forked from Kotti/Kotti
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGES.txt
1306 lines (892 loc) · 43 KB
/
CHANGES.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Change History
==============
2.0.2.dev0 - unreleased
-----------------------
- No changes yet.
2.0.1 - 2019-01-09
------------------
- Reformat source code with black.
- Remove testing import from package code.
2.0.0 - 2019-01-07
------------------
- Update documentation (kotti-cookiecutter is the new scaffolding template).
See https://github.com/Kotti/kotti-cookiecutter
- Require pytest >= 4.1.0, use ``request.node.get_closest_marker`` instead of
deprecated ``request.keywords``.
2.0.0b2 - 2018-04-04
--------------------
- Fix CSRF issue in ``@@share`` view (#551).
2.0.0b1 - 2018-03-19
--------------------
- Remove links to the demo site, which has been down for too long.
2.0.0a1 - 2018-02-22
--------------------
**This is a alpha release. Blindly upgrading your production environments will make the universe collapse!**
Backward Incompatibilities
~~~~~~~~~~~~~~~~~~~~~~~~~~
- **Python 3 compatibility**
Kotti now runs on Python >= 3.5.
Python 2.x support was dropped entirely and won't come back until somebody implements it or is willing to pay for it.
- Everything marked as deprecated in Kotti 1.x was removed.
- Scaffolding support via ``pcreate`` was dropped as it's deprecated by Pyramid now.
An alternate solution (cookiecutter template) might become available again in the future.
New Features
~~~~~~~~~~~~
- **Python 3 compatibility**
- Extensive testing and code analysis on Circle CI, Travis CI and Scrutinizer.
Fixes
~~~~~
- Avoid deprecation warning ``pyramid.security.has_permission``
1.3.2 - 2018-04-04
------------------
**This release fixes a CSRF (Cross Site Request Forgery) security vulnerablity which was reported in #551. You should upgrade your installations ASAP.**
1.3.1 - 2018-01-17
------------------
- When rendering slot views, use ``request.blank()`` to create the request.
This is the proper behaviour, in tune with customizing
``kotti.request_factory``. Also added ``blank()`` method to
``kotti.testing.DummyRequest``.
- When authenticated, show workflow state in the edit bar. Before it was
shown only if the 'edit' permission was available.
- Optimize the File edit form: don't load initial file data to session data
and don't rewrite the file data after saving the form if that data has not
been changed through the edit form.
- Bugfix: when showing addable content in the menu, check if the factory has
a defined add_view. This avoids a hard crash with, for example, a content
type derived from Content that has no add_view defined.
- Added ``nav-bar`` slot to ``edit/master.pt``, ``edit-bar`` and ``nav-bar``
slots to ``view/master.pt``
- Bugfix: Simplify 404 page, no longer crash when authenticated
- Change: simplify `kotti.util.LinkBase.selected()`: use request.view_name
instead of deriving the view name from request.url. Also, consider the View
editor bar entry as selected even when the url doesn't end with a slash '/'
- Feature: add Czech translation.
- remove pytest-warnings from test dependencies (already integrated in
modern pytest versions)
1.3.0 - 2016-10-10
------------------
Breaking Changes
~~~~~~~~~~~~~~~~
- Upgrade to ``repoze.workflow==1.0b``. **If your application has a custom
``workflow.zcml``, it needs a little modification: ``state`` and
``transition`` titles are no longer ``key`` nodes, but attributes on the
respective ``state`` or ``transition`` nodes. See Kotti's ``workflow.zcml``
for an example.**
Features and Fixes
~~~~~~~~~~~~~~~~~~
- Add a fallback in ``contents.pt`` when ``creation_date`` or
``modification_date`` is ``None``.
- Transform workflow state title to TranslationStrings without eval and
deprecate it.
- Replace some Python 2 only code with equivalents that also support Python 3.
