Seamus Lee [Tue, 23 Mar 2021 02:08:09 +0000 (13:08 +1100)]
Merge pull request #19764 from JMAConsulting/core-59
core#59: Address location type search errors when using a search profile
Seamus Lee [Tue, 23 Mar 2021 02:04:02 +0000 (13:04 +1100)]
Merge pull request #19871 from eileenmcnaughton/acl
Return from getACLRoles when contactID is not null
eileen [Tue, 23 Mar 2021 01:07:16 +0000 (14:07 +1300)]
[REF] Fold getACLs back into the calling function
Not called in the civi universe
eileen [Tue, 23 Mar 2021 00:29:45 +0000 (13:29 +1300)]
Return from getACLRoles when contactID is null
I've made this patch the least possible code wise to allow brain space to think about the query....
Basically the where is WHERE acl.entity_table='civicrm_acl_role'....
if contact_id is set it becomes AND acl.entity_table = 'civicrm_contact'
Which means that it would only ever return empty results
(once this is merged more cleanup can happen but I wanted to
make this change easy to think through)
Eileen McNaughton [Tue, 23 Mar 2021 00:26:10 +0000 (13:26 +1300)]
Merge pull request #19869 from eileenmcnaughton/acl
[REF] Simplify BAO_ACL table references
Tim Otten [Mon, 22 Mar 2021 23:40:39 +0000 (16:40 -0700)]
info.xml - Allow PSR-0 style class-loader declarations
Before
------
If an extension defines a class in the style of `CRM_Foo_Bar`, then it
*must* use `hook_civicrm_config` and modify the `include_path`.
```php
function mymod_civicrm_config(&$config = NULL) {
$extRoot = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$include_path = $extRoot . PATH_SEPARATOR . get_include_path();
set_include_path($include_path);
}
```
Consequently:
* The `include_path` gets rather long.
* Setting up the extension class-loader is not sufficient for loading these classes. You must
wait until the DB has initialized and the `hook_civicrm_config` has fired.
After
-----
An extension *may* setup classloading in `info.xml`, e.g.
```xml
<classloader>
<psr0 prefix="CRM_" path="" />
</classloader>
```
If the `<psr0>` style is used, then it is possible to scan the extension
classes without fully booting the extension. This is a pre-requisite for
using interfaces, annotations, or similar for event-registration.
Comments
--------
* This style closely parallels the `<psr4>` support in `info.xml`, and it parallels the semantics of `composer.json`.
* It is still valid for an extension to set `include_path` -- that works the same as ever.
eileen [Sun, 21 Mar 2021 22:16:33 +0000 (11:16 +1300)]
Remove exposure of implied_permissions beyond class
eileen [Sat, 13 Mar 2021 02:31:48 +0000 (15:31 +1300)]
Add new Super-duper-no-permissions-apply permission
We discussed in the context of search kit that there are 2 competing concepts of
'administer CiviCRM'
1) like drupal user 1, can do anything
2) role that has various administrative access but acls etc still apply
In search kit we have an interest in allowing users who won't do dumb things
the ability to expose data to people who otherwise would not have access to that data
- e.g to create a listing of event participants to expose to anonymous users.
This effectively means we are giving people the power to create displays
that set check_permissions to FALSE. This would potentially enable people
to not just bypass ACLs applied to others but also acls applied to them.
In order words it could be a privellege escallation.
To prevent any unexpected escallation we decided that this ability
should only be given to contacts who explicitly have access to everything
anyway. There is no existing permission that does this (although
there is a perception that there is)
eileen [Mon, 22 Mar 2021 21:10:11 +0000 (10:10 +1300)]
[REF] Simplify BAO_ACL table references
It does not appear to me, from my testing that the value in entity_table could
be something other than the actual table name (in fact I suspect
it would only ever be civicrm_acl_role - I'm working to confirm that).
This simplifies and switches to executeQuery which is multilingual aware
Seamus Lee [Mon, 22 Mar 2021 22:33:16 +0000 (09:33 +1100)]
Merge pull request #19829 from vingle/patch-11
Add .clear class to break inline flow on social share footer
Eileen McNaughton [Mon, 22 Mar 2021 21:24:11 +0000 (10:24 +1300)]
Merge pull request #19716 from jitendrapurohit/lifetime
update to lifetime membership does not clear the end date
Seamus Lee [Mon, 22 Mar 2021 21:21:53 +0000 (08:21 +1100)]
Merge pull request #19866 from eileenmcnaughton/nfc
[NFC] Cleanup in test class
colemanw [Mon, 22 Mar 2021 20:44:11 +0000 (16:44 -0400)]
Merge pull request #19660 from totten/master-afform-token
Afform - Add support for email tokens `{afform.myFormUrl}`
colemanw [Mon, 22 Mar 2021 20:35:23 +0000 (16:35 -0400)]
Merge pull request #19858 from eileenmcnaughton/loop
Fix loop
Coleman Watts [Mon, 22 Mar 2021 16:01:43 +0000 (12:01 -0400)]
APIv4 - Add function to get api class name
Adding the "Case" entity is a problem because it's a reserved php keyword.
