You are not logged in Log in Join
You are here: Home » Download Zope Products » Content Management Framework » CMF-1.6.1-beta » HISTORY.txt » View Document

Log in
Name

Password

 

HISTORY.txt

CMF 1.5.6 (2006/02/26)

Bug Fixes

  • In certain circumstances file-based PythonScripts with foreign line endings were not handled correctly. PythonScripts are now read using Python's universal line-endings support. (http://www.zope.org/Collectors/CMF/403)

CMF 1.5.6-beta (2006/02/19)

Bug Fixes

  • CMFDefault.DiscussionTool: Ensure that isDiscussionAllowedFor will not accidentally acquire discussion settings from the content object's parent. (http://www.zope.org/Collectors/CMF/398)
  • CMFDefault.RegistrationTool: Adding single quotes to the allowed characters in the local part of an email address. (http://www.zope.org/Collectors/CMF/401)
  • CMFCore.FSPythonScript: FSPythonScripts forgot to add __file__ to the script globals. This broke warnings.warn() when a stacklevel argument pointing into the script was passed (2).
  • CMFSetup.workflow: Workflows managing no permissions at all could make the CMFSetup workflow exporter fail. (http://www.zope.org/Collectors/CMF/397)
  • CMFDefault.DiscussionItem: Deleting a discussion reply would not recurse and left items below the deleted reply still cataloged (http://www.zope.org/Collectors/CMF/391)
  • Corrected the HelpSystem documentation for DCWorkflow Guards (http://www.zope.org/Collectors/CMF/394)
  • CMFCore utils: Synced _checkPermission with Zope 2.8.5 code. checkPermission of Zope 2.8.5 and later contains bug fixes and respects proxy roles, but for backwards compatibility CMF 1.5 still needs its own implementation.

Others

  • Made unit tests close the request properly.
  • Made cut / copy / paste tests more independent from implementation details of _verifyObjectPaste.
  • Modified several deprecation warnings to indicate point-of-use of the deprecated feature.

CMF 1.5.5 (2005/11/20)

Bug Fixes

  • DefaultWorkflowDefinition: Changed meta_type to make it unique. (http://www.zope.org/Collectors/CMF/298)
  • CMFSetup: fixed empty attribute parsing when an encoding is defined.

Others

  • CMFCore: removed old backward compatibility code that slowed down TypeInformation.allowType and gave PortalFolder.allowedContentTypes quadratic complexity.
  • Removed deprecated all_cmf_tests.py and supporting test_all.py from products (use zopectl test to run CMF tests instead).

CMF 1.5.5-beta (2005/11/06)

Bug Fixes

  • CMFCore.DynamicType/ActionProviderBase: If an action cannot be looked up, provide a more helpful debugging message for the error log.
  • CMFCore.MemberDataTool: Fixed the pruneMemberData functionality in the ZMI: Now it is enough to press the button once.
  • Collector #381: CMFCore unit tests depended on CMFDefault / workflow.
  • CalendarTool: If an event ends at exactly midnight, don't show it in the list of events for the day starting at midnight. (http://www.zope.org/Collectors/CMF/246)

Features

  • CMFCore: added skinname to the thread-specific tuple created by the Skinnable base class to cache the skin path lookup, to facilitate querying later; added a getCurrentSkinName to the Skinnable API to do the query. Thanks to Laurent Rowe for the patch.
  • CMFSetup: added support for importing and exporting workflow script metadata for scripts that are External Methods. One very important difference to other scripts remains: Since the CMFSetup machinery cannot access the filesystem code for external methods it only saves the data needed to instantiate the ZODBi-based External Method object. If, during an import, the filesystem-based code cannot be found, the import will fail.
  • CMFActionIcons: added support for exporting / importing action icons tool configuration (via GenericSetup).
  • CMFSetup: added support for configuring content type registry.
  • CMFSetup: added support for configuring caching policy manager.
  • CMFSetup: added support for configuring cookie authentication and mailhost tools (http://www.zope.org/Collectors/CMF/387).
  • CMFCore.CachingPolicyManager: Caching policies can now control all the Cache-Control tokens defined in the HTTP 1.1 spec (s-maxage, public, private, no-transform). When no-cache is enabled, a Pragma: no-cache header is also sent for HTTP 1.0 clients. Thanks go to Geoff Davis for contributing the necessary patches.
  • CMFCore.FSPageTemplate: These now have the option to return a status 304 and no content when a conditional GET is sent. This is a potential significant win for sites. This behavior is activated on the CachingPolicyManager by using policies that set suitable ETag headers when delivering the content. Geoff Davis invested the time to add this feature.

Others

  • Removed deprecated all_cmf_tests.py and supporting test_all.py from products (use zopectl test to run CMF tests instead).
  • CMFDefault.Portal: deprecated manage_addCMFSite.
  • Collectors #384: Added __traceback_info__ to FSDTMLMethod's call-stack etnry.
  • Collector #383: Added tab to portal_uidhandler tool to allow querying objects given UID.
  • CMFCatalogAware: refactoring. Defines now 2 methods, _getCatalogTool() and _getWorkflowTool(), that are used to find the catalog and workflow tool. It's now possible to override these methods using inheritence for a given content type to specify another catalog or workflow tool the content type can use
  • CMFSetup: allow export of properties of old objects that were stored as lists (instead of tuples now).

CMF 1.5.4 (2005/09/04)

Bug Fixes

  • CatalogTool: Made sure the catalog_object method works with Zope 2.8. The new pghandler argument was missing. This broke at least the refreshCatalog method used by Update Catalog. (http://www.zope.org/Collectors/CMF/379)

CMF 1.5.4-beta (2005/08/28)

Bug Fixes

  • CMFCore.utils: The return value from _mergedLocalRoles allowed direct manipulation of objects' local role settings since it contained references to the actual values instead of copies. (http://www.zope.org/Collectors/CMF/376)
  • CMFTopic.DateCriteria: The behavior and naming of date criteria operators was very confusing and in many cases unexpected and wrong. For that reason e.g. Plone replaced the implementation with a more user-friendly handling which is hereby introduced to CMF proper. (http://www.zope.org/Collectors/CMF/339)
  • CMFCore.PortalContent, CMFCore.FSSTXMethod, CMFTopic.Topic, CMFDefault.SkinnedFolder: Cache headers from the Caching Policy Manager never got set for DTML-based skins due to the way the view template __call__ method was invoked. (http://www.zope.org/Collectors/CMF/374)
  • CMFCore.FSImage and FSFile: Unlike the current behavior of Zope itself, FSImage and FSFile would set a content-length response header for 304 (not modified) responses, which should not be done according to RFC 2616. It won't do so anymore, but Zope itself will still force a content-length header in ZServer.HTTPResponse. This misbehavior has been filed as a Zope issue (http://www.zope.org/Collectors/Zope/1866). (http://www.zope.org/Collectors/CMF/372)
  • PortalFolder: Improved the _checkId method. Method Aliases mask objects with matching IDs. Thus _checkId() and checkIdAvailable() now make sure non-managers can't create objects with IDs already taken by Method Aliases of the current folder.
  • CMFDefault.Image and CMFDefault.File: When calling the constructor, any intelligent content type detection would be destroyed by the call to initialize Dublin Core values, which would overwrite the content_type. It is now preserved, if possible. (http://www.zope.org/Collectors/CMF/370)

Features

  • CMFTopic.Topic: Made Topics a tad more useful by subclassing from CMFDefault.SkinnedFolder instead of CMFCore.PortalFolder, because SkinnedFolder is CatalogAware. Topics now offer useful information for Title, Description and SearchableText, so Topic objects can be located in the portal by using the standars search facilities. (http://www.zope.org/Collectors/CMF/53)

Others

  • CMFCore.PortalFolder._checkId() allows root doted prefixed name object overrides.

CMF 1.5.3 (2005/08/07)

Bugs fixed

  • When the CMFBTreeFolder was moved into CMFCore, its base class was changed to PortalFolderBase. This broke an assumption in the portal_syndication tool that relied on all syndication containers deriving from PortalFolder (http://www.zope.org/Collectors/CMF/369)

CMF 1.5.3-beta (2005/08/02)

Bugs Fixed

  • Changed the INSTALL_SVN instructions to conform to the new branch and tag naming scheme instituted for the subversion repository.
  • Apply an interim fix for slow pathwalking implementation in development mode on Windows (http://www.zope.org/Collectors/CMF/367) Note that a better fix would be to leverage pywin32 APIs for file / directory monitoring.
  • FSObject.manage_doCustomize() was broken for folderish objects on Zope 2.8 because manage_permission requires a context to work. (see http://www.zope.org/Collectors/CMF/368)
  • CMFCore/FSPropertiesObject and CMFCore/FSMetadata: Removed a wrongly inserted DeprecationWarning in the FSPropertiesObject class and put it into the FSMetadata class. We are not deprecating ".props" files, but ".properties" and ".security".
  • Change CVS checkout documentation to their equivalent Subversion instructions
  • In CMFSetup, make sure to give special treatment to both CVS and .svn folders where this is necessary (e.g. to implicitly skip them when importing profiles)
  • Made sure FSDVTest always deletes its temporary folder on tearDown. (http://www.zope.org/Collectors/CMF/106)
  • Fix DefaultWorkflowDefinition bug on isActionSupported() for the keywargs support to reflect DCWorkflowDefinition changes. Add a test case for this definition as well.

Others

  • CMFCatalogAware: reindexObjectSecurity() now always reindexes the catalog objects without changing their catalog uid. This is useful for third-party code that indexes objects with special uids.

CMF 1.5.2 (2005/07/17)

Bugs Fixed

  • CMFCore/ActionInformation.py: Permissions of action categories starting with document are now evaluated in the object context instead of the portal context. This should probably be generalized some more.
  • Added testing framework to suppress / examine output from warnings module and from zLOG.
  • CMFUid/UniqueIdGeneratorTool.py: Replaced the old BTree.Length.Length implementation by a simple counter. Using a BTree.Length.Length object as counter may have caused setting the same unique id to multiple objects under high load. The tools counter gets automigrated on the first access.

Others

  • CMFCore/CMFBTreeFolder.py: Moved here from Zope core's Products/BTreeFolder2; conditional import, with module alias, into __init__.py, for compatibility with Zope 2.7; 2.8.0 has BTreeFolder2 in the core (see http://www.zope.org/Collectors/Zope/1813).

CMF 1.5.2beta2 (2005/07/08)

Features Added

  • CMFDefault/skins/zpt_generic/talkback_tree: Add link to allow managers to delete replies (http://www.zope.org/Collectors/CMF/38).

Bugs Fixed

  • CMFDefault.utils.parseHeadersBody: use standard library's rfc822 module to parse metadata headers, to take advantage of better handling of edge cases.
  • CMFDefault.utils.formatRFC822Headers: strip trailing blank line of multi-line value, to prevent premature halt of parsing. (http://www.zope.org/Collectors/CMF/230)
  • CMFCore.MembershipTool: allow getMemberById to crawl up the hierarchy of user folders until it finds the user. This means that users from any user folder in or above the portal will be treated as full members of the portal. (http://www.zope.org/Collectors/CMF/354, also http://www.zope.org/Collectors/CMF/63)
  • CatalogTool: Added manage_convertIndexes. This method should not be used with Zope 2.7. It overrides the broken manage_convertIndexes of Zope 2.8.0. (http://www.zope.org/Collectors/CMF/357)
  • CMFCore.WorkflowTool: Make (deprecated) WorkflowInformation objects schema-compatible with current ActionInformation. (http://www.zope.org/Collectors/CMF/355)
  • CMFCore.utils.ToolInit: For icon registration to work with ToolInit you would have to have the same product_name parameter as the actual product name of the product. product_name is now optional, defaulting to the real product name. It is also deprecated, and starting with CMF1.6 product_name it will be ignored.
  • CMFSetup.workflow: scripts were not exported, they're now in a scripts subdirectory, and encoding was not propagated at import time.

Others

  • Moved tests which used to import Zope to try import Zope2 (with a fallback for Zope 2.7). Thanks to sacco for the patch! (http://www.zope.org/Collectors/CMF/362)
  • CatalogTool: Removed obsolete Vocabulary.

CMF 1.5.2beta (2005/06/26)

New Features

  • CMFDefault browser: Added browser package and five_template. This allows to use the main_template for forms generated by Five.
  • CMFDefault skins: Added style_slot to main_template.
  • CMFCore.PortalFolder: A new class PortalFolderBase was added. The class is a subclass of Folder while PortalFolder is a subclass of PortalFolderBase and OrderedFolder. It was added for software which is incompatible w/ the ordered interface.
  • CMFCore.ActionProviderBase: Add the methods _getOAI and _getExprContext which can be used to hook in custom version of getOAI() and getExprContext().
  • CMFCore.TypesTool.TypeInformation.queryMethodID(): Add new argument context=None and change all calls of queryMethodID to apply the context.
  • Interfaces: Added newstyle (Zope 3) interfaces. This change has no effect on Zope 2.7 without Five.
  • CMFSetup.skins: Small featurelet that adds a new keyword to the "layer" tag in skins.xml named "remove". If "remove" is specified, the named layer will be explicitly removed from the skins path(s).
  • CMFCatalogAware: reindexObjectSecurity() now supports an optional argument skip_self that prevents the object itself from being reindexed, but its descendants still are. Allows an optimization when you want to reindex all the idxs and the security in a single shot with reindexObject().
  • CMFCatalogAware: allow easy subclassing of the "security indexes" that are reindexed by reindexObjectSecurity(), through the attribute _cmf_security_indexes.
  • doActionFor() propagates **kw to isActionSupported() through _checkTransitionGuard() until the guard.check() method so that StateChangeInfo() can be constructed with those kwargs.

Bug Fixes

  • ActionInfo: Make setActionExpression sane if passed a string which is already prefixed with "string;".
  • ActionInfo: Fixed copy method.
  • CMFTopic.Topic/CMFCore.PortalContent: Clean up a previous change by changing __call__ methods to be aligned with what's on CVS HEAD and using the old _getViewFor function as a fallback to retain backwards compatibility.
  • DCWorkflow: Add a note to the Transitions and States forms explaining that the renaming actions will not automatically update any items in the workflow that might be affected by the change. (http://www.zope.org/Collectors/CMF/89)
  • CMFDefault.SyndicationTool: Zope 2.8 raises AttributeError where earlier Zopes used to raise KeyError.
  • Set cache headers in 304 responses from FSImage / FSFile (http://www.zope.org/Collectors/CMF/355)
  • CMFCore.DirectoryView: Do not cause ZODB writes or ConflictError if an old DirectoryView with a non-existing path is left. Sends a warning to stderr about those. (http://www.zope.org/Collectors/CMF/347)
  • CMFSetup utils: Fixed handling of comments and empty descriptions. (http://www.zope.org/Collectors/CMF/352)
  • CMFDefault.MetadataTool: When asked for a non-existing metadata policy, the tool would return the default policy unwrapped. This means, at a minimum, that the security declarations on the MetadataElementPolicy instance would never be applied correctly. (http://www.zope.org/Collectors/CMF/342)
  • CMFSetup.workflow: Make sure to set the "permissions" attribute on DCWorkflow definitions to a tuple, which is expected throughout the DCWorkflow code. (http://www.zope.org/Collectors/CMF/346)
  • CMFCore.FSObject: Try to find and call the appropriate method to determine the skins tool name instead of hardcoding "portal_skins". (http://www.zope.org/Collectors/CMF/349)
  • CMFCore.FSZSQLMethod: Add the forgotten setting to allow simple direct traversal for ZSQL methods to the list of settings recognized and applied by FSZSQLMethods during instantiation and customization. (http://www.zope.org/Collectors/CMF/350)
  • CMFCore.FSObject: When customizing filesystem objects in the skins tool, some security-related settings were not transferred to the customized object, namely proxy roles and permission settings. (http://www.zope.org/Collectors/CMF/351)
  • Sync catalog metadata column with correct name of DublinCore string ExpirationDate method. (http://www.zope.org/Collectors/CMF/345)

Others

  • CMFSetup: the import/export of portal types uses a new XML format that can hold arbitrary properties, to facilitate subclassing. The old format is still recognized when importing.
  • WorkflowTool: Marked WorkflowInformation and getActionsFor deprecated. getActionsFor is superseded by listActionInfos and WorkflowInformation was just used by getActionsFor.

CMF-1.5.1 (2005/04/24)

Other

  • Made INSTALL.txt more general so it does not refer to specific CMF version numbers in the 1.5 series and thus won't look outdated from one release to the next.
  • CMFCatalogAware: reindexObjectSecurity() optimizations in case of an indexable container.

Bug Fixes

  • CMFDefault.SyndicationTool: Coerce property values into correct types. (http://www.zope.org/Collectors/CMF/344)
  • CMFCore.Skinnable: Don't catch ConflictError in __of__.
  • CMFCore.CMFCatalogAware: In reindexObjectSecurity, use _unrestrictedGetObject when available, and LOG when the object cannot be retrieved.

CMF-1.5.1beta2 (2005/04/17)

New Features

  • MemberDataTool: setSecurityProfile (called by MembershipTool's setPassword) now uses the userFolderEditUser() API of the user folder to change user information.
  • DCWorkflow: To bridge some of the bound variable name differences between TALES expressions used in DCWorkflow and those used elsewhere in the CMF, added two "aliases" to the expression context that reflect the CMF conventions: "object" points to "here", and "folder" points to "container" (http://www.zope.org/Collectors/CMF/338)
  • CMFSetup: Improved update directives for extension profiles. See the new PROFILES.txt for details.
  • CMFCore.DirectoryView: Made list of file names to ignore configurable. The previously hardcoded list of files to ignore when creating their ZODB representations can now be configured by passing a sequence of names to registerDirectory, which will be ignored in addition to the standard list of ignored names (http://www.zope.org/Collectors/CMF/319).
  • CMFCalendar: Added extension profile. You can now set up CMFCalendar in one step together with a new site or add calendar support to an existing site using the portal_setup tool.
  • CMFSetup: Added support for extension profiles. Extension profiles are profile fragments used to modify base profiles. They can be shipped with add-on products or used for customization steps. Importing an extension profile adds or overwrites existing settings in a fine-grained way. You can't export extension profiles. Snapshots and exports always represent the merged settings.
  • CMFSetup: Sometimes it is not necessary or desirable to create a snapshot upon initial site creation. Matter of fact when run in a unit test situation, addConfiguredSite can throw permission errors during the snapshot-taking because no specific SecurityManager has been set up. Add new flag "snapshot" to factory.addConfiguredSite to turn off snapshotting if desired

Bug Fixes

  • TypesTool: Removed _checkViewType. The control-content-creating-by-typeinfo-view-permission feature did never work. Use DCWorkflow's allowCreate method instead. (http://www.zope.org/Collectors/CMF/114)
  • CMFDefault.DublinCore: Force local timezone when displaying date metadata. (http://www.zope.org/Collectors/CMF/325)
  • CMFCore.SkinsTool: Prevent adding skin layers with invalid path elements There is a disconnect between the ability to define what can be ignored inside DirectoryViews and what can be put into skins paths in the SkinsTool. Now a check is done inside addSkinSelection that makes sure the same ignore-policy that is used for the DirectoryView is applied to the elements of a skin path. (http://www.zope.org/Collectors/CMF/336)
  • CMFCore.FSZSQLMethod: Added configuration parameters that were left out. Some of the configuration parameters to ZSQL methods, specifically those describing custom pluggable brains classes and the connection_hook, were not implemented in FSZSQLMethod. Also added a first small unittest module for FSZSQLMethod testing. (http://www.zope.org/Collectors/CMF/335)
  • CMFSetup utils: Modified ConfiguratorBase. If the DEFAULT value is used, CONVERTER is no longer called. This makes setting DEFAULT more intuitive. While very unlikely, the change might break existing third party configurators.
  • CMFSetup: Reduced probability of profile ID conflicts. The first argument of registerProfile is now name instead of profile_id. The profile ID combines name and product.
  • CMFSetup.skins made the assumption that the CMF site can always acquire REQUEST and would set up the current skin with it. Added a test to see if REQUEST is available and if it is not, skip the step that sets up the current skin.
  • CMFCalendar zpt skin: Removed dependency on dtml layer.
  • CMFCalendar: Modified install script. Adds date indexes instead of field indexes. No longer adds the dtml layer to zpt skins.
  • CMFCore.utils: Added transaction for backwards compatibility. CMF now uses the Zope 2.8 transaction API und uses utils.transaction as fallback in Zope 2.7.
  • CMFCore.TypesTool: Added backwards compatibility code to the fix for collector issue 49. (http://www.zope.org/Collectors/CMF/49)
  • CMFCore.Skinnable: Changed the way layers (skindata) are stored (no more v attribute) to prevent them being lost in the middle of a request when memory pressure is high. This change is incompatible with SpeedPack, but includes one of its two optimizations about skins. (http://www.zope.org/Collectors/CMF/198)
  • DublinCore: Fixed creators upgrade to not call a potentially costly method on the user folder. (http://www.zope.org/Collectors/CMF/300)
  • CMFCatalogAware: When reindexing security, all subobjects must be reindexed even if they are not visible by the current user. Also fixed to work correctly with Zope >= 2.7.6.

CMF 1.5.1beta (2005/03/24)

New Features

  • CMFCore.TypesTool and CMFCore.PortalFolder: If invokeFactory is called from code it will now hand back the created object's ID. This does not change any behavior when called directly from the web. Both methods returned None before, so there is no dependencies anywhere on their return values, anyway. (http://www.zope.org/Collectors/CMF/331)
  • CMFSetup: When importing skins configurations you can now specify a layer to be inserted after a given layer. Previously you could only insert before a given layer.
  • CatalogTool: All default FieldIndex instances used for indexing DateTime values are now created as DateIndex instances instead. All default TextIndex instances are now created as ZCTextIndex instances. (CMF collector issues http://www.zope.org/Collectors/CMF/191 and http://www.zope.org/Collectors/CMF/302)
  • CMFSetup: Improved skip purge behavior of the skins import handler. If purging is disabled, it's now possible to modify existing skin configurations. You can use * as wildcard for skin-path ids and a insert-before attribute to specify where to insert a new layer.
  • CMFSetup tool: Improved Properties tab. The active site configuration can now be selected from a list of registered profiles and stored snapshots. (http://www.zope.org/Collectors/CMF/264)
  • CMFSetup: Added handlers for site properties.
  • CMFSetup utils: Added ConfiguratorBase class. It's now recommended to use this class as base for all configurators. The class includes some generic methods to handle subobjects and properties.
  • FSObject: Now FSObject-derived items like FSImage or FSFile can have security declarations inside the metadata file. (http://www.zope.org/Collectors/CMF/289)
  • profiles: Moved default profile to CMFDefault. Using the new importVarious handler this profile now allows to create CMF sites identical to those created with manage_addCMFSite.
  • CMFDefault: Added importVarious setup handler. This provisional handler will be removed again as soon as full handlers are implemented for these steps.
  • CachePolicyManager: You can now set a ETag using a TALES expression (http://www.zope.org/Collectors/CMF/236)
  • RegistrationTool: The regular expression that limits what people can put in as a valid member ID is now configurable TTW in the portal_registration tool (http://www.zope.org/Collectors/CMF/117)

Bug Fixes

  • CMFCore.MembershipTool: Change a couple conditional tests that tried to determine if the MemberDataTool had been found to explicitly test for None as the return value instead of a truth test on the tool itself, which would fail unexpectedly on folderish MemberDataTool implementations that don't have actual content (http://www.zope.org/Collectors/CMF/330)
  • CMFCore.CachingPolicyManager and CMFCore.ActionInformation: The names available to TALES expressions throughout the CMF showed some inconsistencies. To prevent confusion the names "content" and "content_url" that were used for Cache Policy Manager policies as well as the special ActionInformation.oai class are now deprecated and will be removed in CMF 1.7. The canonical names to be used are "object" and "object_url", which matches all other CMF expression contexts with DCWorkflow being the only exception due to its non-CMF roots. (http://www.zope.org/Collectors/CMF/328)
  • CMFCore.PortalFolder: Cataloging portal folders was prevented by overriding the typical indexing calls, but one of them was forgotten, so they still got cataloged. (http://www.zope.org/Collectors/CMF/309)
  • CMFCore.DirectoryView: A special __setattr__ on the DirectoryViewSurrogate class made sure to write changes through to the underlying DirectoryView, but there was no equivalent __delattr__ cleanup. (http://www.zope.org/Collectors/CMF/316)
  • CMFDefault.RegistrationTool: Allow email addresses with an underscore as the last element of the alias part. (http://www.zope.org/Collectors/CMF/326)
  • FSPageTemplate: Ensure that if a content type is specified using a .metadata file we respect it (http://www.zope.org/Collectors/CMF/320)
  • CMFCore.tests.test_PortalFolder: fixed testing bug copied forward from OFS.tests.testCopySupport.
  • CMFDefault.RegistrationTool: Allow + in e-mail addresses. (http://www.zope.org/Collectors/CMF/322)
  • ActionInfo: Fixed issue with oldstyle Action info mappings. The allowed key was broken for non-empty permissions.
  • CMFDefault.DiscussionTool: getDiscussionFor sometimes returned unwrapped talkback objects.
  • CMFSite: Made title and description properties undeletable. This change has no effect on existing sites.
  • FSObject: Ensure that a cache manager association on a Filesystem-based object in the Skins Tool gets applied to the customized object in the ZODB upon customization. (http://www.zope.org/Collectors/CMF/304)
  • TypesTool: Changed the way available factory_type_informations are presented on the dropdown list when adding a new type from a filesystem FTI to the Types Tool. The new representation includes the "id" as set in the FTI instead of just the product name and the meta_type. (http://www.zope.org/Collectors/CMF/49)
  • CMFSetup: Fixed import of workflow bindings. The workflow import step has to be run after the typeinfo step. (http://www.zope.org/Collectors/CMF/265)
  • CMFCore.CatalogTool: Take into account query restrictions on effective or expires attributes during a search. (http://www.zope.org/Collectors/CMF/120)
  • WorkflowTool: Fixed setChainForPortalTypes. If chain was an empty string, it wasn't set correctly.
  • FSFile, FSImage: Made available to caching policy manager as standard content. (http://www.zope.org/Collectors/CMF/299)
  • FSDTMLMethod: Small code cleanup to remove duplicate variable definition (http://www.zope.org/Collectors/CMF/291)
  • Portal: Fixed setupDefaultProperties. Backwards compatibility was broken and the default_charset argument was ignored.
  • Document/NewsItem: If the "plain text" format is selected the content will no longer be tested for HTML and reduced to text between opening and closing "body" tags (http://www.zope.org/Collectors/CMF/214)
  • Document/NewsItem: A call to setFormat will now re-cook the document content if the format has been changed (arising from discussion about http://www.zope.org/Collectors/CMF/214)
  • DirectoryViews/FSMetadata: Corrected some erroneous docstrings about proxy role handling using .metadata files (http://www.zope.org/Collectors/CMF/177)

Other

  • CMFCore.FSPropertiesObject: Added a deprecation warning to announce the fact that .properties files will disappear in CMF 1.7 and should be replaced with CMFCore.FSMetadata (.metadata) files.