- Use generic SQLAlchemy type Text as base type for JsonType. This allows
SQLAlchemy to map Text type to the most suitable type available on given
database system. Previously used TEXT type is not available in Oracle
database. In case of existing installation of Kotti with database system,
for which SQLAlchemy maps generic Text type to type different than TEXT it's
necessary to either convert existing columns "nodes._acl" and
"nodes.annotations" to that type or configure SQLAlchemy to map generic Text
type to existing type of these two columns. For example of how to do this
please see http://stackoverflow.com/a/36506666/95735. For all database
systems for which SQLAlchemy provides dialects except Oracle (Firebird,
Microsoft SQL Server, MySQL, Postgres, SQLite, Sybase) there's no need to
do anything.
- We use PEP 440 normalized form for the project's version thus current
"1.3.0-alpha.5-dev" became "1.3.0a5.dev0".
- Upgrade tests to ``zope.testbrowser>=5.0.0``. This removes the ``mechanize``
and ``wsgi_intercept`` dependencies and thus the last blocker for Python 3
compatibility.
- Move ``pytest`` config from ``setup.cfg`` to new ``pytest.ini``. This
prevents a deprecation warning with ``pytest>=3.0``.
- Rename ``kotti.testing.TestingRootFactory`` to
``kotti.testing.RootFactory`` to prevent another deprecation warning with
``pytest>=3.0``.
1.3.0-alpha.4 - 2015-01-15
--------------------------
**This is a alpha release. Blindly upgrading your production environments will
make the universe collapse!**
- Add a ``kotti.depot_replace_wsgi_file_wrapper`` option to replace the WSGI
file wrapper with ``pyramid.response.FileIter`` for problematic environments.
1.3.0-alpha.3 - 2016-01-11
--------------------------
**This is a alpha release. Blindly upgrading your production environments will
make the universe collapse!**
- Bugfix: don't try to get api.root via the lineage if not in a location aware
context (for example 404 view). Return the site root instead.
1.3.0-alpha.2 - 2016-01-05
--------------------------
**This is a alpha release. Blindly upgrading your production environments will
make the universe collapse!**
- Add a custom traverser, which gets all nodes in a single DB query. For deeply
nested trees this results in drastic performance improvements. See
https://kotti.readthedocs.io/en/master/api/kotti.traversal.html for details.
- Bugfix: copy and paste of file nodes wouldn't create a new depot file, but
instead lead to multiple references to a single file which would cause
undesired results when one of them was deleted later.
- Bugfix: local 'role:owner' was not set when a new node was created by copy
and paste.
- Bugfix: kotti.events._update_children_paths could fail under unclear
conditions (at least under Python 2.6 with SQLite).
- Get rid of more browser doctests (converted to webtest).
1.3.0-alpha.1 - 2015-12-22
--------------------------
**This is a alpha release. Blindly upgrading your production environments will
make the universe collapse!**
- Completely revised ``Depot`` integration. See
https://kotti.readthedocs.io/en/latest/developing/advanced/blobs.html
for details.
- Make ``kotti.resources.SaveDataMixin`` more versatile in that it now supports
a ``data_filters`` attribute (or even a completely overridden ``data``
attribute) on subclasses. For an example for what this is useful, see the
new ``kotti_image`` package's readme and the Depot documentation
(https://depot.readthedocs.io/en/latest/database.html#custom-behaviour-in-attachments).
**These changes require a database migration.**
A migration script is included, which can be executed by running
``kotti-migrate <your.ini> upgrade_all``. However, this script will fail if
you subclassed from ``kotti.resources.Image`` in your application. It also
doesn't cover custom classes inherited from ``kotti.resources.File`` (other
than Kotti's ``Image``). Migration of those can be performed easily, by
copying the code from the included migration step to your package's migration
environment and adjust it to your needs.
- Move all image related code to the new ``kotti_image`` add on package.
All classes and functions are imported into their former place, so that code
that imports from there will still be working.
- Fix broken upload type selector.
- Create RFC6266 compliant content disposition headers for non-ASCII filenames.
- Add request.uploaded_file_response method.
1.2.4 - 2015-11-26
------------------
- Fix broken packaging of 1.2.3. Sorry for the inconvenience!
1.2.3 - 2015-11-26
------------------
- Add Kotti logo and icon to static assets.
- Use Kotti logo as favicon.
- Move favicon definition to separate template to make it easily overridable.
- Fix permission check in ``kotti.views.util.nodes_tree``.
