes #2583919)
* add an uri parsing utility that documents a bit the uri cubicweb
supports out of the box
* cwctl: use this utility and refactor a bit for clarity (the novelty
here being real support for old style 'myapp', or:
* 'inmemory://myapp'
* 'pyro://pyro-ns-host:pyro-ns-port/myapp' (pyro access through a
pyro concentrator)
* 'pyroloc://host:port/pyro-instance-id' (direct access to a pyro
repository)
* 'zmqpickle-tcp://host:port'
* dbapi: refactor to sort out some of the complexity and restore
functionality lost in 62213a34726e
David Douard <david.douard@logilab.fr> [Thu, 24 Jan 2013 16:13:40 +0100] rev 8681
[ldap test] move the slapd database directory to a tempdir (closes #2583993)
This is required to be sure we are not hurt by NFS or such...
David Douard <david.douard@logilab.fr> [Thu, 24 Jan 2013 16:10:31 +0100] rev 8680
[ldap auth] make sure imported passwords from LDAP are encrypted (closes #2583994)
When a user is imported from an LDAP source (in ldapfeed or when converting a
user from an ldapsource to system one), we may import a clear-text password,
which we do not want to do in our system database.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 18 Dec 2012 12:25:08 +0100] rev 8679
[ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 09 Jan 2013 14:27:51 +0100] rev 8678
[doc/ldap] update the ldap chapter wrt the ldapfeed source type (closes #2551863)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 23 Jan 2013 17:58:49 +0100] rev 8677
prepare 3.16
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 23 Jan 2013 18:20:05 +0100] rev 8676
[doc/3.16] complete description of what changed
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 04 Jan 2013 15:39:52 +0100] rev 8675
[rql sources] uses an URL as remote host address for pyro/zmq rql sources,
instead of extra configuration parameters. Follows modification of dbapi.connect api.
Closes #2539822
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 04 Jan 2013 15:18:44 +0100] rev 8674
[repo sources] move handling of source's url into abstract source as this becomes shared by most sources
prepare #2539822
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 10 Jan 2013 22:52:47 +0100] rev 8673
[db-api] rename repo_connect into _repo_connect to mark it private. Closes #2521848
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 10 Jan 2013 22:51:10 +0100] rev 8672
[repository sources] copy source configuration: source's __init__ modify it while config.sources() return a cached dictionary which shouldn't be modified
This causes pb since f8aa87a773b2 (though it's unclear why it hasn't been a problem before).
Closes #2521848
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 10 Jan 2013 22:50:34 +0100] rev 8671
cleanup repository connect doc: cnxtype is now deprecated / base_url has never been given that way. Follow #2521848
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 22 Jan 2013 18:16:20 +0100] rev 8670
prefix "tcp://" zmq uris with "zmqpickle" (closes #2574114)
* it turns "tcp://" into "zmqpickle-tcp://"
* will leave room for future non-pickling communications using zmq
Sylvain Thénault <sylvain.thenault@logilab.fr> [Mon, 21 Jan 2013 18:01:25 +0100] rev 8669
[db-api/configuration] simplify db-api and configuration so that all the connection information is in the repository url, closes #2521848
eg no more specific option of pyro ns host, group, etc. This also fixes broken ZMQ
sources.
Changes:
* dropped pyro-ns-host, pyro-instance-id, pyro-ns-group from client side config, in
favor of repository-uri. No migration done, supposing there is **no web-only config**
in the wild. Also stop discovering the connection method through the repo_method class
attribute of the configuration, varying according to the configuration class. This is
a first step on the way to a simpler configuration handling. Notice those pyro options
are still available for repository only / all-in-one configurations as they are needed
to configure the pyro server.
* stop telling connection method using ConnectionProperties, this is so boring. Also,
drop _cnxtype from Connection and cnxtype from Session. The former is replaced by a
is_repo_in_memory property and the later is totaly useless.