CMF 1.5.0 (2004/10/21)

New Features

  • Portal: Added default_charset property. (http://www.zope.org/Collectors/CMF/261)
  • CMFDefault utils: Added toUnicode function. (http://www.zope.org/Collectors/CMF/261)

Bug Fixes

  • ZPT skin: Fixed RSS. Values are now converted to unicode, using default_charset. (http://www.zope.org/Collectors/CMF/261)
  • DublinCore: Added setCreators method. Note that notifyModified also modifies creators. If the current user should not be added to creators, make sure notifyModified() is not called after setCreators(). (http://www.zope.org/Collectors/CMF/61)
  • ZPT skin: Fixed *metadata_edit_form. Setting "Enable Discussion?" to Off was broken.
  • CMFSetup: Made sure imported values are converted to strings. For now imports and exports work only with ascii encoding. (http://www.zope.org/Collectors/CMF/287)
  • FSPageTemplate: Don't hide sub-tracebacks in development mode.
  • TypesTool: Removed again the "add properties from the ZMI" feature. That feature existed only in 1.5.0beta2.
  • ActionProviderBase: Modified exceptions raised by getActionInfo. Now Unauthorized is raised if at least one Action was found but the user is not allowed to access any of them.
  • RegistrationTool: Generated passwords no longer contain OQ0Il1.
  • The permalink feature is now turned off by default and may be turned on by setting the boolean property enable_permalink in the cmfs root property sheet through the ZMI. Through the get_permalink script the permanent link of an content object can be asked for. Additionaly the site may be asked if the permalink feature is turned on or not by adding isAvailable instead of an unique id (http://www.example.com/permalink/isAvailable). Returns 1 or 0. Also removed the badly designed tal:on-error directive in main_template.

CMF 1.5.0beta2 (2004/09/27)

New Features

  • CookieCrumbler: Merged changes from standalone version. Cookies set on an HTTPS connection are now marked as secure, meaning they will not be transmitted over HTTP.
  • PortalFolder: New Folderish Interface defines the content* methods.
  • PortalFolder: Improved WebDAV folder listings. Hidden sub-objects like tools are now filtered out. To see all sub-objects, you need the Manage portal permission.
  • TypesTool: New properties can be added from the ZMI to TypeInformation objects.

Bug Fixes

  • CMFDefault/Document: store / return size of "raw" source text for get_size.
  • ZPT skin: Refactored registered_notify_template. For security reasons, it no longer adds the password to the login URL.
  • PortalFolder: Fixed _checkId policy. In a subfolder, members without Manage portal permission were not able to create content items whose names clashed with content items in the portal root.
  • CookieCrumbler: Improved came_from URL. Problems in connection with stack manipulation on traversal or usage of traverse_subpath should be fixed now.
  • PortalFolder: Public content* methods or no longer publishable. This prevents expensive anonymous calls to contentItems(), contentIds() and contentValues() via URLs. They still can be used in TTW code.
  • ZPT skin: Added missing mail_password_template.
  • TypeInformation: Simplified Method Aliases API. The new queryMethodID() replaces getMethodPath() and getMethodURL(). Aliases for method paths are no longer supported.
  • FSFile: Allow setting a content_type value using a .metadata file (http://www.zope.org/Collectors/CMF/281)
  • FSPageTemplate: Refine the XML content type detection so that addtional data such as encoding is preserved (http://www.zope.org/Collectors/CMF/228)
  • ActionInformation: If a path expression ending in an object that gets called using __render_with_namespace__ (such as DTML objects and Scripts (Python)) is used a KeyError for "here" would be thrown inside PageTemplates.ZRPythonExpr.call_with_ns. call_with_ns expects the namespace to contain "here", which the context coming from CMFCore.Expressions.createExprContext did not provide. Added "here" as an alias pointing to the provided "object" (http://www.zope.org/Collectors/CMF/171)
  • DiscussionItem: Made sure that the workflow is notified of their creation. (http://www.zope.org/Collectors/CMF/280)
  • CMFCatalogAware: When pasting a content item, local roles were not changed to reflect the new ownership. (http://www.zope.org/Collectors/CMF/205)
  • ZPT skin: Added missing RSS script and template. (http://www.zope.org/Collectors/CMF/279)
  • DirectoryView: Improved createDirectoryView() backwards compatibility. Using platform specific path separators is deprecated.
  • UniqueIdAnnotation: Fixed manage_after* methods. They didn't work correctly in nested folders.
  • Workflow: Marked WorkflowMethod alias WorkflowAction as deprecated.
  • ZPT skin: Improved folder_copy_control and folder_cut_control. They now catch CopyErrors.
  • DirectoryView: Readded expandpath() for backwards compatibility. Some products still import expandpath from DirectoryView because it was once defined there. Note that importing expandpath from DirectoryView is deprecated and doesn't work with CMF HEAD / 1.6.
  • RegistrationTool: An optional password can now be passed to registeredNotify() (Issue #277).
  • Tool icons can now reside in subdirectories (Issue #144).

CMF 1.5.0beta (2004/08/12)

New Features

  • The CMF is now under the terms of version 2.1 of the Zope Public License (ZPL); it was previously under ZPL version 2.0.
  • TypeInfos: Marked getActionById as deprecated. Use getActionInfo if you need an URL or getMethodPath if you need a method.
  • CatalogTool.CatalogTool now has a private unrestrictedSearchResults method bypassing the effective and expiry date and roles. The new method has to be used with care to not expose security holes in applications using the CatalogTool.
  • CMFCalendar.CalendarTool: Made workflow states configurable TTW. (http://www.zope.org/Collectors/CMF/110)
  • Minor featurelet: The "Action Providers" ZMI tab on the portal_actions tool now links directly to the tools shown (http://www.zope.org/Collectors/CMF/181)
  • CMFCore.utils: Introduced contributorsplitter() utility function along the lines of keywordsplitter().
  • Actions and Action providers: Further refactoring.
    • Removed again OldstyleActionProvider Interface and OldstyleActionProviderBase that existed only in 1.5.0-alpha. ActionProvider now also works with oldstyle Action mappings.
    • listActionInfos() and getActionInfo() now return ActionInfo objects instead of Action info mappings. ActionInfo objects have a backwards compatible mapping interface.
  • Added CMFUid product which provides tools for generating, registering, and storing unique IDs for content (gregweb).
    • As an example of how to use unique ids, enhanced CMFDefault.Favorite content class, using unique ids to track moved or renamed content items.
    • At the bottom of the page the permanent link to the content object is shown (http://www.example.com//permalink/1234, where 1234 is the unique id of the content object)
  • Added __init__ method to the IOpaqueItems.ICallableOpaqueItem interface.
  • CookieCrumber now supports logging the authenticated user id to the access log just like basic auth.
  • portal_setup tool can now disply / download diffs between profiles and / or snapshots.
  • The find tab on the portal_skins tool will now mark the object that would be returned when using the specified skin

Bug Fixes

  • CMFCore.PortalFolder: Enforce check of "Delete objects" permission during cut + paste. (http://www.zope.org/Collectors/CMF/259)
    1. B. This fix depends on an update to the underlying Zope software, e.g., Zope 2.7.3 or later. Two new unit tests fail on Zope 2.7.2 and earlier.
  • CMFDefault.MetadataTool: Validation would disallow vocabulary-constrained metadata elements to be empty (http://www.zope.org/Collectors/CMF/217)
  • CMFDefault.DiscussionItem: Replies were not sorted chronologically (http://www.zope.org/Collectors/CMF/211)
  • CMFDefault.Image and CMFDefault.File: When copy/pasting Image and File objects the review state did not revert to "private". (http://www.zope.org/Collectors/CMF/176)
  • CMFSetup: Refactored rolemap. Converted the roles attribute to role sub-elements. Fixed an acquisition bug that caused incomplete exports. Updated default profile.
  • CMFWiki: Prevent deprecation notice for the deprecated CMFWikiPermissions module by replacing its usage in CMFWiki.__init__ with the new permissions module.
  • CMFTopic: Change topic_view template to show title and ID (it only showed title before) (http://www.zope.org/Collectors/CMF/180)
  • CMFCore.PortalFolder: Unlike other content, only Managers were able to create PortalFolders using mkdir in FTP. Fixed by inserting missing security declaration for PortalFolder.manage_addFolder (http://www.zope.org/Collectors/CMF/167)
  • Default text format for NewsItems is now structured-text, just like it is for Documents, tuhs removing a spurious difference. (http://www.zope.org/Collectors/CMF/138)
  • CMFCalendar.CalendarTool: (Lost) fix for issues 65 and 159. The determination of the date/time range constituting a specific month was faulty.
  • CMFDefault.DublinCore: Use the portal_metadata tool's getPublisher for the DublinCore Publisher element (thanks to Eric Brown for the patch).
  • CMFCalendar.CalendarTool: Code assumed US datetime format throughout. At least since Zope 2.7 users can change that.
  • CMFCalendar.Event: Day, month, and year were processed in the wrong order by Event.edit(). (http://www.zope.org/Collectors/CMF/202)
  • CMFCore.PortalFolder: _verifyObjectPaste() did not check the container's allowed content types, enabling users to paste objects they were not allowed to add. (http://www.zope.org/Collectors/CMF/216)
  • CMFDefault.File and CMFDefault.Image: setFormat() failed to update the content_type property causing index_html() to use a stale mimetype when serving the file or image. (http://www.zope.org/Collectors/CMF/226)
  • CMFDefault.Document, CMFDefault.Link, and CMFCalendar.Event: WebDAV PUT() caused improper splitting of Contributors metadata header.
  • CMFCore.PortalFolder: Fixed missing import of BadRequest exception.
  • DCWorkflow DefaultWorkflowClassic: Fixed pending state permissions.
  • CMFSetup: Refactored actions, type-infos and workflow definition. Changed some XML attributes. Converted list items and descriptions to sub-elements.
  • ActionInformation: Some attribute cleanup. Enforced usage of Title instead of Name, URL or URL (Expression) instead of Action. Enforced boolean type of Visible.
  • DiscussionTool: Fixed two acquisition bugs. (Collector #119 and #201)
  • Change default CookieCrumbler Cache-Control header value from "no-cache" to "private" to allow browser caches to cache cookie authenticated pages but not proxies and HTTP accellerators.
  • ActionInformation: Correctly store an empty tuple for permissions if no permission is given (Collector #242).
  • DublinCore: Use a default ceiling date that is parsable by DateIndex (Collector #132).
  • RSS: Creates correct XML by always quoting arguments (Collector #170).

CMF 1.5.0alpha (2004/07/09)

New Features

  • CMFActionIcons product is now shipped as part of the CMF release.
  • New portal_setup tool provides export / import of various site configuration choices, both as tarballs and as TTW "snapshots". See the README.
  • zpt skin: Some forms are now scripts. These scripts are dispatchers that call validators and controllers and set redirect depending on the selected button. If redirect is not set, the script calls a template and returns the resulting HTML page.
  • ActionProviderBase, ActionInformation: Added methods to modify/edit actions. New method getActionObject in ActionProviderBase and edit method in ActionInformation (Collector 195). An action now may be modified/edited the following way:
            action_provider.getActionObject('object/view').edit(title='VIEW')
    