1.2.2 - 2015-10-28
------------------
- Add simple, default ``not found view``.
- In ``workflow-dropdown`` replace hard-coded permission check with individual
permission checks for each existing transition.
- Upgrade requirements.
1.2.1 - 2015-10-07
------------------
- Outfactor the code that runs after successful authentication into a
configurable ``kotti.login_success_callback`` function.
- Outfactor the code that runs after a valid password reset request into a
configurable ``kotti.password_reset_callback`` function.
- Support principal search on non string attributes.
- Support principal searches matching *all* arguments
(i.e. using the ``and`` operator, ``or`` is still the default).
- Support optional --rev with kotti-migrate upgrade.
1.2.0 - 2015-09-27
------------------
- **Greatly** reduce the number of queries that are sent to the DB:
- Add caching for the root node.
- Use eager / joined loading for local_groups.
- Don't query principals for roles
- Add "missing" foreign key indices (with corresponding migration step).
- Add a ``kotti.modification_date_excludes`` configuration option.
It takes a list of attributes in dotted name notation that should not trigger
an update of ``modification_date`` on change. Defaults to
``kotti.resources.Node.position``.
- Don't try to set a caching header from the NewRequest handler when Pyramid's
tweens didn't follow the usual chain of calls. This fixes compatibility with
``bowerstatic``.
- Don't assume ``renderer_name`` exists in a rendering event (ex.
BeforeRender). The official docstring of ``pyramid.interfaces.IRenderer`` is
a bit ambigous in regards to what the ``system`` parameter should include
when a renderer gets called. This fixes compatibility with
``pyramid_layout``.
- Add a ``kotti.modification_date_excludes`` configuration option.
It takes a list of attributes in dotted name notation that should not trigger
an update of ``modification_date`` on change. Defaults to
``kotti.resources.Node.position``.
1.1.5 - 2015-09-04
------------------
- Fix migration error on MySQL.
- Only wrap methods that do exist on the wrapped type (in
``kotti.sqla.MutationList`` / ``kotti.sqla.MutationDict``). This
fixes an error that occurs when MutationLists are exposed to the UI
via ``colander.SequenceSchema``.
- Upgrade requirements to latest versions (``filedepot``, ``waitress``).
1.1.4 - 2015-06-27
------------------
- Add compatibility with SQLAlchemy 1.0. Also require SQLAlchemy 1.0.6 now.
- Ignore HTTPForbidden exceptions during slot rendering
1.1.3 - 2015-06-17
------------------
- Fix a bug in kotti-migrate that prevented initial migration steps from being
run successfully.
- Require kotti_tinymce 0.5.3.
1.1.2 - 2015-06-12
------------------
- Enlarge column sizes for ``name``, ``path`` and ``title`` (see #427).
Upgrading from any version older than 1.1.2 requires you to run a migration
script on your database. To run the migration, call::
$ bin/kotti-migrate <myconfig.ini> upgrade
- Add length validator for ``title`` (fix partially #404). See #428
- Remove 40 chars max length constraint for the html segment ``name``
(``Kotti.util.title_to_name``). See #428
- Update italian translation
- Update documentation
- Add an ``add_permission`` attribute to ``kotti.resources.TypeInfo`` with a
default value of ``add``. See #436
- Add a "cancel" button to the delete node view.
1.1.1 2015-05-11
----------------
- Update scaffold's README file. See #417.
- Fix broken multifile upload. See #425.
1.1.0 2015-04-16
----------------
- Separate the default actions to a ``kotti.resources.default_actions``
variable, to allows easier customization of default actions of all
content types. This is a ``LinkParent``, you can append new
``kotti.util.Link`` objects to its ``children``.
- Add ``target`` option to ``kotti.util.Link``. See #405.
- Add sanitizers. See ``docs/development/advanced/sanitizers`` and
``kotti.sanitizers`` for details. This fixes #296.
- Added new document on how to customize the edit interface.
See ``docs/development/advanced/add-to-edit-interface``.
- Make it easier to customize default actions by separating them to a new
``kotti.resources.default_actions`` variable. Before, to customize them,
you'd have to change ``Content.type_info.edit_links[3].children``, now you
can mutate ``default_actions`` directly. See
``docs/development/advanced/add-to-edit-interface`` for details.
