- 28 Dec, 2021 2 commits
-
-
Jérome Perrin authored
This is intended to replace portal_workflow.doActionFor with edit_action, which was only available for users with modify portal content permission on the document and also is a bit low level. It is a common, especially in project specific code that we use edit_action to leave notes in history and provide better traceability and we sometimes do this on documents where user does not have the modify portal content permission.
-
Gabriel Monnerat authored
We don't need Permissions.ModifyPortalContent, Permissions.AccessContentsInformation is enough. This is consistent with the security declarations in Base and Folder. https://lab.nexedi.com/nexedi/erp5/blob/08be2f8cc936fbdc3d5bafb4355c3a475198abc1/product/ERP5Type/Base.py#L2632 https://lab.nexedi.com/nexedi/erp5/blob/08be2f8cc936fbdc3d5bafb4355c3a475198abc1/product/ERP5Type/Core/Folder.py#L1434
-
- 27 Dec, 2021 1 commit
-
-
Vincent Pelletier authored
I did not identify this monkey-patch.
-
- 23 Dec, 2021 1 commit
-
-
Vincent Pelletier authored
- Ignore node preference when spawning activities. Otherwise, activities which are not spawned with a preferred node will get an effective priority penalty compared to same-priority activities spawned *with* a node preference, despite both being to execute by the same processing node. - Break activity processing loop when the current processing node is also the activity validation node. This avoids pathological cases of activity accumulation, for example when reindexing an entire site: _recurseCallMethod is spawned in processing_node=0, but immediateReindexObject is spawned in processing_node=-1 because of serialization_tag dependency, so with such loop _recurseCallMethod will be executed over and over, piling indexation activities up until _recurseCallMethod does not self-respawn. In turn, such activity accumulation lead to an increased overhead, and decreased activity processing efficiency. This may also allow multi-node instances to more reliably use the validation node as a processing node. The cost for multi-node instances of these changes should be absolutely minimal (no extra IO necessary, minimal extra code). A possible drawback on single-node instances is that tic period may become more important because process_timer will return more often.
-
- 22 Dec, 2021 1 commit
-
-
Romain Courteaud authored
If one callable has the default ID '1', it will break nearly all newContent calls on empty object
-
- 21 Dec, 2021 1 commit
-
-
Romain Courteaud authored
-
- 15 Dec, 2021 5 commits
- 14 Dec, 2021 4 commits
-
-
Roque authored
-
Romain Courteaud authored
-
Romain Courteaud authored
- 13 Dec, 2021 2 commits
-
-
Romain Courteaud authored
-
Romain Courteaud authored
-
- 07 Dec, 2021 2 commits
-
-
Cédric Le Ninivin authored
-
Levin Zimmermann authored
Adding **kw prevents "Unexpected keyword argument 'select_favorite'". The removed arguments url, user and password aren't used by the Script and can therefore be removed.
-
- 03 Dec, 2021 1 commit
-
-
Vincent Pelletier authored
Allows using an empty fallback value with "replace" set to trigger header removal.
-
- 02 Dec, 2021 1 commit
-
-
Cédric Le Ninivin authored
See merge request !1501
-
- 30 Nov, 2021 1 commit
-
-
Cédric Le Ninivin authored
erp5_openid_connect_client_login: Add dedicated cache factory to work with open id connect erp5_openid_connect_client_login: Add Scope, Client Metadata and state * Add configurable scope to connector * Client Metadata is a JSON defined on connector * Add state parameter to make redirect non repeatable erp5_openid_connect_client_login: Update OpenId Connect to be be fully functionnal erp5_openid_connect_client_login: Add tests and some minor fixup erp5_openid_connect_client_login: Don't call create user on each call to callback erp5_openid_connect_client_login: Test create connector in portal web services erp5_openid_connect_client_login: Fix test on open Id connector creation in afterSetUp OpenIDConnect: Add Extraction Plugin openidconnect: Have functionnal Extractor erp5_core: Add Case of OpenId Connect Client erp5_xhtml_style: Add OpenId Connect to Login Form erp5_web: Add OpenId Connect Logout erp5_web_renderjs_ui: Add OpenId Connect to Login Form and Logout erp5_credential: Add OpenId Connect to login form
-
- 29 Nov, 2021 11 commits
-
-
Romain Courteaud authored
It is GPDR compliant, as no cookie is set
-
Romain Courteaud authored
Use CSP to improve protection against XSS and improve user privacy. No javascript is supposed to be executed on the error page.
-
Romain Courteaud authored
-
Romain Courteaud authored
Such web sites are meant for anonymous access only, to improve CDN usage.
-
Romain Courteaud authored
Do not load any JS, because the gadget may crash too, as no erp5 field is rendered Allow users to go to the homepage.
-
Romain Courteaud authored
Prevent img to increase the page width.
-
Romain Courteaud authored
-
Romain Courteaud authored
Most listbox functionnalities are not supported by web_js_style for now, as no form is used by default
-
Romain Courteaud authored
Their contents is already provided by the HTML page template.
-
Romain Courteaud authored
Generate a hfeed in the HTML rendering. https://indieweb.org/feed Provide a RSS feed automatically. Only generate the feed when rendering the web section in view mode. Extract all feed informations in Javascript to allow styling it as a blog. Add bt5 dependency to erp5_dms to retrieve the author title.
-
Romain Courteaud authored
This allows called script to call script on them
-
- 26 Nov, 2021 2 commits
-
-
Cédric Le Ninivin authored
-
Cédric Le Ninivin authored
-
- 24 Nov, 2021 2 commits
-
-
Jérome Perrin authored
This stopped working when the signature of Message.__init__ changed in 06aee0c2 (CMFActivity.ActivityTool: Use uid for identity check instead of oid., 2019-09-17)
-
Jérome Perrin authored
"Access Tool" sounds like a tool to access, but this setting is about giving access to ERP5 tools from the module list.
-
- 19 Nov, 2021 2 commits
-
-
Xiaowu Zhang authored
See merge request !1509
-
Romain Courteaud authored
See merge request !1510
-
- 18 Nov, 2021 1 commit
-
-
Xiaowu Zhang authored
we have such error: .... if context.getValidationState() in ["draft", "deleted", "cancelled", "archived"]: Module Products.ERP5Type.Accessor.WorkflowState, line 60, in __call__ return wf._getWorkflowStateOf(instance, id_only=1) Module Products.ERP5Type.Core.Workflow, line 609, in _getWorkflowStateOf state_id = 'state_' + status.get(self.getStateVariable(), None) TypeError: cannot concatenate 'str' and 'NoneType' objects
-