- 16 Oct, 2018 3 commits
-
-
Xiaowu Zhang authored
-
Xiaowu Zhang authored
-
Jérome Perrin authored
Assorted fixes and new features for support request app: Features * post are now HTML and use the preferred editor ( CKEditor by default ) * posts are ingested in Web Message and the app uses same data model as erp5_crm ( so it is able to display support request created with "standard" ERP5 interfaces) * date of post uses momentjs relative time (New message by Bob 1 hour ago...) Bug fixes: * post API no longer use proxy roles / immediate reindex * RSS was re-implemented to list events. The previous approach of listing support requests had an issue that the date of new posts was still the date of the original support request. * attached files to the "submit new support request" dialog where not uploaded * using a handlebars template we prevent html injection / XSS * increased test coverage /reviewed-on nexedi/erp5!769
-
- 15 Oct, 2018 1 commit
-
-
Vincent Pelletier authored
This was inefficient for two reasons: - any message we could validate during current iteration means a message we did not consider is now in the range we just scanned. And it will not be considered until validation node starts over and scan this same range again. - "LIMIT x,1000" pattern on >1000 messages causes a quick-growing number of extra rows scanned by the SQL database just to skip the "x" first rows: at 2000 rows present it must scan 1000 + 2000 = 3000 rows for a complete loop over all pending activities. At 3k rows it must scan 6k rows. At 4k, 10k. While this is an overestimation (some rows should be possible to validate, so these would be scanned once only), this overhead grows so large that this overestimation can become negligible. Instead, use a range condition consistent with query's "SORT ON", which is already efficiently materialised by an index: SQL database just has to dive into the existing index to start just above the last message from previous iteration, and resume scanning from there, solving both issues listed above.
-
- 12 Oct, 2018 2 commits
-
-
Vincent Pelletier authored
This method is called on every __getattr__ (guarded_getattr, actually) of every restricted python scripts. Which means each "." in the code triggers: - traversal to relevant acl_user folder - a user lookup just to get the same value throughout the execution of a script (as its owner does not change during execution). Also, in practice we have extremely few possible owners: very few users are allowed to edit code in an ERP5 instance, and if such instance is managed using the upgrader alarms, they will even further reduce this owner set to System Processes only. On a real-world web page rendering, this reduces the total number of traversal calls from 1500 to 1100, getting rid of the two hottest spots: /acl_users and /$site_id/acl_users .
-
Tristan Cavelier authored
-
- 11 Oct, 2018 19 commits
-
-
Jérome Perrin authored
-
Jérome Perrin authored
Publishing was too open, sharing is a better state. Setting the document as followup of the ticket and the support request project and the support request organisation seems a good default to set security so that project members or users working on the ticket can see documents. Also ingest document in two steps: * first step is to create the document and activate DMS metadata discovery * second step is to share the document, once the necessary roles have been given to the user What's still not good with this approach is that DMS ingestion might merge this new document with an already existing document. This case is not supported and needs an extension to ingestion API
-
Jérome Perrin authored
This prevents html injection for Mr. <script>
-
Jérome Perrin authored
Some users might be able to post messages without being able to modify the support request
-
Jérome Perrin authored
This is better than getting it in another HTTP request.
-
Jérome Perrin authored
no need to to request server for this
-
Jérome Perrin authored
* format code as jslint expects it * use RSVP.Queue instead of Promise
-
Jérome Perrin authored
When this is called in the test suite, the current user is already logged in as manager.
-
Jérome Perrin authored
-
Yusei Tahara authored
But category group should be used to support all arrow categories.
-
Jérome Perrin authored
So that we can see if a post was ingested or not.
-
Jérome Perrin authored
-
Jérome Perrin authored
This is more understandable
-
Jérome Perrin authored
and add a few assertion on the posted messages content
-
Jérome Perrin authored
-
Jérome Perrin authored
using momentjs that's already bundled in jiodev.js
-
Jérome Perrin authored
/reviewed-on nexedi/erp5!755
-
Tristan Cavelier authored
/reviewed-on nexedi/erp5!720
-
Arnaud Fontaine authored
* Instead of Person.reference, Person.user_id is now used to log in (fe27a9c3). * Fields text were renamed to follow naming conventions (329c196d).
-
- 10 Oct, 2018 3 commits
-
-
Ayush Tiwari authored
/reviewed-on !770
-
Jérome Perrin authored
https://www.erp5.com/documentation/developer/guideline/module/erp5-Guideline.Module.Creation#set-form-encytype-to-multipart/form-data-when-using-file-upload as a result, attaching files when submitting support request was not working
-
Jérome Perrin authored
Also: * post are now HTML and not plain text * all event types are returned by SupportRequest_getCommentPostListAsJson (so that the app can also display support request used in "traditional" erp5 interface) * instead of immediate reindex, we store the "just posted" data in portal_session. * events are created using resource defined as a web site "layout" property (that's not yet editable) * posts do not receive a message-id yet (because ui part is not yet updated for that), so generate a message-id server side (by just using id)
-
- 09 Oct, 2018 12 commits
-
-
Jérome Perrin authored
* add a `source_reference` field to store message-id * store the raw content "as is" - there is not preview for this reason ( because it might be unsafe html or whatever) * remove proxy roles on scripts. User must have permission. * minor simplifications
-
Jérome Perrin authored
-
Jérome Perrin authored
-
Jérome Perrin authored
/reviewed-on nexedi/erp5!763
-
Jérome Perrin authored
This snapshot were made on Chrome 70 (ChromeOS) with a 1001x932 window (innerHeight x innerWidth)
-
Jérome Perrin authored
To Compare a "screenshot" of a DOM element with a reference snapshot. This check supports the following parameters: * locator - an element locator * misMatchTolerance - the percentage of mismatch allowed. If this is 0, the images must be exactly same. If more than 0, image will also be resized.
-
Jérome Perrin authored
https://github.com/niklasvh/html2canvas Copyright (c) 2012 Niklas von Hertzen
-
Jérome Perrin authored
from https://github.com/HuddleEng/Resemble.js/blob/v2.10.2/resemble.js
© 2013 Huddle -
Jérome Perrin authored
-
Jérome Perrin authored
to get stable sort and prevent "random" test failures.
-
Jérome Perrin authored
"Restore" sounds a bit strange to me in this context.
-
Jérome Perrin authored
So that we can wait for this in the tests
-