  • Topic objects now support syndication (Collector #203).
  • PortalFolder and zpt skin: PortalFolder now inherits from OrderedFolder.
    • Added buttons to folder_contents that allow to set a default sorting for each PortalFolder or to order the sub-objects by hand.
    • Modified index_html to show sub-objects in the selected order. The old index_html is still available as index_html_categorized.
  • CMFDefault utils: Added html_marshal function. This is similar to ZTUtils.make_hidden_input(), but returns a sequence of (name, value) pairs instead of html code.
  • CMFCore utils and content types: Marked _getViewFor as deprecated. __call__() and view() methods using _getViewFor() are deprecated as well. Use Method Aliases instead.
  • CMFDefault Site: Now adds the Classic DCWorkflow on creation. If DCWorkflow is not installed, no default workflow is added.
  • DynamicType: Added getActionInfo method. This is a shortcut to getActionInfo() of the related TypeInformation.
  • DublinCore: setModificationDate is now guarded by ModifyPortalContent.
  • zpt skin: Reimplemented folder_contents and related controllers. Uses a dispatcher script that calls the right validators and controllers if a form button is pushed. The result looks almost the same as before.
  • PortalFolder and SkinnedFolder: Added new and rename_items Actions. Used for redirects they are invisible by default.
  • CMFCore exceptions: Added some Exceptions. AccessControl.Unauthorized is a subclass of zExceptions.Unauthorized, so for best results use AccessControl_Unauthorized to raise Unauthorized and zExceptions_Unauthorized to catch them all. CopyError and ResourceLockedError are now also available for TTW code. EditingConflict is a new CMF class replacing the old string exception.
  • Callable Opaque Items, CMFCatalogAware: Added an interface ICallableOpaqueItemWithHooks. CMF now calls the manage_after and manage_before hooks of a marked opaque item on copying, moving or deleting the containing content object.
  • DublinCore: Creator element no longer depends on Ownership. (Collector #25)
    • Added listCreators() and listContributors() to the DublinCore Interface. Creator() now returns the first element of listCreators(). Contributors() is now a deprecated alias of listContributors() and might change in a future version.
    • Updated DublinCore implementation in DefaultDublinCoreImpl and DiscussionItem. Added new addCreator() method that is called by notifyModified(). SkinnedFolder also uses the new methods.
    • Updated ContentFilter to work with listCreators().
    • Updated CatalogTool to index listCreators. Creator index and metadata are deprecated and might be removed in a future version.
    • Updated skins to search listCreators() and show all creators.
  • TypeInfos: _finishConstruction() now calls reindexObject(). This makes sure changes made by ScriptableTypeInformation scripts are indexed and notifyModified() is called after content creation.
  • Document: Removed WorkflowMethod wrapper of setFormat(). This was the only wrapped MutableDublinCore method and caused an ugly second reindexObject() / notifyModified() call in the middle of _editMetadata().
  • CatalogTool: Updated to post Zope 2.6.2 ZCatalog interface. catalog_object() and reindexObject() now support the new update_metadata argument. reindexObjectSecurity() doesn't update catalog metadata anymore.
  • Added new hook to CookieCrumbler "twiddleAuthCookie". The twiddleAuthCookie skin script, if present is called on each request where a cookie authentication token is present. It is passed the auth cookie name and value so that it can perform such functions as extending the expiration of the cookie. A twiddleAuthCookie script along with a setAuthCookie script could create login sessions that timeout after a period of inactivity for example.
  • Refactored ActionsTool and Action providers:
    • Added listActionInfos() and getActionInfo() to the ActionProvider Interface, added object argument to listActions().
    • Added OldstyleActionProvider Interface and OldstyleActionProviderBase for Action providers still not using ActionInformation objects. WorkflowTool and CMFCore DiscussionTool use this.
    • Action providers queried by ActionsTool should implement the new ActionProvider Interface. Action providers subclassing ActionProviderBase inherit the necessary methods.
    • To ease transition it will be sufficient to implement the OldstyleActionProvider Interface, using OldstyleActionProviderBase. The use of Action providers not implementing one of these Interfaces is deprecated. Support for them will be removed after CMF 1.5.
    • Added helper methods getOAI() and getExprContext() to get computed contexts from REQUEST cache or create new ones.
  • CMFDefault MembershipTool and zpt skin: Added Manage members Action. The skin now provides basic membership management: Browsing members, registering new members and deleting members including their member data, member area and Local Roles.
  • The caching policy manager now sets the header X-Cache-Headers-Set-By when it sets cache headers in a response.
  • FSDTMLMethods now play nicely with the caching policy manager.
  • zpt skin: Added batch_widgets.pt and getBatchNavigation.py. roster and search use now the new navigation macro. Looks like before, but i18n works better and it's easier to reuse or replace the code.
  • zpt skin: Added zpt version of registered_notify_template.
  • CMFCorePermissions: Made them available for import by Scripts.
  • CMFCore MembershipTool and MemberDataTool: Added delete methods.
    • deleteMemberData() deletes the member data of a member.
    • deleteMemberArea() deletes the member area of a member.
    • deleteLocalRoles() now has a recursive argument.
    • deleteMembers() deletes members including member data, member area and Local Roles.
  • CMFCore MembershipTool: Changed interface.
    • createMemberarea() is now called createMemberArea(). For backwards compatibility createMemberarea is a deprecated alias.
    • getMembersFolder() is now also part of the CMFCore interface.
  • CMFCorePermissions: Added Change local roles Permission. PortalFolder's Local Roles Action and MembershipTool's Local Roles methods are now guarded by Change local roles of the object.
  • Added CMFCore 'exceptions.py': Errors defined in this module are available for import by Scripts.
  • CMFCore and CMFDefault MembershipTool: Changed permissions. createMemberarea() for someone else and getRoster() including hidden members are now protected by Manage users. getMemberById(), listMemberIds() and listMembers() as well.
  • Document and NewsItem: Un-hardwired manage_FTPget() for text/html. Added source_html.dtml and source_html.pt. manage_FTPget() now has a gethtml hook and uses source_html by default. (Collector #168)
  • TypeInformation: Added Method Aliases.
    • TypesTool and TypeInformation now have an Aliases tab to configure Method Aliases TTW.
    • factory_type_information now has a key aliases to configure Method Aliases in a product. This key is required, but may be empty: If it doesn't exist, TypeInformation will try to update by guessing aliases.
    • DynamicType manipulates TraversalRequestNameStack depending on Method Aliases. (Default) and view aliases bypass __call__() and view() methods on traversal.
    • PortalFolder's mkdir hook now makes use of Method Aliases.
  • CMFCore and CMFDefault MembershipTool: Changed member area creation. wrapUser() does no longer call createMemberarea(). createMemberarea() should now be called from the logged_in page.
  • CMFDefault MembershipTool: Added a customization hook to createMemberarea(). A createMemberContent script placed inside the tool overrides default member content creation.

Bug Fixes

  • zpt skin: Removed dependency on dtml layers.
  • CMFCore utils: Marked format_stx function as deprecated. It's no longer necessary to work around default STX handling.
  • DirectoryView: Refactored path handling. Should now work with any products path setup. (Collector #210)
  • Enforced new "local permissions" pattern: each top-level CMF product should have a permissions.py module which imports / declares all permissions used within the product; other modules within the product should import from there. Likewise for exceptions.py.
  • Removed pre Zope 2.7.0 compatibility code. Now Zope 2.7.0 or a later platform is required for CMF.
  • CatalogTool: Marked the meta_type index as deprecated.
  • PortalFolder: Marked the spec argument as deprecated. Use the filter argument with portal_type instead for contentItems(), contentIds(), contentValues() and listFolderContents().
  • PortalFolder: Fixed portal_type acquisition bug in ContentFilter.
  • DynamicType: Added getPortalTypeName() to the interface.
  • Collector #227: expose ZPT filename in tracebacks which include FSPageTemplates.
  • zpt skin: Switched base tag policy back to that of dtml skin. This makes the use of relative URLs in content easier. If you have content that depends on the old policy you can customize getBaseTag.pt and add a slash. (Collector #66)
  • Actions of folderish types: Fixed some inconsistencies. Whatever the old CMFDefault policy was - this is the current policy: "object" is used for Actions related to the object itself, "folder" is used for Actions related to the container of the object.
    • Changed the category of PortalFolder and SkinnedFolder Actions to object.
    • Moved folderContents of folderish types from ActionsTool to PortalFolder's type info. Other folderish types now have to declare their own folderContents Action if they need one.
    • Renamed Topic's subtopics and SkinnedFolder's foldercontents Action to folderContents to get them in sync.
  • StrippingParser: Added big, small, sub and sup to valid tags.
  • _checkPermission: Added check for executable owner and proxy roles.
  • SkinsContainer: Fixed context wrappers returned by getSkinByPath(). The original context of skin folders is now removed. This avoids having SkinTool attributes added to the CMFSite root object.
  • CatalogTool: Removed deprecated id from default indexes and metadata.
  • Skins: Fixed a DateTime related issue in search_form and doFormSearch. Added one second to epoch to work around the problem that the timezone gets lost if time is 00:00:00.
  • CMFCore.PortalFolder: Explicitly declare base interfaces.
  • Tests: CachingPolicyManager tests don't fail on Windows anymore. (Collector #107)
  • SkinsTool: Fixed cookie paths. clearSkinCookie() now uses the same cookie path as updateSkinCookie() which is now "inside-out" hosting safe.
  • DefaultDublinCoreImpl: Changed accessor permissions. As defined in the interface accessors are now protected by View.
  • CMFDefault utils: Made tuplize() work correctly with string types.
  • CMFCore utils: Reverted obsolete workaround in _checkPermission.
  • Skin scripts: Made except statements safer by being more specific. Hope this still catches all relevant errors.
  • Removed some pre Zope 2.4.3 with PageTemplates backwards compatibility cruft. A later platform is required since CMF 1.3.
  • Collector #153: CookieCrumbler didn't preserve query strings.

CMF 1.4.7 (2004/08/11)

New Features

  • Minor featurelet: The "Action Providers" ZMI tab on the portal_actions tool now links directly to the tools shown (http://zope.org/Collectors/CMF/181)

Bug Fixes

  • CMFCore.PortalFolder: Enforce check of "Delete objects" permission during cut + paste. (http://zope.org/Collectors/CMF/259)

    Note: This fix depends on an update to the underlying Zope software, e.g., Zope 2.7.3 or later. Two new unit tests fail on Zope 2.7.2 and earlier.

  • CMFDefault.MetadataTool: Validation would disallow vocabulary-constrained metadata elements to be empty (http://zope.org/Collectors/CMF/217)
  • CMFDefault.DiscussionItem: Replies were not sorted chronologically (http://zope.org/Collectors/CMF/211)
  • CMFDefault.Image and CMFDefault.File: When copy/pasting Image and File objects the review state did not revert to "private". (http://zope.org/Collectors/CMF/176)
  • CMFTopic: Change topic_view template to show title and ID (it only showed title before; http://zope.org/Collectors/CMF/180)
  • CMFCore.PortalFolder: Unlike other content, only Managers were able to create PortalFolders using mkdir in FTP. Fixed by inserting missing security declaration for PortalFolder.manage_addFolder (http://zope.org/Collectors/CMF/167)
  • Default text format for NewsItems is now structured-text, just like it is for Documents, thus removing a spurious difference (http://zope.org/Collectors/CMF/138).
  • CMFCalendar.CalendarTool: (Lost) fix for issues 65 and 159. The determination of the date/time range constituting a specific month was faulty.
  • CMFDefault.DublinCore: Use the portal_metadata tool's getPublisher for the DublinCore Publisher element (thanks to Eric Brown for the patch).
  • CMFDefault.Document: Make Document render compliant XHTML when format is plain (thanks to Eric Brown for the patch).

CMF 1.4.6 (2004/07/30)

Bug Fixes

  • CMFCalendar.Event: Fixed long-standing bug where day, month, and year were processed in the wrong order by Event.edit(). (http://zope.org/Collectors/CMF/202)
  • CMFCalendar.Event: PUT() caused improper splitting of Contributors metadata header.
  • CMFCalendar.CalendarTool: Code assumed US datetime format throughout. At least since Zope 2.7 users can change that. (http://plone.org/collector/3218)
  • CMFCore.PortalFolder: _verifyObjectPaste() did not check the container's allowed content types, enabling users to paste objects they were not allowed to add. (http://plone.org/collector/2183)
  • CMFDefault.File and CMFDefault.Image: setFormat() failed to update the content_type property causing a stale mimetype to be used when serving the file or image. (http://plone.org/collector/1323)
  • CMFDefault.Document and CMFDefault.Link: PUT() caused improper splitting of Contributors metadata header. (http://plone.org/collector/3217)
  • CMFCore.utils: Introduced contributorsplitter() utility function.
  • CMFCore.PortalFolder: checkIdAvailable() failed to catch zExceptions.BadRequest.

CMF 1.4.5 (2004/07/08)

Bug Fixes

  • When someone customises something twice, rather than raise an error, show them a nice message and takes them to the already customised object.
  • FSImage didn't recognize .bmp files (Collector #245).
  • Further hardening of member property, email, to prevent trickier header injection into system-generated e-mails (Collector #243 redux).

CMF 1.4.4 (2004/05/14)

Bug Fixes

  • Unchecked member property, email, could allow header injection into system-generated e-mails (Collector #243).

CMF 1.4.3 (2004/04/22)

Bug Fixes

  • CMFCalendar.CalendarTool: Converted _usage queries to dictionary syntax. Shuts up DeprecationWarnings in Zope 2.7.
  • CMFCore.CachingPolicyManager: make REQUEST argument optional for public methods, to ease scripting policy operations from setup code. (Collector #234)
  • Action definitions: Removed leading spaces. (Collector #229)

CMF 1.4.3-rc1 (2004/02/05)

Bug Fixes

  • CMFCore.PortalFolder: Explicitly declare base interfaces.
  • CMFCore.MembershipTool: Don't swallow ConflictError during wrapUser.
  • CMFDefault.SkinnedFolder: Creator() method now resembles the one from DublinCore. This allows for unowned objects and shuts up a deprecation warning in Zope 2.6.4/2.7.0.
  • CMFCore.CookieCrumbler: No longer disregards an existing cookie auth token for DAV requests (like PROPFIND) that occur over the main HTTP port. Eliminates additional user challenges for browser-based DAV clients like MS WebFolders.
  • CMFCore.FSMetadata: the "acquire" flag for permission mappings was not converted to an int; 0 was therefore coming through as true.
  • CMFCore.FSPageTemplate.py: compatibiltity with Python 2.3 (can't mutate a class' __dict__ directly; use setattr(klass, name, value) instead).