So we need to be able to have entity names that don't match their classname.
This function gives us a way to get api class names without guessing from the entity name.
Coleman Watts [Mon, 22 Mar 2021 19:16:32 +0000 (15:16 -0400)]
SearchKit - remove extra irrelevant fields from bridge joins
colemanw [Mon, 22 Mar 2021 14:04:38 +0000 (10:04 -0400)]
Merge pull request #19856 from colemanw/customFieldLabels
SearchKit - Include custom group title with custom field label
eileen [Mon, 22 Mar 2021 10:45:44 +0000 (23:45 +1300)]
Remove never-gonna-happen todos
eileen [Mon, 22 Mar 2021 10:41:28 +0000 (23:41 +1300)]
Share function for identical code
eileen [Mon, 22 Mar 2021 10:36:54 +0000 (23:36 +1300)]
Use custom data trait for custom data
eileen [Mon, 22 Mar 2021 10:30:46 +0000 (23:30 +1300)]
Remove call to deprecated function
eileen [Mon, 22 Mar 2021 10:20:23 +0000 (23:20 +1300)]
[NFC] Cleanup in test class
Eileen McNaughton [Mon, 22 Mar 2021 08:52:26 +0000 (21:52 +1300)]
Merge pull request #19864 from eileenmcnaughton/nfc
[NFC] Minor cleanup on test class
Seamus Lee [Mon, 22 Mar 2021 08:18:57 +0000 (19:18 +1100)]
Merge pull request #19861 from eileenmcnaughton/mem_tax
[REF] Simplify a couple of variables
eileen [Mon, 22 Mar 2021 07:20:28 +0000 (20:20 +1300)]
[NFC] Minor cleanup on test class
Seamus Lee [Mon, 22 Mar 2021 06:55:22 +0000 (17:55 +1100)]
Fix issue with no group by sql_mode
eileen [Tue, 16 Mar 2021 02:08:06 +0000 (15:08 +1300)]
Tighten mysql mode in test environment
At least one test fails (and the corresponding bug appears on our live site)
with the mysql modes IGNORE_SPACE, ERROR_FOR_DIVISION_BY_ZERO and STRICT_TRANS
(I think any 2 of the above is OK)
Let's throw it at jenkins & see how many friends it has
Eileen McNaughton [Mon, 22 Mar 2021 04:34:32 +0000 (17:34 +1300)]
Merge pull request #19603 from JMAConsulting/issue-2226
core#2226: Scheduled Reminder fails to send if From Name includes comma
eileen [Mon, 22 Mar 2021 04:14:32 +0000 (17:14 +1300)]
Update flexmailer default
Switches to defaulting to flexmailer, if enabled.
This should be merged in conjunction with https://github.com/civicrm/civicrm-core/pull/19806
in order to keep those on the default in consistent state
(ie they will already be getting display-rendering for custom fields
and that will still be the case if 19806 is merged)
eileen [Fri, 19 Mar 2021 21:20:09 +0000 (10:20 +1300)]
Move setting of _includesSoftCredits out of getQuery
We shouldn't be doing extra setting within the function
Eileen McNaughton [Mon, 22 Mar 2021 03:32:06 +0000 (16:32 +1300)]
Merge pull request #18466 from mattwire/scheduledJobFatalErrorHandler
Remove fatalErrorHandler from scheduled jobs manager
eileen [Mon, 22 Mar 2021 02:41:55 +0000 (15:41 +1300)]
[REF] Simplify a couple of variables
Rather than rely on these being passed around retrieve them with
a consistent function.
