--- a/.hgtags Thu Jan 10 18:31:43 2013 +0100
+++ b/.hgtags Thu Jan 17 18:30:08 2013 +0100
@@ -272,3 +272,5 @@
b05e156b8fe720494293b08e7060ba43ad57a5c8 cubicweb-debian-version-3.15.6-1
d8916cee7b705fec66fa2797ab89ba3e3b617ced cubicweb-version-3.15.7
c5400558f37079a8bf6f2cd27a1ffd49321f3d8b cubicweb-debian-version-3.15.7-1
+459d0c48dfafee903c15a5349d321f6e8f998cbb cubicweb-version-3.15.8
+4ef457479337396f63bf00c87cedcbb7cb5a6eee cubicweb-debian-version-3.15.8-1
--- a/debian/changelog Thu Jan 10 18:31:43 2013 +0100
+++ b/debian/changelog Thu Jan 17 18:30:08 2013 +0100
@@ -1,3 +1,12 @@
+cubicweb (3.15.8-2) UNRELEASED; urgency=low
+
+ * Don't compress txt files. They're used by the doc's search functionality,
+ and the javascript gets confused if it receives gzip instead of text.
+ * Work around broken combination of jquery 1.4 and sphinx 0.6 in squeeze by
+ patching up doctools.js.
+
+ -- Julien Cristau <jcristau@debian.org> Wed, 09 Jan 2013 19:09:16 +0100
+
cubicweb (3.15.8-1) squeeze; urgency=low
* New upstream release
--- a/debian/rules Thu Jan 10 18:31:43 2013 +0100
+++ b/debian/rules Thu Jan 17 18:30:08 2013 +0100
@@ -18,6 +18,11 @@
# distributions and we don't want to block a new release of Cubicweb
# because of documentation issues.
-PYTHONPATH=$${PYTHONPATH:+$${PYTHONPATH}:}$(CURDIR)/debian/pythonpath $(MAKE) -C doc/book/en all
+ # squeeze has a broken combination of jquery and sphinx, fix it up so search works(ish)
+ if grep -q jQuery\\.className doc/html/_static/doctools.js && grep -q "jQuery JavaScript Library v1\.4\." doc/html/_static/jquery.js; then \
+ echo 'Patching doctools.js for jQuery 1.4 compat'; \
+ sed -i 's/jQuery\.className.has(node\.parentNode, className)/jQuery(node.parentNode).hasClass(className)/' doc/html/_static/doctools.js; \
+ fi
rm -rf debian/pythonpath
touch build-stamp
@@ -74,7 +79,7 @@
dh_installman -i
dh_installchangelogs -i
dh_link -i
- dh_compress -i -X.py -X.ini -X.xml -X.js -X.rst
+ dh_compress -i -X.py -X.ini -X.xml -X.js -X.rst -X.txt
dh_fixperms -i
dh_installdeb -i
dh_gencontrol -i
--- a/devtools/testlib.py Thu Jan 10 18:31:43 2013 +0100
+++ b/devtools/testlib.py Thu Jan 17 18:30:08 2013 +0100
@@ -1,4 +1,4 @@
-# copyright 2003-2012 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
+# copyright 2003-2013 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
#
# This file is part of CubicWeb.
@@ -45,6 +45,7 @@
from cubicweb import ValidationError, NoSelectableObject, AuthenticationError
from cubicweb import cwconfig, dbapi, devtools, web, server
+from cubicweb.utils import json
from cubicweb.sobjects import notification
from cubicweb.web import Redirect, application
from cubicweb.server.session import Session
@@ -85,6 +86,11 @@
protected_entities = yams.schema.BASE_TYPES.union(SYSTEM_ENTITIES)
return set(schema.entities()) - protected_entities
+class JsonValidator(object):
+ def parse_string(self, data):
+ json.loads(data)
+ return data
+
# email handling, to test emails sent by an application ########################
MAILBOX = []
@@ -793,11 +799,11 @@
#'application/xhtml+xml': DTDValidator,
'application/xml': htmlparser.SaxOnlyValidator,
'text/xml': htmlparser.SaxOnlyValidator,
+ 'application/json': JsonValidator,
'text/plain': None,
'text/comma-separated-values': None,
'text/x-vcard': None,
'text/calendar': None,
- 'application/json': None,
'image/png': None,
}
# maps vid : validator name (override content_type_validators)
--- a/entity.py Thu Jan 10 18:31:43 2013 +0100
+++ b/entity.py Thu Jan 17 18:30:08 2013 +0100
@@ -579,8 +579,10 @@
"""custom json dumps hook to dump the entity's eid
which is not part of dict structure itself
"""
+ self.complete()
dumpable = self.cw_attr_cache.copy()
dumpable['eid'] = self.eid
+ dumpable['__cwetype__'] = self.__regid__
return dumpable
def cw_adapt_to(self, interface):
--- a/server/test/unittest_security.py Thu Jan 10 18:31:43 2013 +0100
+++ b/server/test/unittest_security.py Thu Jan 17 18:30:08 2013 +0100
@@ -606,6 +606,16 @@
{'ti': trinfo.eid})
def test_emailaddress_security(self):
+ # check for prexisting email adresse
+ if self.execute('Any X WHERE X is EmailAddress'):
+ rset = self.execute('Any X, U WHERE X is EmailAddress, U use_email X')
+ msg = ['Preexisting email readable by anon found!']
+ tmpl = ' - "%s" used by user "%s"'
+ for i in xrange(len(rset)):
+ email, user = rset.get_entity(i, 0), rset.get_entity(i, 1)
+ msg.append(tmpl % (email.dc_title(), user.dc_title()))
+ raise RuntimeError('\n'.join(msg))
+ # actual test
self.execute('INSERT EmailAddress X: X address "hop"').get_entity(0, 0)
self.execute('INSERT EmailAddress X: X address "anon", U use_email X WHERE U login "anon"').get_entity(0, 0)
self.commit()
--- a/web/test/unittest_application.py Thu Jan 10 18:31:43 2013 +0100
+++ b/web/test/unittest_application.py Thu Jan 17 18:30:08 2013 +0100
@@ -154,11 +154,6 @@
class ApplicationTC(CubicWebTC):
- def setUp(self):
- super(ApplicationTC, self).setUp()
- def raise_hdlr(*args, **kwargs):
- raise
- self.app.error_handler = raise_hdlr
@classproperty
def config(cls):
--- a/web/views/json.py Thu Jan 10 18:31:43 2013 +0100
+++ b/web/views/json.py Thu Jan 17 18:30:08 2013 +0100
@@ -111,12 +111,7 @@
title = _('json-entities-export-view')
def call(self):
- entities = []
- for entity in self.cw_rset.entities():
- entity.complete() # fetch all attributes
- # hack to add extra metadata
- entity.cw_attr_cache.update({
- '__cwetype__': entity.__regid__,
- })
- entities.append(entity)
- self.wdata(entities)
+ if self.cw_rset is None:
+ self.wdata([self.cw_extra_kwargs.get('entity')])
+ else:
+ self.wdata(list(self.cw_rset.entities()))