CMF 1.4.2 (2003/10/27)

Bug Fixes

  • CMFDefault RegistrationTool: enforced using the member's e-mail address, rather than the one passed in from the request.
  • CMFCore MembershipTool: Fixed getCandidateLocalRoles(). Didn't work without having Member role. (Collector #148 and #169)
  • CMFCore MembershipTool: Changed the permission for searchMembers to List portal members. By default Anonymous users are no longer able to list member ids and email addresses. (Collector #189)

CMF 1.4.1 (2003/09/08)

Bug Fixes

  • Initialize class security correctly on ActionProviderBase (Collector #186).
  • Filesystem-based scripts should open their files in text mode, not binary (Collector #185).
  • Remove ownership from filesystem-based skin methods, which can't be trojaned, and therefore need not pay the performance penalty of ownership checking.
  • CMFCore/MembershipTool.py: include traceback in log messages for errors during wrapUser.
  • CMFDefault/skins: Fix permission name and html in roster.
  • CMFCore/TypesTool.py: Make sure oldstyle FactoryTypeInformation data is always converted. Actions are now completely migrated during TypeInformation creation.
  • CMFCore/utils.py: Fix buglet in minimalpath(), which caused proudct lookup to fail when a second Products directory was in the path.
  • CMFCore/Skinnable.py: Fix acquisition wrapping so that getPhysicalPath is not spoofed during funny traversals.
  • CMFCore/TypesTool.py: Fix ownership of constructor scripts used by ScriptableTypeInformation (Collector #165).
  • CMFDefault/skins: Fix some minor template issues in ZPT skins (Collector #156 and other).
  • CMFDefault and CMFCalendar skins: Fix stylesheets (Collector #164).
  • CMFCalendar: fix bug in month-spanning events (patch from Helge Tesdal).
  • CMFCore and CMFDefault MembershipTool: Make sure createMemberarea() always grants the right Ownership and Owner role for new member folders. This doesn't fix existing member folders with wrong Owner roles. If you use a customized MembershipTool, make sure your createMemberarea method does the Right Thing. (Collector #162)

CMF 1.4 (2003/05/19)

Bug Fixes

  • The memberdata tool now fetches properties from member objects using getProperty when returning search results, rather than performing direct attribute access on the member.
  • The CookieCrumber now functions for HEAD requests.
  • type actions: They are now absolute URLs by default. For getActionById and _getViewFor they are converted to relative URLs. (Collector #152)

CMF 1.4beta1 (2003/04/28)

New Features

  • Made TypeInformation objects derive from CMFCore.ActionProviderBase: their actions are now TALES expressions, and they have conditions (like all the "tool actions").
  • zpt skins (CMFDefault): Added i18n attributes. See INSTALL.txt for installing internationalization support. (Collector #122, thanks to Gitte Wange for her contribution)
  • zpt skins (CMFDefault): Added zpt_content/transition_form.pt. content_*_form.pt now use this template.
  • skins (CMFDefault): Made scripts independent of submit button values.
  • Added .css to the extensions that create FSFile objects in DirectoryViews (see CMFCore/FSFile.py) All sites upgrading which expected css extension to be dropped and to contain DTML will be required to rename their css files to foo.dtml. (Collector #129)
  • Added .js to the extensions that create FSFile objects in DirectoryViews
  • MembershipTool (CMFDefault): Un-hardwired members folder. You now can get the members folder object using getMembersFolder(). If you want to change the id of the members folder, rename the folder and set the members folder using portal_membership's configuration tab. (Collector #128)
  • utils: Changed behavior of bodyfinder and html_headcheck. The head check in html_headcheck is now a bit different, but the result should be closer to what people expect. The head check in bodyfinder is removed. In most cases you want to call bodyfinder only if html_headcheck is true.
  • Added FSFile skin object, in order to allow .swf files (et al.) in skins
  • Added listMetaTags skin method, which filters the DublinCore metadata into a form suitable for inclusion as tags.
  • Added .metadata file for FSObjects, which allows the easy addition of more features without adding lots and lots of files. ConfigParser format.
  • Added proxy roles to FS Python Scripts and FS DTML Methods via the proxy property in .metadata files.

Bug Fixes

  • utils: Changed behavior of StrippingParser and scrubHTML. They now close empty tags. (Collector #108, thanks to tanghus for the patch)
  • Removed deprecated register module and PortalContentRegistration interface.
  • Moved URLTool to CMFCore. Added interface and basic tests. (Collector #67)
  • Protected the Pending review action in DefaultWorkflow by ReviewPortalContent (Collector #52).
  • Raise ValueError instead of TypeError in TypesTool.getActionById if the action is not found (Collector #56).
  • Cleaned up Interfaces and API Help (Collector #96):
    • Removed redundant Syndicatable and IndexableContent interfaces.
    • Removed unfixable Membership and ReviewableContent interfaces.
    • Removed listActions() from Contentish and portal_workflow interface.
    • Removed redundant or None overriding of listActions().
    • Updated all interfaces to work with new Zope 2.6 Interface API.
    • Added portal_properties and Dynamic interfaces.
    • Added many interface implementation tests and made them pass.
  • MembershipTool (CMFDefault): Fixed acquisition bug. (Collector #102)
  • Skinnable: Changed docstring for setupCurrentSkin and added docstring to changeSkin: the latter is now used to set skin manually mid-request. (Collector #27)
  • Document: Ensured that setFormat(text/plain) does not overwrite text_format if text_format is plain. (Collector #140)
  • Action providers: Default _actions' are now tuples, not lists. (Collector #123)
  • Document: Ensured that edit() and PUT() strip of xhtml headers and html headers including DOCTYPE declarations. (Collector #41)
  • Fixed some minor buglets. (Collector #80, #94 and #95)
  • Ensure that a couple of calls to string.split only split into a maximum of two parts. (Collector #82)
  • Enabled the CMF to be installed in a PRODUCTS_PATH. In doing so, also made it easier to move CMF sites between Windows and Unix. (Collector #64)
  • Multimodule checkin to convert calls from user.getUserName() to user.getId() where appropriate. User names should not be used as immutable references, while user ids should. The distinction is not clearly enforcd in the stock user folder or any current user folder implementations, but newer user folder implementations will rely upon it.
  • Remove redundant VERSION.txt files; the canonical spelling is version.txt (Collector #13).
  • Correct security assertion on CMFDefault.Image's manage_afterAdd (Collector #141).
  • Ensure that the security attributes are reindexed on all subobjects too when a folderish object changes state in the workflow (Collector #115).
  • Backport fix of CMFCore/tests/test_FSImage.py to work with recent Zopes (> 2.6), which force HTTP headers to be strings.
  • Use return instead of raise in RegistrationTool.testPropertiesValidity if id is incorrect (Collector #48).
  • Correctly cleanup temporaries in CMFCore.MemberDataTool when wrapping a user object (Collector #136).

CMF 1.3.3 (2003/10/26)

Bug Fixes

  • Ensure that e-mail address to which we mail the user's password in registeredNotify comes from the member, rather than the request (thanks to Yvo Schubbe for the report).
  • Restrict ability to search members to users who have the List portal members permission (Collector #189).

CMF 1.3.2 (2003/09/05)

Bug Fixes

  • Initialize class security correctly on ActionProviderBase (Collector #186).
  • Remove ownership from filesystem-based skin methods, which can't be trojaned, and therefore need not pay the performance penalty of ownership checking.
  • Skinnable: Fix __of__ method so that it does not remove previous acquisition wrappers, which leads to invalid UIDs in the catalog when indexing objects using methods acquired from "above" the CMF site.
  • Sort candiate selection list when adding a FilesystemTypeInfo or ScriptableTypeInfo object to the types tool.
  • Open filesystem-based skin methods as text files, to avoid platform-specific line-ending issues (Collector #185).
  • Correct security assertion on CMFDefault.Image's manage_afterAdd (Collector #141).
  • Ensure that the security attributes are reindexed on all subobjects too when a folderish object changes state in the workflow (Collector #115).
  • Backport fix of CMFCore/tests/test_FSImage.py to work with recent Zopes (> 2.6), which force HTTP headers to be strings.
  • Use return instead of raise in RegistrationTool.testPropertiesValidity if id is incorrect (Collector #48).
  • CookieCrumbler: Accept authentication on HEAD requests. Thanks to Brent Hendricks.
  • Correctly cleanup temporaries in CMFCore.MemberDataTool when wrapping a user object (Collector #136).

CMF 1.3.1 (2003/03/06)

Bug Fixes

  • Fixed editSyInformationProperties in SyndicationTool to ensure that updateBase is saved as a DateTime instance.

CMF 1.3.1beta1 (2003/02/26)

New Features

  • Implemented PUT and GET support to CMFCalendar.Event for editing via FTP/WebDAV (thanks to Sidnei da Silva).

Bug Fixes

  • Fixed incorrect security declaration in File.py (Collector #91).
  • Remove over-helpful default argument values in CMFDefault.DefaultDublinCoreImpl._editMetadata. Now, if called without a value for an argument, the method will not change that value. Collector #10.
  • Remove workaround in CMFCore.utils for recognizing links in StructuredText: STX in CMF content should now recognize exactly the same links as the underlying Zope. Note that we do still provide a customized HTML class, to permit embedding images without generating the "whole" page. Collector #6.
  • Remove bizarre, shadowing import of CMFCore.utils as utils into package namespace of CMFDefault; instead, import specific names from that package directly (thanks to Paul Winkler for pointing out the incongruity).
  • Fix (theoretical) bug in CMFCore.DirectoryView which allowed non-registered directories to slip through (UI didn't exercise it).
  • Merge Christian Theune's fix for funky default argument values on CMFCalendar.Event's constructor and edit methods (collector #76).
  • FSPageTemplates overwrote a user-generated Content-Type header. We now check to make sure a Content-Type header is not already set before allowing a page template to set its own.
  • Fixed bugs around addActionProvider in ActionsTool (Collector #42).
  • Fixed race condition in lazy initialization of filesystem-based skin methods; the bug led to odd name errors on context for FSPythonScripts (Collector #37).
  • Removed crufty isDesktop stuff from folder_factories and folder_contents methods.
  • Fixed HTML-invalidating call to filterCookie in folder_contents.
  • Fixed unclosed tr element in ZPT version of folder_edit_form (Collector #57).
  • Fixed CalendarTool to use portal_type and not Type to search for events in the catalog (Collector #28, thanks to Heimo Laukkanen for the report).
  • Fixed a bug in CalendarTool where events were not showing on the last day of the month.

CMF 1.3 (2002/08/06)

New Features

  • FSPageTemplates now autodetect XML if a document has the standard <?xml version="xx"?> at the top, setting the content_type to "text/xml" so that it is parsed and served as XML.
  • Added a Workflows tab in the ZMI that displays the workflow state of the object.
  • Wired scrubHTML check into default versions of document_edit and newsitem_edit skins (site managers who prefer to allow JavaScript in content can customize to remove the check).
  • Added utility methods for checking / scrubbing HTML content of unwanted tags:

    CMFDefault.utils: scrubHTML, isHTMLSafe

    Known bad tags (script, applet, embed, object), attributes (starting with on), and values (starting with javascript:) cause scrubHTML to raise an exception; unknown tags are silently dropped. isHTMLSafe returns true if scrubHTML would not raise an exception on the same text.

  • Exposed useful utility methods to scripting / skinning.

    CMFCore.utils: getToolByName, cookString, tuplize, format_stx, keywordsplitter, normalize, expandpath, minimalpath

    CMFDefault.utils: formatRFC822Headers, parseHeadersBody, semi_split, comma_split, seq_strip, tuplize, bodyfinder, html_headcheck.

  • Added two utility functions, isHTMLSafe and scrubHTML, to CMFDefault utils; these modules check for / remove undesirable tags from textual content.
  • Made public functions of CMFCore.utils and CMFDefault.utils available for scripting.
  • Allowed Portal Folders to be discussable.
  • Improved the ActionsTool so that permission checking for actions is done in the context of the object for all categories that start with object or workflow, in the context of the folder for those that start with folder, and in the context of the portal otherwise. This is useful for admin-defined additional categories.

