• last updated 9 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Replace leftover occurrences

Deprecate notification::get_delivery_method_id, same as notification::delivery::get_id and looking more established

    • -2
    • +2
    ./tcl/test/notifications-test-procs.tcl
  1. … 5 more files in changeset.
Deprecate notification::get_interval_id, duplicated by notification::interval::get_id_from_name which appears to be more established

    • -21
    • +38
    ./tcl/test/notifications-test-procs.tcl
  1. … 3 more files in changeset.
Prefer flushing the cache, this addresses the automated test, where multiple insert/deletion are performed in the same request

Extend test

    • -12
    • +36
    ./tcl/test/notifications-test-procs.tcl
Cache the new type_id immediately in the (rare) event that a type was created in a previous request with the same name and then deleted

Expand test

    • -1
    • +10
    ./tcl/test/notifications-test-procs.tcl
Fix typo in xql file

    • -1
    • +1
    ./tcl/notification-request-procs-postgresql.xql
Extend notifications tests

    • -0
    • +154
    ./tcl/test/notifications-test-procs.tcl
Prefer the non cached api when deleting, as the id is cached in the thread and could be stale

Some tests for the notifications api, more to come

    • -0
    • +110
    ./tcl/test/notifications-test-procs.tcl
file notifications-test-procs.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./tcl/test/notifications-test-procs.tcl
Added parameter for sweep interval for stale notification as stated in a comment already.

Many thanks to Franz Penz for pusing this.

improve input validation

Fixes for Oracle 19c: make query portable to Oracle by replacing USING by explicit ON joins

This fixed the following problem, where the problem is not easy to spot on first sight:

[16/Feb/2022:13:26:09][12845.7efd2d3e1700][-sched:0:41:22-] Error: nsoracle.c:1367:OracleSelect: error in `OCIStmtExecute ()': ORA-00904: "NOTIFICATION_REQUESTS"."USER_ID": invalid identifier

: SQL:

: select notification_id,

: notif_subject,

: notif_text,

: notif_html,

: file_ids,

: user_id,

: request_id,

: type_id,

: delivery_method_id,

: response_id,

: notif_date,

: notif_user,

: acs_permission.permission_p(notification_requests.object_id, !>>>!notification_requests.user_id, 'read') as still_valid_p

: from notifications inner join notification_requests using (type_id, object_id)

: inner join acs_objects on (notification_requests.request_id = acs_objects.object_id)

: left outer join notification_user_map using (notification_id, user_id)

: where sent_date is null

: and creation_date <= notif_date

: and (notif_date is null or notif_date < current_timestamp)

: and interval_id = :interval_id

Deprecate oacs_util::vars_to_ns_set: modern ns_set idioms make this proc obsolete

    • -5
    • +11
    ./tcl/notification-request-procs.tcl
  1. … 3 more files in changeset.
Reduce divergency between oracle and postgres codebase

fix release dates in .info files

  1. … 82 more files in changeset.
release work

  1. … 204 more files in changeset.
bump version numbers of 5.9|5.10 packages to 5.10.0b1

adjust dependencies

  1. … 87 more files in changeset.
Notification request cleanup refactoring

One of the most expensive operations in large site is the cleanup for

notification_requests in situations, where the user has lost

permissions on an object, on which the user wanted to receive

notifications. This check was performed previously in

notification::sweep::cleanup_notifications via a permission check over

all notification requests, which can be very costly on large

sites. This change moves this cleanup into the actual notification

sending, where the permissions have to be sent anyhow.

Fix typo in comment

When sending a notification on behalf of a person, if the system is not configured to process replies to notification, do not set the reply-to address to anything different than the sender

Cleanup leftover file

Remove attack surface

Check permissions when one accesses the script and also when one performs the actual unsubscribing operation

Harden safety: require login, do not let people outside the requester fiddle with the frequency

reduce public footprint

mark private functions as private

  1. … 9 more files in changeset.
make clear from the user-interface that admin is managing the notifications of someone else