Bugfixes:
- Close the api_session in tests. This prevents lots of ResourceWarnings about unclosed sockets. Fixes issues 636 and 648. [maurits] [gforcada]
- Standardize errors data structure of email-notification endpoint. [cekk]
New Features:
- Add Python 3 support. [pbauer, davisagli]
Bugfixes:
- Avoid
AttributeErroron add-on installation (fixes #465. [lukasgraf, hvelarde] - Make search work with a path query containing a list of paths in a virtual hosting setting. [sunew]
Bugfixes:
- Generalize the last bugfix solution for searching the userid on password reset requests, matching it with Plone's one. This covers all the request use cases. [sneridagh]
Bugfixes:
- Add "Use UUID as user ID" support for password resets [sneridagh]
Bugfixes:
- Add missing "Use UUID as user ID" support to POST @users endpoint on user creation. Also improve the userid/username chooser by using the same process as Plone does. This fixes: #586 [sneridagh]
Bugfixes:
- Make sure the default profile is installed on tiles profile installation. [timo]
New Features:
- Add tiles profile. [timo]
New Features:
- Return member fields based on user schema in @users endpoint instead of a fixed list of member properties. [buchi]
Bugfixes:
- Do not include HTTP examples using data_files anymore, but move them below src/plone/restapi instead and use package_data to include them. [lgraf]
- Rename Dexterity content before adding it to a container. [buchi]
- Avoid hard dependency on Archetypes introduced in 3.0.0. This fixes issue 570. [buchi]
- Make setup.py require plone.behavior >= 1.1. This fixes #575. [timo]
- Fixes
test_searchto work with bug fixedplone.indexer. NowDXTestDocumentexplicit got an attributeexclude_from_nav. This fixes issue 579. Refers to Products.CMFPlone Issue 2469 [jensens]
Bugfixes:
- Require plone.schema >= 1.2.0 in setup.py for new tiles endpoint. [timo]
New Features:
- Add tiles endpoint for getting all available content tiles and its JSONSchema. [sneridagh]
- Add a tiles behavior to support the new tiles implementation for plone.restapi. [sneridagh]
- Make sure to include HTTP examples in installed egg, so test_documentation tests also work against a installed release of plone.restapi. [lgraf]
New Features:
- Plone 5.2 compatibility. [sunew, davisagli, timo]
Breaking Changes:
- Fix object creation events. Before this fix, creation events were fired on empty not yet deserialized objects. Also a modified event was fired after deserializing e newly created object. Custom content deserializers now must handle the create keyword argument, which determines if deserialization is performed during object creation or while updating an object. [buchi]
- Include translated role titles in @sharing GET. [lgraf]
- Image URLs are now created using the cache optimized way. Fixes #494. [erral]
Bugfixes:
- Fix ReST on PyPi. [timo]
New Features:
- Document the use of the Accept-Language HTTP header. [erral]
- Translate FTI titles on @types endpoint. Fixes #337. [erral]
- Translate action name, workflow state and transition names in @history endpoint. [erral]
- Enhance @workflow endpoint to support applying transitions to all contained items and to set effective and expiration dates. [buchi]
Bugfixes:
- Make sure DX DefaultFieldDeserializer validates field values. [lgraf]
- Reindex AT content on PATCH. This fixes issue 531. [buchi]
- Fix change password on Plone 5.2 [sunew]
- Plone 5.2 compatible tests. [sunew]
New Features:
- Include translated role title in @roles GET. [lgraf]
Bugfixes:
- Hide upgrades from the add-ons control panel. Fixes issue 532. [maurits]
Breaking Changes:
- Convert all datetime, DateTime and time instances to UTC before serializing. [thet]
- Use python-dateutil instead of DateTime to parse date strings when de-serializing. [thet]
- Make @translations endpoint expandable [erral]
- Rename the results attribute in @translations endpoint to be 'items' [erral]
- Remove 'language' attribute in @translations endpoint from the top-level response entry [erral]
New Features:
- Expose the tagged values for widgets in the @types endpoint. [jaroel]
- Render subject vocabulary as items for subjects field. [jaroel]
