Seamus Lee [Thu, 4 Mar 2021 04:54:49 +0000 (15:54 +1100)]
Merge pull request #19726 from seamuslee001/5.35
5.35
Tim Otten [Thu, 4 Mar 2021 04:40:16 +0000 (20:40 -0800)]
Merge pull request #19725 from totten/5.35-avail-perm
dev/drupal#156 - system_get_info() is gone in Drupal 9
Tim Otten [Thu, 4 Mar 2021 04:28:34 +0000 (20:28 -0800)]
(NFC) release-notes/5.35.0 - Last minute update
demeritcowboy [Thu, 11 Feb 2021 18:35:15 +0000 (13:35 -0500)]
system_get_info is deprecated
Eileen McNaughton [Thu, 4 Mar 2021 03:37:53 +0000 (16:37 +1300)]
Merge pull request #19720 from colemanw/afformSearchFilters
Improve search display filter validation
Coleman Watts [Wed, 3 Mar 2021 20:04:38 +0000 (15:04 -0500)]
SearchKit - Validate all filters as belonging to select clause or afform
When viewing a SearchDisplay, this will verify all filters are permitted by first checking the SELECT clause,
and secondly checking for a containing Afform with exposed filters.
All other filter params will be silently ignored.
Coleman Watts [Wed, 3 Mar 2021 16:48:27 +0000 (11:48 -0500)]
Afform - use form-level permissions in APIv4 Afform::get
Seamus Lee [Thu, 4 Mar 2021 01:46:54 +0000 (12:46 +1100)]
Merge pull request #19723 from eileenmcnaughton/price
dev/core#2434 Fix price set id widget
colemanw [Thu, 4 Mar 2021 01:28:29 +0000 (20:28 -0500)]
Merge pull request #19709 from eileenmcnaughton/ss
dev/core#2422 Add created_id, modified_id, expires_date to saved search table
eileen [Wed, 3 Mar 2021 20:19:28 +0000 (09:19 +1300)]
dev/core#2434 Fix price set id widget
Eileen McNaughton [Wed, 3 Mar 2021 23:41:58 +0000 (12:41 +1300)]
Merge pull request #19722 from civicrm/5.35
5.35
Seamus Lee [Wed, 3 Mar 2021 23:27:55 +0000 (10:27 +1100)]
Merge pull request #19721 from agh1/5.35.0-releasenotes-final
5.35.0 release notes: added late changes
Andrew Hunt [Wed, 3 Mar 2021 23:25:48 +0000 (18:25 -0500)]
5.35.0 release notes: added late changes
colemanw [Wed, 3 Mar 2021 22:11:11 +0000 (17:11 -0500)]
Merge pull request #19476 from eileenmcnaughton/mem_tax
Fix membership form to correctly calculate tax when a discount is applied
Tim Otten [Wed, 3 Mar 2021 19:37:37 +0000 (11:37 -0800)]
Merge pull request #19715 from mattwire/tokenclean
NFC Update comments in token classes
eileen [Wed, 3 Mar 2021 06:23:29 +0000 (19:23 +1300)]
Add description to saved search
Matthew Wire [Wed, 3 Mar 2021 11:00:33 +0000 (11:00 +0000)]
Update comments in token classes
Seamus Lee [Wed, 3 Mar 2021 07:04:55 +0000 (18:04 +1100)]
Merge pull request #19590 from totten/master-authx
AuthX - Extended authentication support (portable and router-friendly)
eileen [Tue, 2 Mar 2021 10:40:15 +0000 (23:40 +1300)]
Also add created_date & modified_date per discussion on pr
eileen [Tue, 2 Mar 2021 04:52:18 +0000 (17:52 +1300)]
dev/core#2422 Add created_id, modified_id, expires_date to saved search table
Per
https://lab.civicrm.org/dev/core/-/issues/2422
These can be exposed in the search kit saved search listing as filters when
we get to that point but the earlier we start
saving them the better the data will be when we do expose
Eileen McNaughton [Wed, 3 Mar 2021 03:48:15 +0000 (16:48 +1300)]
Merge pull request #19714 from civicrm/5.35
5.35
Tim Otten [Wed, 3 Mar 2021 03:19:08 +0000 (19:19 -0800)]
Merge pull request #19703 from colemanw/afformStandalone
Afform - Remove ngRoute from afformStandalone page
Seamus Lee [Wed, 3 Mar 2021 00:58:11 +0000 (11:58 +1100)]
Merge pull request #19711 from totten/5.35-upg-smtp
Upgrader (5.34) - Handle unsavable characters in decoded SMTP password
Eileen McNaughton [Tue, 2 Mar 2021 21:49:49 +0000 (10:49 +1300)]
Merge pull request #19684 from totten/master-authors
info.xml - Allow multiple `<author>`s
Eileen McNaughton [Tue, 2 Mar 2021 20:31:36 +0000 (09:31 +1300)]
Merge pull request #19712 from eileenmcnaughton/merge
5.35 to master
eileen [Tue, 2 Mar 2021 20:18:02 +0000 (09:18 +1300)]
Merge branch '5.35' of https://github.com/civicrm/civicrm-core into merge
Tim Otten [Fri, 26 Feb 2021 04:18:42 +0000 (20:18 -0800)]
(REF) authx - Reorganize internal methods to use an auth-request object
This significantly trims down the `auth()` method and rearranges as three
methods. A data object is passed between the three methods. The main method:
```
if ($principal = $this->checkCredential($tgt)) {
$tgt->setPrincipal($principal);
}
$this->checkPolicy($tgt);
$this->login($tgt);
```
This arrangement lays the groundwork for implementing more varied policies.
