Squashed commit of the following:
commit 13dbd3515b
Merge: f0f094c97400b7
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 30 20:33:02 2011 -0600
Merge branch 'master' of https://github.com/gallery/gallery3 into rawphoto
commit f0f094c3f7
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 30 20:22:49 2011 -0600
Explain the conditional rename in item::save() with a comment.
commit 1b3a6b85c1
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 30 18:29:34 2011 -0600
Improve the comment explaining why the data_file extension is important.
commit c3e8c1e3b5
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 30 18:12:56 2011 -0600
The data_file field is public, so we don't need to supply an accessor method.
commit 2375a02e2c
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 30 16:40:55 2011 -0600
Change the signature of system::tempnam to something more appropriate for Gallery.
commit a8ca9dcf9e
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 30 16:10:06 2011 -0600
Change the name of the extensions helper to legal_file.
commit 7e61a01a96
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 30 16:08:49 2011 -0600
Change the name of the extensions helper to legal_file.
commit 4c2b2ebd3f
Author: Chad Parry <github@chad.parry.org>
Date: Wed Apr 27 20:52:35 2011 -0600
Remove a newline at the end of the file that I accidentally introduced.
commit 6d564f185e
Merge: 7ff485f4060640
Author: Chad Parry <github@chad.parry.org>
Date: Wed Apr 27 20:35:58 2011 -0600
Merge branch 'master' of https://github.com/gallery/gallery3 into rawphoto
commit 7ff485fa48
Author: Chad Parry <github@chad.parry.org>
Date: Wed Apr 27 20:29:06 2011 -0600
Move the extensions helpers out of the Kohana system directory and into their own Gallery Extensions class.
commit 26585fed03
Merge: 809567fc8f90e8
Author: Chad Parry <github@chad.parry.org>
Date: Sun Apr 24 08:28:39 2011 -0600
Merge branch 'master' of https://github.com/gallery/gallery3 into rawphoto
commit 809567f128
Author: Chad Parry <github@chad.parry.org>
Date: Sun Apr 24 08:10:04 2011 -0600
Expose the data file field.
commit fcb06bf175
Author: Chad Parry <github@chad.parry.org>
Date: Sun Apr 24 00:45:12 2011 -0600
Don't assign to the item->name field if the name is unchanged, because the save method will crash.
commit c6ef706d70
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 23 22:55:59 2011 -0600
Preserve old data files long enough for them to be available to event handlers.
commit 0d6a3a3cfc
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 23 21:19:47 2011 -0600
Create a tempnam substitute that safely creates files with a given extension.
commit e149cf7238
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 23 16:39:25 2011 -0600
Support data files that change their extension and MIME type.
commit 6702104f57
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 23 16:35:00 2011 -0600
Resolve an infinite recursion that happens when the path caches are updated during saving.
commit 944cb72eea
Merge: 567522b5af74d4
Author: Chad Parry <github@chad.parry.org>
Date: Fri Apr 22 14:10:42 2011 -0600
Merge remote branch 'origin/master' into rawphoto
commit 567522bfa0
Author: Chad Parry <github@chad.parry.org>
Date: Thu Apr 21 20:12:32 2011 -0600
Add an event for when a new graphics toolkit is chosen.
commit 31ba081b79
Author: Chad Parry <github@chad.parry.org>
Date: Thu Apr 21 02:06:53 2011 -0600
Add an event that will collect all valid filename extensions.
Squashed commit of the following:
commit 4c2b2ebd3f
Author: Chad Parry <github@chad.parry.org>
Date: Wed Apr 27 20:52:35 2011 -0600
Remove a newline at the end of the file that I accidentally introduced.
commit 6d564f185e
Merge: 7ff485f4060640
Author: Chad Parry <github@chad.parry.org>
Date: Wed Apr 27 20:35:58 2011 -0600
Merge branch 'master' of https://github.com/gallery/gallery3 into rawphoto
commit 7ff485fa48
Author: Chad Parry <github@chad.parry.org>
Date: Wed Apr 27 20:29:06 2011 -0600
Move the extensions helpers out of the Kohana system directory and into their own Gallery Extensions class.
commit 26585fed03
Merge: 809567fc8f90e8
Author: Chad Parry <github@chad.parry.org>
Date: Sun Apr 24 08:28:39 2011 -0600
Merge branch 'master' of https://github.com/gallery/gallery3 into rawphoto
commit 809567f128
Author: Chad Parry <github@chad.parry.org>
Date: Sun Apr 24 08:10:04 2011 -0600
Expose the data file field.
commit fcb06bf175
Author: Chad Parry <github@chad.parry.org>
Date: Sun Apr 24 00:45:12 2011 -0600
Don't assign to the item->name field if the name is unchanged, because the save method will crash.
commit c6ef706d70
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 23 22:55:59 2011 -0600
Preserve old data files long enough for them to be available to event handlers.
commit 0d6a3a3cfc
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 23 21:19:47 2011 -0600
Create a tempnam substitute that safely creates files with a given extension.
commit e149cf7238
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 23 16:39:25 2011 -0600
Support data files that change their extension and MIME type.
commit 6702104f57
Author: Chad Parry <github@chad.parry.org>
Date: Sat Apr 23 16:35:00 2011 -0600
Resolve an infinite recursion that happens when the path caches are updated during saving.
commit 944cb72eea
Merge: 567522b5af74d4
Author: Chad Parry <github@chad.parry.org>
Date: Fri Apr 22 14:10:42 2011 -0600
Merge remote branch 'origin/master' into rawphoto
commit 567522bfa0
Author: Chad Parry <github@chad.parry.org>
Date: Thu Apr 21 20:12:32 2011 -0600
Add an event for when a new graphics toolkit is chosen.
commit 31ba081b79
Author: Chad Parry <github@chad.parry.org>
Date: Thu Apr 21 02:06:53 2011 -0600
Add an event that will collect all valid filename extensions.