- New permission for accessing user information in the GET @user endpoint plone.restapi: Access Plone user information mapped by default to Manager role (as it was before). [sneridagh]
Bugfixes:
- Add VHM support to @search [csenger]
New Features:
- Add expand.navigation.depth parameter to the @navigation endpoint. [fulv, sneridagh]
New Features:
- Allow users to update their own properties and password. [sneridagh]
Bugfixes:
- Fix serialization of Discussion Item and Collection content types when called with fullobjects parameter. [sneridagh]
New Features:
- Add expandable @actions endpoint to retrieve portal_actions. [csenger,timo,sneridagh]
Bugfixes:
- Support null in content PATCH requests to delete a field value (Dexterity only). This fixes #187. [csenger]
New Features:
- Observe the allow_discussion allowance (global, fti, object) on object serialization. [sneridagh]
- Add '@email-send' endpoint to allow authorized users to send emails to arbitrary addresses (Plone 5 only). [sneridagh]
New Features:
- Allow users to get their own user information. [erral]
Bugfixes:
- Mark uninstall profile as non-installable. [hvelarde]
- Fix the use of fullobjects in Archetypes based sites @search [erral]
- Fix workflow translations with unicode characters. [Gagaro]
- Fix workflow encoding in transition endpoint. [Gagaro]
New Features:
- Add '@email-notification' endpoint to contact the site owner via email. (Plone 5 only) [sneridagh]
Bugfixes:
- Remove warning about alpha version from docs. [timo]
Bugfixes:
- Remove deprecated getSiteEncoding import. [timo]
- Build documentation on Plone 5.0.x (before: Plone 4.3.x). [timo]
Breaking Changes:
- Rename 'url' attribute on navigation / breadcrumb to '@id'. [timo]
New Features:
- Allow client to ask for the full representation of an object after creation by setting the 'Prefer' header on a PATCH request. [Gagaro]
- Support deserialization of a relationChoice field using the contents of the serialization (enhanced by the serializer) output. [sneridagh]
- Allow properties when adding a user. This allows setting the fullname by anonymous users. [jaroel]
- Add support for IContextSourceBinder vocabularies on JSON schema Choice fields adapters. [sneridagh]
- Add upgrade guide. [timo]
Bugfixes:
- Fix issue where POST or PATCH a named file with a download link would always return self.context.image, not the actual file. [jaroel]
- Fix DateTimeDeserializer when posting None for a non-required field. [jaroel]
- Fixed 'required' for DateTime fields. [jaroel]
- Batching: Preserve list-like query string params when canonicalizing URLs. [lgraf]
- Fixed NamedFieldDeserializer to take a null to remove files/images. [jaroel]
- Fixed NamedFieldDeserializer to validate required fields. [jaroel]
- Prevent a fatal error when we get @workflow without permission to get review_history worfklow variable. [thomasdesvenain]
- Make user registration work as default Plone behavior by adding the Member role to the user. [sneridagh]
Breaking Changes:
- Remove @components navigation and breadcrumbs. Use top level @navigation and @breadcrumb endpoints instead. [timo]
- Remove "sharing" attributes from GET response. [timo,jaroel]
- Convert richtext using .output_relative_to. Direct conversion from RichText if no longer supported as we always need a context for the ITransformer. [jaroel]
New Features:
- Add fullobjects parameter to content GET request. [timo]
- Include descriptions of modified fields in object-modified event. [buchi]
- Add uninstall profile [davilima6]
- Add include_items option to SerializeFolderToJson. [Gagaro]
Bugfixes:
- Fix error messages for password reset (wrong user and wrong password). [csenger]
- Fix #440, URL and @id wrong in second level get contents call for folderish items. [sneridagh]
- Fix #441, GET in a folderish content with 'fullobjects' is including all items recursively. [sneridagh]
- Fix #443, Ensure the userid returned by authenticateCredentials is a byte string and not unicode. [Gagaro]
New Features:
- Add 'is_editable' and 'is_deletable' to the serialization of comments objects. Also refactored the comments endpoint to DRY. [sneridagh]
- Improve is_folderish property to include Plone site and AT content types [sneridagh]
