• last updated 17 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
file external-logins.adp was initially added on branch oacs-5-10.

simplify code

avoided subst in export_vars when not necessary

  1. … 1 more file in changeset.
Deprecate acs-subsite/www/shared/db-error and move a copy to acs-subsite/lib/shared/db-error, replace occurrences, adjust dependencies

  1. … 7 more files in changeset.
file db-error.adp was initially added on branch oacs-5-10.

Deprecate template::util::is_true, implemented as a simple string command oneliner since 2015 and inline occurrences

  1. … 33 more files in changeset.
Localize subsites UI on the homepage

150px is not enough. In general, these setting should be performed via style files.

Fixes for Oracle 19c: boolean types in query

This fixes the following bug for Oracle:

[13/Feb/2022:17:53:36][8701.7f9f62f0b700][-conn:oacs-5-10-0:default:0:0-] Error: nsoracle.c:1367:OracleSelect: error in `OCIStmtExecute ()': ORA-00920: invalid relational operator

:

: SQL:

:

: select p.package_id,

: p.instance_name,

: n.node_id,

: n.name,

: :subsite_url || n.name as url,

: (select count(*)

: from group_approved_member_map m

: where m.rel_type = 'membership_rel'

: and m.group_id = ag.group_id) as num_members,

: (select min(r2.member_state)

: from group_member_map m2,

: membership_rels r2

: where m2.group_id = ag.group_id

: and m2.member_id = :untrusted_user_id

: and r2.rel_id = m2.rel_id) as member_state,

: g.group_id,

: g.join_policy

: from site_nodes n,

: apm_packages p,

: application_groups ag,

: groups g

: where n.parent_id = :subsite_node_id

: and p.package_id = n.object_id

: and p.package_key in ('acs-subsite')

: and ag.package_id = p.package_id

: and g.group_id = ag.group_id

: and (g.join_policy !>>>!!= 'closed' or acs_permission.permission_p(p.package_id, :untrusted_user_id, 'read'))

: order by lower(instance_name)

:

Fixes for Oracle 19c: boolean types in query

This fixes the following bug for Oracle:

': ORA-00920: invalid relational operator

:

: SQL:

: select p.package_id,

: p.instance_name,

: n.node_id,

: n.name

: from site_nodes n,

: apm_packages p,

: apm_package_types t

: where n.parent_id = :subsite_node_id

: and p.package_id = n.object_id

: and t.package_key = p.package_key

: and t.package_type = 'apm_application'

: and acs_permission.permission_p(p.package_id, :user_id, 'read')

: !>>>!order by upper(instance_name)

:

improve safety of SQL queries

  1. … 4 more files in changeset.
Use the new 'email' input type widget

  1. … 1 more file in changeset.
Use the new 'url' and 'email' input type widgets

  1. … 1 more file in changeset.
improve spelling

  1. … 16 more files in changeset.
use "-varname" parameter for message_exists_p

  1. … 1 more file in changeset.
Fix remaining occurrence of "screen_name" variable used to actually tell HOW to display the screen_name

Use ad_include_contract

Add ad_include_contract

bug-fix: don't use variable "screen_name" for controlling display of ScreenName,

since it used as value for the actual screen name as well.

as a consequence, user got e.g. a value of "none" set as their acutal screen name, which

lead to a conflict with the unique screen name constraint of the data model

the conflicst with CVS: ----------------------------------------------------------------------

provde a global variable as transitional code for controlling passing of password as query variable

  1. … 2 more files in changeset.
don't pass sensitive information (e.g. password) as query variable, but use client properties instead.

see also issue #3344

  1. … 5 more files in changeset.
Add a new instance parameter 'LoginPasswordAutocomplete' with the value of the 'autocomplete' attribute of the password field of the login form, to let each subsite decide.

  1. … 1 more file in changeset.
Rework query to use permission api instead of just removed materialized views

Modernize logic for protecting against cached passwords from forms,

when users log out and other users use the back button (for Nora).

- switch to more modern caching prevention

- add CSRF protection to login form against forgery requests

- none of the cache-preventing mechanisms helps when the user

stores the password in the browser (no change to the past).

- For admins of existing sites: alter kernel parameter

"LoginPageExpirationTime" to 0 make use of this feature

  1. … 2 more files in changeset.
whitespace changes

obtain default authority_id via "auth::authority::get"

  1. … 3 more files in changeset.
Do not abort when returning a message

Fix regression retrieving the member state

Remove dead adp code: if user is found and token is correct, email_verified_p will be always true, because it is forcefully set by the proc. In any other case, we will execute a different adp (lib/message)