* Remove the `render_author` method as it is unnecessary
* Add the necessary paths, clarify the param to wiki_provider path
* Rework the representers, merge upstream changes to the create contract
* Remove unnecessary mixin and make everything read-only
* Create Endpoint for POST /api/v3/wiki_page_links
* Incorporates @Kharonus feedback in testing multiple page link creation
This error is intended for cases when a method is
intentionally not implemented, because the module/class defining
it expects a subclass (or class including the module) to implement
the method.
This is intended to distinguish it from other cases, such as:
* feature not implemented yet
* edge case of a method call not yet supported
Notably it avoids the misuse of the Ruby-defined NotImplementedError,
which is only intended for much more specific scenarios:
> Raised when a feature is not implemented on the current platform. For example, methods depending on the fsync or fork system calls may raise this exception [...]
Also see https://docs.ruby-lang.org/en/master/NotImplementedError.html
`derivedRemainingTime` is not writeable. That's specified in the work
package contract. But as the payload representer was using a lambda for
`:writable` for `derivedRemainingTime`, the writability given by the
contract was ignored, and it was always added if the lambda returned
`true` (and it always returned true in work-based mode).
It produced issues like when copying a work package having a
`derivedRemainingTime` being set, as reported in
https://community.openproject.org/wp/55656.
Removing the lambda makes the representer solely rely on the contract to
determine the writability of the `derivedRemainingTime` property, and
fixes the issue.
* Add pageSize=1000 to dynamic form components
* revive magic number for page size
Providing -1 will result in the maximum page size being chosen. The magic number used to be 0 but that conflicts with the use case of really wanting no results to be included, e.g. when only interested in the total number or sums
Co-authored-by: ulferts <jens.ulferts@googlemail.com>
* Add setting for whitelist
* Make attachments API BaseServices compatible
* Add prepare service and contract
* Correctly pass the filename to the UploadedFile
* Add presence check to filename
* Fix expected validation message
* We no longer raise a multipart error when metadata is empty
* Fix filesize validation on prepared uploads
* Add parser error if invalid metadata json
* When attachment is not saved, use filename property
* Return correct error message on JSON parser erroro
* Fix specs
* Use attachment upload representer
* Fix direct uploads mocks with new service layer
* Lint
* Fix export job using attachment service
* Fix IFC controller using attachment prepare service
* Fix export job
* RenameRename params_getter to params_source
* Fix mail handler using attachment service
* Fix usage of attachment create service in documents
* Reuse shared examples for document attachment spec
* Fix stubbed attachment service in export job spec
* Use admin user in backup spec
* Fix export job for bim
* Fix attachment integration spec
* Fix issues_controller spec
* Make budget resource spec reuse common examples
* Fix attachment parsing representer spec
* Replace prepare part of attachment spec into separate service spec
* Clear cache for login spec
* Convert document create/update into services
* Budget services
* Allow options to be passed to property twin
* Remove setting author on budget initialize
* Replace meetings update with services
* Replace ifc models attachment handling with services
* Don't check uploader if changed by system
* Fix uploader being changed by system
* Replace wiki page attach_files with attachable services
* Replace avatar saving
* Replace snapshot attach_files
* Skip double validation when container present
* Set snapshot through attachment service
* Remove attach_files
* Validate content type in contract
* Enforce writing the content type without accepting user input
* Expect changed content_type
* Fix content of viewpoint image to get correct content type
* Fix tsv spec
* Add create contract spec
* Bypass whitelist in internal services when conflicting with user
* Fix expects in specs after whitelist bypass
* Render contract errors for wiki
* Add before_hook to bodied to allow to pre-authorize permissions
* Budget errors from contract
* Document errors from contract
* include custom message in membership forms
* keep pristine params to be able to pass it to the state
* fix indentation on projects api docs
* pass grape instance around in default endpoints
The grape instance has readily available access to all the objects (params, current_user) so less individual parameters need to be passed. This also avoids having to store the grape endpoint in a potentials not thread safe variable
* send custom message out on membership creation
* send custom message on membership update
* send custom message even if setting disabled
* restore params interface
* add custom message description to schema
* describe notificationMessage in the api documentation
* extract meta payload functionality into mixin
* ensure password in spec meets requirements
* Update docs/api/apiv3/endpoints/members.apib
Co-authored-by: Oliver Günther <mail@oliverguenther.de>
* Update docs/api/apiv3/endpoints/members.apib
Co-authored-by: Oliver Günther <mail@oliverguenther.de>
* Update docs/api/apiv3/endpoints/members.apib
Co-authored-by: Oliver Günther <mail@oliverguenther.de>
* Update docs/api/apiv3/endpoints/members.apib
Co-authored-by: Oliver Günther <mail@oliverguenther.de>
* Update docs/api/apiv3/endpoints/members.apib
Co-authored-by: Oliver Günther <mail@oliverguenther.de>
Co-authored-by: Oliver Günther <mail@oliverguenther.de>
* Create copy project endpoint
* Add representers
* Add _meta representer for copy module information
* Add Meta payload representer
* Extract parsing of copy attributes into service
* Extract enqueue job for projects copy
* Keep request object available in the bodied endpoint
this allows us to access grape (e.g., for redirecting)
* Add DelayedModify endpoint that redirects to job status
* Use DelayedModify endpoint for copying projects
* Add api paths for form/copy
* Disable cache on ProjectCopyPayload
* Add spec
* Add resource spec