Bug Fixes

  • Fixed Image and File so that they reindex on PUT.
  • Fixed WorkflowTool so that it doesn't pretend to workflow non-CMF objects (Collector #19).
  • Removed redundant block of code from CMFDefault/Link.py (Collector #18).
  • Fixed discussion tree display not to embed entire HTML document (Collector #17, thanks to Jeffrey Shell for the inspiration).
  • Fixed CookieCrumbler to emit "Basic" and not "basic" auth as per HTTP spec (Collector #14, thanks to Simon Eisenmann for the report). This fixes some WebDAV locking problems with (rightfully) picky clients, like ExternalEditor.
  • Made old ListCriterion instances forward-compatible across earlier addition of operator field.
  • Defaulted CMFCore.MembershipTool's createMemberArea flag to true, to preserve existing behavior: member area should be created by default on first login (Collector #5).
  • Hardened DefaultDublinCoreImpl's EffectiveDate() and ExpirationDate() methods to deal better with older / uninitialzed content.
  • Refactored content construction in the Types tool to make cataloguing and workflow notification more uniform.
  • Made Undo work again by removing any LF in transaction ids.
  • Made WorkflowTool.updateRoleMappings update security-related indexes.
  • Append / to links in skin templates to the root of the site, to pacify clients which won't send Basic Auth tokens because the path doesn't match.
  • Removed the binding of Folder and Topic types to the default workflow for newly-created CMFSites (Collector #4). Note that existing sites will still need to remove these bindings manually, as indicated in the "Upgrading" section of INSTALL.txt.
  • Updated initial action reported by CMFDefault's DefaultWorkflow: was "joined", now "created".
  • Fix index_html template to filter using View permission (folders which were not viewable were triggering authentication, instead of being skipped).
  • Repair free-form subject entry on full_metadata_edit_form (was merging all keywords onto the same line, plus soft-wrapping!). Likewise the "Contributors" textarea.
  • Ensured that Link, File, and Image content objects reindex themselves after edit (wrapping edit as a WorkflowMethod no longer guarantees that).
  • Fixed CMFCalendar's "day view" to accomodate the removal of title metadata from catalog in favor of Title (thanks to Dieter Maurer for pointing this out).
  • Corrected a skins performance optimization (the version as released in the beta did not take effect).

CMF 1.3 beta2 (2002/07/07)

New Features

  • Changed the modification date so that it is updated at reindex time and does not rely anymore on bobobase_modification_time. This makes export+import of objects not lose the modification date. Before exporting objects created with an older CMF version, reindex the "modified" index in the catalog (you just have to do it once, and only if you need to export objects).
  • Made the workflow tool compute chains using type names, as well as instances (Tracker #441).
  • Made the DCWorkflow worklists accept a list of formatted values for cataloged variable matches. The separator is a semicolon (Tracker #496).
  • Made the security-related indexes of the portal catalog be updated for all impacted objects whenever local roles are changed (Tracker #494). This feature makes use of the path index.
  • Made path (PathIndex) a standard index inside CMF. When upgrading from earlier versions this index will have to be created by hand.
  • Enabled "within day" queries for FriendlyDateCriteria E.g., field="modified", value="Now", operation="within_day", daterange="old" -> content which was modified "today". (Tracker #474).
  • Made the id of the current user available to old action providers (DCWorkflow being a prime example) as user_id (Tracker #495, thanks to Luca Olivetti for the patch).
  • Modified the standard_error_message page template to show the error_log_url, if passed in (Zope 2.6 will pass this argument if an error log is installed).
  • Extended the metadata tool to permit passing the type name directly (e.g., when building a new object, one might need to know the allowed subjects before construction).
  • Added a working calendar implementation to the CMFCalendar product, which had previously provided only an Event content type. Thanks to Andy Dawkins for the work.
  • Updated FS-based skin methods to read optional '.security files, whcih control the role-permission mappings for each skin method. See CMFCore/tests/fake_skins/fake_skin/test4.py.security for an example.

Bugs Fixed

  • Fixed PortalFolder's filtering so that it correctly restricts itself to the portal types allowed by the TypesTool (Tracker #483).
  • Fixed the TypesTool so that TypeInformation's Title is decorrelated from its Id (the old TypeInformation.Type() should not be used anymore). The Id is what gets put in the "portal_type" attribute of a content object, which one gets at using somecontent.getPortalTypeName(). The Title is returned by somecontent.Type(). "portal_type" is now indexed, and in most cases should be used when doing catalog queries instead of "Type".
  • Provided all default skins (content_hide_form, content_show_form) for the DCWorkflow default workflow [rev 2]. Note that, when using this workflow, the descriptions in the retract and reject forms are slightly incorrect as they mention the "private" state but in fact go to the "visible" state.
  • Fixed verification of portal types in the TypesTool to work in the presence of portal types with a non-empty title (Tracker #497).
  • Removed unintentional sharing of ActionInformation data between class defaults and persistent instances derived from ActionProviderBase. Likewise for TypeInformation instances.
  • Enabled creation of "My Stuff" folder for users (e.g., the manager) authenticated "above" the normal user folder (Tracker #485, thanks to Dieter Maurer for the patch).
  • Fixed handling of discussion items so that they are correctly indexed, unindexed and reinserted into the workflows when copied or moved.
  • Correctly reindex the just-reset workflow variables of an object in a DCWorkflow after a paste.
  • Correctly insert into the workflows the objects created by a Scriptable Type.
  • Fixed Friendly Date Criterion edit form to correctly display the duration in its menu (Tracker #475, thanks to Axel Joester for the patch).
  • Fixed relative URL in metadata_edit_form that broke if the main_template had a base tag (Tracker #506).
  • Made discussion replies work correctly when hitting Enter in the title field (Tracker #515), and corrected discussion Preview followed by an Edit that lost body information (Tracker #516).
  • Fixed the deletion of replies (Tracker #513, thanks to Stefan H. Holek for the patch).
  • Made the Link objects deal correctly with empty remote urls (Tracker #507) and not strip trailing slashes (Tracker #451).
  • Made content_type_registry deal correctly with TypeInfos that have a title (Tracker #465, thanks to Juan Antonio Vali�o Garc�a for the patch).
  • Changed CMFDefault.MembershipTool to not create a member folder at member creation time when the memberareaCreationFlag is false (Tracker #519). Note that any code that depended on the member folder being created after addMember will fail, that code should call createMemberarea directly if needed.
  • Fixed CMFDefault.RegistrationTool to correctly check the lack of email property when creating a new member or when checking member's properties validity (Tracker #508).
  • Fixed addtoFavorites to correctly add a favorite of someone else's document (Tracker #501).
  • Fixed CatalogTool to create a meta_type index; this is needed now that ZCatalog doesn't create any default indexes when instantiated.
  • Fixed recent_news to use Title instead of title to display the title of each news (title isn't indexed anymore).
  • Fixed listFolderContents to take into account its optional spec argument.
  • Fixed index_html to correctly filter out unauthorized subfolders (Tracker #503).
  • Fixed exception handling to not use a string exception in PortalFolder (Tracker #512).
  • Changed the permission protecting the "Join" action provided by the default registration tool from "View" to "Add portal member" (Tracker #509).
  • Removed redundant "Syndication" action from SkinnedFolder; the SyndicationTool provides this aciton. (Tracker #481)
  • Updated INSTALL.txt to note the dependency of CMF on the TAL and ZTUtils packages and on the PageTemplates product for Zopes < 2.5. (Tracker #489).
  • Updated CatalogTool to create a Vocabulary if none present (as won't be for catalogs created under Zope 2.6).
  • Adapted interface checks to work with new spellings in Zope 2.6 (older Zopes should still work).
  • Removed ##bind headers from FSPythonScripts where they only repeat the defaults.
  • Corrected patterns used for "HTML body stripping" to avoid HTML embedded within structured text.
  • Fixed computed action of form in folder_rename_form (Tracker #511; thanks to "yuppie" for the patch).
  • Improved cacheability of skin images by using absolute URLs.
  • Suppressed repeated load of FSImage content from filesystem (should only happen when in debug mode).
  • Repaired skin methods' read of .properties files, which hold additional metadata about the skin method beyond what can be expressed in the body.
  • Updated caching policy manager tool to use correct date format (RFC 1123 instead of RFC 822).

CMF 1.3 beta 1 (2001/04/03)

New Features

  • CMFDefault Documents, News Items and Discussion Items now support a plain text format, which simply HTML-quote's the text before displaying it.
  • Added CachingPolicyManager tool, which manages caching policies for skin methods, and updated FSPageTemplate to use a CPM if found.
  • Added functionality such that only users who have the view permission on the relevent Type object can create content of that type.
  • Added the ability to limit what types of object an object of a given Portal Type can be created in.

    If Implicity Addable is set (the default), then objects of that Type can be added anywhere.

    If it is not set, then objects of that Type can only be added to objects whose Type's allowed_content_types contains the Type.

  • Enabled querying actions from workflow tool in absence of actions tool (Tracker #401).
  • Added operator attribute to CMFTopic.ListCriterion, to permit specifying an operator (and, for the most part) for indexes which support it, e.g., KeywordIndex (Tracker #442).
  • Added ZMI interface for editing Link URL (Tracker #364).

Bugs Fixed

  • Make ZMI editing of NewsItems safe (Tracker #472).
  • Made generated home pages for new members participate fully in workflow (Tracker #467).
  • Added text_format wiget to NewsItem's edit forms (Tracker #460).
  • Fix sharing bug pointed out by Dieter Maurer (Tracker #484) in ActionProviderBase. Thanks for the patch!
  • Added forwared-compatibility for "old" content (pre CMF 1.0!; Tracker #454, thanks to Lucas Hofman for the patch).
  • Made PortalFolder.invokeFactory enforce the filter_content_types property of the folder's type information object.
  • Added stripping of leading / trailing whitespace from Subject keywords (Tracker #479, thanks to Lucas Hofman for the patch!)
  • Gave URL tool explicit __roles__, to enable use in nocall: expressions.
  • Turned off auto-expansion of customized FSPageTemplates (Tracker #477).
  • Fixed ActionProvidorBase for the case when no permission is specified for an action that is added TTW.
  • Fixed ActionsTool so that duplicate actions are stripped.
  • Caused CMFDefault Portal constructor to strip passed-in id before creating a portal object with that id.
  • Allowed the ActionsTool to gracefully handle objects which return ActionInformation objects. Thanks to Andy Dawkins for the analysis. (Tracker #457)
  • Made workflow Expressions use the correct ModuleImporter so that they operate correctly in their restricted environment. Thanks to Dieter Maurer for the patch. (Tracker 463)
  • Fixed incorrent permissions in "pending" state of default DCWorkflows. Thanks for Lynn Walton for the report and Florent Guillaume for the patch. (Tracker #464)
  • Fixed missing comma that affected manager permission to modify in the published state. Thanks to Florent Guillaume for the patch (Tracker #459)
  • html_quote'd errors raised by FSPageTemplates. Thanks to Dieter Maurer for the patch. (Tracker #462)
  • Fixed typo in zpt_stylesheet.css. Thanks to Florent Guillaume for the patch. (Tracker #461)
  • Fixed long standing bug in FSPythonScript where get_size returned the incorrect length. This broke editing using EMACS via FTP or WebDAV. Thanks to John Glavin at South River Technologies for help finding the bug.
  • Reworked functionality added in Tracker #409 which broke the Types Tool. (Tracker #458)
  • Fixed bug whereby DirectoryView instances were not noticing some of the changes they should when Zope was running in debug mode on Windows (Tracker #305)
  • Fixed a bug where the workflow notifyCreated method was called during manage_afterAdd in PortalContent, making it possible for the notification to occur on the wrong workflow. The notification has moved to the contstructInstance method on the TypesTool after the _setPortalTypeName method has been called on the object.
  • Extended TypesTool to permit registration of new TypeInformation implementations (Tracker #409, thanks to Jeffrey Shell for the work!)
  • Fixed a bug in Favorites.getObject to use restrictedTraverse on the portal object.
  • Made all tool-generated actions configurable through-the-web, via an "Actions" tab on each tool; made the list of ActionProviders configurable TTW as well.
  • Fixed setting the Link.format to URL_FORMAT so the initially returned metadata headers would return text/url properly. Added unittests.
  • Enabled querying actions from workflow tool in absence of actions tool (Tracker #401).
  • Fixed CMFDefault.utils.parseHeadersBody to properly handle the headers generated on a windows app (i.e. Dreamweaver) with /r/n; added the compiled regular expression object to the method signature.
  • Added full webdav sipport code to Link.py. Changed _writeFromPUT to call _editMetadata instead of editMetadata.
  • Made links emitted by topic_view play nice with virtual hosting (Tracker #433).
  • Cleaned up emission of RFC822-style headers (Tracker #407), terminating headers must be terminated with CRLF, and padding continuation lines (for values with embedded newlines) with leading whitespace).
  • Ensure that package initialization files are non-empty, to prevent suspicion that they were corrupted in download (Tracker #426).
  • Added external method update_catalogIndexes.py to run as part of a upgrade to CMFs migrating to Zope2.4+ from from CMF sites which were built using Zope2.3 catalog
  • Use ID to label Favorite when target has an empty Title (Tracker #440).
  • Allowed sub-folders to have different syndication properties than parents (Tracker #421).
  • Added CMFDefault.Upgrade.upgrade_decor_skins external method to convert existing sites which had installed skin directories from the now-deprecated CMFDecor product (Tracker #434). Added note explaining the issue, and the workaround, to ISSUES.txt.
  • Ensure that Favorites display the correct, absolute URL to their target, without needing to have tag set (Tracker #419).
  • Worked around Opera's strange insistence on selecting an option, even for multi-select lists (Tracker #332).
  • Hardened CMFCore to initialize correctly in the absence of the PageTemplates product (Tracker #430).
  • Restored slot in of ZPT main template into which content can insert the tag (Tracker #418).
  • Fixed CMFTopic.SimpleIntegerCriterion.edit to require a pair of values when direction is 'min:max'; updated skins to use new getValueString, which renders such values properly (Tracker #439).
  • Ensured that Documents created with initial STX get cooked (Tracker #435).
  • Made links emitted by topic_view play nice with virtual hosting (Tracker #433).
  • Made CMFCore/interfaces/__init__.py non-empty, to remove suspicion that the file was corrupted in the download (Tracker #426).