For example, we could have a policy where the ability to login via
username/password/api_key is dictated by the user's role or permissions.
Tim Otten [Fri, 26 Feb 2021 01:57:09 +0000 (17:57 -0800)]
(REF) Authenticator - Extract field $authxUf
Tim Otten [Tue, 23 Feb 2021 10:50:39 +0000 (02:50 -0800)]
authx - If using auto-login, then use a redirect to hide the `?_authx=...` gunk
Tim Otten [Tue, 23 Feb 2021 10:22:35 +0000 (02:22 -0800)]
authx - The "already logged in" check should be less sensitive to int-vs-string for user/contact ID
Tim Otten [Sat, 20 Feb 2021 02:30:13 +0000 (18:30 -0800)]
authx - Support Joomla users+sessions - Prevent leaks among stateless requests
Tim Otten [Sat, 20 Feb 2021 01:22:05 +0000 (17:22 -0800)]
AllFlowsTest - When executing on a new deployment, ensure demo user has a Civi contact
Tim Otten [Sat, 20 Feb 2021 00:01:34 +0000 (16:01 -0800)]
(REF) AllFlowsTest - Cleanup helper signature
Tim Otten [Fri, 19 Feb 2021 23:58:03 +0000 (15:58 -0800)]
AllFlowsTest - Add cases with multiple identities from the same browser
Tim Otten [Fri, 19 Feb 2021 23:19:55 +0000 (15:19 -0800)]
AllFlowsTest - Add test for checking contact+user vs contact-only
Tim Otten [Wed, 17 Feb 2021 02:56:09 +0000 (18:56 -0800)]
distmaker - Add authx to tarball
Tim Otten [Sat, 20 Feb 2021 00:08:02 +0000 (16:08 -0800)]
authx - Make it safe to load the 'authx.settings.php' file multiple times
Tim Otten [Tue, 16 Feb 2021 21:38:07 +0000 (13:38 -0800)]
authx - Support Joomla users+sessions
Tim Otten [Tue, 16 Feb 2021 09:12:45 +0000 (01:12 -0800)]
authx - Support Drupal 8 users+sessions
Tim Otten [Tue, 16 Feb 2021 07:42:53 +0000 (23:42 -0800)]
authx - Support Backdrop users+sessions
Tim Otten [Wed, 17 Feb 2021 02:55:23 +0000 (18:55 -0800)]
(REF) AllFlowsTest - Misc cleanup
Tim Otten [Tue, 16 Feb 2021 06:12:06 +0000 (22:12 -0800)]
authx - Support login/logout flow
Tim Otten [Tue, 16 Feb 2021 02:28:18 +0000 (18:28 -0800)]
authx - Support JWT credentials
Tim Otten [Fri, 12 Feb 2021 20:51:52 +0000 (12:51 -0800)]
authx - Primary implementation, including Drupal 7 and WordPress
Tim Otten [Fri, 12 Feb 2021 20:52:38 +0000 (12:52 -0800)]
authx - Add the AllFlowsTest
Tim Otten [Fri, 12 Feb 2021 23:55:42 +0000 (15:55 -0800)]
authx - Add page to check identity ('civicrm/authx/id')
Tim Otten [Fri, 12 Feb 2021 23:16:50 +0000 (15:16 -0800)]
authx - Declare settings for allowed flows and credentials
Tim Otten [Fri, 12 Feb 2021 20:50:54 +0000 (12:50 -0800)]
authx - Draft README and info.xml
Tim Otten [Fri, 12 Feb 2021 06:28:33 +0000 (22:28 -0800)]
authx - Generate skeleton
Tim Otten [Sat, 13 Feb 2021 02:11:39 +0000 (18:11 -0800)]
CRM_Core_Session - Add option 'useFakeSession()' for stateless requests
Tim Otten [Fri, 12 Feb 2021 20:26:36 +0000 (12:26 -0800)]
CRM_Core_Invoker - Emit authorization event
Coleman Watts [Tue, 2 Mar 2021 13:52:43 +0000 (08:52 -0500)]
Afform - use search params instead of route params
Coleman Watts [Mon, 1 Mar 2021 18:54:30 +0000 (13:54 -0500)]
Afform - Remove ngRoute from afformStandalone page
Afforms are meant to work as standalone directives so routing on the standalone page was meaningless
colemanw [Tue, 2 Mar 2021 13:43:48 +0000 (08:43 -0500)]
Merge pull request #19694 from eileenmcnaughton/dash
dev/core#2426 Fix regression whereby the dashboard crashes (permission related)
Tim Otten [Tue, 2 Mar 2021 12:10:15 +0000 (04:10 -0800)]
Upgrader (5.34) - Handle unsavable characters
Overview
--------
In php-mysqli with utf8mb4, the escaping rules do not handle 8-bit
characters (`chr(128)`+). ([Demo](https://gist.github.com/totten/
4083741b920113ffc569d40053ce849d))
Here's a situation reported by @agileware-justin which provokes this:
> 1. SMTP credentials (mailing_backend) were saved and had been encrypted using mcrypt, prior to PHP 7.1
> 2. SMTP outbound email was NOT enabled, but the SMTP credentials are in the database
> 3. Active PHP version was PHP 7.3, without mcrypt module
> 4. CiviCRM 5.34 upgrade triggers the database error
Before
------
The behavior can be viewed in two variables:
* Depending on whether `CIVICRM_CRED_KEYS` is set, the upgrader may be
writing passwords as plain-text or as `^CTK?` tokens.
* Depending on what value is in `$setting['smtpPassword']`, what value is in
`CIVICRM_SITE_KEY`, and whether `mcrypt` is active, we may or may not get
8-bit characters when reading the password
(`CRM_Utils_Crypt::decrypt($setting['smtpPassword'])`).
The fatal combination arises when using plain-text with 8-bit characters.
But other combinations (encrypted tokens and/or 7-bit plain-text) seem
fine.
After
-----
As before, combinations involving encrypted tokens and/or 7-bit plain-text
are fine.
We don't have a head-on soultion for escaping 8-bit plain-text for use with
php-mysqli-utf8mb4. (Which is insane, right?) But now we manage the
symptoms better:
* If you aren't even using SMTP (like in Justin's example),
then this is not legit. We show a warning and simply discard the
unneeded/corrupt value of `smtpPassword`.
* If you are using SMTP, then this might theoretically be legit.
(We haven't confirmed, but it seems plausible in other locales.) We show a
different warning and encourage the sysadmin to setup `CIVICRM_CRED_KEYS`
(which will enable the more permissive `^CTK?` format.)
Eileen McNaughton [Tue, 2 Mar 2021 11:00:21 +0000 (00:00 +1300)]
Merge pull request #19683 from colemanw/searchDisplayFixes
Search display fixes
eileen [Sun, 28 Feb 2021 22:34:11 +0000 (11:34 +1300)]
dev/core#2426 Fix regression whereby the dashboard crashes for contacts unable to view their own contact record.
As noted in the code comments this was not my preferred technical fix but I do lean
towards using this in the rc & reconsidering the other approaches in master.
Also, in master I got a different error that I think related to new work
Seamus Lee [Tue, 2 Mar 2021 08:54:25 +0000 (19:54 +1100)]
Merge pull request #19708 from J0WI/patch-1
Fix migrateUtf8mb4 for special database names
Eileen McNaughton [Tue, 2 Mar 2021 07:27:16 +0000 (20:27 +1300)]
Merge pull request #19675 from demeritcowboy/casedashlets
dev/core#1400 - Put dashlets back to only showing open cases by default
Coleman Watts [Wed, 10 Feb 2021 01:21:57 +0000 (20:21 -0500)]
Fix angular error when user is not logged in.