- Upgrade ``WebOb``, ``html2text``, ``pyramid`` and ``xlwt`` to their latest
stable versions.
1.1.0-alpha.1 - 2015-03-19
--------------------------
- Allow moving ``File`` and ``Image`` blob data from the database to
configurable storages. To achieve this we use `filedepot`_, a third-party
library with several plugin storages already built in. See
docs/developing/advanced/blobs.rst for details on what this brings. Upgrading
from any version older then 1.1.0 requires you to run a migration script on
your database. To run the migration, call::
$ bin/kotti-migrate <myconfig.ini> upgrade
Please note that, before running the migration, you should take the time to
read the documentation and configure your desired storage scheme.
.. _filedepot: https://pypi.python.org/pypi/filedepot/
- Allow storing blob data in the database using ``DBStoredFile`` and
``DBFileStorage``, a database centered storage plugin for ``filedepot``. This
storage is the default storage for blob data, unless configured otherwise.
- Added a script to migrate blob data between depot storages. See
docs/developing/advanced/blobs.rst for details on how to use it.
- Simplify serving blob data by using ``kotti.views.file.UploadedFileResponse``,
which also streams data. Please note that the default ``DBStoredFile`` still
needs to load its entire data in memory, to benefit from this feature you
should configure another default depot storage.
- Added three new test fixtures: ``mock_filedepot``, to be used in simple unit
tests with no dependency on a database session, ``filedepot``, which
integrates with the ``dbsession`` fixture and ``no_filedepot``, a fixture
that can be used in developing tests for new file depot plugins - by
preserving the depot configuration before and after running the test. NOTE:
in order to test edit views with uploaded data in the request, you need to
mixin the ``filedepot`` fixture.
- Initialize pyramid.paster.logging for custom commands defined via
``kotti.util.command``, to allow log message output for kotti sessions
started via custom commands.
- Remove unused ``kotti.js``.
- Remove deprecated ``kotti.views.slots.local_navigation`` and
``kotti.views.slots.includeme_local_navigation``. Use
``kotti.views.navigation.local_navigation`` and
``kotti.views.navigation.includeme_local_navigation`` instead.
- Upgrade ``plone.scale`` and ``SQLAlchemy`` to their latest stable versions.
- Change ``height`` property on ``body``'s widget (``RichTextField``) for
improved usability. See #403.
1.0.0 - 2015-01-20
------------------
- No changes.
1.0.0-alpha.4 - 2015-01-29
--------------------------
- Added experimental Docker support. See #374.
- Allow restricting *add views* to specific contexts. This allows third party
developers to register new content types that are addable in specific
type of contexts, by specifying ``context=SomeContentType`` in their
*add view* registration and having ``type_info.addable=['SomeContentType']``
in the type info.
- For documents with duplicate titles that end in a number, append a counter
instead of incrementing their number. Fixes #245
- Update all requirements (except alembic) to their latest respective versions.
1.0.0-alpha.3 - 2015-01-13
--------------------------
- Explicitly implement ``pyramid.interfaces.IRequest`` for
``kotti.request.Request``. This allows add-on packages to use
``config.add_request_method`` (with reify) and
``config.add_request_property`` without breaking the interfaces provided by
the request. Fixes #369
1.0.0-alpha.2 - 2015-01-01
--------------------------
- Require ``kotti_tinymce==0.5.1``. This fixes #365.
1.0.0-alpha - 2014-12-20
------------------------
- Add a new scaffold based on Pyramid's ``pcreate``. To run the tests for the
scaffold, you must invoke ``py.test`` with the ``--runslow`` option. This
is enabled by default on Travis.
- ``kotti._resolve_dotted`` now return a resolved copy of the settings
(instead of in place resolving as before).
- Factor out DBMS specific patches and make them available to the test fixtures.
- Add new fixtures that can also be used in add on tests:
- ``custom_settings`` does nothing and is meant to be overridden in add on
test suites. It allows injection of arbitrary key / values into the
settings dict used in tests.
