Added permissions on basic auth, to have more control on who can authenticate with basic auth.
Use webapi version of basic auth filter.
For webapi, when authenticated /api/user/ is the same as /api/user/{uid} where uid is the id of current logged in user.
Added sql_delete routine to replace sql_modify with "DELETE FROM .." sql statement.
Fixed filter setup when a module has more than one filter.
Fixed filter setup for site,admin and webapi modes.
Added CMS_AUTH_FILTER, and check if user is already authenticated, then skip following auth filters.
Added specific webapi handler classes for root, user, access token, ...
Added user profile system to the core module.
Moved /user/{uid} from auth module to core module.
Added possibility to add html before and after a cms form. (useful to add a form before or after, as nested form are forbidden).
Now theme can be installed using roc install command.
- Removed CMS_REQUEST_UTIL
- centralize a few request related code into CMS_API
Added CMS_API.user, CMS_API.set_user (CMS_USER), ... and user related routines.
Refactored Auth related code
- added various abstractions to factorize implementation and harmonize solutions.
- revisited the logout strategy.
- updated the account info page, and remove info user should not care about.
- simplified the process, and encourage auth module to follow same design.
Added CMS_LINK helper routines to modify the related query string.
Removed CMS_USER.profile (and related routines)
- It was not used so far.
- it will probably a specific module later, if needed.
Update various module to avoid fetching user from sql directly, and let this task to CMS_USER_API.
Removed CMS_NODE_API.node_author (a_node: CMS_NODE): detachable CMS_USER,
- as the info is already in CMS_NODE.author
Added CMS_RESPONSE.redirection_delay, if ever one code want to redirect after a few seconds.
Added the request uri info to the not found cms response.
Moved content_types and content_type_webform_managers from CMS_RESPONSE to CMS_API.
Updated the way to output content (node, ...) to html page.
See CMS_CONTENT_TYPE_WEBFORM_MANAGER.append_cointent_as_html_to (...).
Added notion of "teaser" (short version of the content), as opposed to full content.
One can use CMS_API.html_encoder ... when possible, same for `formats', ...
Added bridge from CMS_MODULE_API to CMS_API's encoders.
Added new CMS_TAXONOMY_HOOK used to retrieve list of content associated with a specific term.
Moved up to CMS_RESPONSE a few features which was available only in specific descendants.
Added /taxonomy/term/{termid} implementation.
Revisited hooks management, and added new CMS_HOOK_MANAGER.
Added admin, and other link into navigation menu that goes into first sidebar.
Fixed theme info, and template for sidebar ids.
Better css class name for cms node content.
Added CMS_MODULE.permissions to allow module to declare the potential permissions.
Added support for CMS_LINK.is_forbidden, in relation with CMS_LOCAL_LINK.permission_arguments.
Split link "username (Logout)" into 2 links "username" and "logout".
Fixed/Changed the way auth modules alter the logout link based on "(Logout)" title, by safer solution based on `location' of the link.
Fixed usage of WSF_REQUEST.path_info by using percent_encoded_path_info which is not non unicode path info to be used most of the time.
Merged CMS_REPONSE.variables and CMS_REPONSE.values .
When possible, prefer usage of CMS_RESPONSE.user instead of CMS_REQUEST_UTIL.current_user (WSF_REQUEST) whenever it is possible.
When possible, prefer usage of CMS_RESPONSE.location, rather than usage of WSF_REQUEST.(percent_encoded_)path_info .
Code cleaning.
If user is not logged in, show a login option.
Updated New Password
Added option to request a new password using username.
Updated templates to use {$site_url}
Updated basic_auth module to handle templates
All the auth modules depends on CMS_AUTHENTICATION_MODULE
Send mail is done using features from CMS_AUTHENTICATION_MODULE.
Update redirect in roc_auth.js after success login to home.
-- The module handle basic_auth (at the moment).
-- Handle login, logout, register user, activate/reactivate an account, password recovery.
-- Send notification emails.
CMS Updates
-- Added a new service: email.
-- Updated Basic Auth Module to handle logout based on the browser type.
-- Updated persistence layer to save and remove and query activation token and password token.
-- Updated CMS_USER to handle status {active, not_active, trashed}.
-- Updated MySQL scripts to be in sync with SQLite scripts
Local paths are relative to cms site url (i.e no starting slash).
Favor CMS_RESPONSE.absolute_url and url .. instead of using directly WSF_REQUEST.absolute_script_url and script_url.
Handled unicode truncation issue for logger.
Code cleaning.
Refactored CMS_MODULE.router (..): WSF_ROUTER design,
to create only one router object of type CMS_ROUTER.
Added optional CMS_NODE.link: CMS_LOCAL_LINK
Reviewed permissions related to node module.
Refactor and add CMS_STORAGE_SQL(_BUILDER) abstractions
for implementation relying only on SQL statements.
Factorized sql builder initialization (to work for sqlite and mysql storage builders).
Added CMS_RESPONSE.formatted_string (a_text: READABLE_STRING_GENERAL; args: TUPLE): STRING_32
Added function "translation", but not implemented for now.
Updated indexing notes and comments.
Code cleaning.