* deprecate in_memory_cnx which becomes useless, use _repo_connect instead
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 10 Jan 2013 23:05:45 +0100] rev 8668
[ldap test] ensure slapdd launch went fine and move ldapfeed setUp to parent class, as all ldap sources deal with url
Aurelien Campeas <aurelien.campeas@logilab.fr> [Thu, 10 Jan 2013 18:11:33 +0100] rev 8667
[web/uihelper,uicfg] transform uihelper functions into uicfg objects methods (closes #2543949)
Florent Cayré <florent.cayre@logilab.fr> [Mon, 21 Jan 2013 16:34:09 +0100] rev 8666
make ui configurations selectable (closes #2406609)
* introduce a new 'uicfg' registry (storing instances)
* use the relevant new APIs from lgc.registry to manage the new
registrable uicfg objects
* cw event manager useage is gone; instead thze standard registry
reloading mechanism is used
* ensure i18n commands still work (devctl)
* introduce dynamic uicfgs use whenever possible (various views), even
though sometimes the classic 'static' usage remains
Aurelien Campeas <aurelien.campeas@logilab.fr> [Thu, 10 Jan 2013 18:34:10 +0100] rev 8665
[uicfg] uicfg.py moves from web/ to web/views/ (prepares #2406609)
We are about to make uicfg selectable. Registrable / selectable views
and helpers live in web/views. Hence the move.
Backward compat is put in place. However CubicWeb imports of uicfg are
updated to the new location.
Aurelien Campeas <aurelien.campeas@logilab.fr> [Thu, 10 Jan 2013 13:03:38 +0100] rev 8664
[appobject] introduce RegistrableObject base class (prepares #2406609)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 21 Jan 2013 13:55:25 +0100] rev 8663
[cwvreg] introduce lgc version 0.59 and remove unneeded method redefinition (prepares #2406609)
The new logilab.common.registry makes this moot.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Fri, 23 Nov 2012 18:27:35 +0100] rev 8662
[BFSS] mark fs_imported value as uncachable
This will finally fix the `test_bfss_fs_importing_transparency` pass again.
Regression was introduced by 4ba11607d84a
Pierre-Yves David <pierre-yves.david@logilab.fr> [Fri, 18 Jan 2013 18:48:15 +0100] rev 8661
[entity] add a "repo_side" parameter to `_cw_dont_cache_attribute`
This parameter (defaulting to `False`) is used to inform cubicweb that we really
really do not want to cache a value during creation or update. This will be used
by a storage that may do very specific processing on attribute values that result
in a stored value different than the provided one (e.g. BFSS `fs_importing`
mode).
Aurelien Campeas <aurelien.campeas@logilab.fr> [Fri, 18 Jan 2013 18:31:51 +0100] rev 8660
[merge] backport stable fixes
Aurelien Campeas <aurelien.campeas@logilab.fr> [Fri, 18 Jan 2013 18:31:25 +0100] rev 8659
[entities] fix test failures introduced by fixes in workflow related message strings (completes 9bb93efa1952)
Vladimir Popescu <vladimir.popescu@logilab.fr> [Fri, 18 Jan 2013 16:40:11 +0100] rev 8658
[doc/book/] Corrected typo in en/tutorials/base/customizing-the-application.rst, for the add_cubes function call
Aurelien Campeas <aurelien.campeas@logilab.fr> [Fri, 18 Jan 2013 17:37:35 +0100] rev 8657
[entity,views/json] backout 353bbd17a8b6 (reopens #2559931)
Calling .complete() unconditionnally from the json encoder is unsafe
since on entity creation validation:
* an eid may have been drawn (hence even .has_eid() would not help)
while processing form data in the edit controller
* a ValidationError may have been raised and the entity-creating
transaction rollbacked
This leads to a crash on the return path from the validation to the
browser, where the json_dumps((status, args, entity)) call will
stumble upon the .complete() call which will fail because the entity
does not (any more) exist in the database.