- ``unresolved_settings`` is guaranteed to only contain unresolved string
values (or lists therof).
- ``settings`` is now guaranteed to be fully resolved.
- ``webtest`` returns a ``webtest.TestApp`` instance with support for the
``@user`` marker. This should be used instead of browser doctests for
functional tests.
- Use RTD theme for documentation.
- Use latest versions of all requirements. The only upgrade with notable
differences is ``lingua`` (from 1.4 to 3.6.1). This completely changes
lingua's API. See docs/developing/basic/translations.rst for details on
the greatly simplified new usage.
- Remove code (incl. tests) that has been marked as deprecated since (at least)
Kotti 0.8.
- Revise UI to make better use of Bootstrap 3.
- Allow parameters for move-child-position views to either be in
``request.POST`` or ``request.json_body``.
- Don't use Pyramid code that is marked as deprecated:
- replace ``pyramid.security.authenticated_userid`` with
``request.authenticated_userid``.
- Deprecate ``kotti.security.has_permission`` to be consistent with the
corresponding deprecation in Pyramid 1.5. You should now use
``request.has_permission`` instead.
- Make all values in ``Node.path`` end in ``/``. This makes it consistent over
all nodes (*including* root) and correspond to the values of
``request.resource_url``. As a side effect querying becomes easier.
However, this might need adjustments in your code if you were expecting the
old path values before. A migration step for DB upgrades is included.
0.10b1 - 2014-07-11
-------------------
- Add a ``__json__`` method to MutationList and MutationDict.
This is to allow Pyramid's serializer to just work.
0.10a4 - 2014-06-19
-------------------
- Upgrade Pyramid to version 1.5.1.
0.10a3 - 2014-06-11
-------------------
- Upgrade SQLAlchemy and alembic dependencies from 0.8.2 and 0.5.0 to
0.9.4 and 0.6.5 respectively.
- Do not flush within ``Node.path`` event handlers. We would
otherwise trigger object handlers with funny object states.
- Fix bug with ``Node.path`` where we attach a Node instance to a
parent that has been loaded from the database, but its parents have
not been loaded yet.
- Fix deprecation warnings with regard to Pyramid's
``custom_view_predicates`` and ``set_request_property``. Also
deprecate ``kotti.views.util.is_root``.
0.10a2 - 2014-06-05
-------------------
- Add ``Node.path`` column. This allows queries based on path, so
it's much easier just to find all children, grandchildren etc. of a
given node::
DBSession.query(Node).filter(Node.path.startswith(mynode.path))
- Adds ``session`` attribute to the request attributes to copy to the slot view request.
Migrations
~~~~~~~~~~
- Upgrading from 0.9.2 to 0.10 requires you to run a migration script
on your database. To run the migration, call::
$ bin/kotti-migrate <myconfig.ini> upgrade
Make sure you **backup** your database before running the migration!
0.10a1 - 2014-05-19
-------------------
- Kotti is now based on Bootstrap 3 (and therefore Deform 2).
THIS IS A BACKWARD INCOMPATIBLE CHANGE W.R.T. MOST TEMPLATES,
INCLUDING FORM TEMPLATES! IF YOUR PROJECT EITHER HAS TEMPLATE
CUSTOMIZATIONS OR DEPENDS ON ADD-ONS THINGS WILL LOOK BROKEN!
If you **only** use Kotti's default UI, chances are good that your
application will continue to work well unchanged. Kotti's API is
mostly unchanged and fully backward compatible though.
- Rework implementation of 'kotti.util.Link' ('ViewLink') to be more
flexible.
There's now proper support for nesting 'edit_links', so that the
special 'action_links' list is no longer necessary. Links now also
make better use of templates for rendering, and are probably easier
to customize overall.
- Added compatiblity for and now require Pyramid>=1.5. #273
- In tests, turned `settings` and `setup_app` into fixtures to ease
overriding.
- Add ``kotti_context_url`` JS global variable. For more details on why this
is needed see:
- https://github.com/Kotti/kotti_tinymce/issues/19
- https://github.com/Kotti/Kotti/issues/219
- https://github.com/Kotti/kotti_newsitem/issues/2
- https://github.com/Kotti/kotti_calendar/issues/4
- Adds ``delete`` permission needed for 'delete' and 'delete_nodes'
views. The default workflow was updated in consequence. It allows to
elaborate more fine grained workflows : for instance, create a role
which can edit a content but not delete it.