CMF 1.2 beta (2001/12/07)

New features

  • Added docs from the crack ZC docs guys; these docs live in the top-level docs directory.
  • Merged CMFDecor product's artifacts into CMFCore / CMFDefault; theses aretifacts allow use of filesystem-based Zope Page Templates as skins.

    Note that the CMFDecor skin is the one which will be receiving all our development focus: we will fix bugs in the DTML skins, but are not likely to invest significant effort in upgrading it.

  • Hooked manage_addFolder to allow creation of PortalFolders from both WebDAV, FTP, and ZMI.
  • Improved tracebacks from broken FSDTMLMethods, which no longer indicate that every problem is in RestrictedDTML.
  • Made it possible to add CookieCrumblers in nested folders. You can just drop in a cookie crumbler anywhere to change the login form for that area of the site. In fact, now you don't have to create a user folder just to change the login process.
  • Made Link objects editable via FTP / WebDAV.
  • Merged Chris Withers' FSSQLMethod into CMFCore.
  • Added documentation for installing from CVS.
  • Moved permission checking inside personalize_form to make sure Anonymous cannot access it without logging in (CMF Tracker Issue 349, thanks go to Bill Anderson).
  • Added initial CMF use cases as FSSTXMethods in CMFDefault/help.
  • Made validation methods of portal_metadata available to scripts.
  • Made skinned index_html reflect generic view on folder content, rather than simple title/description of the portal.
  • Added "Change and View" submit button to content editing forms; added check for this button to POST handlers in CMFDefault, and indirected redirect targets in those methods through getActionByID.
  • Added knob for skin cookie persistence to SkinsTool's "properties" tab. The default policy (unchanged) is that skin cookies expire at the end of the browser session. if Skin Cookie Persistence is checked the cookie will last a full yesr.
  • Added an API to the portal_actions interface for querying, adding, and removing action providers.
  • Added a "multi-review" form, enabling a reviewer to publish or reject multiple items at once, using a common comment.
  • Added ZMI tab to DirectoryView to allow re-basing the filesystem path.
  • Added "breadcrumbs" to CMFDecor skins.
  • Added initial support for WebDAV locaking to PortalContent.
  • Added SortCriterion to list of criterion types for Topics, to permit sorting of results.
  • Added "Local Roles" action to folders to ease collaboration.
  • Add scarecrow assertions for the CMF-centric interfaces, and made the actual interfaces compatible with the standard Zope Interface package.
  • Made FSSTXMethod display skinnable, and added ZPT version.
  • Added visible attribute to TypeInformation actions, to permit indirection (via getActionById) without exposing the action in the CMF UI.
  • Extended MetadataTool to allow adding / removing element specs (i.e., it can now manage policies for "custom" schemas, as well as Dublin Core).

Bug fixes

  • Refactored content and metadata editing methods of DefaultDublinCoreImpl, Document, and NewsItem to disentangle the excessive coupling. Each "path" for editing now has a "presentation"-level method, which directs traffic and reindexes the object; the underlying methods are much simplified.
  • Fixed inner / named links in Document / News Item (thanks to Kenichi Sato for the patch!)
  • Ensured that editing methods handle WebDAV locks correctly, using a new failIfLocked assertion.
  • Added cookString method to CMFCore.utils for taking a string and making it id friendly, it also does a string.lower on the resultant regex. Changed TypesTool to utilize cookString to ensure that action ids are properly formated if the name is being used as the id.
  • Added getReply to CMFDefault.DiscussionItem.DiscussionItemContainer, to permit access to an individual reply without needing to do traversal.
  • Corrected pass-through of file and seatbelt arguments in new CMFDefault.Document.edit method; also sync'ed ZMI edit method for documents with standard protocol (Tracker #417).
  • Added cookString method to CMFCore.utils for taking a string and making it id friendly, it also does a string.lower on the resultant regex.
  • Made examples in INSTALL.txt less terse, and added notes on Windows-specific issues (thanks to Johan Mukhsein for the suggestions).
  • Made error message generated by FSPropertiesObject capture the offending line and line #; also, added logic to allow blank lines and comment lines beginning with # (tracker #338).
  • Added fixup to Link objects for user-entered URLs which don't supply scheme: for example, fix up www.zope.com to http://www.zope.com. (tracker #361)
  • Updated CMFCore.CatalogTool to allow new, optional idxs argument to catalog_object (tracker #405).
  • Added a workaround for the problem where the CookieCrumber set cookies even though the user entered an incorrect password. RESPONSE.unauthorized() now cancels the cookie response header. The new login_form and logged_in form both try to invoke unauthorized(), so make sure you install the new forms.
  • Implement the notional search results item interface for SkinnedFolder.
  • Corrected solecism in Topic (use of criteria for singular); removed the need to know about the funky generated IDs for criterion objects. Fixed derived bug in skins (tracker #408).
  • Modified error-logging code to avoid potential leaks of traceback frame.
  • Made Document's manage_FTPget use EditableBody, rather than accessing text attribute directly (improves reusability). Likewise Document.SearchableText.
  • Merged Seb Bacon's refactoring of getDefaultView into 'CMFCore.utils._getView'; clients can now specify a view by name, as well.
  • Made the default content type for Image image/png, instead of the unintuitive text/html inherited from DefaultDublinCoreImpl (tracker #384).
  • Corrected typo in ActionsTool which broke actions for the root portal object (tracker #379).
  • Updated the MemberDataTool to use an OOBTree, instead of the old-style BTree, to store member data wrappers (CMF Tracker 375).
  • Corrected personalize_form to use getProperty where feasible, rather than relying on direct attribute access (tracker #372).
  • Removed an incompatibility with LoginManager in CMFCore.MembershipTool (tracker #365).
  • Removed an infinite loop condition that arises when MembershipTool.createMemberArea gets called inside wrapUser (this could only happen if "Create Member Area" was checked in the Membership tool.)
  • Added new TitleOrId skin method, and updated skins to depend on it rather than SimpleItem.title_or_id.
  • Made unit tests runnable without reliance on zctl test.
  • Corrected initial column set in catalog to include "ModificationDate" instead of "ModifiedDate".
  • Ensured that object is recatalogued (e.g., after setting 'portal_type'; thanks to Florent Guillaume).
  • Removed silly dependency of CatalogTool.searchResults on REQUEST (catalog already does the Right Thing (tm) when no REQUEST is available). Note that this requires updates to the search skins, as they didn't pass it in.
  • Changed redirect target after rejecting an item to the search page for pending content items; this resolves the problem that the non-Manager reviewr who rejects an item no longer has View permission on it, and therefore gets an Unauthorized when redirecting to the object's view action.
  • Moved generation of the "Add to Favorites" and "My Favorites" links from the CMFCore/ActionsTool into the CMFDefault/MembershipTool, which is a more logical location for it because it relies on information from the membership tool.
  • Made Topic directly publishable (like PortalContent), using its view action (or the first action found, if view is not present).
  • Set title for newly-created member folders; fixes breadcrumbs that expect a title on the object.
  • Allow URLs with query strings in StructuredText links.
  • Update news_box to search based on Type, rather than meta_type.
  • Fix SkinnedFolder.Creator() to call getOwner() with info argument.
  • Made CookieCrumbler check for WEBDAV_SOURCE_PORT environment variable (supplied by Zope 2.4.1+), and bail on intercepting authentication if found.
  • Included Owner in list of significant roles returned by MembershipTool.getPortalRoles (e.g., so that the "Local Roles" interface can allow assignment of it).
  • Allow users with local role of "Reviewer" to see the "pending review" action.
  • Made TypesTool, rather than individual type objects, responsible for generating "immediate view" URL; type objects now return the newly-created object, which makes scripting them much simpler.
  • Remove fossilized reference to getSecurityManager from PortalContent._verifyActionPermissions.
  • Modified the redirect after "Add to Favorites" to us the view action, rather than view.
  • Fixed Document.guessFormat() to use utils.html_headcheck() instead of bodyfinder regex to detect structured text versus html; avoids recursion limit for large HTML files.
  • Removed spurious afterCreate protocol for content objects.
  • Added mapping of css file extension to FSDTMLMethods.
  • Modifed PortalFolder.listFolderContents to handle permission-based filtering; duplicates what skip_unauthorized is doing in DocumentTemplate/DT_IN.py (but works for ZPT as well).
  • Modified CMFDefault.RegistrationTool.addMember to avoid flunking validation if properties are not passed (Tracker #335).
  • Applied patch from Chris Withers to register skin method; the patch which avoids quoting problems for the error message if a problem occurs (Tracker #339).
  • Added DiscussionItem.replyCount (Tracker #328). DiscussionItem.hasReplies now returns only a boolean value. Standard skins don't call replyCount due to performance concerns.
  • Factored content filtering logic into a Python Script.
  • Improved handling of multiple rename targets (thanks to Chris Withers for the patch.)
  • Completed conversion of form targets from DTML Methods to Python Scripts.
  • Improved compatibility with Zope 2.4:
    • support for new "restricted execution" mode;
    • support for new catalog initialization API.
    • updated test_all unit test drivers to use standard unittest module from Python 2.1 (it no longer has JUnitTestTextRunner class).

CMF 1.1 final (2001/06/20)

New features

  • Landed "skinned folder" module, which permits creation of "folderish" types with customized replacements for index_html.
  • Added run_all_tests script, to simplify running all unit tests for CMF-related products.
  • Factored out index and column lists, to ease customization (Tracker #289)
  • Modified DefaultDublinCoreImpl#setContributors() to use new tuplize functionality (the ability to pass in a different splitter function). If a string is passed in to setContributors(), it gets split on semicolons. This allows setting of contributor strings to be like

    "Doe, John E ([email protected]); The Mertz Family Foundation; PBS"

If one so deeply and dearly desired. (The above would turn into a three element tuple).

  • Made it possible to map "normal" Zope objects as content (Tracker #283):
    • Skin and tool code which used to query the object for its Type in order to then ask the types tool for a TypeInfo object now just asks the types tool for type TypeInfo object directly.
    • Modified the TypesTool interface to signal that passing an object to getTypeInfo is acceptable, with the semantic that the tool will attempt to find a TypeInfo object based on the tool's type or metatype.
  • Expanded signature of Document.CookedBody to change the header levels Structured Text starts rendering at, and whether to preserve those changes, following the following logic:

    If the format is html, and stx_level is not passed in or is the same as the object's current settings, return the cached cooked text. Otherwise, recook. If we recook and setlevel is true, then set the recooked text and stx_level on the object.

Bug fixes

  • Hardened DirectoryView against objects which raise exceptions during initial reads (typically due to permission problems); these objects now capture and log the exception, and create a BadFile object which allows browsing the traceback via the ZMI (Tracker #317).
  • Stopped polluting the browser with persistent skin cookie; clear it as well on logout (Tracker #304).
  • Cleaned up folder content filtering (Tracker #298, thanks to Chris Withers for the patch).
  • Implement new "List folder contents" permission (Tracker #320), to prevent non-privileged users from being able to browse folder_contents (permission is by default mapped to Owner and Manager).

    Note that this is really only a UI change: PortalFolder.contentIds, PortalFolder.contentValues, and PortalFolder.contentItems are still public, to allow for reasonable "site map" views on folders.

  • Use saner type ID listing in search_form (Tracker #324).
  • Rewired "POST target" skin methods, replacing filesystem-based DTML Methods with filesystem-based Python Scripts (from Tracker #301 -- thanks to Chris Withers).
  • Implemented LARGE patch to CMFDefault.DiscussionItem and CMFDefault.DiscussionTool, plus removal of CMFDefault.Discussions: changed threading strategy to remove dependency on the path of the "host" content object. Includes an ExternalMethod, CMFDefault/Extensions/update_discussion.py, which must be run to convert existing content which contains discussion.
  • Overrode DublinCore's isEffective in CMFCalendar.Event to always return true; this change prevents blocking view of the event by standard_html_header.
  • Updated INSTALL.txt to note that:
    • Use with Zope 2.4.0a1 is not recommended.
    • CMFDecor requires Zope Page Templates (Tracker #291).

and to describe upgrade process from CMF 1.0.

  • Fixed typo in Unauthorized exception raised by PortalContent._getDefaultView.
  • Made all content types findable by catalog (Tracker #286).
  • Ensured that ContentTypeRegistry's "Test" tab doesn't puke if no MIMEtype is entered, or if one is entered which doesn't have a / in it (Tracker #292).
  • Suppressed overwrite of Subject when no Subject or Keywords headers were present (Tracker #294).
  • Ensured that Type is indexed in newly-created portal_catalog.
  • Fixed acquisition stripping in PortalContent.objectItems().
  • Modified CMFDefault.DublinCore.getMetadataHeaders() to join Subject by commas, instead of spaces. Since we parse/split Subject on commas or semicolons now when a document is saved by FTP or WebDAV, we need to feed it out in the same format.
  • Fleshed out security declarations for portal_metadata tool.
  • Corrected pathname of MemberDataTool.memberdataContents to account for use of _dtmldir (thanks to Ricardo Newbery for the patch!).
  • Fixed buglet resulting from uninitialized local in PortalContent.objectItems (thanks to Seb Bacon for the patch).
  • Modified stock search_form to query Type rather than meta_type.
  • Removed debugging / "paranoia" print statements (thanks to Chris Withers for the patches).