J0WI [Tue, 2 Mar 2021 00:30:51 +0000 (00:30 +0000)]
Fix migrateUtf8mb4 for special database names
Eileen McNaughton [Tue, 2 Mar 2021 00:14:34 +0000 (13:14 +1300)]
Merge pull request #19702 from seamuslee001/domain_petition_emails
[NFC] Add in unit test to prove that domain tokens are able to be inc…
Eileen McNaughton [Tue, 2 Mar 2021 00:12:47 +0000 (13:12 +1300)]
Merge pull request #19706 from civicrm/5.35
5.35
Seamus Lee [Mon, 1 Mar 2021 21:57:34 +0000 (08:57 +1100)]
Merge pull request #19705 from seamuslee001/update_schema_handler_test
[NFC] Update Schema Handler to use the standard create table syntax o…
colemanw [Mon, 1 Mar 2021 21:01:07 +0000 (16:01 -0500)]
Merge pull request #19704 from colemanw/removeDeprecatedAngularJs
Angular - Remove deprecated js file
Seamus Lee [Mon, 1 Mar 2021 20:27:32 +0000 (07:27 +1100)]
[NFC] Update Schema Handler to use the standard create table syntax of using ROW_FORMAT=dynamic
Seamus Lee [Mon, 1 Mar 2021 10:34:09 +0000 (21:34 +1100)]
[NFC] Add in unit test to prove that domain tokens are able to be incldued in peition emails
colemanw [Mon, 1 Mar 2021 19:40:05 +0000 (14:40 -0500)]
Merge pull request #19698 from eileenmcnaughton/custom
dev/core#2423 Fix quasi-regression around serialized custom fields
Coleman Watts [Mon, 1 Mar 2021 19:27:53 +0000 (14:27 -0500)]
Angular - Remove deprecated js file
Eileen McNaughton [Mon, 1 Mar 2021 08:31:36 +0000 (21:31 +1300)]
Merge pull request #19701 from civicrm/5.35
5.35
eileen [Mon, 1 Mar 2021 06:21:34 +0000 (19:21 +1300)]
Bring back some madness
eileen [Mon, 1 Mar 2021 03:18:48 +0000 (16:18 +1300)]
dev/core#2423 Fix quasi-regression around serialized custom fields
https://lab.civicrm.org/dev/core/-/issues/2423
Seamus Lee [Mon, 1 Mar 2021 06:10:35 +0000 (17:10 +1100)]
Merge pull request #19692 from demeritcowboy/case-custom-money-5.35
dev/core#2394 - Don't crash when saving custom case fields of type money
Eileen McNaughton [Mon, 1 Mar 2021 05:22:26 +0000 (18:22 +1300)]
Merge pull request #19699 from colemanw/controlField
APIv4 - Rename 'controlField' property to 'control_field'
Seamus Lee [Mon, 1 Mar 2021 04:36:31 +0000 (15:36 +1100)]
Merge pull request #19695 from civicrm/5.35
5.35
Coleman Watts [Mon, 1 Mar 2021 03:53:11 +0000 (22:53 -0500)]
APIv4 - Rename 'controlField' property to 'control_field' for consistency
By convention, all keys returned from the api should be lowercase.
colemanw [Mon, 1 Mar 2021 02:27:02 +0000 (21:27 -0500)]
Merge pull request #19690 from colemanw/api3Operators
APIv3 - Improve array-based apis to support sorting and operators
Seamus Lee [Mon, 1 Mar 2021 02:24:10 +0000 (13:24 +1100)]
Merge pull request #19680 from eileenmcnaughton/money
dev/financial#166 Fix for inconsistency around currency symbol
Eileen McNaughton [Mon, 1 Mar 2021 02:15:44 +0000 (15:15 +1300)]
Merge pull request #19696 from eileenmcnaughton/user
dev/core#2427 Fix user creation regression
Eileen McNaughton [Mon, 1 Mar 2021 01:56:53 +0000 (14:56 +1300)]
Merge pull request #19629 from MegaphoneJon/core-2386
core#2386 - metadata-driven chain-select fields
Coleman Watts [Sun, 28 Feb 2021 04:18:41 +0000 (23:18 -0500)]
APIv3 - Improve array-based apis to support sorting and multiple operators
This backports some APIv4 code to v3, for the purpose of supporting
entityRef widgets for Afform.