To make existent Kotti's instances using default workflow
compatibles and avoid users that have 'editor' role (and so far,
whom have the possibility to edit and delete the content) to not be
able to delete contents, it's needed to reset workflow with
"kotti-reset-workflow <application ini file>" command.
- Fix #308: Unique name constraint issue during paste of a cut node.
0.9.2 - 2013-10-15
------------------
- Fix #268: Convert None to colander.null in get_appstruct so that
serialization doesn't fail (needed due to recent changes in colander).
0.9.1 - 2013-09-25
------------------
- Allow user admins to modify user passwords.
- Require newer kotti_tinymce (source code editing was broken in 0.4).
0.9 - 2013-09-17
----------------
- Add multi file content upload. You can now select several files from your
local storage that you want to upload and chose what content nodes shall be
created in your Kotti site. Currently files with MIME types of ``image/*``
can be uploaded and be created as either ``Image`` or ``File`` nodes, all
other MIME types will be created as ``File``. In future releases (or add-on
products) this can be extended with additional converters allowing for example
to upload HTML files and create ``Document`` nodes with the content of the
``title`` tag becoming the node's title, the content of the ``body`` tag
becoming the node's body and so on.
- Fix #253: Many translations weren't included in the last release.
'--use-fuzzy' translations when running 'compile_catalog' adds back
translations that were recently marked as fuzzy. (All translations
that were marked as fuzzy in German were still accurate.)
- Fix #252: Wrap templates where extract_messages failed with <tal:block>
- Fix #249: TinyMCE translations work again.
0.9b2 - 2013-08-20
------------------
- Fix #251: Broken comparison of NestedMutationDict and NestedMutationList.
- Update kotti_tinymce to version 4.0.2.
- Fix bug in `kotti.views.content.FileEditForm` to preserve file
content while editing it.
0.9b1 - 2013-06-26
------------------
- Add ``kotti.util.ViewLink.visible`` method for better control over
whether a view link should be visible or not. This allows us to
move formerly hardcoded action links defined in
``kotti.views.edit.actions`` into ``TypeInfo.action_links`` and thus
make them configurable either globally or per content type.
- ``kotti.security.view_permitted`` will now check for
``pyramid.security.view_execution_permitted`` with a request method
set to 'GET' by default. It used to check for a view that matches
the current request's method.
This fixes an issue where ``kotti.util.ViewLink.permitted`` would by
mistake check for a 'POST' view when the current request was 'POST'.
- Add ``INavigationRoot`` interface and ``TemplateAPI.navigation_root``
property. The latter returns the first content node in the lineage that
implements ``INavigationRoot`` or the root node if ``INavigationRoot`` is not
implemented by any node in the lineage. Make the ``nav.pt`` template use
``api.navigation_root`` instead of ``api.root``. This allows third party
add-ons to define content types that can reside somewhere in the content tree
while still being the root for the navigation.
- Move navigation related view code to new module ``kotti.views.navigation``.
Deprecate imports from the old locations.
- Remove *some* code that has been deprecated in 0.6 or 0.7.
- A view assigned to a slot can access the slot name where its rendered.
- Add missing `transaction.commit()` in `kotti-reset-workflow`.
- Fix bug in `kotti.views.util.render_view` where local roles weren't
respected correctly.
- Add helper method `kotti.message.send_email` for sending general
emails. These emails must follow a particular structure. Look at
`kotti:templates/email-set-password.pt` as an example.
0.9a2 - 2013-05-04
------------------
- Fix #222: Use SQLAlchemy's `before_flush` event for object events.
We were using the wrong events previously. The problem with
`before_insert`, `before_update`, and `before_delete` was that event
handlers could not reliably call `Session.add`, `Session.delete`,
and change mapped relationships. But only SQLAlchemy 0.8 started
emitting a warning when that was done.
Also deprecated `ObjectAfterDelete` because I don't think it's useful.
- Remove the html5shim from the master templates and use the fanstatic
package js.html5shiv instead.
- A temporary fix for #187. Basically suppresses DetachedInstanceError.
- Add ``kotti.events.subscribe`` decorator. See the also updated docs on that
topic / module for details.
0.9a1 - 2013-03-12
------------------
- Fix ordering on how ``include_me`` functions are loaded. This puts
Kotti's own and Kotti add-on search paths in front of
deform_bootstrap's.
- Add image thumbs with preview popovers to @@contents view.
- Add drag'n'drop ordering support to @@contents view.
- Add "toggle all" checkbox to @@contents view.
- Add contents path bar to @@contents view.
0.8 - 2013-03-12
----------------
- No changes.
0.8b2 - 2013-02-08
------------------
- Fix Kotti's tests to no longer trigger deprecation warnings.
Kotti's funcargs need to be better documented still, see #141.
- Add a fanstatic.Group 'tagit' and need() it in the defered widget. This is
needed to make the tags widget render correctly with a theme package enabled
until the defered widget is replaced by a widget class that declares its
requirements in the usual deform style.
- Transform ``setup_users``, ``setup_user`` and ``prefs`` views into
class-based views. Add a little text at subsection ``Security`` on
developer manual mentioning those views.
0.8b1 - 2012-12-30
------------------
- No changes
0.8a2 - 2012-12-15
------------------
- Remove test related dependencies on requirements.txt.
So now we need to run `python setup.py dev` to get testing
dependencies.
- Update packages versions on requirements.txt for latest working
versions.
- Added a tags display in views for documents, files, folders, and images,
where they show up as a horizontal list between description and body.
- Modified general search to include simple tags searching. The default
search in Kotti works on a simple search term matching basis. Tags
searching is added here in a simple fashion also, such that you can only
search for one tag at a time, but partial matches work: searching for 'foo'
finds content tagged 'foo bar'. You can also search on single tags by
clicking an individual tag in the tags display of an item. More
sophisticated tags searching, just as for general search, is left to
dedicated add-ons.
0.8a1 - 2012-11-13
------------------
- Make language-dependent URL normalization the default. (How to do
this used to be a cookbook entry.)
- Cleanup node edit actions and use decorated view classes.
- Add contents view with actions for multiple items.
- Add children_with_permission method to ContainerMixin.
- Add UI for default_view selection.
- Deprecate 'kotti.views.edit.generic_add' and 'generic_edit'. Just
use class-based forms instead.
0.7.2 - 2012-10-02
------------------
- Improve installation instructions. Now uses tagged requirements.txt
file.
- Added event request POST vars to the request for the slot viewlet.
- Added IFile and IImage interfaces to allow for file and image
subclasses to reuse the same view (registrations).
0.7.1 - 2012-08-30
------------------
- Add deletion of users to the users management.
- Fix tag support for files and images.
- Upgrade to Twitter Bootstrap 2.1
- remove lots of CSS that is no longer needed
- fix responsive layout that was broken on some phone size
screen resolutions
- Add "Site Setup" submenu / remove @@setup view.
0.7 - 2012-08-16
----------------
- Fix critical issue with migrations where version number would not be
persisted in the Alembic versions table.
0.7rc1 - 2012-08-14
-------------------
- No changes.
0.7a6 - 2012-08-07
------------------
- Fix a bug with connections in the migration script. This would
previously cause Postgres to deadlock when calling
``kotti-migrate``.
0.7a5 - 2012-08-07
------------------
- Add workflow support based on ``repoze.workflow``. A simple
workflow is included in ``workflow.zcml`` and is active by default.
Use ``kotti.use_workflow = 0`` to deactivate. The workflow support
adds a drop-down that allows users with ``state_change`` permission
to modify the workflow state.
- Change the default layout
Kotti's new default look is now even closer to the Bootstrap
documentation, with the main nav bar at the very top and the
edit bar right below.
Upgrade note: if you have a customized main_template and want to
use the recent changes in that template, you need to swap
positions of ``nav.pt`` and ``editor-bar.pt`` ``api.render_template``
calls and remove the ``search.pt`` call from the main_template
(it's now called from within ``nav.pt``).