Refactor the rotate code in Quick_Controller to replace the data file,
and then have gallery_event::item_updated_data_file() pick up after
the change is saved, rebuild the image and handle album covers. This
is much more portable than before and it will allow any mechanism (eg:
REST) to replace the source image.
by the following rules:
1) An initial dialog or panel load can take either HTML or JSON, but
the mime type must accurately reflect its payload.
2) dialog form submits can handle a pure HTML response, but the mime
type must also be correct. This properly resolves the problem
where the reauth code gets a JSON response first from the reauth
code, and then an HTML response when you reauth and continue on to
a given form -- try it out with Admin > Settings > Advanced.
3) All JSON replies must set the mime type correctly. The json::reply
convenience function does this for us.
4) By default, any HTML content sent back in the JSON response should be
in the "html" field, no longer the "form" field.
The combination of these allows us to stop doing boilerplate code like
this in our controllers:
// Print our view, JSON encoded
json::reply(array("form" => (string) $view));
instead, controllers can just return HTML, eg:
// Print our view
print $view;
That's much more intuitive for developers.
deletes in bulk. This lets us avoid the problem where we continually
choose and delete album covers which makes deletes really slow. It
probably also avoids huge amounts of notification emails (untested).
Fixes ticket #1190.
see if we're deleting the album we're inside in quick::delete. If we
delete the album we're currently viewing, redirect to the parent.
This fixes ticket #1185.
guess how to send the user back. Instead, proxy the originating item
id through the edit forms so that we can tell exactly what page we
were on when we began editing. If we were viewing the item, then
redirect to its new url (in case it changed) to fix ticket #745. But
if we were viewing some other item, then just stay on the current page
to fix#940.
The page_type approach didn't work because you'd have the same
"collection" page_type when doing a context menu edit for an album.
types, and a subtype for specifics. Currently the top level bucket
collection, item, other
Here are the core subtypes so far:
collection: album, search, tag
item: movie, photo
other: login, reset, comment-fragment, comment
It's legal to create new page_subtypes whenever you want. Use the
appropriate page_type to get the coarse grain behavior that you want.
we're not relying on overriding url::site() to do tricks around item
urls. This means that you won't get item urls by doing
url::site("albums/37"), for example, but it also means that we won't
get pretty urls where we don't expect them (like in the action of a
<form> element).
Incidentally, this will help us move over to using the slug format
because if you've got a bad character in a url, the edit forms will
now work on it since they'll be id based.
the "context" menu.
This new context menu is generated using the typical event processing
system, like our other menus. The specialized quick CSS and JS is now
gone, replaced by our generic menu handling code. It's all rolled
together currently using the thumb_menu UI for easy packaging. All
the CSS and JS is updated.
NOTE: the non-dialog links (rotate, album_cover) have a broken UI
because they return JSON which the quick.js code handled specially,
but we don't handle properly now. I need to fix this.
approach using html::specialchars and purify uses HTMLPurifier to intelligently
cleanse the output fields. Use purifier for text and title fields where it is
likely that a user would enter html to format their data.
quick pane. The quick pane is now divided into 4 sections: left, center, right and
additional. Additional items appear in the drop down box. Buttons are not sorted
within the groupings.
In addition, the quick pane will overflow onto the "additional" dropdown if there is not
enough room to display all the buttons.
The use case is the digibug printing module needed to add a button to the quick pane, and
I don't like putting code into core that says if module is active... That's another one
of those code smells :-)
Signed-off-by: Tim Almdal <tnalmdal@shaw.ca>
and verifying user permissions, but there are several above-the-bar
changes:
1) Server add is now only available to admins. This is a hard
requirement because we have to limit server access (eg:
server_add::children) to a user subset and the current permission
model doesn't include that. Easiest fix is to restrict to admins.
Got rid of the server_add permission.
2) We now know check permissions at every level, which means in
controllers AND in helpers. This "belt and suspenders" approach will
give us defense in depth in case we overlook it in one area.
3) We now do CSRF checking in every controller method that changes the
code, in addition to the Forge auto-check. Again, defense in depth
and it makes scanning the code for security much simpler.
4) Moved Simple_Uploader_Controller::convert_filename_to_title to
item:convert_filename_to_title
5) Fixed a bug in sending notification emails.
6) Fixed the Organize code to verify that you only have access to your
own tasks. In general, added permission checks to organize which had
pretty much no validation code.
I did my best to verify every feature that I touched.
Kohana makes this type of transition fairly straightforward in that
all controllers/helpers/etc are still located in the cascading
filesystem without any extra effort, except that I've temporarily
added a hack to force modules/gallery into the module path.
Rename what's left of "core" to be "application" so that it conforms
more closely to the Kohana standard (basically, just
application/config/config.php which is the minimal thing that you need
in the application directory)
There's still considerable work left to be done here.
