- Show expired content when GET on a folderish object, include a way to display it on @search via the show_inactive parameter [sneridagh]
- Strip spaces from TextLine values to match z3c.form implementation. [jaroel]
- Disallow None and u'' when TextLine is required. Refs #351. [jaroel]
New Features:
- Add support for expandable elements. See http://plonerestapi.readthedocs.io/en/latest/expansion.html for details. [buchi]
- Translate titles in @workflow. [csenger]
- Add endpoints for locking/unlocking. See http://plonerestapi.readthedocs.io/en/latest/locking.html for details. [buchi]
- Add @controlpanels endpoint. [jaroel, timo]
Bugfixes:
- Fix ZCML load order issue by explicitly loading permissions.zcml from CMFCore. [lgraf]
- Fix @id values returned by @search with 'fullobjects' option [ebrehault]
- Re-add skipped tests from @breadcrumbs and @navigation now that expansion is in place. [sneridagh]
Bugfixes:
- Support content reordering on the site root. [jaroel]
- Support setting Layout on the site root. [jaroel]
- Add clarification when using SearchableText parameter in plone.restapi to avoid confusions [sneridagh]
New Features:
- Implement tus.io upload endpoint. [buchi]
New Features:
- Add "&fullobject" parameter in @search to retrieve full objects [ebrehault]
Bugfixes:
- Tweaks to README.rst [tkimnguyen]
- Don't list non-DX types in @types endpoint. Refs #150 [jaroel]
Breaking Changes:
- Change RichText field value to use 'output' instead of 'raw' to fix inline paths. This fixes #302. [erral]
New Features:
- Automatically publish docker images on hub.docker.com. [timo]
Bugfixes:
- Docs: Fix batching example request/response. [lgraf]
New Features:
- Add @comments endpoint. [jaroel,timo,pjoshi]
- Add @roles endpoint to list defined global roles. [jaroel]
- Add JSON schema to @registry listing. [jaroel]
- Allow to manipulate the group membership in the @groups endpoint. [jaroel]
- List and mutate global roles assigned to a user in the @users endpoint. [jaroel]
Bugfixes:
- Bind schema field to context to handle context vocabularies. #389 [csenger]
- The inherit flag was the wrong way around. Blocked inherit showed up as non-blocked. [jaroel]
New Features:
- Reorder children in a item using the content endpoint. [jaroel]
- Add batched listing of registry entries to @registry endpoint. [jaroel]
New Features:
- Add @history endpoint. [jaroel]
Bugfixes:
- Fix the @move endpoint fails to return 403 when the user don't have proper delete permissions over the parent folder. [sneridagh]
New Features:
- Add support for a 'search' parameter to @sharing. This returns additional principals in 'entries', also flagging the acquired and inherited fields. [jaroel]
- Add support for setting/modifying 'layout' on DX and AT content endpoints. [jaroel]
- Add support for getting the defined layouts on the root types endpoint. [jaroel]
Bugfixes:
- Add the title to the workflow history in the @workflow endpoint. This fixes #279. [sneridagh]
- Don't fetch unnecessary PasswordResetTool in Plone 5.1 [tomgross]
Bugfixes:
- Handle special case when user @move content that cannot delete returning proper 403 [sneridagh]
Bugfixes:
- Remove zope.intid dependency from copy/move endpoint. Remove plone.api dependency from principals endpoint. Make ChoiceslessRelationListSchemaProvider available only if z3c.relationfield is installed. This fixes #288 [erral]
- Remove unittest2 imports from tests. [timo]
- Add Products.PasswortResetTool to dependencies. This dependency is gone in Plone 5.1. [timo]
- Make import of LocalrolesModifiedEvent conditional, so plone.restapi doesn't prevent Plone 4.3 deployments < 4.3.4 from booting. [lgraf]
New Features:
- Add @sharing endpoint. [timo,csenger,sneridagh]
- Add @vocabularies endpoint. [timo,csenger,sneridagh]
- Add @copy and @move endpoints. [buchi,sneridagh]
- Docs: Convert all HTTP examples to use sphinxcontrib-httpexample. [lgraf]
- Add 'addable' attribute to the @types endpoint. It specifies if the content type can be added to the current context. See #173. [jaroel]
- Add support for named IJsonSchemaProvider adapter to target a single field in a schema. This allows us to prevent rendering all choices in relatedItems. See #199. [jaroel]
- Add review_state to the folderish summary serializer. [sneridagh]
- Add @principals endpoint. It searches for principals and returns a list of users and groups that matches the query. This is aimed to be used in the sharing UI widget or other user/groups search widgets. [sneridagh]
- Add reset-password action to the @users endpoint. #158 [timo,csenger]
Bugfixes:
- Fix coveralls reporting. [timo]
- Return correct @id for folderish objects created via POST. [lgraf]
- Fix timezone-related failures when running tests through coverage. [witsch]
- @search endpoint: Also prefill path query dict with context path. This will allow users to supply an argument like path.depth=1, and still have path.query be prefilled server-side to the context's path. [lgraf]
- Overhaul JSON schema generation for @types endpoint. It now returns fields in correct order and in their appropriate fieldsets. [lgraf]
- Add missing id to the Plone site serialization, related to issue #186. [sneridagh]
- Add missing adapter for IBytes on JSONFieldSchema generator. This fixes the broken /@types/Image and /@types/File endpoints. [sneridagh]
- Fix addable types for member users and roles assigned locally on @types endpoint. [sneridagh]
New Features:
- Make date and datetime fields provide a 'widget' attribute. [timo]
- Add documentation for types endpoint schema. [timo]
- Add basic groups CRUD operations in @groups endpoints [sneridagh]
- Make @types endpoint include a 'mode' attribute. This fixes #198. [timo]
Bugfixes:
- Fix queries to ensure ordering of container items by getObjectPositionInParent. [lgraf]
New Features:
- Add simple user search capabilities in the GET @users endpoint. [sneridagh]
Bugfixes:
- Allow installation of plone.restapi if JWT plugin already exists. This fixes #119. [buchi]
Bugfixes:
- Make login endpoint accessible without UseRESTAPI permission. This fixes #166. [buchi]
New Features:
- Introduce dedicated permission required to use REST API at all (assigned to everybody by default). [lgraf]
Bugfixes:
- When token expires, PAS plugin should return an empty credential. [ebrehault]
Bugfixes:
- Remove plone.api dependency from users service. This fixes #145. [timo]
New Features:
- Make POST request return the serialized object. [timo]
- Include 'id' attribute in responses. [timo]
New Features:
- Add @users endpoint. [timo]
Bugfixes:
- Fix bug where disabling the "Use Keyring" flag wasn't persisted in jwt_auth plugin. [lgraf]
New Features:
- Implements navigation and breadcrumbs components [ebrehault]
- Add widget and support for RichText field in @types component. [ebrehault]
- Add fieldsets in @types [ebrehault]
Bugfixes:
- Disable automatic CSRF protection for @login and @login-renew endpoints: If persisting tokens server-side is enabled, those requests need to be allowed to cause DB writes. [lgraf]
- Documentation: Fixed parameter 'data' to JSON format in JWT Authentication documentation [lccruz]
- Tests: Fail tests on uncommitted changes to docs/source/_json/ [lgraf]
- Tests: Use freezegun to freeze hard to control timestamps in response dumps used for documentation. [lgraf]
- Tests: Limit available languages to a small set to avoid excessive language lists in response dumps used for documentation. [lgraf]
- Initial release. [timo,buchi,lukasgraf,et al.]