1. 01 Sep, 2020 6 commits
  2. 31 Aug, 2020 8 commits
    • Vincent Pelletier's avatar
      synchronizeDynamicModules: Flush ZODB cache. · e5cb7960
      Vincent Pelletier authored
      Should fix most of the cases where reloading components cause breakage.
      There is still a race condition between a transaction's cache being
      actually flushed (which can only happen at transaction boundaries) and
      another transaction doing the actual class reload, which will
      immediately affect all the started transactions in the same process.
      e5cb7960
    • Jérome Perrin's avatar
      testDynamicClassGeneration: check broken dynamic classes can be repaired · 1f69c0d7
      Jérome Perrin authored
      Once a portal type class became available again, instances of this classes
      should no longer be broken and can be modified again
      1f69c0d7
    • Jérome Perrin's avatar
      testDynamicClassGeneration: explicitly create a Base Type in test · c7239458
      Jérome Perrin authored
      Some other types (Gadget Type) are currently lacking the interaction workflow
      which resets the dynamic classes.
      c7239458
    • Jérome Perrin's avatar
    • Jérome Perrin's avatar
      base: ensure migrated persons have a user_id · bc67c2c4
      Jérome Perrin authored
      Persons created before the introduction of ERP5 Login and user_id will only
      have a user_id after migration if they were already user before migration,
      otherwise they will not have a user_id and creating assignments and ERP5 Login
      for this person creates a user which can not log in the system.
      
      To make it possible for these persons to login anyway, we ensure person has a
      user id when validating a login
      bc67c2c4
    • Jérome Perrin's avatar
      base: restrict changing a user id · 45d16764
      Jérome Perrin authored
      while setting an initial user id should be allowed for any user which can
      create a person, changing an already set user id can have security
      implications, so we protect it with a more strict permission
      45d16764
    • Jérome Perrin's avatar
      core: display login in caption · b9cdfb58
      Jérome Perrin authored
      user_id are technical things that should not be displayed to users.
      
      In the case of tokens, for now we show "something that's not user id / not the
      token secret". That's not ideal but as far as I know whe don't really have use
      cases of tokens to show a page where user caption would be displayed.
      b9cdfb58
    • Jérome Perrin's avatar
      Fix issues with Person.setUserId unicity check · d87bda30
      Jérome Perrin authored
      Person.setUserId is heavy, it serializes person module to prevent concurrency,
      but in some cases we the risk of having duplicate user ids is under control, so
      we don't want to pay the performance price.
      
      See merge request !1242
      d87bda30
  3. 27 Aug, 2020 1 commit
  4. 26 Aug, 2020 1 commit
  5. 25 Aug, 2020 3 commits
  6. 24 Aug, 2020 4 commits
  7. 21 Aug, 2020 5 commits
  8. 19 Aug, 2020 8 commits
  9. 18 Aug, 2020 2 commits
  10. 17 Aug, 2020 2 commits
    • Jérome Perrin's avatar
      base: don't check unicity when migrating Person.reference to user_id · 3ee1dfb0
      Jérome Perrin authored
      This activity is spawned on all nodes, which cause too many conflicts.
      We can take the risk here, assuming that references were already OK
      before migration.
      3ee1dfb0
    • Jérome Perrin's avatar
      base: introduce Person.initUserId · f8cd3922
      Jérome Perrin authored
      Person.setUserId does expensive checks to ensure that user ids are
      uniques, but the default id generator already guarantees unicity, so
      when default id generator is used we don't need Person.setUserId unicity
      checks.
      
      Now when generating user ids, we only consider user id conflict with existing
      users, because it's not so expensive and might still happen, for example if
      user ids have been migrated from person references when erp5_users PAS plugin
      was used.
      person.setUserId still performs the expensive checks to prevent duplications
      against other transactions using person.setUserId, but not against other
      transactions using person.initUserId
      f8cd3922