Julien Cristau <julien.cristau@logilab.fr> [Tue, 15 Jan 2013 20:17:09 +0100] rev 8656
[schemas] fix typo
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 17 Jan 2013 18:30:08 +0100] rev 8655
merge with stable
Aurelien Campeas <aurelien.campeas@logilab.fr> [Thu, 10 Jan 2013 18:31:43 +0100] rev 8654
[appobject] cleanup module (prepares #2406609)
* remove unused imports
* break long lines
Aurelien Campeas <aurelien.campeas@logilab.fr> [Thu, 17 Jan 2013 14:29:12 +0100] rev 8653
[uicfg] remove pre 3.6 bw compat structure (prepares #2406609)
This should have been done in a673d1d9a738.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 17 Jan 2013 17:12:06 +0100] rev 8652
[testlib] test_view now parse json data, closes #2557467
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 17 Jan 2013 14:39:51 +0100] rev 8651
Improve entity json export (closes #2559931)
Make output from __json_encode__ predictable; use it in the ejsonexport
view.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 17 Jan 2013 14:40:57 +0100] rev 8650
[web/application/test] drop useless code
This is already done in CubicWebTC
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 17 Jan 2013 15:11:37 +0100] rev 8649
[test] precheck initial condition
Julien Cristau <julien.cristau@logilab.fr> [Wed, 16 Jan 2013 17:42:16 +0100] rev 8648
[packaging] Fix search in squeeze cubicweb-documentation package (closes #2558496)
Work around broken combination of jquery 1.4 and sphinx 0.6 in squeeze by
patching up doctools.js.
Julien Cristau <julien.cristau@logilab.fr> [Wed, 16 Jan 2013 17:41:45 +0100] rev 8647
[packaging] don't compress txt files (closes #2558496)
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 09 Jan 2013 21:48:59 +0100] rev 8646
[wf/test] fix tests broken by changes from another patch which have slipped there
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 09 Jan 2013 16:06:20 +0100] rev 8645
[merge] backport stable
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 09 Jan 2013 15:46:05 +0100] rev 8644
[web/test] fix stale reference to the changelog view (closes #2423532)
David Douard <david.douard@logilab.fr> [Wed, 09 Jan 2013 18:03:17 +0100] rev 8643
Added tag cubicweb-debian-version-3.15.8-1 for changeset 4ef457479337
David Douard <david.douard@logilab.fr> [Wed, 09 Jan 2013 18:03:17 +0100] rev 8642
Added tag cubicweb-version-3.15.8 for changeset 459d0c48dfaf
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 09 Jan 2013 16:04:26 +0100] rev 8641
[test] fix possible views test (closes #2544358)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 09 Jan 2013 15:40:41 +0100] rev 8640
prepare 3.15.8
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 09 Jan 2013 14:29:29 +0100] rev 8639
[ldapfeed] if a deactivated user becomes available again in its source, reactivate it (closes #2542776)
* cwusers that see their ldap source counterpart disappear are
deactivated
* until now they were not activated again on reappearance
* note this behaviour in the doc
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 08 Jan 2013 15:53:22 +0100] rev 8638
[ldaputils,ldapparser] correctly compute "deleted" users (closes #2542083)
* in ldaputils.py, removal of an unneeded method (checking existence
of an object in the ldap, but not using the configuration filters)
* in the ldapparser, memoize the (filtered) search so as to serve both
.process and .is_deleted
* add a non regression test for the 'user-filter' source config entry
+ deletion
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 03 Jan 2013 23:27:56 +0100] rev 8637
[dataimport] new ignore_errors argument to ucsvreader, default to False. Closes #2547200
David Douard <david.douard@logilab.fr> [Tue, 18 Dec 2012 11:40:51 +0100] rev 8636
[ldapsource] keep python 2.5 compatibility (closes #2541602)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 18 Dec 2012 10:42:11 +0100] rev 8635
[ldapuser2ldapfeed] .values -> .iteritems (closes #2542872)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 17 Dec 2012 14:40:03 +0100] rev 8634
[ldap tests] cleanup in preparation of #2542083
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 17 Dec 2012 14:26:41 +0100] rev 8633
[ldapparser] demote warning level (actually important user info can leak there) (prepares #2542083)
Arthur Lutz <arthur.lutz@logilab.fr> [Thu, 03 Jan 2013 23:10:50 +0100] rev 8632
Remove changelog view (closes #2423532)
Vincent Michel <vincent.michel@logilab.fr> [Wed, 02 Jan 2013 18:17:02 +0100] rev 8631
[dataimport] Allow to replace escape char in the create_copyfrom_buffer
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Sun, 30 Dec 2012 22:31:10 +0100] rev 8630
[doc] fix function name FTIRANK
Adrien Di Mascio <Adrien.DiMascio@logilab.fr> [Thu, 20 Dec 2012 12:15:57 +0100] rev 8629
[json] enable jsonexport selection on empty rsets (closes #2544358)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr> [Thu, 20 Dec 2012 12:14:14 +0100] rev 8628
[test] fix req default value handling in CubicWebTC.view (closes #2544376)
It's no more than the standard ``if rset`` vs. ``if rset is None`` error.