colemanw [Mon, 1 Mar 2021 01:06:27 +0000 (20:06 -0500)]
Merge pull request #19668 from eileenmcnaughton/empty_rows
dev/core#2420 Add text to report template saying no results found if that is the case
eileen [Mon, 1 Mar 2021 00:42:51 +0000 (13:42 +1300)]
dev/core#2427 Fix user creation regression
colemanw [Mon, 1 Mar 2021 00:42:15 +0000 (19:42 -0500)]
Merge pull request #19693 from eileenmcnaughton/if
[REF] clean up if
eileen [Fri, 26 Feb 2021 05:05:14 +0000 (18:05 +1300)]
dev/financial#166 Fix for inconsistency around currency symbol
From https://lab.civicrm.org/dev/financial/-/issues/166 we learn that the existing code
(tested via testFormatLocaleNumericRoundedByCurrency) is not consistent across
all platforms. I think this may be
colemanw [Mon, 1 Mar 2021 00:01:55 +0000 (19:01 -0500)]
Merge pull request #19685 from eileenmcnaughton/535
dev/core:2394 Fix for number formatting regression
Eileen McNaughton [Sun, 28 Feb 2021 23:34:57 +0000 (12:34 +1300)]
Merge pull request #19689 from demeritcowboy/my-cases-listtype
dev/core#1207 - My Cases dashlet shouldn't crash for users with only my cases access
eileen [Sun, 28 Feb 2021 20:22:33 +0000 (09:22 +1300)]
[REF] clean up if
This just makes 2 lines simpler. The issue is that if checks the same thing
twice - presumably the if empty check got added for the e-notice but
the other was not removed
demeritcowboy [Sun, 28 Feb 2021 15:02:48 +0000 (10:02 -0500)]
don't crash when saving custom fields of type money
Tim Otten [Sun, 28 Feb 2021 04:23:39 +0000 (20:23 -0800)]
Merge pull request #19688 from demeritcowboy/lottery-win
Fix for missing function CodeGen_Util::removeDir
demeritcowboy [Sun, 28 Feb 2021 03:15:47 +0000 (22:15 -0500)]
don't crash for users with only my cases access
Tim Otten [Fri, 26 Feb 2021 21:51:05 +0000 (13:51 -0800)]
dev/core#2418 - info.xml - Show full author list
Tim Otten [Fri, 26 Feb 2021 21:50:06 +0000 (13:50 -0800)]
dev/core#2418 - info.xml - Parse `<authors>` tag
demeritcowboy [Sat, 27 Feb 2021 17:22:34 +0000 (12:22 -0500)]
missing function
Eileen McNaughton [Sat, 27 Feb 2021 04:40:45 +0000 (17:40 +1300)]
Merge pull request #19686 from colemanw/searchKitClearSelection
SearchKit - Fix clearing selection behavior
Coleman Watts [Sat, 27 Feb 2021 01:50:57 +0000 (20:50 -0500)]
SearchKit - Fix clearing selection behavior
The variables `allRowsSelected` and `selectedRows` were sometimes getting out-of-sync.
This adds a function to help ensure they both get updated at the same time when the selection needs to be cleared.
Eileen McNaughton [Sat, 27 Feb 2021 01:10:31 +0000 (14:10 +1300)]
Merge pull request #19674 from demeritcowboy/caseclosed
dev/core#1400 - Failing test showing that My Cases users can't view their own closed cases
eileen [Fri, 26 Feb 2021 23:50:23 +0000 (12:50 +1300)]
dev/core:2394 Fix for number formatting regression
This function has been picking up the formatting for the locale
meaning that the currency separator replacement is already done and
is swapped back by formatLocaleNumericRoundedByPrecision
Doing it via brickmoney is better than our custom
separator replacement - but we need a quick fix for the rc
Seamus Lee [Fri, 26 Feb 2021 22:13:32 +0000 (09:13 +1100)]
Merge pull request #19682 from colemanw/dashlet-spacing
Reduce wasted space in civicrm dashboard margins
Coleman Watts [Fri, 26 Feb 2021 21:14:26 +0000 (16:14 -0500)]
SearchKit - Fix js error when adding label to buttons/links in List display