* Extend schema for meta
* Extend docs
* Don't pass service result, but state as meta to forms
* Use copy dependencies for naming copy options in API
* Add description property for counting
* Remove unused action attribute
* Skip writable checks on meta property for payloads
* Use prepend to allow create(...) usage with meta
* Extend copy spec with custom fields usage
* Add spec for copy flags
* Add todos
* Pass errors correctly to copy settings
* Remove invalid parameters to copy that are now caught through project service
* Remove duplicated validation
* Linting
* Make count a human readable, formattable description string
* Make source count string readable
* Provide the source project for generating the counts
* Extract copying of attachments into sepearate dependent services
This will allow the API to dynamically generate a copy association schema from each dependent service
* Add spec for copy schema representer
* Add payload representer spec
* Also validate the model to pass the validations when copying
* Make description optional and add note to schemas.apib
* Add send_notifications to representer
* Allow to configure sendNotifications
* Allow bodied to receive a state process callback
That allows us to manage the meta state on the API level, not on the service level
* Make other services compatible with BaseCallable
* Fix params passing from BaseCallable
Wrapping a single hash into kwargs obviously loses their key indifference
and we can't expect all services to use a single params object. Older services use kwargs
* Copy wiki page with parent_id
This will save some memory instead of memoizing the entire wiki page
* Fix typo
* Default to true for all copy associations
That means if only a true value is passed, all other options will still be true
* Do not try to copy attachments if the base dependency wasnt copied
* Ensure null identifier gets rendered
* Fix paths to the form and commit
* Change redirect to an URL
* Extend documentation on meta properties as table
* Ensure we pass a default params if incoming params are nil
Now that SetAttributes needs to splat params, they do no longer
correctly get the no-param-default behavior of Ruby, so we need to
explictly assign a default params hash
* Fix expect for trailing path
* Capabilities API
* introduce auxilliary capability model
* capability model and query
* render in sql
* fix pagination
* introduce sql representer
* extract abstract sql representer class
* remove yet unused methods
* abstract sql collection representer
* contract_actions as part of permissions
* filter for capability id - used in GET
* id filter validation
* remove unused representer
* remove unused wp representer
* reuse renaming class
* add spec for access control
* add principal filter to capability
* add context filter
* extract capability sql into scope
* admin gets all capabilities
* require to have one filter set to keep performance bearable
* consider active project modules for capabilities
* limit capability based on principal visiblity and user state
* rework capability to be tableless
* spec not being allowed to see on request level
* add actions to capability representer
* add action api
* extract sql index endpoint
* remove unused class
* prepare sending signaling error - not yet frontend exposed
* extract show endpoint for sql rendered responses
* use UNION for better performance
* include navigation links on collections
* remove string replacements
* extract collection representer into hal sql module
* no capabilities when blocked
* remove commented out code
* Add global permission for add_user
* Rename fieldset for global roles to "Global"
* Add permission to admin actions
* Add index action to add_user permission
* Redirect to first admin item if only one
* Hide status action for non admins
* Break down user form into partials for easier rendering
* Disable some user form tabs for non-admins
* Make users API and services conformant with endpoints
* Fix references to DeleteService#deletion_allowed?
* Authorize add_user on show as well
* Only show invite user toolbar item with permission
* Fix Delete Service spec
* Fix the way user prefs are handled in service
* Ensure session_id is treated as string
This causes a cast error otherwise as it passes rack session locally
* Fix service call on onboarding controller
* Fix service call on users controller
* Add delete spec for global user
* Hide login attribute again when adding a new user
* Render auth source correctly in simple form
* Fix creating invited users through service
The invitation requires the mail attribute to be present.
Previously, there was a manual error added to the mail.
As the errors are now determined by the contract + model, we now
end up with all missing properties as errors.
* Properly constraint attributes for non-admins
* Add specs for global user
* Start working on how to update password from UsersController
that code is a mess...
* Change permitted_params spec to include non-admin params
* Fix create user service spec
* Remove mail_notification param from users controller
It's not part of the contract/params passed to user
* Remove todos
* Extend docs
* Correct the way backlogs patches into the user settings
* Remove superfluous UpdateUserService
* Rewrite duplicated update service examples into common shared example
* Remove duplicate password writable check
* Base Users::DeleteContract on base delete contract
* Move checks for active users into the UserAllowedService
* Restore password writable check as it is not an attribute
* Fix menus for global user
* Allow global users to add custom fields
* Allow global user add permission to reinvite user
* Fix changed var name in update service spec
* Ensure also invited or registered users can be authroized
This ensure that e.g., invited users can also be set as watchers
* fix typo
Co-authored-by: ulferts <jens.ulferts@googlemail.com>
Updates the copyright to 2021 for all files that have a copyright. Files in our source code without the copyright header still do not receive one automatically. Additionally, backlisted files are also excluded.
Previously the copyright of chiliproject which references redmine stated a copyright of redmine up to and including 2017 which is not true for the code we have in here. Because of that I changed that to 2013
Marcello Rocha