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 19 Sep 2012 17:16:04 +0200] rev 8627
[ajax] fix attribute lookup (closes #2491038)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 11 Dec 2012 18:20:00 +0100] rev 8626
[server] add debugging for Hooks & Operations (closes #2470048)
Vincent Michel <vincent.michel@logilab.fr> [Fri, 14 Dec 2012 14:08:14 +0100] rev 8625
[dataimport] Add SQL Store for faster import - works ONLY with Postgres for now, as it requires "copy from" command - closes #2410822
This store will use:
- copy from for massive insertions.
- execute from for update.
The API of this store is similar to the other stores.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Mon, 26 Nov 2012 12:52:33 +0100] rev 8624
[test] swap order in assert of `test_users_and_groups_non_readable_by_guests`
unittest2 order is (expected, got), not the opposite. This help test report
readbility.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Mon, 26 Nov 2012 19:47:12 +0100] rev 8623
[test] fix server/querier/build_descr1 test.
There is no self.transaction of TestCase. I assumed the test writer meant a
session. This seems to make the test pass.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 27 Nov 2012 12:36:33 +0100] rev 8622
[server] make `test_bfss_fs_importing_transparency` less verbose on failure
Dumping the whole content of a file on failure is a bit annoying. We only print
the bad version here (it's usually the file path).
Pierre-Yves David <pierre-yves.david@logilab.fr> [Fri, 23 Nov 2012 17:12:58 +0100] rev 8621
[entity] drop redundant cache update
This ``cw_attr_cache`` update is redundant, ``_cw_update_attr_cache`` already do this step.
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Mon, 03 Dec 2012 13:22:10 +0100] rev 8620
[cw-ctl] silence msgcat and msgfmt (closes #2527594)
David Douard <david.douard@logilab.fr> [Wed, 12 Dec 2012 22:13:38 +0100] rev 8619
Added tag cubicweb-debian-version-3.15.7-1 for changeset c5400558f370
David Douard <david.douard@logilab.fr> [Wed, 12 Dec 2012 22:13:37 +0100] rev 8618
Added tag cubicweb-version-3.15.7 for changeset d8916cee7b70
David Douard <david.douard@logilab.fr> [Wed, 12 Dec 2012 22:11:52 +0100] rev 8617
prepare 3.15.7
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 04 Dec 2012 13:41:20 +0100] rev 8616
[migration] fix crash when adding a new meta relation type. Closes #2532483
David Douard <david.douard@logilab.fr> [Mon, 10 Dec 2012 11:50:42 +0100] rev 8615
[ldapfeed] fix connection leak (closes #2532528)
David Douard <david.douard@logilab.fr> [Tue, 04 Dec 2012 16:16:08 +0100] rev 8614
[zmq] add an introductive docstring on ZMQComm
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 11 Dec 2012 16:14:57 +0100] rev 8613
[server config] on quick start, system source is still activated. Closes #2535714
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 11 Dec 2012 17:07:57 +0100] rev 8612
[web] use `inline` `Content-Disposition` by default (closes #2535734)
since known time we have been serving static file with a `filename` parameter on
the `Content-Disposition` header. But since d74addac92bb we explicitly serve
file as attachment if a filename is provided. However this is valid to have
`inline` disposition and `filename` parameter. This changeset revert this part
of d74addac92bb, going back to `inlined` by default.
`IDownloadable` code explicitly request `attachment` content to preserve
expected behavior.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 11 Dec 2012 16:57:18 +0100] rev 8611
[web] allow configuration of the Content-disposition value
The `set_content_type` function now takes and optional `disposition` parameter
to control the value of this HTTP header.
Use of `Content-disposition: inline` with a filename parameter are valid, so
the presence of filename does not allows to choose between `attachment` and
`inline`
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 11 Dec 2012 17:17:40 +0100] rev 8610
[downloadable] fix filename HTTP header for simple name with space (closes #2535715)
Since d74addac92bb, we export simple ascii filename without any encoding in the
`filename` parameter of the `Content-Disposition` header. If this name contains
space this will fails, the parameter value will be truncated at the space
position. (eg. `filename=jungle babar.txt` read as `jungle`)
We need to quote the filename to prevent this (eg. `filename="jungle babar.txt"`).