Note tax_amount is retrieved one other place but that is fixed in
https://github.com/civicrm/civicrm-core/pull/19757
Line item will be used less once
https://github.com/civicrm/civicrm-core/pull/19801 is merged
Seamus Lee [Mon, 22 Mar 2021 01:12:47 +0000 (12:12 +1100)]
Merge pull request #19857 from eileenmcnaughton/task1
[REF] Extract getQueryParams
Seamus Lee [Mon, 22 Mar 2021 01:09:09 +0000 (12:09 +1100)]
Merge pull request #19859 from civicrm/5.36
5.36
Seamus Lee [Mon, 22 Mar 2021 01:07:36 +0000 (12:07 +1100)]
Merge pull request #19728 from totten/master-authx-guards
(dev/core#2077) AuthX - Allow optional "guards"
colemanw [Mon, 22 Mar 2021 00:11:42 +0000 (20:11 -0400)]
Merge pull request #19812 from eileenmcnaughton/recur
[REF] Clarify & simplify is_recur param
Coleman Watts [Sun, 21 Mar 2021 22:11:59 +0000 (18:11 -0400)]
SearchKit - Include custom group title with custom field label
This makes it easier to tell custom fields apart in SearchKit when they have similar names to core or other custom fields.
This takes advantage of API4.getFields returning both a "title" and "label" attribute.
This keeps "title" the same while appending group title to "label".
colemanw [Sun, 21 Mar 2021 23:39:41 +0000 (19:39 -0400)]
Merge pull request #19825 from colemanw/api4BridgeJoinSubquery
APIv4 - Use subquery to LEFT JOIN via a bridge entity
eileen [Sun, 21 Mar 2021 23:19:47 +0000 (12:19 +1300)]
Fix loop
It turns out that if you 'break' advanced search (in my case
I applied a patch that caused invalid sql) it enters a loop.
I really can't see why 'while' would have ever made sense here.
There is nothing to cause it to 'move along'
eileen [Fri, 19 Mar 2021 21:13:56 +0000 (10:13 +1300)]
Extract getQueryParams
Coleman Watts [Sun, 21 Mar 2021 20:32:54 +0000 (16:32 -0400)]
SearchKit - Add "EXCLUDE" join type, to search for entities that do not have a relationship to another entity
Coleman Watts [Thu, 18 Mar 2021 01:53:31 +0000 (21:53 -0400)]
APIv4 - Use subquery to LEFT JOIN via a bridge entity
Bridge entities are supposed to be transparent in APIv4, but when LEFT joining,
an artifact of the double-join would give extraneous results.
Coleman Watts [Wed, 17 Mar 2021 12:41:54 +0000 (08:41 -0400)]
APIv4 - Simplify long function by extracting part of it
colemanw [Sun, 21 Mar 2021 20:50:36 +0000 (16:50 -0400)]
Merge pull request #19828 from eileenmcnaughton/act_contact_hook
dev/core#2390 Add hook support for Activity Contact
colemanw [Sun, 21 Mar 2021 20:36:27 +0000 (16:36 -0400)]
Merge pull request #19842 from eileenmcnaughton/task
[unreleased regression] Fix export contribution to share tasktrait
Eileen McNaughton [Sun, 21 Mar 2021 20:35:11 +0000 (09:35 +1300)]
Merge pull request #19853 from colemanw/api4ExplorerCssFix
Api4 Explorer - Prevent long results from breaking layout
eileen [Sun, 21 Mar 2021 20:33:54 +0000 (09:33 +1300)]
Fix ts to E::ts
Tim Otten [Thu, 4 Mar 2021 12:41:34 +0000 (04:41 -0800)]
authx - If 'authx_guards' is set, then enforce them
Tim Otten [Thu, 4 Mar 2021 10:17:01 +0000 (02:17 -0800)]
authx - Declare setting "authx_guards"
Eileen McNaughton [Sun, 21 Mar 2021 19:56:11 +0000 (08:56 +1300)]
Merge pull request #19826 from demeritcowboy/nomulticase
dev/core#2463 - Remove loop that since at least 5.23 does nothing for single cases and crashes for multiple, and for multiple recipients only uses the last activity id for 5.36+
Coleman Watts [Sun, 21 Mar 2021 19:11:02 +0000 (15:11 -0400)]
Api4 Explorer - Prevent long results from breaking layout
Eileen McNaughton [Sat, 20 Mar 2021 06:56:12 +0000 (19:56 +1300)]
Merge pull request #19852 from eileenmcnaughton/nfc_test
