1. 07 Feb, 2019 2 commits
  2. 04 Feb, 2019 1 commit
    • Vincent Pelletier's avatar
      erp5_hal_json_style: Fix Base_redirect semantics. · e9389f1a
      Vincent Pelletier authored
      As noted in a comment in this BT's Base_redirect implementation, original code
      does raise when abort_transaction is true.
      Not raising in this implementation means that this script will return to caller,
      while it never does on original code.
      Also, to add insult to injury, this utterly bogus implementation interferes with
      transaction boundaries. So suddenly, a single publication spans over 2
      transactions, which can lead to:
      - ZODB Connection sharing, breaking transaction isolation
      - the second transaction implicitly created by this abort (actually, by the next
      transactional connector registration to transaction) may be committed,
      in which case anything done after Base_redirect returns will be
      persistently committed, against caller's explicitly specified intent, and against
      all developer expectations.
      
      NEVER TOUCH TRANSACTION ! Only CMFActivity and unittests are allowed
      this level of access (and CMFActivity should be modified out of this exceptional
      state).
      e9389f1a
  3. 01 Feb, 2019 2 commits
  4. 31 Jan, 2019 2 commits
  5. 29 Jan, 2019 2 commits
  6. 28 Jan, 2019 1 commit
  7. 25 Jan, 2019 2 commits
  8. 21 Jan, 2019 5 commits
  9. 18 Jan, 2019 15 commits
  10. 17 Jan, 2019 2 commits
    • Jérome Perrin's avatar
      discussion: remove temporary hidden input added for click · 7aa5fb76
      Jérome Perrin authored
      When clicking "Reply" on a discussion post, this script adds a hidden input to mark which post we are replying to.
      This cause problem  when ctrl+clicking reply to reply in a new tab, because it leaves the page with the extra hidden input, which cause problems, like clicking reply again cause `Error Value: You are not allowed to access '['1', '1']`' in this context , or clicking change page will reply.
      
      This is a minimal effort fix, just remove the added element after click.
      
      /reviewed-on nexedi/erp5!823
      7aa5fb76
    • Jérome Perrin's avatar
      Revert "Show Id of template." · b3c56f2b
      Jérome Perrin authored
      This reverts commit b7d9590c.
      
      Users are not supposed to edit templates because documents are not in
      their "normal" context, if user edit templates some unexpected things
      might happen. We don't want user to change state or do some actions that
      may cause interactions on other documents from a template. This was
      never strongly enforced, but there was not supposed to be an easy way
      for users to access the template document.
      
      With old versions of ERP5 (before the rework of isIndexable /
      isSubTreeIndexable ), users could also add lines inside the template
      document and these lines where indexable.
      
      Note that the way of editing templates is:
       * make a "real" document from the template
       * modify this document
       * use "Make Template" again - this will replace the document with the
      same title.
      
      /reviewed-on nexedi/erp5!822
      b3c56f2b
  11. 16 Jan, 2019 6 commits