- 17 Oct, 2018 2 commits
-
-
Jérome Perrin authored
This step just checks that multi relation field listbox shows a list of related document and that clicking on any item of the list leads to the related document. The order of related documents in the list has always been unspecified, but the first one was always 1 until recently. Because this test does not really care which one of the two related document was clicked, just assert that it's a document from foo_module. /reviewed-on nexedi/erp5!774
-
Jérome Perrin authored
89115b88 is great, but with "testFunctionalAnonymousSelection" the result HTML is more than 40Mo. /reviewed-on nexedi/erp5!772
-
- 16 Oct, 2018 8 commits
-
-
Ayush Tiwari authored
This will insure that the URL created for diff by `Base_redirect` will have the paramters `your_first_path` and `your_second_path` in it, thus making it unique and hence sharable. Before, we only used to have the name of selection in the URL which returned different result for different users.
-
Sven Franck authored
-
Xiaowu Zhang authored
-
Xiaowu Zhang authored
also use '>' instead of image
-
Xiaowu Zhang authored
-
Xiaowu Zhang authored
-
Xiaowu Zhang authored
-
Jérome Perrin authored
Assorted fixes and new features for support request app: Features * post are now HTML and use the preferred editor ( CKEditor by default ) * posts are ingested in Web Message and the app uses same data model as erp5_crm ( so it is able to display support request created with "standard" ERP5 interfaces) * date of post uses momentjs relative time (New message by Bob 1 hour ago...) Bug fixes: * post API no longer use proxy roles / immediate reindex * RSS was re-implemented to list events. The previous approach of listing support requests had an issue that the date of new posts was still the date of the original support request. * attached files to the "submit new support request" dialog where not uploaded * using a handlebars template we prevent html injection / XSS * increased test coverage /reviewed-on !769
-
- 15 Oct, 2018 1 commit
-
-
Vincent Pelletier authored
This was inefficient for two reasons: - any message we could validate during current iteration means a message we did not consider is now in the range we just scanned. And it will not be considered until validation node starts over and scan this same range again. - "LIMIT x,1000" pattern on >1000 messages causes a quick-growing number of extra rows scanned by the SQL database just to skip the "x" first rows: at 2000 rows present it must scan 1000 + 2000 = 3000 rows for a complete loop over all pending activities. At 3k rows it must scan 6k rows. At 4k, 10k. While this is an overestimation (some rows should be possible to validate, so these would be scanned once only), this overhead grows so large that this overestimation can become negligible. Instead, use a range condition consistent with query's "SORT ON", which is already efficiently materialised by an index: SQL database just has to dive into the existing index to start just above the last message from previous iteration, and resume scanning from there, solving both issues listed above.
-
- 12 Oct, 2018 2 commits
-
-
Vincent Pelletier authored
This method is called on every __getattr__ (guarded_getattr, actually) of every restricted python scripts. Which means each "." in the code triggers: - traversal to relevant acl_user folder - a user lookup just to get the same value throughout the execution of a script (as its owner does not change during execution). Also, in practice we have extremely few possible owners: very few users are allowed to edit code in an ERP5 instance, and if such instance is managed using the upgrader alarms, they will even further reduce this owner set to System Processes only. On a real-world web page rendering, this reduces the total number of traversal calls from 1500 to 1100, getting rid of the two hottest spots: /acl_users and /$site_id/acl_users .
-
Tristan Cavelier authored
-
- 11 Oct, 2018 19 commits
-
-
Jérome Perrin authored
-
Jérome Perrin authored
Publishing was too open, sharing is a better state. Setting the document as followup of the ticket and the support request project and the support request organisation seems a good default to set security so that project members or users working on the ticket can see documents. Also ingest document in two steps: * first step is to create the document and activate DMS metadata discovery * second step is to share the document, once the necessary roles have been given to the user What's still not good with this approach is that DMS ingestion might merge this new document with an already existing document. This case is not supported and needs an extension to ingestion API
-
Jérome Perrin authored
This prevents html injection for Mr. <script>
-
Jérome Perrin authored
Some users might be able to post messages without being able to modify the support request
-
Jérome Perrin authored
This is better than getting it in another HTTP request.
-
Jérome Perrin authored
no need to to request server for this
-
Jérome Perrin authored
* format code as jslint expects it * use RSVP.Queue instead of Promise
-
Jérome Perrin authored
When this is called in the test suite, the current user is already logged in as manager.
-
Jérome Perrin authored
-
Yusei Tahara authored
But category group should be used to support all arrow categories.
-
Jérome Perrin authored
So that we can see if a post was ingested or not.
-
Jérome Perrin authored
-
Jérome Perrin authored
This is more understandable
-
Jérome Perrin authored
and add a few assertion on the posted messages content
-
Jérome Perrin authored
-
Jérome Perrin authored
using momentjs that's already bundled in jiodev.js
-
Jérome Perrin authored
/reviewed-on nexedi/erp5!755
-
Tristan Cavelier authored
/reviewed-on nexedi/erp5!720
-
Arnaud Fontaine authored
* Instead of Person.reference, Person.user_id is now used to log in (fe27a9c3). * Fields text were renamed to follow naming conventions (329c196d).
-
- 10 Oct, 2018 3 commits
-
-
Ayush Tiwari authored
/reviewed-on nexedi/erp5!770
-
Jérome Perrin authored
https://www.erp5.com/documentation/developer/guideline/module/erp5-Guideline.Module.Creation#set-form-encytype-to-multipart/form-data-when-using-file-upload as a result, attaching files when submitting support request was not working
-
Jérome Perrin authored
Also: * post are now HTML and not plain text * all event types are returned by SupportRequest_getCommentPostListAsJson (so that the app can also display support request used in "traditional" erp5 interface) * instead of immediate reindex, we store the "just posted" data in portal_session. * events are created using resource defined as a web site "layout" property (that's not yet editable) * posts do not receive a message-id yet (because ui part is not yet updated for that), so generate a message-id server side (by just using id)
-
- 09 Oct, 2018 5 commits
-
-
Jérome Perrin authored
* add a `source_reference` field to store message-id * store the raw content "as is" - there is not preview for this reason ( because it might be unsafe html or whatever) * remove proxy roles on scripts. User must have permission. * minor simplifications
-
Jérome Perrin authored
-
Jérome Perrin authored
-
Jérome Perrin authored
/reviewed-on nexedi/erp5!763
-
Jérome Perrin authored
This snapshot were made on Chrome 70 (ChromeOS) with a 1001x932 window (innerHeight x innerWidth)
-