[NFC] Minor test cleanup
Seamus Lee [Sat, 20 Mar 2021 05:29:48 +0000 (16:29 +1100)]
Merge pull request #19851 from demeritcowboy/ids-php74
dev/core#2366 - Failing test for php 7.4 and IDS for non-admins
eileen [Sat, 20 Mar 2021 04:12:05 +0000 (17:12 +1300)]
[NFC] Minor test cleanup
Eileen McNaughton [Sat, 20 Mar 2021 03:11:24 +0000 (16:11 +1300)]
Merge pull request #19850 from seamuslee001/mysql8_logging_test_fix
[NFC] Fix logging schema test to work on MySQL8 as it no longer outpu…
demeritcowboy [Sat, 20 Mar 2021 02:58:11 +0000 (22:58 -0400)]
failing test for php 7.4 and IDS
Seamus Lee [Sat, 20 Mar 2021 01:49:08 +0000 (12:49 +1100)]
[NFC] Fix logging schema test to work on MySQL8 as it no longer outputs a length for int columns
Seamus Lee [Sat, 20 Mar 2021 00:08:56 +0000 (11:08 +1100)]
Merge pull request #19849 from seamuslee001/member_event_form_test_fixes
[NFC] Fix test failures on PHP 7.4 caused by either NULL being set fo…
Seamus Lee [Fri, 19 Mar 2021 23:27:12 +0000 (10:27 +1100)]
Merge pull request #19847 from seamuslee001/fix_test_failures_mysql8
[NFC] Fix Test failures on MySQL 8 caused by change in output of eith…
Seamus Lee [Fri, 19 Mar 2021 23:07:44 +0000 (10:07 +1100)]
Merge pull request #19846 from seamuslee001/fix_contribution_page_tests
[NFC] Fix PHP 7.4 errors on ContributionPage tests
Seamus Lee [Fri, 19 Mar 2021 23:06:06 +0000 (10:06 +1100)]
Merge pull request #19845 from seamuslee001/fix_membership_type_test
[NFC] Fix Membership Type Test error on php7.4
Seamus Lee [Fri, 19 Mar 2021 22:47:55 +0000 (09:47 +1100)]
Merge pull request #19844 from seamuslee001/php74_membership_api_fix
[REF] Fix APIv3 MembershipJob test failure on php7.4 by only doing ch…
Seamus Lee [Fri, 19 Mar 2021 22:45:52 +0000 (09:45 +1100)]
[NFC] Fix test failures on PHP 7.4 caused by either NULL being set for the membership_type_id or Payment Processor not being set on the form
Seamus Lee [Fri, 19 Mar 2021 22:17:14 +0000 (09:17 +1100)]
[NFC] Fix Test failures on MySQL 8 caused by change in output of either create table or Column names in queries
Seamus Lee [Fri, 19 Mar 2021 21:54:54 +0000 (08:54 +1100)]
[NFC] Fix PHP 7.4 errors on ContributionPage tests
Seamus Lee [Fri, 19 Mar 2021 21:37:06 +0000 (08:37 +1100)]
[NFC] Fix Membership Type Test error on php7.4
Seamus Lee [Fri, 19 Mar 2021 21:29:30 +0000 (08:29 +1100)]
[REF] Fix APIv3 MembershipJob test failure on php7.4 by only doing checking if it is not empty
eileen [Fri, 19 Mar 2021 20:55:47 +0000 (09:55 +1300)]
Fix export contribution to share tasktrait
colemanw [Fri, 19 Mar 2021 19:07:12 +0000 (15:07 -0400)]
Merge pull request #19787 from demeritcowboy/cancel-button
dev/financial#170 - Cancel button on financial batch export is no longer an input so code needs updating
colemanw [Fri, 19 Mar 2021 17:43:16 +0000 (13:43 -0400)]
Merge pull request #19839 from tschuettler/core_2466
(dev/core#2466) - Drop HTML markup in exports for link custom fields
colemanw [Fri, 19 Mar 2021 17:43:00 +0000 (13:43 -0400)]
Merge pull request #19834 from eileenmcnaughton/seq
Code cleanup in bootstrap.php
colemanw [Fri, 19 Mar 2021 12:18:25 +0000 (08:18 -0400)]
Merge pull request #19835 from eileenmcnaughton/task
[REF] Minor function extraction
Thomas Schüttler [Fri, 19 Mar 2021 11:25:34 +0000 (12:25 +0100)]
Drop HTML markup in exports for link custom fields
Seamus Lee [Fri, 19 Mar 2021 08:57:16 +0000 (19:57 +1100)]
Merge pull request #19838 from eileenmcnaughton/nfc
[NFC] Minor coding standards cleanup
Seamus Lee [Fri, 19 Mar 2021 03:52:54 +0000 (14:52 +1100)]
Merge pull request #19836 from eileenmcnaughton/legacy
