Seamus Lee [Fri, 16 Apr 2021 00:46:59 +0000 (10:46 +1000)]
Merge pull request #20075 from seamuslee001/dec_core_53_536
dev/event#53 Fix issue where by Sold out option was not being properl…
Seamus Lee [Thu, 15 Apr 2021 21:33:23 +0000 (07:33 +1000)]
dev/event#53 Fix issue where by Sold out option was not being properly frozen
Seamus Lee [Wed, 14 Apr 2021 04:23:29 +0000 (14:23 +1000)]
Merge pull request #20052 from eileenmcnaughton/536
Fix entity-ref search by id & update search prompt
Coleman Watts [Tue, 13 Apr 2021 20:39:36 +0000 (16:39 -0400)]
Fix entity-ref search by id & update search prompt
Fixes a bug where searching by id wasn't working.
Also updates search prompt to indicate that searching by id is possible.
Eileen McNaughton [Sat, 10 Apr 2021 06:14:46 +0000 (18:14 +1200)]
Merge pull request #20028 from eileenmcnaughton/536
Soft credit fails when membership is created using backend form
Jitendra Purohit [Fri, 9 Apr 2021 14:40:37 +0000 (20:10 +0530)]
Fix soft credit on creating membership using backend form
Tim Otten [Wed, 7 Apr 2021 23:49:53 +0000 (16:49 -0700)]
Set version to 5.36.0
Tim Otten [Wed, 7 Apr 2021 23:49:27 +0000 (16:49 -0700)]
release-notes/5.36.0 - Last minute update
Tim Otten [Wed, 7 Apr 2021 21:53:39 +0000 (14:53 -0700)]
Merge pull request #19990 from eileenmcnaughton/5.36
Pledge - Fix re-calculation of payment dates
Jitendra Purohit [Tue, 6 Apr 2021 09:42:02 +0000 (15:12 +0530)]
Fix recalculation of dates on pledge
Eileen McNaughton [Wed, 7 Apr 2021 05:10:33 +0000 (17:10 +1200)]
Merge pull request #19983 from alifrumin/5.36rn
[NFC] 5.36 release notes
Alice Frumin [Tue, 6 Apr 2021 17:47:32 +0000 (13:47 -0400)]
5.36 release notes first pass
Eileen McNaughton [Tue, 6 Apr 2021 19:18:34 +0000 (07:18 +1200)]
Merge pull request #19977 from agh1/5.36.0-releasenotes-initial
5.36.0 release notes initial run
Andrew Hunt [Tue, 6 Apr 2021 16:23:18 +0000 (12:23 -0400)]
5.36.0 release notes: added boilerplate
Andrew Hunt [Tue, 6 Apr 2021 16:20:56 +0000 (12:20 -0400)]
5.36.0 release notes: raw from script
Monish Deb [Wed, 31 Mar 2021 05:22:55 +0000 (10:52 +0530)]
Merge pull request #19952 from eileenmcnaughton/5.36
dev/core#2498 Fix regression on saving dedupe rules
eileen [Wed, 31 Mar 2021 01:28:11 +0000 (14:28 +1300)]
dev/core#2498 Fix regression on saving dedupe rules
Eileen McNaughton [Tue, 30 Mar 2021 03:17:30 +0000 (16:17 +1300)]
Merge pull request #19942 from eileenmcnaughton/5.36
Revert "dev/core#2028 Add in a status check for checking if the wkhtm…
eileen [Tue, 30 Mar 2021 00:50:28 +0000 (13:50 +1300)]
Revert "dev/core#2028 Add in a status check for checking if the wkhtmltopdf package is installed in the expected location, Also ensure if it isn't then the pdf generation falls back on the current default which is DOMPDF"
This reverts commit
6bbe0cf6c513c49f89179aa153cabad3a2a059b7.