Then literal quote and backslash needs to be escaped too.
The new escaping is correct according this extensive test case data base:
http://greenbytes.de/tech/tc2231/
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Mon, 03 Dec 2012 00:03:03 +0100] rev 8609
merge fixes from stable
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:19:36 +0100] rev 8608
Added tag cubicweb-debian-version-3.15.6-1 for changeset b05e156b8fe7
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:19:35 +0100] rev 8607
Added tag cubicweb-version-3.15.6 for changeset 0163bd9f4880
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:18:05 +0100] rev 8606
prepare 3.15.6
David Douard <david.douard@logilab.fr> [Tue, 27 Nov 2012 14:48:03 +0100] rev 8605
[web] add a digital signature to error form (closes #2522526)
Simple (and quite weak) implementation of a digital signature of the content
to be submited by email in the error report view generated by ErrorView.
The signature is a simple hmac hash computed using a secret key (generated at
repository startup) and the "secret" form content to be included in the
notification email. The controller can then check this content has not been
modified or forged by a malicious user.
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Wed, 28 Nov 2012 11:44:15 +0100] rev 8604
[web/views] bugfix: the mime type is text/plain, not text/txt (closes #2526345)
Arthur Lutz <arthur.lutz@logilab.fr> [Tue, 27 Nov 2012 17:16:23 +0100] rev 8603
[doc] fix of personnal etc directory in book
David Douard <david.douard@logilab.fr> [Tue, 27 Nov 2012 12:24:56 +0100] rev 8602
[web] add a Forbidden exception
This is similar to the Unauthorized exception, but generates a 403 error
instead of a 401 (Unauthorized)
Katia Saurfelt <katia.saurfelt@logilab.fr> [Tue, 27 Nov 2012 11:38:03 +0100] rev 8601
[web] add a ``anonymize-jsonp-queries`` option in file configuration (closes #2465388)
This option controls connection anonymizing before executing any query
for CSRF / safety reason.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 27 Nov 2012 11:27:49 +0100] rev 8600
[downloadable] fix filename in HTTP header (closes #2522325, #2522324)
Before this changeset we use the `filename` header with utf8 encoded filename
all the time.
However RFC6266 says:
The parameters "filename" and "filename*" differ only in that "filename*"
uses the encoding defined in [RFC5987], allowing the use of characters not
present in the ISO-8859-1 character set ([ISO-8859-1]).
Therefore, we alter the code to:
1. Use `filename` and `ascii` encoding whenever possible,
2. use `filename*` with `utf8` encoding otherwise (with a filename fallback for
old browser)
We also switch the `content-disposition` value to attachement if filename is
specified, this will result as a mandatory download according to RFC6266. This
mandatory download is the expected behavior.
We changes the filename encoding to RFC5987 which is simpler, supported by all
and modern browser (including IE from version 6) and does not suffer from the
continuation issue. (see ticket #2522324 for details)
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 27 Nov 2012 11:18:42 +0100] rev 8599
docstring typo
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 22 Nov 2012 16:13:43 +0100] rev 8598
[facet] make BitFieldFacet allow special 0 value. Closes #2522697
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Fri, 16 Nov 2012 12:28:30 +0100] rev 8597
[doc] ubuntu LTS is now Precise Pangolin
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 16 Nov 2012 11:53:17 +0100] rev 8596
backport stable
Arthur Lutz <arthur.lutz@logilab.fr> [Fri, 16 Nov 2012 11:52:06 +0100] rev 8595
[server] implement base_url with secure=True (closes #2508638)
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 16 Nov 2012 11:41:38 +0100] rev 8594
[validation api] properly use yams 0.36 validation error api and update message catalog. Follows bbe0d6985e59
the creation of the `translate` method in the 23a10f049447 yams commit.