Bugfixes:
- Cover complete use cases of file handling in a content type. This includes removal of a image/file and being able to feed the PATCH endpoint with the response of a GET operation the image/file fields without deleting the existing value. [sneridagh]
Bugfixes:
- Fix JWT authentication for users defined in the Zope root user folder. This fixes #168 and #127. [buchi]
- Fix datetime deserialization for timezone aware fields. This fixes #253 [buchi]
New Features:
- Add @translations endpoint [erral]
- Include title in site serialization. [buchi]
- Include is_folderish property on GET request responses. Fixes #327. [sneridagh]
Bugfixes:
- Strip spaces from TextLine values to match z3c.form implementation. [jaroel]
- Disallow None and u'' when TextLine is required. Refs #351. [jaroel]
- Make getting '/@types/{type_id}' work for non-DX types, ie "Plone Site". [jaroel]
- Remove Products.PasswortResetTool from setup.py since it is a soft dependency. It is included in Plone >= 5.1. [tomgross]
- Update pytz to fix travis builds [sneridagh]
New Features:
- Add support for expandable elements. See http://plonerestapi.readthedocs.io/en/latest/expansion.html for details. [buchi]
- Translate titles in @workflow. [csenger]
- Add endpoints for locking/unlocking. See http://plonerestapi.readthedocs.io/en/latest/locking.html for details. [buchi]
- Add @controlpanels endpoint. [jaroel, timo]
Bugfixes:
- Fix ZCML load order issue by explicitly loading permissions.zcml from CMFCore. [lgraf]
- Fix @id values returned by @search with 'fullobjects' option [ebrehault]
- Re-add skipped tests from @breadcrumbs and @navigation now that expansion is in place. [sneridagh]
Bugfixes:
- Support content reordering on the site root. [jaroel]
- Support setting Layout on the site root. [jaroel]
- Add clarification when using SearchableText parameter in plone.restapi to avoid confusions [sneridagh]
New Features:
- Implement tus.io upload endpoint. [buchi]
New Features:
- Add "&fullobject" parameter in @search to retrieve full objects [ebrehault]
Bugfixes:
- Tweaks to README.rst [tkimnguyen]
- Don't list non-DX types in @types endpoint. Refs #150 [jaroel]
Breaking Changes:
- Change RichText field value to use 'output' instead of 'raw' to fix inline paths. This fixes #302. [erral]
New Features:
- Automatically publish docker images on hub.docker.com. [timo]
Bugfixes:
- Docs: Fix batching example request/response. [lgraf]
New Features:
- Add @comments endpoint. [jaroel,timo,pjoshi]
- Add @roles endpoint to list defined global roles. [jaroel]
- Add JSON schema to @registry listing. [jaroel]
- Allow to manipulate the group membership in the @groups endpoint. [jaroel]
- List and mutate global roles assigned to a user in the @users endpoint. [jaroel]
Bugfixes:
- Bind schema field to context to handle context vocabularies. #389 [csenger]
- The inherit flag was the wrong way around. Blocked inherit showed up as non-blocked. [jaroel]
New Features:
- Add @translations endpoint [erral]
- Reorder children in a item using the content endpoint. [jaroel]
- Add batched listing of registry entries to @registry endpoint. [jaroel]
New Features:
- Add @history endpoint. [jaroel]
Bugfixes:
- Fix the @move endpoint fails to return 403 when the user don't have proper delete permissions over the parent folder. [sneridagh]
New Features:
- Add support for a 'search' parameter to @sharing. This returns additional principals in 'entries', also flagging the acquired and inherited fields. [jaroel]
- Add support for setting/modifying 'layout' on DX and AT content endpoints. [jaroel]
- Add support for getting the defined layouts on the root types endpoint. [jaroel]
Bugfixes:
- Add the title to the workflow history in the @workflow endpoint. This fixes #279. [sneridagh]
- Don't fetch unnecessary PasswordResetTool in Plone 5.1 [tomgross]
Bugfixes:
- Handle special case when user @move content that cannot delete returning proper 403 [sneridagh]
Bugfixes:
- Remove zope.intid dependency from copy/move endpoint. Remove plone.api dependency from principals endpoint. Make ChoiceslessRelationListSchemaProvider available only if z3c.relationfield is installed. This fixes #288 [erral]