Seamus Lee [Tue, 23 Mar 2021 21:25:37 +0000 (08:25 +1100)]
Merge pull request #19874 from demeritcowboy/blank-assignee
[WIP] dev/core#2473 - Don't crash when assignee left blank when creating followup on email activity
demeritcowboy [Tue, 23 Mar 2021 17:37:50 +0000 (13:37 -0400)]
crash when assignee left blank
Seamus Lee [Mon, 22 Mar 2021 01:07:36 +0000 (12:07 +1100)]
Merge pull request #19728 from totten/master-authx-guards
(dev/core#2077) AuthX - Allow optional "guards"
eileen [Sun, 21 Mar 2021 20:33:54 +0000 (09:33 +1300)]
Fix ts to E::ts
Tim Otten [Thu, 4 Mar 2021 12:41:34 +0000 (04:41 -0800)]
authx - If 'authx_guards' is set, then enforce them
Tim Otten [Thu, 4 Mar 2021 10:17:01 +0000 (02:17 -0800)]
authx - Declare setting "authx_guards"
Tim Otten [Thu, 18 Mar 2021 02:00:27 +0000 (19:00 -0700)]
Add release-notes/5.35.1
Tim Otten [Tue, 16 Feb 2021 21:45:23 +0000 (13:45 -0800)]
(security/core#105) Joomla::authenticate() - Fix escaping
Tim Otten [Tue, 16 Feb 2021 21:42:52 +0000 (13:42 -0800)]
(security/core#105) Joomla::checkUserNameEmailExists - Fix mismatched escaping
This uses the escaping rule from CRM_Core_DAO to construct a query for JDatabaseDriver.
However, they use different connections and (therefore) could require different
escaping rules.
Tim Otten [Thu, 25 Feb 2021 01:54:42 +0000 (17:54 -0800)]
(security/core#104) CRM_Utils_System::authenticateKey - Use secure equality test
Tim Otten [Thu, 25 Feb 2021 05:01:26 +0000 (21:01 -0800)]
(security/core#97) PHP CLI guard is the opposite of correct
Coleman Watts [Fri, 29 Jan 2021 19:30:38 +0000 (14:30 -0500)]
Escape api params in APIv4 Explorer
Seamus Lee [Wed, 23 Dec 2020 09:04:18 +0000 (20:04 +1100)]
Purify PCP introductory text field
Seamus Lee [Wed, 23 Dec 2020 08:45:56 +0000 (19:45 +1100)]
Escape information supplied by extensions to prevent XSS
Seamus Lee [Mon, 9 Nov 2020 09:11:24 +0000 (20:11 +1100)]
security/core#97 Ensure that php scripts where applicable in sql and tools that should only be run in CLI can be run in CLI
Use more portable check for cli and add in 404 header as per Rich's comments
Seamus Lee [Mon, 16 Nov 2020 08:06:16 +0000 (19:06 +1100)]
security/core#100 Escape uploaded data to prevent Reflected Cross site scripting from uploaded CSVs
Eileen McNaughton [Tue, 16 Mar 2021 00:58:03 +0000 (13:58 +1300)]
Merge pull request #19811 from jmcclelland/reserve-respondents-5.36
avoid error when reserving respondents in a survey.
Jamie McClelland [Mon, 15 Mar 2021 13:54:03 +0000 (09:54 -0400)]
avoid error when reserving respondents in a survey.
The full error is:
Error: Call to a member function getSelectedIDs() on null in CRM_Campaign_Form_Task->preProcess() (line 38 of /var/www/powerbase/sites/all/modules/civicrm/CRM/Campaign/Form/Task.php).
I'm not sure if we should somehow be passing &$form to this function
instead?