Remove legacy phpunit param
eileen [Fri, 19 Mar 2021 02:50:51 +0000 (15:50 +1300)]
[NFC] Minor coding standards cleanup
eileen [Fri, 19 Mar 2021 01:32:32 +0000 (14:32 +1300)]
[REF] Minor function extraction
Seamus Lee [Fri, 19 Mar 2021 02:02:27 +0000 (13:02 +1100)]
Merge pull request #19833 from eileenmcnaughton/test
Remove safe+mode setting
eileen [Fri, 19 Mar 2021 02:00:19 +0000 (15:00 +1300)]
Remove legacy phpunit param
Seamus Lee [Fri, 19 Mar 2021 01:48:18 +0000 (12:48 +1100)]
Merge pull request #19832 from seamuslee001/core_ext_void
[NFC] Add in Void statements on varios Core Ext Tests to future support PHP…
Eileen McNaughton [Fri, 19 Mar 2021 01:10:58 +0000 (14:10 +1300)]
Merge pull request #19624 from agileware/CIVICRM-1670
Issue #2384 - Remove text about email receipts for each recurring contribution
eileen [Fri, 19 Mar 2021 00:38:13 +0000 (13:38 +1300)]
Code cleanup in bootstrap.php
eileen [Fri, 19 Mar 2021 00:27:10 +0000 (13:27 +1300)]
Remove safe+mode setting
This is php5.4 compatibility = not needed
Seamus Lee [Fri, 19 Mar 2021 00:14:49 +0000 (11:14 +1100)]
Add in Void statements on varios Core Ext Tests to future support PHPUnit8
Eileen McNaughton [Thu, 18 Mar 2021 22:07:46 +0000 (11:07 +1300)]
Merge pull request #19831 from colemanw/angularUpgrade
Upgrade angularJs from 1.8.0 to 1.8.2
Seamus Lee [Thu, 18 Mar 2021 21:48:55 +0000 (08:48 +1100)]
Merge pull request #19753 from eileenmcnaughton/format
dev/core#1494 & dev/translation#65 call brickmoney number formatting, where supported
Eileen McNaughton [Thu, 18 Mar 2021 21:24:42 +0000 (10:24 +1300)]
Merge pull request #19830 from kewljuice/patch-6
Fix deprecated Redis::delete() (issue #2468)
Coleman Watts [Thu, 18 Mar 2021 20:34:05 +0000 (16:34 -0400)]
Upgrade angularJs from 1.8.0 to 1.8.2
Wouter H [Thu, 18 Mar 2021 19:45:52 +0000 (20:45 +0100)]
Fix deprecated Redis::delete() (issue #2468)
Nicol [Thu, 18 Mar 2021 14:33:40 +0000 (15:33 +0100)]
Add .clear class to override left float on buttons
.crm-button has a float: left, which was added in #18880, and can in some themes cause the subsequent lines to flow back inline. This fixes that (and adds a little padding under the buttons).
Seamus Lee [Thu, 18 Mar 2021 08:33:13 +0000 (19:33 +1100)]
Merge pull request #19827 from civicrm/5.36
5.36
eileen [Thu, 18 Mar 2021 06:57:05 +0000 (19:57 +1300)]
dev/core#2390 Add hook support for Activity Contact
Alternative to https://github.com/civicrm/civicrm-core/pull/19623
per comments on that PR.
Tim Otten [Thu, 18 Mar 2021 02:00:27 +0000 (19:00 -0700)]
Add release-notes/5.35.1
Tim Otten [Tue, 16 Feb 2021 21:45:23 +0000 (13:45 -0800)]
(security/core#105) Joomla::authenticate() - Fix escaping
Tim Otten [Tue, 16 Feb 2021 21:42:52 +0000 (13:42 -0800)]
(security/core#105) Joomla::checkUserNameEmailExists - Fix mismatched escaping
This uses the escaping rule from CRM_Core_DAO to construct a query for JDatabaseDriver.
However, they use different connections and (therefore) could require different
escaping rules.
Tim Otten [Thu, 25 Feb 2021 01:54:42 +0000 (17:54 -0800)]
(security/core#104) CRM_Utils_System::authenticateKey - Use secure equality test
Tim Otten [Thu, 25 Feb 2021 05:01:26 +0000 (21:01 -0800)]
(security/core#97) PHP CLI guard is the opposite of correct
Coleman Watts [Fri, 29 Jan 2021 19:30:38 +0000 (14:30 -0500)]
Escape api params in APIv4 Explorer
Seamus Lee [Wed, 23 Dec 2020 09:04:18 +0000 (20:04 +1100)]
Purify PCP introductory text field
Seamus Lee [Wed, 23 Dec 2020 08:45:56 +0000 (19:45 +1100)]
Escape information supplied by extensions to prevent XSS
projects / civicrm-core.git / log