b3aee6c8bc
Introducing new types of projects
...
We reorganized training projects into courses and workshops. Project types should be expandable by extensions to avoid this kind of changes.
2017-07-26 16:55:02 +02:00
502e494083
Clean up local login
...
Use generate_and_store_token and get_local_user directly instead of the /make-token endpoint.
2017-07-14 21:41:40 +02:00
e752a5dc87
On new project creation, use the backend storage set in config
2017-07-14 12:04:24 +02:00
bd13d89817
Added permission check to DELETE of nodes.
2017-07-13 17:29:46 +02:00
f3e79bcfb5
Formatting
2017-07-11 12:56:40 +02:00
b04abef20f
Also push user to Algolia when its role changes through the badger
...
This may cause some superfluous pushes, though.
2017-07-11 12:56:32 +02:00
73d4a77881
Role change blinker: make comparison set-based
...
This makes it impervious to changes in order and duplicate roles.
2017-07-11 12:17:06 +02:00
6e6ea6082d
Renamed _attachments_embedded_schema to attachments_embedded_schema
...
It's used in multiple files, and thus shouldn't be marked as 'private'.
2017-06-16 12:39:51 +02:00
50108201cf
Removed 'content' property from page node type
...
... because it doesn't work when it's there.
2017-06-16 12:38:51 +02:00
964526924d
Save thumbnails with explicit quality setting.
...
This should have been the default value anyway, but T49477 looks like it
may not be. This should solve that.
2017-06-15 16:56:23 +02:00
8e02de32ab
Pillar Extensions can now determine which user roles to index in Algola
2017-06-15 11:31:48 +02:00
73c5032a48
Convert timezone, not replace it
2017-06-14 12:06:20 +02:00
263c274774
Allow indexing of flamenco-user role.
...
Role handling should be refactored so that extensions can also declare
roles, and whether they should be pushed to Algolia or not.
2017-06-08 11:34:53 +02:00
1ce4654673
Autodetect timestamp format in Blender ID token expiry.
...
The new Blender ID uses a different timestamp format than the old one.
We can alter Blender ID, but using the ISO 8601 is a good idea anyway.
2017-06-07 09:00:51 +02:00
c2bc52718a
Fixed string formatting in exception raising
2017-06-06 17:35:56 +02:00
1c566c6259
Fixed bug in GoogleCloudStorageBlob.exists()
2017-06-06 16:35:14 +02:00
2ad8c5186c
Storage backends: added exists() method
...
This method returns whether the file exists on the backend.
2017-06-06 15:33:05 +02:00
878bf22695
Migrated Algolia push/delete of nodes to Celery background tasks.
2017-06-02 10:44:37 +02:00
e7d268bde6
Algolia: Use Celery to push user updates in a background task.
2017-06-02 10:44:37 +02:00
f152521041
Algolia user push: simplified & streamlined the code a bit.
2017-06-02 10:44:37 +02:00
2c78697e80
Pass extension pages to all extensions' "project settings" pages.
2017-05-31 10:35:49 +02:00
add1c8b9b3
Make ROLES_FOR_COMMENT_VOTING a config value
...
This way we can override it when extending Pillar for other projects that might not require the 'subscriber' or 'demo' roles.
2017-05-28 19:04:11 +02:00
85922f4493
Fix to support missing roles key in user
2017-05-24 19:42:44 +02:00
10c584daab
Skip user indexing if user has service group
2017-05-24 18:11:36 +02:00
85b6ff2d7f
Use str2id(x) instead of ObjectId(x)
...
The latter produces an internal server error if 'x' is not a valid ObjectId,
whereas the fromer produces a 400 Bad Request.
2017-05-24 16:31:15 +02:00
5e721c61b9
Added function to easily remove someone from a group.
2017-05-24 10:56:53 +02:00
38df6e873b
Extracted function to generate authentication tokens for service accounts.
