- Also some improvements to the shadow attributes
- some minor UI changes
Conflicts:
app/Controller/EventsController.php
app/View/Elements/global_menu.ctp
app/View/Layouts/default.ctp
- reworked almost all of the side menues to be centralised
- Some fixes for the IOC export not handling two new-ish types correctly
- Some changes to the menues (including a few options that didn't exist before)
- rework of the popovers in some forms
- popover effect in IE/Chrome not as annoying anymore
- only the active select will have a popover, clicking away destroys it
- Added popovers to the add attachments instead of the old info fields
- left menu would move along horizontally when forced to scroll left and right on lower resolution screens / smaller windows
- small script that keeps the left menu at the left edge of the page as opposed to the left edge of the window
- ADMIN org removed.
- Siteadmins are now identified by the perm_site_admin flag
- Siteadmins can now be of any organisation
- editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role
- Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin
- If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created)
- Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin.
- __fetchEvent used, which checked the currently logged in user
- instead now, __fetchEvent has a new optional parameter that automation methods can use to pass the org along that was read from the provided auth key
- users can now download attachments using the APIkey
- security issue fixed where a user could download attachments that he/she can't even see by navigating to attributes/download/<attribute_id>
- users can search RESTfully for attributes based on various filtering mechanisms and get either an event that includes the located attribute(s) or just an array of attributes returned.
- users can also request all attributes of a (or several) types and get them returned as an XML
- requires the auth key of a user and the user has to have auth key permission
- user can specify what should be returned (event / attribute) - currently only event is implemented
- user can specify 4 filters (value, type, category, org)
- all these fields can have several values separated by &&
- Values can be negated by putting "!" infront of them
- now uses the unified __fetchEvent method to retrieve the events
- __fetchEvent has a new optional parameter "idList" which restricts the results to an array of event IDs.
iglocska