Seamus Lee [Fri, 12 Mar 2021 08:36:17 +0000 (19:36 +1100)]
Merge pull request #19791 from eileenmcnaughton/memberjs
Fix rc regression - js error on autorenew checkbox
eileen [Fri, 12 Mar 2021 06:58:17 +0000 (19:58 +1300)]
Fix rc regression - js error on autorenew checkbox
This commit
https://github.com/civicrm/civicrm-core/pull/19647/commits/
cfab7c9d1dc5d1e8438131354685928cd9da3877 renamed membershipType to membershipTypeID but missed this spot,
resulting in js errors on the new membership by credit card form
Eileen McNaughton [Wed, 10 Mar 2021 23:49:44 +0000 (12:49 +1300)]
Merge pull request #19780 from colemanw/searchTokenPopup
SearchKit - Fix token menu positioning
Coleman Watts [Wed, 10 Mar 2021 20:19:43 +0000 (15:19 -0500)]
SearchKit - Fix token menu positioning
Eileen McNaughton [Wed, 10 Mar 2021 04:29:31 +0000 (17:29 +1300)]
Merge pull request #19773 from demeritcowboy/safe-foreignkey
dev/core#2452 - Make upgrade to 5.36 more robust when creating foreign key
demeritcowboy [Wed, 10 Mar 2021 02:44:57 +0000 (21:44 -0500)]
make safer
Eileen McNaughton [Tue, 9 Mar 2021 01:03:18 +0000 (14:03 +1300)]
Merge pull request #19736 from colemanw/empty
Add is empty filter to search / api
eileen [Tue, 2 Mar 2021 12:31:55 +0000 (01:31 +1300)]
Add is empty filter to search / api
This is already offered in Query
https://github.com/civicrm/civicrm-core/blob/
5db2212e2d408f4611439734db1a31ab32dced2f/CRM/Contact/BAO/Query.php#L3420-L3428
And in Report
https://github.com/civicrm/civicrm-core/blob/
c3fffe27cb8203634c7a2c047686ba3d12cc38bd/CRM/Report/Form.php#L2105-L2124
(the latter munges it in with NULL but as we often save empty strings NULL
does not alwasy work for strings)
Eileen McNaughton [Mon, 8 Mar 2021 20:11:42 +0000 (09:11 +1300)]
Merge pull request #19758 from colemanw/searchKitFix
SearchKit - Fix broken update dialog and add input type float
Coleman Watts [Mon, 8 Mar 2021 13:03:22 +0000 (08:03 -0500)]
SearchKit - Fix broken update dialog and add input type float
Eileen McNaughton [Sun, 7 Mar 2021 22:46:00 +0000 (11:46 +1300)]
Merge pull request #19739 from colemanw/afformBreadcrumb
Afform - Show breadcrumbs appropriate to whether a form can be edited
Eileen McNaughton [Sun, 7 Mar 2021 21:11:19 +0000 (10:11 +1300)]
Merge pull request #19747 from colemanw/searchKitRemoveSelectWhenRemovingJoin
SearchKit - Fix removing all related fields from SELECT when removing a JOIN
Eileen McNaughton [Sun, 7 Mar 2021 21:06:20 +0000 (10:06 +1300)]
Merge pull request #19740 from agh1/notnotnull
dev/translation#58 further regression fix: don't make group title NOT NULL even for a moment
Coleman Watts [Sun, 7 Mar 2021 02:42:35 +0000 (21:42 -0500)]
SearchKit - Fix removing all related fields from SELECT when removing a JOIN
Andrew Hunt [Fri, 5 Mar 2021 22:52:15 +0000 (17:52 -0500)]
dev/translation#58 don\'t make group title NOT NULL even for a moment
Coleman Watts [Sat, 6 Mar 2021 16:36:38 +0000 (11:36 -0500)]
SearchKit - Add breadcrumb to saved searches from search display view
Coleman Watts [Thu, 4 Mar 2021 13:30:43 +0000 (08:30 -0500)]
Afform - simplify code to check if ext enabled
Coleman Watts [Fri, 5 Mar 2021 15:32:42 +0000 (10:32 -0500)]
Afform - Show breadcrumbs appropriate to whether a form can be edited
colemanw [Fri, 5 Mar 2021 02:45:54 +0000 (21:45 -0500)]
Merge pull request #19713 from colemanw/searchDisplayParams
SearchKit - Take search filters from the url when viewing a standalone display
colemanw [Thu, 4 Mar 2021 20:52:24 +0000 (15:52 -0500)]
Merge pull request #19580 from MegaphoneJon/core-1132
core#1132 - don't fire hook_civicrm_fieldOptions before hook_civicrm_…
Coleman Watts [Thu, 4 Mar 2021 17:58:15 +0000 (12:58 -0500)]
SearchKit - Allow variations of field suffix in display filters
Coleman Watts [Tue, 2 Mar 2021 20:37:16 +0000 (15:37 -0500)]
SearchKit - Take search filters from the url when viewing a standalone searchDisplay
This passes through all query params from the url fragment as search filters to the display.
