34b9be4efa
Don't use str.format() when logging.
...
The correct way to log is to use %-formatting, and pass the format args to
the logging function. This prevents the string from being formatted at all
when the log item isn't logged anywhere (in this case, when the log level
is WARNING or higher).
2017-05-31 11:03:04 +02:00
2c78697e80
Pass extension pages to all extensions' "project settings" pages.
2017-05-31 10:35:49 +02:00
f953f1e51b
Moved common Jade code for project edit pages into projects/edit_layout.jade
2017-05-31 10:35:49 +02:00
207dacf816
Reindex users that have not been deleted
2017-05-28 20:21:06 +02:00
add1c8b9b3
Make ROLES_FOR_COMMENT_VOTING a config value
...
This way we can override it when extending Pillar for other projects that might not require the 'subscriber' or 'demo' roles.
2017-05-28 19:04:11 +02:00
85922f4493
Fix to support missing roles key in user
2017-05-24 19:42:44 +02:00
a7d3ba24b4
Refactor cli scripts in submodules
2017-05-24 19:41:35 +02:00
10c584daab
Skip user indexing if user has service group
2017-05-24 18:11:36 +02:00
fe56b04f7d
Remove bottom link on sitemap
2017-05-24 18:03:49 +02:00
43d4a36a0d
CLI functions for index management
...
When developing locally, it is important to set up a dedicated indexing backend. With these two operations functions it is now possible.
- index_users_rebuild: Clear users index, update settings and reindex all users.
- index_users_update_settings: Configure indexing backend as required by the project
2017-05-24 18:02:39 +02:00
12a8a34bdc
Fixed JS injection vulnerability.
...
JavaScript in the user's full name or username was executed when adding
that user to a project.
2017-05-24 16:32:05 +02:00
85b6ff2d7f
Use str2id(x) instead of ObjectId(x)
...
The latter produces an internal server error if 'x' is not a valid ObjectId,
whereas the fromer produces a 400 Bad Request.
2017-05-24 16:31:15 +02:00
4edbcd6a98
PEP8 formatting
2017-05-24 15:48:27 +02:00
2ba52e2467
Allow extensions to have a project settings page.
2017-05-24 15:48:27 +02:00
b7bccfeee3
Annotate sidebar_links(project) param + return type
2017-05-24 15:48:27 +02:00
43a04880e0
Allow extensions to declare their icon.
...
The PillarExtension.icon() property returns the icon HTML class,
for use like i.pi-{{ext.icon}}
2017-05-24 15:48:27 +02:00
0cf96e47e8
Added @project_view() decorator to reduce duplicated code.
2017-05-24 15:48:27 +02:00
7fbe648d99
Import current_app from pillar instead of flask
2017-05-24 15:48:27 +02:00
1ce13b71a3
Add type annotation to app.pillar_extensions
2017-05-24 15:48:27 +02:00
4e268510f2
Declare pillar.current_app before importing other Pillar modules.
...
This makes it easier/possible to just do "from pillar import current_app"
in submodules.
2017-05-24 15:48:27 +02:00
1f2dd34683
No longer using deprecated @abc.abstractproperty
...
See https://docs.python.org/3/library/abc.html#abc.abstractproperty for
more info.
2017-05-24 15:48:27 +02:00
c50f745744
Bottom sitemap: Fix URLs
2017-05-24 14:51:20 +02:00
5e721c61b9
Added function to easily remove someone from a group.
2017-05-24 10:56:53 +02:00
8c1dbf984b
Homepage update for Blender Cloud
...
Now with more Agent!
2017-05-22 15:59:43 +02:00
38df6e873b
Extracted function to generate authentication tokens for service accounts.
2017-05-19 12:02:00 +02:00
ef2d8d14a0
Added PillarServer.validator_for_resource()
...
This makes it possible to perform Cerberus validation on documents.
2017-05-18 16:32:05 +02:00
1f0a855510
Added pillar.current_app local proxy
...
This proxy is annotated as PillarServer instance, so using it in an IDE
will give you much better autocompletion.
2017-05-18 16:31:43 +02:00
50d62f17b8
Allow specification of full name when creating service account
2017-05-18 15:46:02 +02:00
c12b646b09
More logging in PATCH handler
2017-05-18 15:46:02 +02:00
cbe182a298
Gravatar: support None email addresses
2017-05-18 15:46:02 +02:00
59a95450e5
Updated Eve, Flask, and Werkzeug. Adjusted code to make Pillar work again.
...
Eve : 0.6.3 → 0.7.3
Flask : 0.10.1 → 0.12.2
Werkzeug: 0.11.10 → 0.11.15
Also updated some secondary requirements.
2017-05-18 15:46:02 +02:00
e4f221ab13
Take default crappy secret key from config.py
...
This forces anyone installing Pillar to actually generate a proper secret.
2017-05-18 15:46:02 +02:00
4ad82a1eb3
Updated algoliasearch requirement in setup.py
2017-05-18 15:46:02 +02:00
47b81055fd
PEP8 formatting
2017-05-18 15:46:02 +02:00
19d9684a67
Raise ConfigurationMissingError instead of SystemExit
2017-05-18 15:46:02 +02:00
091c70e735
Project homepage responsive tweak
...
Full width for latest cards
2017-05-15 11:56:13 +02:00
abcb0c27a0
Remove Agent 327 special content lock
2017-05-15 11:55:43 +02:00
71403e6f28
Tests: Allow specification of user's email address
2017-05-12 14:48:36 +02:00
9a10c86329
Added pillar.auth.current_web_user to easily get the current UserClass.
2017-05-12 13:55:55 +02:00
fdb9154b85
Allow login_user() to load the user from the database
...
This makes it easier to properly log someone in from a unit test.
2017-05-12 13:55:55 +02:00
2703617179
Added 'groups' property to UserClass
...
This property was created by _load_user(), but never had a default
value set in UserClass.__init__().
2017-05-12 13:55:55 +02:00
9f752e2584
Made AnonymousUser a subclass of UserClass
2017-05-12 13:55:55 +02:00
82437724cc
Added some type annotation
...
The web layer uses string IDs, whereas the API layer uses ObjectIDs.
Those annotations make it a bit more explicit what is used where.
2017-05-12 13:55:55 +02:00
080d98f57c
Removed unused imports
2017-05-12 13:55:55 +02:00
ad9a981cda
Added p.a.users.add_user_to_group() function
2017-05-12 13:55:55 +02:00
7c5aef033d
Some more checks on p.a.project.utils.get_admin_group_id()
2017-05-12 13:55:55 +02:00
d2f548faf9
Proper type annotations for PillarServer.db()
2017-05-12 13:55:55 +02:00
203c6418fd
Added pillar.flask_extra.vary_xhr() decorator
...
This produces a 'Vary: X-Requested-With' header on the response of
decorated view functions, which indicates to the browser (or intermediate
proxy servers) that the response may/will will be different for XHR and
non-XHR requests.
2017-05-12 13:55:55 +02:00
736686390f
Move activities styling to Pillar
...
Since activities is a core part of Pillar
2017-05-10 15:58:56 +02:00
c66a6e67c8
Added p.a.project.utils.user_rights_in_project()
...
This returns the allowed HTTP method for the current user in the given
project. This is used for access control on Flamenco, for example.
2017-05-10 12:09:48 +02:00
