- 04 Oct, 2023 2 commits
-
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
- 03 Oct, 2023 1 commit
-
-
Yusei Tahara authored
-
- 02 Oct, 2023 4 commits
-
-
Roque authored
See merge request nexedi/erp5!1824
-
Roque authored
- grid of blocks - set of block templates - randomization conditions - new terrarin texture - refine enemy drone collision - more aggressive enemies
-
Roque authored
- drop import/export json - API for operator script - map utils class update - doc api update - all visible map parameters are geo - allow to run twice - fix default ai drone script distance fn - fix flag elements position (altitude) - better error handling
-
Roque authored
- add a new operator script editor - update finish rules and scoring system - refactor map parameters - map randomization is done now by new class map utils - update init flag info msg - import/export script feature - update web site CSP - ui: activate js syntax in user script editor - ui: styles, section titles, etc - doc api update - fixes/refactoring -- fix default target coordinates bug -- control empty/invalid user scripts -- raise an error on user script syntax error -- fix onUpdate timestamp parameter (to integer milliseconds) -- fix drone loiter (based on nexedi/erp5!1817/)
-
- 29 Sep, 2023 1 commit
-
-
Yusei Tahara authored
-
- 28 Sep, 2023 2 commits
-
-
Jérome Perrin authored
-
Georgios Dagkakis authored
PDF_viewPDFJSPreview/my_data Anyway, we are in PDF context, it can work even if content_type is not set
-
- 27 Sep, 2023 1 commit
-
-
Georgios Dagkakis authored
-
- 19 Sep, 2023 2 commits
-
-
Jérome Perrin authored
it can happen that getEffectiveModel does not find a model, this is currently causing activity failures in indexation of transformations. Tolerate errors here because this is not an error but just a sign of invalid user data.
-
Jérome Perrin authored
-
- 14 Sep, 2023 2 commits
-
-
Julien Muchembled authored
Due to some debug code, it never checked anything.
-
Yusei Tahara authored
Spin is too much and waste cpu resource.
-
- 12 Sep, 2023 1 commit
-
-
Jérome Perrin authored
This is a first step to stop using "unsafe" web sections. This updates support request app to not require `script-src: unsafe-eval` and `style-src: unsafe-inline` in the CSP. Dropping `script-src: unsafe-eval` is made possible by using domsugar instead of handlebars for dynamic content. Dropping `style-src: unsafe-inline` by using CSS files instead of inline `style` attributes in the DOM. One minor regression is that the tooltips from the graph on the front page gadget will cause warning because of `unsafe-inline` and not render the series color. This application was also modernized a bit, it now uses the HTML viewer gadget to display post contents and supports translation. See merge request nexedi/erp5!1821
-
- 11 Sep, 2023 3 commits
-
-
Julien Muchembled authored
The use case is a listbox method being called for a document A and returning objects that: - aren't children of A - but wrapped with `.__of__(A)` By using `aq_self` instead of `aq_base`, the listbox could still acquire from the real parent of the returned object and wrongly access an attribute directly (e.g. comment) instead of using an appropriate method (if there's no `comment` attribute, getComment returns ''). See merge request nexedi/erp5!1820
-
Julien Muchembled authored
-
Julien Muchembled authored
The purpose is to be able to use the amount generator during indexation. At some point, it executes: if amount.getQuantityUnit(): ... for x in property_dict.iteritems(): amount._setProperty(*x) where `amount.getQuantityUnit()` may getResource before it is set. Any further access to the resource category would be wrong. There may be a way to only change the amount generator but this kind of pitfall is likely to happen in many other places if we keep such a read-only transaction cache for new or temp objects. See merge request nexedi/erp5!1818
-
- 08 Sep, 2023 8 commits
-
-
Georgios Dagkakis authored
See merge request !1819
-
Jérome Perrin authored
- switch to programmatic creation of DOM element using domsugar instead of using handlebars which needs CSP - use gadget_html_viewer to display post contents - more translation support
-
Jérome Perrin authored
To work 100% this needs "style-src: unsafe-inline" in the CSP, without this the popup on hover does not show the series color - which in our case is better than using the CSP. also drop obsolete appcache, browsers no longer use this. reference: https://github.com/apache/echarts/issues/16610
-
Gabriel Monnerat authored
-
Jérome Perrin authored
it was same as testSupportRequestPanelTranslation, but with less assertion, probably I made a mistake in renaming
-
Jérome Perrin authored
Using "Number" was not good for translations and maybe not so good in english either.
-
Jérome Perrin authored
Using verifyImageMatchSnapshot with 20 is sometimes not enough to detect some significant differences
-
Jérome Perrin authored
these are not used anymore
-
- 07 Sep, 2023 4 commits
-
-
Georgios Dagkakis authored
to new suite, renderjs_ui_autocomplete_attribute_suite
-
Georgios Dagkakis authored
to test the autocomplete attr of fields
-
Vincent Pelletier authored
Base_callDialogMethod may not provide REQUEST nor RESPONSE, and may provide other arguments. Make the former optional, ignore the latter, and fallback on RequestContainer's magic when REQUEST is None.
-
Yusei Tahara authored
<dtml-sqlvar "None" type=nb> should be 'null'.
-
- 06 Sep, 2023 4 commits
-
-
Georgios Dagkakis authored
-
Georgios Dagkakis authored
-
Georgios Dagkakis authored
For TextWidget, PasswordWidget and ListWidget only To define the autocomplete HTML attribute of the field
-
Jérome Perrin authored
Fixes `Uncaught Error: Language id "vs.editor.nullLanguage" is not configured nor known` errors with html using script type handlebars
-
- 04 Sep, 2023 5 commits
-
-
Vincent Pelletier authored
During the response process (especially setBody), HTTPResponse accesses and updates some response headers in its "headers" property (a dictionary). addHeader puts the response headers in a list which will not be updated by HTTPResponse. This is "more correct" from an RFC perspective, as any header specified as being a sequence of values delimited by commas may be split among multiple headers. So, keep using addHeader by default, but special-case some headers which are accessed and must be successfully updated by HTTPResponse itself so that those headers are set using setHeader, which updates the "headers" property.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
For better compatibility, as not all templates may be reconfigured to post in application/x-www-form-urlencoded. Also, tolerate a missing Content-Type request header, treating as an unhandler type instead of raising a KeyError exception.
-
Vincent Pelletier authored
Fernet tokens are urlsafe-base64-encoded, so re-encoding them is useless. This change breaks compabitility with what should be a transient login state (lasting as long as the login form is opened in any browser). So the consequence is that a user failing to authenticate will be redirected to a safe location (ex: the website's home page) instead of getting to the login form again. This should not be worth either a systematic double-decrypting (which could lead to harder to debug decryption errors) or some heuristic trying to guess if the value is in fact double-encoded.
-
Vincent Pelletier authored
For simplicity and readability.
-