2017-05-19 12:02:00 +02:00
50d62f17b8
Allow specification of full name when creating service account
2017-05-18 15:46:02 +02:00
c12b646b09
More logging in PATCH handler
2017-05-18 15:46:02 +02:00
cbe182a298
Gravatar: support None email addresses
2017-05-18 15:46:02 +02:00
59a95450e5
Updated Eve, Flask, and Werkzeug. Adjusted code to make Pillar work again.
...
Eve : 0.6.3 → 0.7.3
Flask : 0.10.1 → 0.12.2
Werkzeug: 0.11.10 → 0.11.15
Also updated some secondary requirements.
2017-05-18 15:46:02 +02:00
ad9a981cda
Added p.a.users.add_user_to_group() function
2017-05-12 13:55:55 +02:00
7c5aef033d
Some more checks on p.a.project.utils.get_admin_group_id()
2017-05-12 13:55:55 +02:00
c66a6e67c8
Added p.a.project.utils.user_rights_in_project()
...
This returns the allowed HTTP method for the current user in the given
project. This is used for access control on Flamenco, for example.
2017-05-10 12:09:48 +02:00
a139e8c41a
Added p.a.projects.utils.get_admin_group_id()
2017-05-10 12:09:09 +02:00
ee7af393a0
Use annotations to declare types (instead of docstring)
2017-05-10 12:08:45 +02:00
319f815985
Some more logging in pillar.api.blender_cloud.subscription.update_subscription
2017-05-10 12:04:34 +02:00
c77a6b9d21
More logging in pillar.api.service.do_badger()
2017-05-10 11:15:29 +02:00
c854ccbb4b
Generic PATCH handler class.
...
A class-based approach is easier to extend than the function-based approach
used in the nodes. That one is still there, though -- might look at it
at a later time. This handler is primarily for Flamenco.
2017-05-09 14:08:35 +02:00
69d7c5c5ce
Allow service accounts to be email-less
...
This removes the ability of updating service accounts through the CLI
(something we never used anyway), now that service accounts cannot be
uniquely identified by their email address.
2017-05-05 14:34:18 +02:00
095f1cda0c
Added "Switch user" functionality.
...
The user isn't logged out until the new user logs in. This allows you to
click on "Log in as different user", hit the back button, and still be
logged in.
2017-05-05 12:56:19 +02:00
b1b91a7b29
Timeout (10s) on store API calls + better exception handling
...
We now log connection errors, timeouts, and other Requests errors, and
return None so that the login flow of the user can continue.
2017-05-05 12:55:05 +02:00
379d40837b
Fixed issues logging in.
...
The API call to /api/bcloud/update-subscription is now performed via the
SDK, to ensure proper authentication. Also streamlined some other code.
2017-05-05 10:29:16 +02:00
10a40ddabd
Make Blender ID URL work with live URL too
2017-05-04 18:29:11 +02:00
118de12712
Always return a HTTP response
2017-05-04 18:24:08 +02:00
1a54b723aa
Reworked subscription/demo role management from web to API level.
...
In the old situation, users had to be able to change their own roles. This
is inherently insecure.
2017-05-04 17:49:18 +02:00
d0557445cd
Fix privilege escalation leak
...
A PUT request on /api/user/{user-id} by the user themselves would allow
too much, and would allow self-granting of roles (including admin),
group membership (so join any arbitrary project) and pretend to be
service accounts.
2017-05-04 12:48:30 +02:00
1ad3e7910c
Upgrade algoliasearch
2017-04-11 12:08:57 +02:00
bd3f8d597a
Allow upload of videos > 1080p
...
Videos that are larger than 1920x1080 pixels are scaled down so that they
fit that size. Care is taken to keep the width a multiple of 16 pixels and
the height a multiple of 8.
2017-03-31 14:52:58 +02:00
c711a04e6c
Added some type annotations (no functional differences)
2017-03-31 13:14:07 +02:00