- Remove unittest2 imports from tests. [timo]
- Add Products.PasswortResetTool to dependencies. This dependency is gone in Plone 5.1. [timo]
- Make import of LocalrolesModifiedEvent conditional, so plone.restapi doesn't prevent Plone 4.3 deployments < 4.3.4 from booting. [lgraf]
New Features:
- Add @sharing endpoint. [timo,csenger,sneridagh]
- Add @vocabularies endpoint. [timo,csenger,sneridagh]
- Add @copy and @move endpoints. [buchi,sneridagh]
- Docs: Convert all HTTP examples to use sphinxcontrib-httpexample. [lgraf]
- Add 'addable' attribute to the @types endpoint. It specifies if the content type can be added to the current context. See #173. [jaroel]
- Add support for named IJsonSchemaProvider adapter to target a single field in a schema. This allows us to prevent rendering all choices in relatedItems. See #199. [jaroel]
- Add review_state to the folderish summary serializer. [sneridagh]
- Add @principals endpoint. It searches for principals and returns a list of users and groups that matches the query. This is aimed to be used in the sharing UI widget or other user/groups search widgets. [sneridagh]
- Add reset-password action to the @users endpoint. #158 [timo,csenger]
Bugfixes:
- Fix coveralls reporting. [timo]
- Return correct @id for folderish objects created via POST. [lgraf]
- Fix timezone-related failures when running tests through coverage. [witsch]
- @search endpoint: Also prefill path query dict with context path. This will allow users to supply an argument like path.depth=1, and still have path.query be prefilled server-side to the context's path. [lgraf]
- Overhaul JSON schema generation for @types endpoint. It now returns fields in correct order and in their appropriate fieldsets. [lgraf]
- Add missing id to the Plone site serialization, related to issue #186. [sneridagh]
- Add missing adapter for IBytes on JSONFieldSchema generator. This fixes the broken /@types/Image and /@types/File endpoints. [sneridagh]
- Fix addable types for member users and roles assigned locally on @types endpoint. [sneridagh]
New Features:
- Make date and datetime fields provide a 'widget' attribute. [timo]
- Add documentation for types endpoint schema. [timo]
- Add basic groups CRUD operations in @groups endpoints [sneridagh]
- Make @types endpoint include a 'mode' attribute. This fixes #198. [timo]
Bugfixes:
- Fix queries to ensure ordering of container items by getObjectPositionInParent. [lgraf]
New Features:
- Add simple user search capabilities in the GET @users endpoint. [sneridagh]
Bugfixes:
- Allow installation of plone.restapi if JWT plugin already exists. This fixes #119. [buchi]
Bugfixes:
- Make login endpoint accessible without UseRESTAPI permission. This fixes #166. [buchi]
New Features:
- Introduce dedicated permission required to use REST API at all (assigned to everybody by default). [lgraf]
Bugfixes:
- When token expires, PAS plugin should return an empty credential. [ebrehault]
Bugfixes:
- Remove plone.api dependency from users service. This fixes #145. [timo]
New Features:
- Make POST request return the serialized object. [timo]
- Include 'id' attribute in responses. [timo]
New Features:
- Add @users endpoint. [timo]
Bugfixes:
- Fix bug where disabling the "Use Keyring" flag wasn't persisted in jwt_auth plugin. [lgraf]
New Features:
- Implements navigation and breadcrumbs components [ebrehault]
- Add widget and support for RichText field in @types component. [ebrehault]
- Add fieldsets in @types [ebrehault]
Bugfixes:
- Disable automatic CSRF protection for @login and @login-renew endpoints: If persisting tokens server-side is enabled, those requests need to be allowed to cause DB writes. [lgraf]
- Documentation: Fixed parameter 'data' to JSON format in JWT Authentication documentation [lccruz]
- Tests: Fail tests on uncommitted changes to docs/source/_json/ [lgraf]
- Tests: Use freezegun to freeze hard to control timestamps in response dumps used for documentation. [lgraf]
- Tests: Limit available languages to a small set to avoid excessive language lists in response dumps used for documentation. [lgraf]
- Initial release. [timo,buchi,lukasgraf,et al.]