conflict

CHANGELOG.rst

@@ -7,11 +7,15 @@
 Changelog
 ---------
 
-v?? (TBA)
-=========
+v.2.8.0 2018-05-09
+==================
 
-Note: This version requires re-running the 'datastore set-permissions' command
-   (assuming you run DataStore). See: :ref:`datastore-set-permissions`
+General notes:
+ * This version requires a requirements upgrade on source installations
+ * This version requires a database upgrade
+ * This version requires a Solr schema upgrade
+ * This version requires re-running the ``datastore set-permissions`` command
+   (assuming you are using the DataStore). See: :ref:`datastore-set-permissions`
 
    Otherwise new and updated datasets will not be searchable in DataStore and
    the logs will contain this error::
@@ -21,7 +25,102 @@ Note: This version requires re-running the 'datastore set-permissions' command
    CKAN developers should also re-run set-permissions on the test database:
    :ref:`datastore-test-set-permissions`
 
+ * There are several old features being officially deprecated starting from
+   this version. Check the *Deprecations* section to be prepared.
+
+Major changes:
+ * New revamped frontend templates based on Bootstrap 3, see "Changes and deprecations" (#3547)
+ * Allow datastore_search_sql on private datasets (#2562)
+ * New Flask blueprints migrated from old Pylons controllers: user, dashboard, feeds, admin and home (#3927, #3870, #3775, #3762)
+ * Improved support for custom groups and organization types (#4032)
+ * Hide user details to anonymous users (#3915)
+
+Minor changes:
+ * Allow chaining of authentication functions (#3679)
+ * Show custom dataset types in search pages (#3807)
+ * Overriding datastore authorization system (#3679)
+ * Standardize on url_for (#3831)
+ * Deprecate notify_after_commit (#3633)
+ *  _mail_recipient header override (#3781)
+ * Restrict access to member forms (#3684)
+ * Clean up template rendering code (#3923)
+ * Permission labels are indexed by type text in SOLR (#3863)
+ * CLI commands require a Flask test request context (#3760)
+ * Allow IValidator to override existing validators (#3865)
+ * Shrink datastore_create response size (#3810)
+ * Stable version URLs CKAN for documentation (#4209)
+ * API Documentation update (#4136)
+ * Documentation of Data Dictionary  (#3989)
+ * Remove datastore legacy mode (#4041)
+ * Map old Pylons routes to Flask ones (#4066)
+
+Bug fixes:
+ * File uploads don't work on new Flask based API (#3869)
+ * {% ckan_extends %} not working on templates served by Flask (#4044)
+ * Problems in background workers with non-core database relations (#3606)
+ * Render_datetime can't handle dates before year 1900 (#2228)
+ * DatapusherPlugin implementation of notify() can call 'datapusher_submit' multiple times (#2334)
+ * Dataset creation page generates incorrect URLs with Chrome autocomplete (#2501)
+ * Search buttons need accessible labels (#2550)
+ * Column name length limit for datastore upload (#2804)
+ * #2373: Do not validate packages or resources from database to views (#3016)
+ * Creation of dataset - different behaviour between Web API & CKAN Interface functionality (#3528)
+ * Redirecting to same page in non-root hosted ckan adds extra root_path to url  (#3499)
+ * Beaker 1.8.0 exception when the code is served from OSX via Vagrant (#3512)
+ * Add "Add Dataset" button to user's and group's page (#2794)
+ * Some links in CKAN is not reachable (#2898)
+ * Exception when specifying a directory in the ckan.i18n_directory option (#3539)
+ * Resource view filter user filters JS error (#3590)
+ * Recaptcha v1 will stop working 2018-3-31 (#4061)
+ * "Testing coding standards" page in docs is missing code snippets (#3635)
+ * Followers count not updated immediately on UI (#3639)
+ * Increase jQuery version (#3665)
+ * Search icon on many pages is not properly vertically aligned (#3654)
+ * Datatables view can't be used as a default view (#3669)
+ * Resource URL is not validated on create/update (#3660)
+ * Upload to Datastore tab shows incorrect time at Upload Log (#3588)
+ * Filter results button is not working (#3593)
+ * Broken link in "Upgrading CKAN’s dependencies" doc page (#3637)
+ * Default logo image not properly saved (#3656)
+ * Activity test relies on datetime.now() (#3644)
+ * Info block text for Format field not properly aligned in resource form page (#3663)
+ * Issue upon creating new organization/group through UI form (#3661)
+ * In API docs "package_create" lists "owner_org" as optional (#3647)
+ * Embed modal window not working (#3731)
+ * Frontent build command does not work on master (#3688)
+ * Loading image duplicated  (#3716)
+ * Datastore set-up error - logging getting in the way (#3694)
+ * Registering a new account redirects to an unprefixed url (#3834)
+ * Exception in search page when not authorized (#4081)
+ * Datastore full-text-search column is populated by postgres trigger rather than python (#3785)
+ * Datastore dump results are not the same as data in database (#4150)
+ * Adding filter at resoruce preview doesn't work while site is setup with ckan.root_path param (#4140)
+ * No such file or directory: '/usr/lib/ckan/default/src/ckan/requirement-setuptools.txt' during installation from source (#3641)
+ * Register user form missing required field indicators (#3658)
+ * Datastore full-text-search column is populated by postgres trigger rather than python  (#3786)
+ * Add missing major changes to change log (#3799)
+ * Paster/CLI config-tool requires _get_test_app which in turn requires a dev-only dependency (#3806)
+ * Change log doesn't mention necessary Solr scheme upgrade (#3851)
+ * TypeError: expected byte string object, value of type unicode found (#3921)
+ * CKAN's state table clashes with PostGIS generated TIGER state table (#3929)
+ * [Docker] entrypoint initdb.d sql files copied to root (#3939)
+ * DataStore status page throws TypeError - Bleach upgrade regression (#3968)
+ * Source install error with who.ini (#4020)
+ * making a JSONP call to the CKAN API returns the wrong mime type (#4022)
+ * Deleting a resource sets datastore_active=False to all resources and overrides their extras (#4042)
+ * Deleting first Group and Organization custom field is not possible (#4094)
+
 Changes and deprecations:
+ * The default templates included in CKAN core have been updated to use Bootstrap 3. Extensions
+   implementing custom themes are encouraged to update their templates, but they can still
+   make CKAN load the old Bootstrap 2 templates during the transition using the following
+   configuration options::
+
+        ckan.base_public_folder = public-bs2
+        ckan.base_templates_folder = templates-bs2
+
+ * The API versions 1 and 2 (also known as the REST API), ie ``/api/rest/*`` have been
+   completely removed in favour of the version 3 (action API, ``/api/action/*``).
  * The old Celery based background jobs have been removed in CKAN 2.8 in favour of the new RQ based
    jobs (http://docs.ckan.org/en/latest/maintaining/background-tasks.html). Extensions can still
    of course use Celery but they will need to handle the management themselves.
@@ -31,6 +130,13 @@ Changes and deprecations:
    This change is aimed to reduce usage of global variables in context. For a while, it has default value
    of None, in which case, `c.search_facets` will be used. But all template designers are strongly advised
    to specify this argument explicitly, as in future it'll become required.
+ * The ``ckan.recaptcha.version`` config option is now removed, since v2 is the only valid version now (#4061)
+
+v2.7.4 2018-05-09
+=================
+
+ * Adding filter at resoruce preview doesn't work while site is setup with ckan.root_path param (#4140)
+ * Datastore dump results are not the same as data in database (#4150)
 
