- 06 Jan, 2022 3 commits
-
-
Gabriel Monnerat authored
* Render graphics in RJS without code * Supporting the generation of bar graphics using domains * Build graphics from listbox The idea is get more information from listbox and make the script a bit smarter
-
Vincent Pelletier authored
Ownership and Owner role are distinct: catalog's "viewable_owner" is role-based, but "owner" is ownership based. As permissions are applied by catalog in addition to any given parameter, this should not change the result of this query. And as any owner which does not have the Owner role would cause this script to fail on the assertion, this should not change the result of this script in any way besides avoiding AssertionErrors.
-
Vincent Pelletier authored
Also, reindex modified documents, as ownership and Owner role are present in catalog.
-
- 04 Jan, 2022 1 commit
-
-
Romain Courteaud authored
-
- 03 Jan, 2022 4 commits
-
-
Romain Courteaud authored
-
Xiaowu Zhang authored
-
Xiaowu Zhang authored
-
Xiaowu Zhang authored
-
- 31 Dec, 2021 4 commits
-
-
Roque authored
See merge request nexedi/erp5!1528
-
Roque authored
-
Roque authored
- image editor - web table editor
-
Roque authored
- text editor - slide editor - svg editor - javascript editor - pdf viewer
-
- 28 Dec, 2021 3 commits
-
-
Vincent Pelletier authored
erp5_ui_test_core: Make waitForActivities independent from the number of activities processed per tic. That number was vastly decreased, causing UI tests to bail with "tic is looping forever" for no good reason. Convert such logic into a deadline one.
-
Jérome Perrin authored
This is intended to replace portal_workflow.doActionFor with edit_action, which was only available for users with modify portal content permission on the document and also is a bit low level. It is a common, especially in project specific code that we use edit_action to leave notes in history and provide better traceability and we sometimes do this on documents where user does not have the modify portal content permission.
-
Gabriel Monnerat authored
We don't need Permissions.ModifyPortalContent, Permissions.AccessContentsInformation is enough. This is consistent with the security declarations in Base and Folder. https://lab.nexedi.com/nexedi/erp5/blob/08be2f8cc936fbdc3d5bafb4355c3a475198abc1/product/ERP5Type/Base.py#L2632 https://lab.nexedi.com/nexedi/erp5/blob/08be2f8cc936fbdc3d5bafb4355c3a475198abc1/product/ERP5Type/Core/Folder.py#L1434
-
- 27 Dec, 2021 1 commit
-
-
Vincent Pelletier authored
I did not identify this monkey-patch.
-
- 23 Dec, 2021 1 commit
-
-
Vincent Pelletier authored
- Ignore node preference when spawning activities. Otherwise, activities which are not spawned with a preferred node will get an effective priority penalty compared to same-priority activities spawned *with* a node preference, despite both being to execute by the same processing node. - Break activity processing loop when the current processing node is also the activity validation node. This avoids pathological cases of activity accumulation, for example when reindexing an entire site: _recurseCallMethod is spawned in processing_node=0, but immediateReindexObject is spawned in processing_node=-1 because of serialization_tag dependency, so with such loop _recurseCallMethod will be executed over and over, piling indexation activities up until _recurseCallMethod does not self-respawn. In turn, such activity accumulation lead to an increased overhead, and decreased activity processing efficiency. This may also allow multi-node instances to more reliably use the validation node as a processing node. The cost for multi-node instances of these changes should be absolutely minimal (no extra IO necessary, minimal extra code). A possible drawback on single-node instances is that tic period may become more important because process_timer will return more often.
-
- 22 Dec, 2021 1 commit
-
-
Romain Courteaud authored
If one callable has the default ID '1', it will break nearly all newContent calls on empty object
-
- 21 Dec, 2021 1 commit
-
-
Romain Courteaud authored
-
- 15 Dec, 2021 5 commits
- 14 Dec, 2021 4 commits
-
-
Roque authored
See merge request nexedi/erp5!1522
-
Roque authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
- 13 Dec, 2021 2 commits
-
-
Romain Courteaud authored
-
Romain Courteaud authored
-
- 07 Dec, 2021 2 commits
-
-
Cédric Le Ninivin authored
-
Levin Zimmermann authored
Adding **kw prevents "Unexpected keyword argument 'select_favorite'". The removed arguments url, user and password aren't used by the Script and can therefore be removed.
-
- 03 Dec, 2021 1 commit
-
-
Vincent Pelletier authored
Allows using an empty fallback value with "replace" set to trigger header removal.
-
- 02 Dec, 2021 1 commit
-
-
Cédric Le Ninivin authored
See merge request nexedi/erp5!1501
-
- 30 Nov, 2021 1 commit
-
-
Cédric Le Ninivin authored
erp5_openid_connect_client_login: Add dedicated cache factory to work with open id connect erp5_openid_connect_client_login: Add Scope, Client Metadata and state * Add configurable scope to connector * Client Metadata is a JSON defined on connector * Add state parameter to make redirect non repeatable erp5_openid_connect_client_login: Update OpenId Connect to be be fully functionnal erp5_openid_connect_client_login: Add tests and some minor fixup erp5_openid_connect_client_login: Don't call create user on each call to callback erp5_openid_connect_client_login: Test create connector in portal web services erp5_openid_connect_client_login: Fix test on open Id connector creation in afterSetUp OpenIDConnect: Add Extraction Plugin openidconnect: Have functionnal Extractor erp5_core: Add Case of OpenId Connect Client erp5_xhtml_style: Add OpenId Connect to Login Form erp5_web: Add OpenId Connect Logout erp5_web_renderjs_ui: Add OpenId Connect to Login Form and Logout erp5_credential: Add OpenId Connect to login form
-
- 29 Nov, 2021 5 commits
-
-
Romain Courteaud authored
It is GPDR compliant, as no cookie is set
-
Romain Courteaud authored
Use CSP to improve protection against XSS and improve user privacy. No javascript is supposed to be executed on the error page.
-
Romain Courteaud authored
-
Romain Courteaud authored
Such web sites are meant for anonymous access only, to improve CDN usage.
-
Romain Courteaud authored
Do not load any JS, because the gadget may crash too, as no erp5 field is rendered Allow users to go to the homepage.
-