Pierre-Yves David <pierre-yves.david@logilab.fr> [Fri, 09 Nov 2012 15:27:40 +0100] rev 8593
[wsgi] saner use of `self.config` instead of `config`
Pierre-Yves David <pierre-yves.david@logilab.fr> [Fri, 09 Nov 2012 17:14:18 +0100] rev 8592
[server] fix repository initialisation
Changeset d753d6a6798f was breaking database creation. Dropping the
`config.creating` clause lead to trying to load the schema from database even in
creation mode. Conditional are a bit altered and reordered to prevent this to
happen.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 24 Oct 2012 09:56:52 +0200] rev 8591
[web test] make unittest_viewselectors work if rdflib isn't available
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 23 Oct 2012 12:12:43 +0200] rev 8590
[js/ajax] documentation of 'reload' is missing an argument
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 23 Oct 2012 12:12:22 +0200] rev 8589
[ldapfeed] move docstring to the class instead of the module
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 14 Nov 2012 11:12:13 +0100] rev 8588
[hook] fix hook base class so access to __registries__ doesn't call check_event, only call it in registered callback. Closes #2517748
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 08 Nov 2012 11:43:11 +0100] rev 8587
[startup hook/looping tasks] separated hook for each looping task to ease modification from cubes. Closes #2517096
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 08 Nov 2012 11:40:24 +0100] rev 8586
[ldaputils] should use entity.eid instead of entity on raising ValidationError. closes #2517095
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 14 Nov 2012 11:06:24 +0100] rev 8585
[dbapi] provide get_option_value over DBAPIRequest (closes #2515522)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 24 Oct 2012 14:38:05 +0200] rev 8584
Added tag cubicweb-debian-version-3.15.5-1 for changeset 19e115ae5442
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 24 Oct 2012 14:38:04 +0200] rev 8583
Added tag cubicweb-version-3.15.5 for changeset b0e086f451b7
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 24 Oct 2012 12:08:21 +0200] rev 8582
prepare 3.15.5
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 11 Sep 2012 12:42:26 +0200] rev 8581
[entity attr cache] mark attribute as uncacheable in the underlying function else we may miss some changes.
Also rewrite a storage test currently failing because cache of the entity created by the
test transaction, distinct from the entity created internally and given to hooks and all,
has its attributes cache not updated. As this doesn't seems a proper usage, rewrite it
as expected.
Much probably closes #2423719 definitly.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 05 Oct 2012 16:54:22 +0200] rev 8580
[repository] move modification of appobject_path to repository initialization code so we can restore it later to avoid side effect on the config. Fix regression introduced in d32ab8570e5d
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 11 Oct 2012 18:42:13 +0200] rev 8579
[req / session] drop is_internal_session (buggy) compat on base request by implementing necessary methods on internal manager
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 20 Sep 2012 16:33:51 +0200] rev 8578
[check integrity] use session consistently
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 20 Sep 2012 16:18:13 +0200] rev 8577
[test] use session commit/rollback to be consistent with the test
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 23 Oct 2012 15:00:53 +0200] rev 8576
[merge] reintegrate that black sheep
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 17 Oct 2012 15:47:12 +0200] rev 8575
[ldapparser] utf-8 uri + unicode emailaddr will crash if the later is not properly encoded (closes #2508515)
Anthony Truchet <anthony.truchet@logilab.fr> [Wed, 22 Feb 2012 11:57:42 +0100] rev 8574
backporting
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 12 Oct 2012 16:05:16 +0200] rev 8573
backport stable
Florent Cayré <florent.cayre@logilab.fr> [Tue, 02 Oct 2012 16:44:55 +0200] rev 8572
fix no more running zmq repository test (closes #2500153)
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 28 Sep 2012 17:49:54 +0200] rev 8571
[dbapi] load_appobjects must attempt to load available cubicweb configurations to avoid error when some object use a persistent propery (CWProperty) defined there. Closes #2497697
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 12 Oct 2012 15:38:58 +0200] rev 8570
dummy merge
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 12 Oct 2012 12:47:45 +0200] rev 8569
[ajax] reload function should set 'processing' cursor. Closes #2503899
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 01 Oct 2012 12:49:34 +0200] rev 8568
[misc/scripts] a slightly experimental script to help repair LDAPUser cwusers suffering from split-brainite (closes #2497108)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 24 Sep 2012 16:45:26 +0200] rev 8567
[views/boxes] re-establish the proper selector (closes #2496294)
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 01 Oct 2012 12:40:35 +0200] rev 8566
[ldapparser] raise specific error if the configuration is wrong (closes #2498164)
Arthur Lutz <arthur.lutz@logilab.fr> [Mon, 08 Oct 2012 17:50:12 +0200] rev 8565
[skeleton] add pypi classifiers in __pkginfo__ and setup.py (closes #2502156)
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 18 Sep 2012 17:04:44 +0200] rev 8564
[c-c shell -H] add verbosity=0 so we are not asked to confirm everything, as when not using -H
Adrien Di Mascio <Adrien.DiMascio@logilab.fr> [Fri, 21 Sep 2012 15:03:59 +0200] rev 8563
mock ``CWUser.prefered_language()`` on InternalManager objects.