 v2.7.3 2018-03-15
 =================
@@ -209,6 +315,13 @@ Deprecations:
    jobs (http://docs.ckan.org/en/latest/maintaining/background-tasks.html). Extensions can still
    of course use Celery but they will need to handle the management themselves.
 
+v2.6.6 2018-05-09
+=================
+
+* Adding filter at resoruce preview doesn't work while site is setup with ckan.root_path param (#4140)
+* Stable version URLs CKAN for documentation (#4209)
+* Add Warning in docs sidebar (#4209)
+
 v2.6.5 2018-03-15
 =================
 
@@ -380,6 +493,13 @@ Bug fixes:
 API changes and deprecations:
  * Replace `c.__version__` with new helper `h.ckan_version()` (`#3103 <https://github.com/ckan/ckan/pull/3103>`_)
 
+v2.5.9 2018-05-09
+=================
+
+* Adding filter at resoruce preview doesn't work while site is setup with ckan.root_path param (#4140)
+* Add Warning in docs sidebar (#4209)
+* Point API docs to stable URL (#4209)
+
 v2.5.8 2018-03-15
 =================
 

ckan/config/middleware/flask_app.py

@@ -22,7 +22,7 @@
 from repoze.who.middleware import PluggableAuthenticationMiddleware
 
 import ckan.model as model
-import ckan.lib.plugins as lib_plugins
+from ckan.lib import base
 from ckan.lib import helpers
 from ckan.lib import jinja_extensions
 from ckan.common import config, g, request, ungettext
@@ -172,6 +172,7 @@ def hello_world_post():
 
     # Auto-register all blueprints defined in the `views` folder
     _register_core_blueprints(app)
+    _register_error_handler(app)
 
