-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix for #53 #56
fix for #53 #56
Conversation
what's the reason why travis doesn't start? |
src/collective/taxonomy/jsonimpl.py
Outdated
@@ -24,7 +29,7 @@ def __init__(self, context, request): | |||
utility_name = request.get('taxonomy', '') | |||
taxonomy = queryUtility(ITaxonomy, name=utility_name) | |||
if not taxonomy: | |||
raise ValueError('Taxonomy `%s` could not be found.' % utility_name) | |||
raise ValueError('Taxonomy `%s` could not be found.' % utility_name) # noqa |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please don't use generic noqa
comments; it's better to explicitly specify what are you trying to ignore.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
except ConfigParser.NoOptionError: | ||
pass | ||
|
||
for name in ['is_single_select', 'is_required']: | ||
try: | ||
result[name] = config.get('taxonomy', name) == 'true' and True | ||
result[name] = config.get('taxonomy', name) == 'true' and True # noqa: E501 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The and True
here seems to be reminiscent of a time when there wasn't an explicit comparison involved – as far as I can tell it's unnecessary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you're right ... I'll change that
src/collective/taxonomy/jsonimpl.py
Outdated
@@ -47,6 +52,7 @@ def generate_json(self, root): | |||
|
|||
def get_data(self): | |||
"""Get json data.""" | |||
alsoProvides(self.request, IDisableCSRFProtection) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this necessary here? No ZODB object seems to be modified in this code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have do dig here further, but if you have a clean Plone-5.1 installation, create a taxonomy and want to edit data for the first time, you get a CSRF warning from plone.protect ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe it happens in the _fixup
method.
You could argue that there shouldn't be any fixing upping on a GET
request.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks for the pointer ... the _fixup
was indeed the problem ... I've refactored this to get rid of CSRF warnings ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The dilemma is this:
There's an old version of the data format and there is an upgrade step which migrates this to the new format by calling _fixup()
.
But what if people try to use their site without – yet – having gone through the upgrade step.
I think that was the reasoning behind these fixing upper calls. And there used to be no upgrade step!
But now, perhaps the right move is simply to throw and error and log a warning "Data not upgraded" – ?
That is:
- I think revert that last commit;
- In
_fixup()
: if said data attributes areNone
, add the CSRF interface to the request and just go ahead and migrate the data.
src/collective/taxonomy/utility.py
Outdated
# for old Taxonomy instances. | ||
# XXX: remove this in version 2.0 to prevent write on read | ||
if self.order is None: | ||
safeWrite(self, getRequest()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great. Poor old self.REQUEST
– acquisition has fallen out of favor...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
strange .. I got an AttributeError
when doing self.REQUEST
in _fixup ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess the utility is not acquisition-wrapped. Makes sense I guess.
Plone is really split brain in terms of acquisition and components.
I guess we're ready to merge this then? |
yes ... and I also think we should release 1.5.0 ... changelog gets longer and longer 😉 |
@malthe but before I'd like to run the tests ... somehow my branch doesn't start automatically on travis-ci .... do you have an idea why? |
I think the buildout is outdated.
|
I thought there would be some errors with this travis configuration, but this branch never ever gets started on travis-ci ... https://travis-ci.org/collective/collective.taxonomy says "This is not an active repository" .... I do not have privileges to activate it. Do you have @malthe ? |
I don't really understand if I'm an admin or not. I can use "Settings" on that repo, but I also get the same error message. |
just found this entry from june 29th stating some issues with de/activating repositories on https://www.traviscistatus.com/ ... I'll get in touch with travis support |
ping @jensens are you able to activate this repository on travis-ci, or do you have an idea what's going wrong here? https://travis-ci.org/collective/collective.taxonomy |
I activated it on TravisCI (.org) - no idea why it was deactivated there. |
@malthe finally |
and some features: