- Event correctly changes timestamp when attribute edited in the UI
- Attribute correctly changes timestamp when edited in the UI
- Still very much work in progress, several parts are not supposed to
work yet
- timestamp field added to events and attributes (int length 11 called
timestamp, default value 0)
- timestamps created on add / edit when apprioriate
- during an add, if an event/attribute is not being pushed through a
sync with an existing timestamp, create a timestamp
- on edit, check whether the timestamp is newer than the old one and
only add the attribute or event then
checks
- actAs acl removed from role and user models together with some extra
code related to the ACL
- Fix of the filename regex as pointed out by cvandeplas.
- Orgs can propose new attributes or changes to existing attributes for
events that they do not own
- publishing users of the owner organisation can see, accept or discard
them
- Reworked the access control
- minor fixes
- New search functionality on request - restrict attributes by
organisation
- Also, attributes in the list attributes and search attributes result
pages, that belong to the user's organisation will have a red event ID
- To restrict the authentication key from being used by interactive users,
implemented a new export page that uses the uses cake's user
authentication
- the old export features still exist for users with perm_auth enabled
accounts - renamed to automation
- Exporting the events that found attributes belong to in a search
attributes result page
- exporting of individual events to file by clicking a link in event view
- Removed javascripts based title bubble showing the event info in related
events / attributes and in the search attribute view.
- Replaced it with values provided by extra cake queries as the delay for
fetching the info field through a js rest request was annoyingly slow
- some coding standards
- Updated the check for authorisation to view an event and attribute as
the system hid some valid combinations (such as a server only attribute
in a higher distribution level event).
- changes to the validation of the results
- fixes an issue where the escaping of slashes showed up with a //
- made the found results more visible and case insensitive
- Fixed an issue that caused attribute values to be converted to 1 on
save in case of an empty regexp table
- Filename validation now happens via whitelisting instead of filename
sanitization
- Only the creating org of the event can change the distribution of
attributes
- Attribute distribution setting are only pushed on edits if they were
manually changed (so that the distribution level of events on the
creating server doesn't get degraded by an edit and push of the event at
a synced server when using connected community settings).
- slight change to the batch attribute search, the search terms are only
echoed up to 9 terms to prevent the mass echoing of a long list
- Editing attributes caused an error because the uuid was not passed back
from the form (and it is used to find the attribute locally for rest)
- UUID is now used from the read attribute for non rest users. In the long
run it would be cleaner to not allow non rest users to reach that part
of the code.
- Fixed issues with the sync
- Secondary publishes on remote servers failed
- Introduced new fields in events to stop backward traverse of
edit information that lead to low performance and eroneous
distribution information updates when more than 2 servers were
linked
- Deletion of an attribute now deletes on remote servers
- Changes to the event ownership
- Original creator org now noted in the event itself
- Only original creator org can change distribution
- Events will show up with the original creator org for users
(admins can see both that and the owner of the event on the
local instance)
- Server.organization now used in junction with the connecting
user's org and the instance's org (from the bootstrap) to
determine distribution flow control and access rights
- Lots of minor changes
- Links get validated now to filter malicios code
- removed a double edit button in the case of an admin editing himself
- fixed an error with adding new attributes
- moved and fixed the aros_acos creation on the new role creation
- new method in appController that sets all the aros_acos from scratch
(for example for a new instance, or a changed acos / aros table)
- some minor changes, redirects to the terms page on invalid events
removed, etc.
- Admins cannot manually change anyone's authkey, they need to generate a
new one via the reset link
- Some pages could be accessed by changing the url - fixed (though needs
further testing)
- Edited a change in the manual that may have been confusing
- Some changes to the way ACL is set up - still needs more work
Added feature to block distribution levels that would get overruled by the
event distribution. The distribution of the event will be the currently
selected distribution when creating an attribute.