- Also some improvements to the shadow attributes
- some minor UI changes
Conflicts:
app/Controller/EventsController.php
app/View/Elements/global_menu.ctp
app/View/Layouts/default.ctp
- reworked almost all of the side menues to be centralised
- Some fixes for the IOC export not handling two new-ish types correctly
- Some changes to the menues (including a few options that didn't exist before)
- rework of the popovers in some forms
- ADMIN org removed.
- Siteadmins are now identified by the perm_site_admin flag
- Siteadmins can now be of any organisation
- editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role
- Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin
- If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created)
- Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin.
- __fetchEvent used, which checked the currently logged in user
- instead now, __fetchEvent has a new optional parameter that automation methods can use to pass the org along that was read from the provided auth key
- users can now download attachments using the APIkey
- security issue fixed where a user could download attachments that he/she can't even see by navigating to attributes/download/<attribute_id>
- users can search RESTfully for attributes based on various filtering mechanisms and get either an event that includes the located attribute(s) or just an array of attributes returned.
- users can also request all attributes of a (or several) types and get them returned as an XML
- requires the auth key of a user and the user has to have auth key permission
- user can specify what should be returned (event / attribute) - currently only event is implemented
- user can specify 4 filters (value, type, category, org)
- all these fields can have several values separated by &&
- Values can be negated by putting "!" infront of them
- now uses the unified __fetchEvent method to retrieve the events
- __fetchEvent has a new optional parameter "idList" which restricts the results to an array of event IDs.
- The height calculation did not take into account gaps between child elements caused by them having several children. This caused a newly added sibling's children to overlap. Fixed by compensating for the vertical displacement between children when returning the height data.
- When looking at an event, a user should not be able to delete the pivot path that he/she took to get to that particular event.
- Deleting the root pivot item is an exception, this will simply reset the pivoting.
- conversion of the array in the XML export to be compatible with the XML parser (some invalid characters could break it)
- New separate CSV export that includes all visible unpublished and non IDS signature attributes on request