The recent split of patches for session refactoring broke this.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 14 Sep 2012 14:15:39 +0200] rev 8562
[session] fix arguments default value and promote usage of security_enabled as session method. Closes #2481820
One should use session method rather than direct usage of the context manager
of the same name.
Fix default argument values for consistency with the context manager: when one
omit an argument, meaning is "keep the current value", not "disable security".
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 20 Sep 2012 14:50:06 +0200] rev 8561
[session] promote usage of [deny|all]_all_hooks_but session methods rather than hooks_control context manager directly
Sylvain Thénault <sylvain.thenault@logilab.fr> [Mon, 10 Sep 2012 16:25:48 +0200] rev 8560
[web app] move set of status_out into validation_error_handler to ease readability
Sylvain Thénault <sylvain.thenault@logilab.fr> [Mon, 10 Sep 2012 16:24:32 +0200] rev 8559
[workflow test] don't use session.user, subject to internal changes
Sylvain Thénault <sylvain.thenault@logilab.fr> [Mon, 10 Sep 2012 16:07:13 +0200] rev 8558
[db creation test] more testing of db initialization: call build_db_cache and ensure admin user exists
Sylvain Thénault <sylvain.thenault@logilab.fr> [Mon, 17 Sep 2012 17:52:17 +0200] rev 8557
[source synchronization hooks] Fix/enhance system source hooks
They are broken if launched during repository initialization (this was not the
case yet, but will be soon...). Add additional checks to ensure one doesn't try
to store system source config in the database, as it will be ignored in favor of
the "sources" file.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Mon, 17 Sep 2012 17:48:55 +0200] rev 8556
[validation error] refactor validation error handling so translation is done on the web side
Users should now use cubicweb.validation_error helper function that will activate the feature
with other handy behaviours. Also test testing for message in errors should call
exception.tr(unicode) before comparing.
Using bare ValidationError keep backward compat.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 11 Sep 2012 22:32:01 +0200] rev 8555
[repo cleanup] drop code moved to querier by 7e264ce34cd4
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 11 Sep 2012 22:32:01 +0200] rev 8554
[repo cleanup] drop code moved to querier by 7e264ce34cd4
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 18 Sep 2012 11:37:24 +0200] rev 8553
Added tag cubicweb-debian-version-3.15.4-1 for changeset 70cb36c826df
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 18 Sep 2012 11:37:23 +0200] rev 8552
Added tag cubicweb-version-3.15.4 for changeset 63260486de89
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Mon, 17 Sep 2012 17:48:02 +0200] rev 8551
[facets] add link 'focus on selection' (closes #525277)
Julien Cristau <julien.cristau@logilab.fr> [Mon, 10 Sep 2012 15:08:55 +0200] rev 8550
[server/utils] catch ValueError from password verification
passlib can raise ValueError when it can't recognized a hash. Treat
that as a wrong password.
Sylvain Thénault <sylvain.thenault@logilab.fr> [Mon, 10 Sep 2012 13:59:25 +0200] rev 8549
[test] reindent and use request() rather than bare session
this avoid error due to implementation details of session
Aurelien Campeas <aurelien.campeas@logilab.fr> [Thu, 06 Sep 2012 15:03:52 +0200] rev 8548
[repo] fix debug code in DBG_REPO mode (closes #2469942)
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 13 Sep 2012 17:26:15 +0200] rev 8547
[datafeed] properly call hooks for inlined relations on entity creation. Closes #2481156
Julien Cristau <julien.cristau@logilab.fr> [Mon, 10 Sep 2012 15:17:10 +0200] rev 8546
[sources/native] automatically update passwords using deprecated hashes on login
Closes #2465904