     # Set up each IBlueprint extension as a Flask Blueprint
     for plugin in PluginImplementations(IBlueprint):
@@ -401,3 +402,18 @@ def is_blueprint(mm):
         for blueprint in inspect.getmembers(module, is_blueprint):
             app.register_blueprint(blueprint[1])
             log.debug(u'Registered core blueprint: {0!r}'.format(blueprint[0]))
+
+
+def _register_error_handler(app):
+    u'''Register error handler'''
+
+    def error_handler(e):
+        extra_vars = {u'code': e.code, u'content': e.description}
+        return base.render(u'error_document_template.html', extra_vars), e.code
+
+    app.register_error_handler(400, error_handler)
+    app.register_error_handler(401, error_handler)
+    app.register_error_handler(403, error_handler)
+    app.register_error_handler(404, error_handler)
+    app.register_error_handler(500, error_handler)
+    app.register_error_handler(503, error_handler)

ckan/controllers/error.py

@@ -41,12 +41,13 @@ def document(self):
         if not original_response.charset and original_response.default_charset:
             original_response.charset = original_response.default_charset
         # Otherwise, decorate original response with error template.
-        c.content = literal(original_response.unicode_body) or \
+        content = literal(original_response.unicode_body) or \
             cgi.escape(request.GET.get('message', ''))
-        c.prefix = request.environ.get('SCRIPT_NAME', ''),
-        c.code = cgi.escape(request.GET.get('code',
-                            str(original_response.status_int))),
-        return render('error_document_template.html')
+        prefix = request.environ.get('SCRIPT_NAME', ''),
+        code = cgi.escape(request.GET.get('code',
+                          str(original_response.status_int))),
+        extra_vars = {'code': code, 'content': content, 'prefix': prefix}
+        return render('error_document_template.html', extra_vars=extra_vars)
 
     def img(self, id):
         """Serve Pylons' stock images"""

ckan/controllers/group.py

@@ -460,7 +460,7 @@ def new(self, data=None, errors=None, error_summary=None):
         except NotAuthorized:
             abort(403, _('Unauthorized to create a group'))
 
-        if context['save'] and not data:
+        if context['save'] and not data and request.method == 'POST':
             return self._save_new(context, group_type)
 
         data = data or {}
@@ -491,7 +491,7 @@ def edit(self, id, data=None, errors=None, error_summary=None):
                    }
         data_dict = {'id': id, 'include_datasets': False}
 
-        if context['save'] and not data:
+        if context['save'] and not data and request.method == 'POST':
             return self._save_edit(id, context)
 
         try:
@@ -641,21 +641,21 @@ def members(self, id):
         context = {'model': model, 'session': model.Session,
                    'user': c.user}
 
+        data_dict = {'id': id}
         try:
-            data_dict = {'id': id}
             check_access('group_edit_permissions', context, data_dict)
+        except NotAuthorized:
+            abort(403,
+                  _('User %r not authorized to edit members of %s') % (c.user,
+                                                                       id))
+        try:
             c.members = self._action('member_list')(
                 context, {'id': id, 'object_type': 'user'}
             )
             data_dict['include_datasets'] = False
             c.group_dict = self._action('group_show')(context, data_dict)
         except NotFound:
             abort(404, _('Group not found'))
-        except NotAuthorized:
-            abort(
-                403,
-                _('User %r not authorized to edit members of %s') % (
-                    c.user, id))
 
         return self._render_template('group/members.html', group_type)
 

ckan/controllers/package.py

@@ -521,7 +521,7 @@ def new(self, data=None, errors=None, error_summary=None):
         except NotAuthorized:
             abort(403, _('Unauthorized to create a package'))
 
-        if context['save'] and not data:
+        if context['save'] and not data and request.method == 'POST':
             return self._save_new(context, package_type=package_type)
 
         data = data or clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
@@ -758,7 +758,7 @@ def edit(self, id, data=None, errors=None, error_summary=None):
                    'user': c.user, 'auth_user_obj': c.userobj,
                    'save': 'save' in request.params}
 
-        if context['save'] and not data:
+        if context['save'] and not data and request.method == 'POST':
             return self._save_edit(id, context, package_type=package_type)
         try:
             c.pkg_dict = get_action('package_show')(dict(context,

ckan/controllers/user.py

@@ -179,7 +179,7 @@ def new(self, data=None, errors=None, error_summary=None):
         except NotAuthorized:
             abort(403, _('Unauthorized to create a user'))
 
-        if context['save'] and not data:
+        if context['save'] and not data and request.method == 'POST':
             return self._save_new(context)
 
         if c.user and not data and not authz.is_sysadmin(c.user):
@@ -293,7 +293,7 @@ def edit(self, id=None, data=None, errors=None, error_summary=None):
         except NotAuthorized:
             abort(403, _('Unauthorized to edit a user.'))
 
-        if (context['save']) and not data:
+        if context['save'] and not data and request.method == 'POST':
             return self._save_edit(id, context)
 
         try: