don't override req.form['vid'] in the publisher's error_handler closes #5359234

when some inlined relation is set using cw_edited, its security shouldn't be checked. It's currently checked anyway because upon modification of `cw_edited`, `entity.skip_security` is updated to avoid security checking, but this is only considered for attributes, not relations. Closes #5477315

[test] stop depending on the email cube for hooks test Backport necessary part of its schema.

[schemas] cwuri should be read-only Closes #5457566

fix EditController._ordered_formparams method in case some mandatory relation isn't specified If you have an HTML form which doesn't carry information about some mandatory relation (maybe because this relation is set by a hook), you ends up with a KeyError when the form is posted. Using a get instead of subscription protocol fixes the problem. Closes #5481617.

[views] take into account subvid form param in SameETypeListView closes #5098473

[doc] fix errors in test_visibility_propagation example * forget to use the access instructions * wrong use of the function entity_from_eid * some indentation problems

i18n typo

[predicates] Use proper deprecation mechanisms

[doc] loadRemote does a POST by default

[doc] how to change logo using css

[doc] escape | operator so it will be visible in the docs

[doc] add missing import for FourOhFour class

[doc] the instance is sytweb_instance and sytweb is the cube

[server] Do not use progress bar when stdout is not a TTY Closes #5460552.

[wf] Fix Workflow.replace_state() Closes #5359131

[tags] add properly formated tags for 3.19 and 3.20 releases

[reledit] also check for cardinality before displaying the delete relation action. Closes #5334750

[schema] add a unique index on cwuri Closes #4985752

[web] move AbstractAuthManager near its immediate concrete subclass Related to #1381328.

[web] move abstract session manager to web/sessions Related to #1381328.

[repository] rename session -> cnx Related to #3933480.

[server/test] delete commented-out test Related to #3933480.

[connection] remove the `mode` attribute It is now unused. While removing mode, we also drop some sqlserver-specific reconnection logic snippets. These had several downsides: * untested * partial coverage * done at the wrong level Related to #2919309.

[connection] remove ensure_cnx_set context manager uses It has been deprecated in a previous changeset and is now a no-op. Related to #2919309.

[server] remove cnxset tracking, it is now unneeded Indeed, all cnxsets will now be acquired using the following API:: with session.new_cnx() as cnx: cnx.execute(...) # do stuff cnx.commit() These well-scoped blocks are the only place a cnxset can be acquired. The old use-case for un-delimited cnxsets (pyro/zmqpickle protocols) have been removed. The "mode" of connection objects becomes "write" forever (it will be removed in a couple of changesets). Related to #2919309.

[devtools] remove the remaining bw compat for old-style tests It is just: * dangerously untested right now * on the path of further bw compat removal (cnxset handling) webtest drops an apparently pointless .login call Related to #3933480.

[session] remove session-related bw compat code Related to #3933480.

[session/transaction] removed unused transaction class Related to #3933480.

[transactions] cleanup after the dbapi removal * end req vs cnx dichotomy * Transaction takes a cnx at __init__ time * a couple of super calls are fixed Related to #3933480.

[session/cnx] remove `session_handled` logic Related to #3837233 .

[web/sessions] reduce repoapi usage where possible Using session.new_cnx() should be the new preferred way. Related to #3837233.

[entity,storage] remove hackish code from the bfss path The ClientConnection/Connection duality brought some painful hacks that are no longer needed. Hence we can send entity._cw_update_attr_cache and ._cw_dont_cache_attribute to the grave. Related to #3837233

[connection] eliminate ClientConnection leftovers * in the documentation * in the docstrings * in code notations (e.g. clt_cnx -> cnx) Related to #3837233. From now, there should be just one ClientConnection left in repoapi.py.

[session] all cnx._session become cnx.session The _session belonged to ClientConnection, which is just gone. Related to #3837233.

[repoapi] fold ClientConnection into Connection Connection replaces ClientConnection everywhere. Some notes: * testlib: .client_cnx and .repo_cnx become aliases of .cnx (we might not want to tell people to update their tests again for just no real benefit, so we'll live with these aliases for a while) * entity.as_rset must not be cached because we risk caching result sets having a Connection object as .req (helps unittest_breadcrumbs) * entity._cw_dont_cache_attributes loses its repo/request special paths and only keeps its storage/bfss user (this helps unittest_wfobjs) * moreover, entity.cw_instantiate and .cw_set stop overriding the attributes cache *after* the before_*_entity hooks have run, because there is no need to (it is now actually harmful to do it and unittest_hooks.test_html_tidy* tests remain green because of this) * rset._build_entity sticks its .req onto the entity just fetched from the cache, because otherwise it might carry a _cw that is a Connection object where a Request is expected (helps unittest_views_actions) * we get overall better cache usages (entity caches were split over Request + ClientConnection and Connection), hence the changes unittest_entity and unittest_wfobjs * void the ecache when providing the cnx to a request object Having the entity cache pre-filled when we bind it to the request object hurts because these entities are bound to Connection objects, that lack e.g. `.form` or `.add_js` and crash the views subsystem. Thus, the unittest_testlib.test_error_raised test will are kept green. Closes #3837233

[migractions] remove any session related leftovers Also, the migration handler really wants a "repo" session anyway. This highlights a bug in unittest_wfobjs.test_duplicated_transition where an old connection is reused. It probably used to work because it was made of session + set_cnxset magic dust. Related to #3933480.

[session] provide missing apis to Connection From this point, Connection provides a superset of ClientConnection. Related to #3837233.

[connection] replace .running_dbapi_query with .hooks_in_progress The thing was badly named. It tries to help distinguish between queries issued directly by the programmer (e.g in the views: cnx.execute(...)) from queries issued from the hooks, operations ... or even the repository or the native source objects. It worked heuristically being associated with the security being disabled. We provide a better name and an implementation distinct from the security management methods. Related to #3933480.

[dataimport] Turn the module into a package Just `hg mv` dataimport.py and test/unittest_dataimport.py.

[dataimport] Properly escape strings sent to COPY FROM (closes #5278743) See http://www.postgresql.org/docs/9.1/static/sql-copy.html#AEN64296 for escaping codes.

[http] fix cache-control syntax in EtagHTTPCacheManager use , to separate cache response directive closes #5307539

[connection] provide some missing documentation bits The previous changesets remove information about session data and transaction data. We provide the necessary entries in the docstring of the Connection class. Related to #3933480.

[repoapi,session] remove all session-as-cnx backward compat The `dbapi` being gone, we now can drop the session object bw-compatibility layer. This will allow further simplifications, such as folding ClientConnection and Connection (without too much pain), and then having persistent sessions. Related to #3933480.

[server] drop repo.internal_session and InternalSession

Added tag cubicweb-version-3.20.7, cubicweb-debian-version-3.20.7-1, cubicweb-centos-version-3.20.7-1 for changeset 359d68bc1260

[pkg] 3.20.7

[dbapi] retire repo.[gs]et_shared_data which were used by the dbapi Related to #3933480