Everything else is completely optional.
- Add migrations via Alembic. A new script ``kotti-migrate`` helps
with managing database upgrades of Kotti and Kotti add-ons. Run
``kotti-migrate <your.ini> upgrade`` to upgrade the Kotti database
to the latest version.
Add-on authors should see the ``kotti.migrate`` module's docstring
for more details.
- Make ``Document.body`` searchable (and therefore the search feature
actually useful for the first time).
- Add a "minify" command to compress CSS and JS resources.
To use it run::
python setup.py dev
python setup.py minify
The ``minify`` command assumes, that all resources are in
``kotti/static/``. ``YUI compressor`` is used for compression
and will be automatically installed when running
``python setup.py dev``. However, you still need a JVM on
your development machine to be able to use the ``minify``
command.
- Fix settings: only values for kotti* keys should be converted to
unicode strings.
- Fix #89: Validate email address for uniqueness when user changes it.
- Fix #91: Styling of search box.
- Fix #104: Make fanstatic resources completely overridable.
- Enabled deferred loading on File.data column.
Migrations
~~~~~~~~~~
- Upgrading from 0.6 to 0.7 requires you to run a migration script on
your database. To run the migration, call::
$ bin/kotti-migrate <myconfig.ini> upgrade
Make sure you **backup** your database before running the migration!
- Upgrading to 0.7 will initialize workfow state and permissions for
all your content objects, unless you've overwritten
``kotti-use_workflow`` to not use a workflow (use ``0``) or a custom
one.
It is **important** that sites that have custom permissions,
e.g. custom modifications to SITE_ACL, turn off workflow support
prior to running the upgrade script.
0.7a4 - 2012-06-25
------------------
- Add minified versions JS/CSS files.
- Fix #88: logging in with email.
- Update translations.
0.7a3 - 2012-06-15
------------------
- Include ``kotti.tinymce`` which adds plug-ins for image and file
upload and content linking to the TinyMCE rich text editor.
- Slot renderers have been replaced by normal views (or viewlets).
``kotti.views.slots.register`` has been deprecated in favour of
``kotti.views.slots.assign_slot``, which works similarly, but takes
a view name of a registered view instead of a function for
registration.
- Switch to fanstatic for static resource management.
Upgrade note: This requires changes to existing `*.ini` application
configuration files. Concretely, you'll need to add a
``filter:fanstatic`` section and a ``pipeline:main`` section and
rename an existing ``app:main`` section to ``app:Kotti`` or the
like. Take a look at Kotti's own ``development.ini`` for an
example.
- Retire the undocumented ``kotti.resources.Setting`` class and table.
``kotti.get_settings`` will now return ``registry.settings``
straight, without looking for persistent overrides in the database.
- Drop support for Pyramid<1.3, since we use
``pyramid.response.FileResponse``, and kotti_tinymce uses
``pyramid.view.view_defaults``.
- Fix encoding error with non-ascii passwords.
0.7a2 - 2012-06-07
------------------
- Do not allow inactive users to reset their password.
0.7a1 - 2012-06-01
------------------
Features
~~~~~~~~
- Add a new 'Image' content type and image scaling, originally from
the kotti_image_gallery add-on. See ``kotti.image_scales.*``
settings.
- Add search and related setting ``kotti.search_content``.
- Add subscriber to set cache headers based on caching rules. See
also related setting ``kotti.caching_policy_chooser``.
- Remove TinyMCE from the core.
- Move email templates into page templates in
``kotti:templates/email-set-password.pt`` and
``kotti:templates/email-reset-password.pt``. This is to make them
easier to translate and customize. This deprecates
``kotti.message.send_set_password``.
- Add a 'edit_inhead' slot for stuff that goes into the edit
interface's head. 'inhead' is no longer be used in
'edit/master.pt'.
- For more details, see also
http://danielnouri.org/notes/2012/05/28/kotti-werkpalast-sprint-wrap-up/
Bugs
~~~~
- Fix bug with group edit views.
See https://github.com/Pylons/Kotti/pull/61
- Fix bug where ``user.last_login_date`` was not set during automic