- 14 Sep, 2017 1 commit
-
-
Jérome Perrin authored
This action should only be possible if user have View History permission. erp5_data_protection relies on removing the "View History" permission to make sure users cannot see the properties before protection in the history tab. This was supported by Base_viewHistory, but not by ZODB History (cherry picked from commit d2c08463)
-
- 12 Sep, 2017 1 commit
-
-
Jérome Perrin authored
This way, guarded_getattr is used and accessor permission is applied.
-
- 02 Jun, 2017 8 commits
-
-
Jérome Perrin authored
Abort transaction, we do not need changes made by test to persist. Execute pending activities before removing persons, the pending activities might be relying on the existence of persons.
-
Jérome Perrin authored
-
Jérome Perrin authored
-
Jérome Perrin authored
-
Jérome Perrin authored
-
Jérome Perrin authored
This changes API on a script that some projects have customized, but getActiveUserPreferecnce "should work" even with an old script not returning preferences. In that case, first call to getActiveUserPreference will create preference but not return it, but next time getActiveUserPreference is called, the preference will probably be indexed and will be returned.
-
Jérome Perrin authored
This method creates a user preference if no preference exists.
-
Jérome Perrin authored
We do not need to pre-create user preferences, especially that creating them too early creates one preferences for each person created in person module and does not allow Person_createUserPreference to create preference based on person's assignments are they are not created yet. We do not need to clear cache when deleting user logins anymore. This problem was fixed differently. Adjust tests that was relying on cache being cleared when persons ar deleted: testERP5Web.TestERP5Web.test_15_Check_LastModified_Header was never isolated from test_14. test_14 was filling Base_getWebDocumentDrivenModificationDate cache and this cache got clear when the persons where being deleted during tearDown. When removing this interaction clearing cache, we revealed this weakness. Choosen solution was to clear cache before checking response headers, to make sure we don't get something filled by a previous test.
-
- 11 May, 2017 3 commits
-
-
Jérome Perrin authored
This reverts commit f547e874.
-
Jérome Perrin authored
This reverts commit 814afaf3.
-
Jérome Perrin authored
This reverts commit 7c8082a2.
-
- 09 May, 2017 1 commit
-
-
Gabriel Monnerat authored
The interaction should also be triggered if a Calendar Exception is changed.
-
- 02 May, 2017 26 commits
-
-
Jérome Perrin authored
Especially because we do not need them in predicate table. This applies to many cell portal types.
-
Jérome Perrin authored
Especially because we do not need them in predicate table.
-
Jérome Perrin authored
Especially because we do not need them in predicate table.
-
Jérome Perrin authored
Especially because we do not need them in predicate table.
-
Jérome Perrin authored
predicate_category was already doing this correctly
-
Jérome Perrin authored
Performance is still not optimal, but should be better than before. At least it does not assume that movements will be in predicate table.
-
Jérome Perrin authored
variation_category is implemented
-
Jérome Perrin authored
-
Jérome Perrin authored
If exception happens when contacting google server, just propagate it, PAS will handle it.
-
Jérome Perrin authored
fixup! erp5_oauth_google_login: Set access_type as offline to be possible refresh token in background and automatically refreshing token was not working because of incorrect API usage
-
Jérome Perrin authored
Happens when user has a __ac_google_hash cookie but token cannot be found in token storage. In that case login wouldn't be possible anyway, but we should not pollute the logs.
-
Jérome Perrin authored
-
Jérome Perrin authored
-
Jérome Perrin authored
-
Jérome Perrin authored
Base.edit has this feature of not actually modifying the properties when the new property value is same as the current one, so when we do `movement.edit(price=x)`, this will cause an implicit getPrice. As price lookup is a bit slow, do not lookup price in this case.
-
Jérome Perrin authored
-
Jérome Perrin authored
tell business template to keep z_catalog_stock_list when upgrading erp5_calendar
-
Jérome Perrin authored
Because CatalogTemplateItem uses a special preinstall method, their way of computing modified objet did not support template_keep_path_list. To support template_keep_path_list, we must give priority to ObjectTemplateItem.preinstall, because BaseTemplateItem.preinstall does not work with path.
-
Jérome Perrin authored
-
Gabriel Monnerat authored
Google Logins are created manually in the backend instead of automatically through Base_createOAuth2User
-
Gabriel Monnerat authored
erp5_oauth_google_login: Set access_type as offline to be possible refresh token in background and automatically access_type as offline indicates whether your application can refresh access tokens when the user is not present at the browser. This value instructs the Google authorization server to return a refresh token and an access token the first time that your application exchanges an authorization code for tokens state. Also the code was simplied to use oauth2client rather than http requests directly use persistent cache instead of ram cache to lose token if we restart all nodes
-
Jérome Perrin authored
-
Jérome Perrin authored
No need to use a opaque user id. If we use mail address, to enable google login for an existing user, we just have to "create google login with email address and validate google login".
-
Jérome Perrin authored
-
Jérome Perrin authored
A more apporpriate place would be a dedicated "signup using oauth" page, relying on erp5_credential for the actual user creation.
-
Jérome Perrin authored
-