CiviCRM [Thu, 4 Mar 2021 06:55:34 +0000 (06:55 +0000)]
Set version to 5.36.beta1
Eileen McNaughton [Thu, 4 Mar 2021 06:52:46 +0000 (19:52 +1300)]
Merge pull request #19691 from colemanw/afformEditLink
Afform - Add link to edit form in breadcrumbs
Seamus Lee [Thu, 4 Mar 2021 04:54:49 +0000 (15:54 +1100)]
Merge pull request #19726 from seamuslee001/5.35
5.35
Tim Otten [Thu, 4 Mar 2021 04:40:16 +0000 (20:40 -0800)]
Merge pull request #19725 from totten/5.35-avail-perm
dev/drupal#156 - system_get_info() is gone in Drupal 9
Tim Otten [Thu, 4 Mar 2021 04:28:34 +0000 (20:28 -0800)]
(NFC) release-notes/5.35.0 - Last minute update
demeritcowboy [Thu, 11 Feb 2021 18:35:15 +0000 (13:35 -0500)]
system_get_info is deprecated
Eileen McNaughton [Thu, 4 Mar 2021 03:37:53 +0000 (16:37 +1300)]
Merge pull request #19720 from colemanw/afformSearchFilters
Improve search display filter validation
Coleman Watts [Wed, 3 Mar 2021 20:04:38 +0000 (15:04 -0500)]
SearchKit - Validate all filters as belonging to select clause or afform
When viewing a SearchDisplay, this will verify all filters are permitted by first checking the SELECT clause,
and secondly checking for a containing Afform with exposed filters.
All other filter params will be silently ignored.
Coleman Watts [Wed, 3 Mar 2021 16:48:27 +0000 (11:48 -0500)]
Afform - use form-level permissions in APIv4 Afform::get
Seamus Lee [Thu, 4 Mar 2021 01:46:54 +0000 (12:46 +1100)]
Merge pull request #19723 from eileenmcnaughton/price
dev/core#2434 Fix price set id widget
colemanw [Thu, 4 Mar 2021 01:28:29 +0000 (20:28 -0500)]
Merge pull request #19709 from eileenmcnaughton/ss
dev/core#2422 Add created_id, modified_id, expires_date to saved search table
eileen [Wed, 3 Mar 2021 20:19:28 +0000 (09:19 +1300)]
dev/core#2434 Fix price set id widget
Eileen McNaughton [Wed, 3 Mar 2021 23:41:58 +0000 (12:41 +1300)]
Merge pull request #19722 from civicrm/5.35
5.35
Seamus Lee [Wed, 3 Mar 2021 23:27:55 +0000 (10:27 +1100)]
Merge pull request #19721 from agh1/5.35.0-releasenotes-final
5.35.0 release notes: added late changes
Andrew Hunt [Wed, 3 Mar 2021 23:25:48 +0000 (18:25 -0500)]
5.35.0 release notes: added late changes
colemanw [Wed, 3 Mar 2021 22:11:11 +0000 (17:11 -0500)]
Merge pull request #19476 from eileenmcnaughton/mem_tax
Fix membership form to correctly calculate tax when a discount is applied
Tim Otten [Wed, 3 Mar 2021 19:37:37 +0000 (11:37 -0800)]
Merge pull request #19715 from mattwire/tokenclean
NFC Update comments in token classes
eileen [Wed, 3 Mar 2021 06:23:29 +0000 (19:23 +1300)]
Add description to saved search
Matthew Wire [Wed, 3 Mar 2021 11:00:33 +0000 (11:00 +0000)]
Update comments in token classes
Seamus Lee [Wed, 3 Mar 2021 07:04:55 +0000 (18:04 +1100)]
Merge pull request #19590 from totten/master-authx
AuthX - Extended authentication support (portable and router-friendly)
eileen [Tue, 2 Mar 2021 10:40:15 +0000 (23:40 +1300)]
Also add created_date & modified_date per discussion on pr
eileen [Tue, 2 Mar 2021 04:52:18 +0000 (17:52 +1300)]
dev/core#2422 Add created_id, modified_id, expires_date to saved search table
Per
https://lab.civicrm.org/dev/core/-/issues/2422
These can be exposed in the search kit saved search listing as filters when
we get to that point but the earlier we start
saving them the better the data will be when we do expose
Eileen McNaughton [Wed, 3 Mar 2021 03:48:15 +0000 (16:48 +1300)]
Merge pull request #19714 from civicrm/5.35
5.35
Tim Otten [Wed, 3 Mar 2021 03:19:08 +0000 (19:19 -0800)]
Merge pull request #19703 from colemanw/afformStandalone
Afform - Remove ngRoute from afformStandalone page
Seamus Lee [Wed, 3 Mar 2021 00:58:11 +0000 (11:58 +1100)]
Merge pull request #19711 from totten/5.35-upg-smtp
Upgrader (5.34) - Handle unsavable characters in decoded SMTP password
Eileen McNaughton [Tue, 2 Mar 2021 21:49:49 +0000 (10:49 +1300)]
Merge pull request #19684 from totten/master-authors
info.xml - Allow multiple `<author>`s
Eileen McNaughton [Tue, 2 Mar 2021 20:31:36 +0000 (09:31 +1300)]
Merge pull request #19712 from eileenmcnaughton/merge
5.35 to master
eileen [Tue, 2 Mar 2021 20:18:02 +0000 (09:18 +1300)]
Merge branch '5.35' of https://github.com/civicrm/civicrm-core into merge
Tim Otten [Fri, 26 Feb 2021 04:18:42 +0000 (20:18 -0800)]
(REF) authx - Reorganize internal methods to use an auth-request object
This significantly trims down the `auth()` method and rearranges as three
methods. A data object is passed between the three methods. The main method:
```
if ($principal = $this->checkCredential($tgt)) {
$tgt->setPrincipal($principal);
}
$this->checkPolicy($tgt);
$this->login($tgt);
```
This arrangement lays the groundwork for implementing more varied policies.
For example, we could have a policy where the ability to login via
username/password/api_key is dictated by the user's role or permissions.
Tim Otten [Fri, 26 Feb 2021 01:57:09 +0000 (17:57 -0800)]
(REF) Authenticator - Extract field $authxUf
Tim Otten [Tue, 23 Feb 2021 10:50:39 +0000 (02:50 -0800)]
authx - If using auto-login, then use a redirect to hide the `?_authx=...` gunk
Tim Otten [Tue, 23 Feb 2021 10:22:35 +0000 (02:22 -0800)]
authx - The "already logged in" check should be less sensitive to int-vs-string for user/contact ID
Tim Otten [Sat, 20 Feb 2021 02:30:13 +0000 (18:30 -0800)]
authx - Support Joomla users+sessions - Prevent leaks among stateless requests
Tim Otten [Sat, 20 Feb 2021 01:22:05 +0000 (17:22 -0800)]
AllFlowsTest - When executing on a new deployment, ensure demo user has a Civi contact
Tim Otten [Sat, 20 Feb 2021 00:01:34 +0000 (16:01 -0800)]
(REF) AllFlowsTest - Cleanup helper signature
Tim Otten [Fri, 19 Feb 2021 23:58:03 +0000 (15:58 -0800)]
AllFlowsTest - Add cases with multiple identities from the same browser
Tim Otten [Fri, 19 Feb 2021 23:19:55 +0000 (15:19 -0800)]
AllFlowsTest - Add test for checking contact+user vs contact-only
Tim Otten [Wed, 17 Feb 2021 02:56:09 +0000 (18:56 -0800)]
distmaker - Add authx to tarball
Tim Otten [Sat, 20 Feb 2021 00:08:02 +0000 (16:08 -0800)]
authx - Make it safe to load the 'authx.settings.php' file multiple times
Tim Otten [Tue, 16 Feb 2021 21:38:07 +0000 (13:38 -0800)]
authx - Support Joomla users+sessions
Tim Otten [Tue, 16 Feb 2021 09:12:45 +0000 (01:12 -0800)]
authx - Support Drupal 8 users+sessions