CMF 1.1 beta (2001/06/01)

New features

  • Added CMFCore.utils.keywordsplitter to construct Subject dublin core header from both Keywords and Subject headers passed in (meta tags/rfc822).
  • CMF Document now uses StructuredTextNG for structured text handling. Nicely enough, it uses the "with images" features, and also enables named and inner links.
  • CMF Document exposes two new accessor methods for getting at the "cooked" and editable body, CookedBody(), and EditableBody(). Using the cooked_text and text instance attributes should be considered deprecated.
  • Added new "exemplar" content product, CMFCalendar, which (for now) adds a simple content object, Event. This product serves a similar didactic purpose as CMFTopic (which is now "in the core"): it shows how to build new content types as filesystem products.
  • Implemented improved "safety belt" for concurrent Document editing. See the dogbowl proposal, http://cmf.zope.org/rqmts/proposals/ContentSafetyBelt
  • Added new filesystem-based skin method type, FSSTXMethod, for creating "methods" which render STX.
  • Exposed "controlled vocabulary" for Subject in metadata_edit_form.
  • Gave portal_skins tool its own PUT_factory (Tracker #238). Allows site builder to create skin methods via WebDAV/FTP, including ZPT, PythonScripts, etc.
  • Implemented "outbound" segment of the "Syndication tool" proposal, q.v., http://cmf.zope.org/CMF/Members/andrew/folderRSS
  • Made PUT_factory use new content_type_registry tool.
  • Made PUT_factory use invokeFactory, so that objects created via PUT have their portal_type set properly.
  • Added ContentTypeRegistry class and related predicates for mapping PUT requests (name,content_type,body) to type object names.
  • Allowed Reviewers to "retract" published content owned by others.
  • Added "Overview" ZMI view to tools.
  • Added "Dublin Core" ZMI view to PortalContent; added an editing view for Document and derivatives.
  • Added "drop-in" workflow objects to the WorkflowTool, including the ability to map workflows onto content types.
  • Changed CMFDefault.Portal to install CMF Topic by default when building a new CMF Site.
  • Added a new criteria type, FriendlyDateCriterion, to CMFTopic for building queries like When effective_date is less than five days old.
  • Implemented portal_metadata tool. See the dogbowl proposal, http://cmf.zope.org/rqmts/proposals/completed/metadata_tool.
  • Extended DirectoryView objects to reload when the directory they represent has changed, if Zope is running in debug mode.
  • Added hooks to CookieCrumbler to permit site managers to customize seting/expiring of the authentication cookie by adding PythonScripts; two default filesystem implementations are in CMFDefault's "control" skin.
  • Extended TypesTool to deal appropriately with DTML factory methods (e.g., for ZClasses).
  • Made FSDTMLMethods searchable from the ZMI (Issue PTK(251)[]).

Bug Fixes

  • Added manage_beforeDelete to DiscussionItemContainer class, and propagated to it from content deletion (Tracker #269).
  • Only display the "join" action if the user has the "Add portal member" permission.
  • Check for appropriate REQUEST variables before invoking CopySupport machinery, return a nice portal_status_message instead of allowing the traceback to kick in (Tracker #247).
  • Initialize default DublinCore metadata for the site, so that some value is available everywhere (Tracker #285).
  • Add module-level globals aliases, to permit other products to use elements of skins (Tracker #273).
  • Replaced metadata_edit DTMLMethod with PythonScript.
  • Updated metadata_edit to avoid clearing values not passed in REQUEST (Tracker #268).
  • Removed spurious whitespace being added to Subject.
  • Fixed FSPythonScript to open file in text mode, so that Windows verstions with CR don't cause the parser to choke (Tracker #284).
  • Simplified login-disabling logic in CookieCrumbler.
  • Added <base> tag to headers of Document, NewsItem, and DiscussionItem so that relative links work properly.
  • Fixed the ActionsTool to suppress adding a trailing / to "empty" action URL's.
  • Fixed Document's content type sniffing to deal with odd case in which "entire" HTML document was embedded as an STX example.
  • Replaced literal string permissins with "named permissions", imported from modules in most places. (Please report any which escaped!)
  • Moved factory_type_information registry entries back out to the relevant modules (instead of lumping them in CMFDefault.Portal).
  • Simplified NewsItem to "Document with a twist" (NewsItems now inherit lots of useful behavior from Document.
  • Aliased DublinCore's Format() as content_type, so that Zope's WebDAV support will do the Right Thing (TM) when handling a PROPFIND.
  • Suppressed "eager redirect" behavior in CookieCrumbler for FTP or WebDAV (note that WebDAV fix only works for "extra" HTTP methods; GET/PUT/POST still redirect).
  • Made sure to update the catalog when a content object's parent is deleted / moved (Tracker #261).
  • Fixed lossage to File objects when no upload supplied (Tracker #271).
  • Fixed "Add to Favorites" when applied to Folders.
  • Suppressed "Members" link in topbar (pointed to roster method) for users who would not be able to see it.
  • Fixed irritating bugs in setting of skin-selection cookie.
  • Removed ugly _mimetype_registry hack for PUT_factory.
  • Fixed a bug in CMFDefault.Document with PUT that only affected FTP: when a StructuredText document that contained a full HTML example (complete with , , and tags) in its body, it would pass the "does it smell like HTML" test and throw everything away that wasn't inside the first matching pair of tags it found. Funnily enough, this bug was exposed when trying to save an article about how to use FTP with Zope and the CMF that contained such an example.
  • Fixed glitch caused by <dtml-return> in CMFDefault/skins/control/reconfig.dtml. Thanks to Hans de Wit for reporting this!
  • Allowed portal_type to be a method, as well as an attribute (eases ZClass-as-content).
  • Fixed search form to pass created instead of date (probably need modified, too); also, added selection list for Subject, and fixed the "Last Month" option value.
  • Fixed non-import in CMFCore/WorkflowCore.py (Tracker #239, thanks to snej for the patch).
  • Updated CatalogTool to handle searchable vs. displayable DublinCore dates properly.
  • Replaced usage of .id with .getId() all through the CMF, to conform with the new SimpleItem API. Thanks to Jens Quade for pointing this out. (Issue PTK(241)[]).
  • Extended index_html to render portal description using STX (Tracker #246).
  • Updated CMFDefault skins to use Contentish.getIcon, including the portal catalog. This greatly simplifies using ZClasses as content. In CMFDefault/scripts you will find 'convertCatalogGetIconColumn.pys), a Python Script that will convert your existing Catalog to use getIcon instead of icon (Issue PTK(244)[]). Also, synched interface definition to show the relative_to_portal argument.
  • Extended folder_factories to filter type objects using isConstructionAllowed in PortalFolder.allowedContentTypes (Tracker #249).
  • Fixed display of replies on discussion items.
  • Made appropriate use of portal_url, instead of BASEPATH ad hockery, in skin methods (Tracker #259).
  • Synched interface definition of Contentish.getIcon with reality (documented relative parameter).
  • Fixed "Ever" entry in search_form to use a value safe in timezones east of GMT (Tracker #236).
  • Deprecated the CMFDefault.File.download method; it is still available, but is no longer called by the current CMF skin, nor is index_html aliased to it.

    The method was necessary when the "View' method was the default action when calling the URL of the File object, this is no longer the case. The setting of the Content-Disposition header is not needed when using the absolute URL of the object, and causes certain browsers to misbehave.

CMF 1.0 final (2001/03/29)

Bug Fixes

  • Removed embedded spaces in portal_status_message strings (thanks to Dieter Maurer for pointing this out)
  • Added index_html (copy/paste from CMFCore.PortalContent?!?) so that topics become directly publishable (thanks to Dieter Maurer for pointing this out).
  • Removed references to Images/ in skin DTML, adding an extra item to the default skins' lookup path. In CMFDefault/scripts you will find addImagesToSkinPaths.pys, a Python Script that adds the extra name to all your skin paths. (Tracker issue #205).
  • Added FSPythonScripts, allowing filesystem-based skins to expose customizable PythonScripts.
  • Fixed CMF Tracker item (207), "HTML test when editing a Portal Document is ambiguous". Now, the same regular expression used to scoop out the contents of the tags, which is case insensitive, is also used to detect whether the document may be HTML.
  • Converted physical path to string (Tracker #224).
  • Fixed Creator metadata for DiscussionItems (tracker issue #206, thanks to Jeff Sasmor for the patch!).
  • Added simple search field for Subject (Tracker #213).
  • Fixed CMF Tracker issue 211, "Topics have Folder icon" by finally moving the Topic icon into the skins, and writing a custom icon() method that uses getIcon (Subclassing from PortalFolder made this behavior strange).
  • Changed CMFDefault.Document__init__ to call self.edit at the end, instead of self._parse, which means that HTML can finally be passed into the constructor. Unit tests verify that initializing with just the id gives the proper results.
  • Added installation script (external method) for CMFTopic.
  • Ensured that content metatypes show up in the types list of the portal_catalog tool (Tracker issue #209, thanks to Jeff Sasmor).
  • Fixed unwanted multiple font reductions on recent_news (Tracker issue #215).
  • Changed visited link color to enhance readability.
  • Fixed PNG transparency of logo (for NS 4.7).
  • Allowed Contributors to publish content directly (Tracker issue #216).
  • Gave more real estate to skin path fields (Tracker issue #226).
  • Added simple listing of subtopics to the default view (Tracker issue #214).
  • Regularized DiscussionItem.absolute_url (further work on Tracker issues #203 & #206).
  • Made addToFavorites work as skinned method of target, and work for DiscussionItems (Tracker issue #227).
  • Moved actual mail sending into CMFDefault.RegistrationTool, to avoid having to give proxy roles to the skin methods involved (Tracker issue #160).
  • Add member count to roster display.
  • Made review_state workflow info publically visible.
  • Made DiscussionItem.getReplies() and DiscussionItemContainter.getReplies() show only published replies (allows retraction, for now).
  • Fixed WorkflowAction.__call__ to use the correct method name for exception notification (Tracker issue #232).
  • Ensure that reply's Creator propagates through preview (thanks to Jeff Sasmor for reporting that our fix to Tracker issue #206 missed the "Preview" case).
  • Removed crufty calls to registerPortalContent.
  • Trimmed over-long item IDs in actions box (Tracker issue # 234; thanks to Jeff Sasmor and Steve Alexandar for the patch).

CMF 1.0 beta (2001/03/05)

Changes

  • Migrated from old PTK repository on cvs.zope.org.
  • Changed package and module names: PTKBase has become (mostly) 'CMFCore'; PTKDemo, CMFDefault.
  • Added package CMFTopic, which provides a new content type, 'Topic'; topics are "logical" folders, which aggregate content based on catalog searches against metadata.
  • Revised discussion mechanism to store discussion with its underlying content (rather than in members' "Correspondence" folders).
  • Made the membership system agnostic to the kind of user folder, including whether it is found in the portal or not.
  • "Skinned" the portal UI and all the content objects, enabling portal managers to replace it "piecemeal", safely.
  • Implemented local type registration, allowing portal managers to configure and extend the types addable in the portal.
  • Add PortalFolder.allowedContentTypes and supporting machinery in type info objects, to permit configuration of the content types addable to a given folder type.

CMF 0.10alpha (2001/02/02)

Changes

  • Fixed breakage of "reply" feature introduced by new constructor regime (PTK Tracker #159).
  • Make creation of an acl_users in the portal itself optional.
  • Add mapping of external roles (i.e., belonging to a user retrieved from an acquired user folder) onto "portal-specific" roles. For example, users from the root user folder may have the "Employee" role; the portal_membership tool can map this role onto the "Member" role needed by the portal.
  • Corrected HTML quoting of Document text (PTK Tracker #154).
  • If content_url is not None and the user has their own member folder (as returned by portal_membership.getHomeUrl) then two new actions will show up in the user-related action box:
    • "Add to Favorites", adds an item to the user's "Favorites" folder, which will get created underneath the user's home folder if not present.
    • "My Favorites", linked to the Favorites folder (if the member has one).
  • Add Favorites content type (derived from Link, optimized for objects within the same site).
  • Add PTKBase.interfaces.Contentish, an interface describing non-metadata methods for all content objects.
  • Added cool new portal icon -- thanks to Michael Bernstein!
  • Add simple_metadata and metadata_help methods, for easing "constructorish" capture of metadata. Also demos "skinning" object-specific DTML.
  • Rearranged base classes to deal with the fact that SimpleItem now has a _setId() method.
  • Added a "quick start" script for creating a new INSTANCE_HOME sandbox (e.g., to allow easy experimentation with new-style portal).
  • Remove "metadata" editing from most "normal" edit forms.
  • Tweak stylesheets to make Netscrape 4.x more happy (links on secondary accent areas wouldn't show).
  • Enforced standard construction interface (only id is required) on all "stock" content types.
  • Added default factory registration in portal_types for all "stock" content types.
  • Add portal_types tool, allowing registry of type / constructor information about portal content which may be created in a given portal instance (replaces Wizards folder as type registry).
  • Added the description property to those attributes shown on the "view" screen for a file object (PTK Tracker #153).
  • Added credentialsChanged hook which can now work with CookieCrumblers.
  • Added Shane Hathaway's CookieCrumbler product, which spoofs HTTP Basic Auth for "don't know from cookies" user folders.
  • Add object for mapping property lists as filesystem object (to support parameterized stylesheet). These objects are customized as normal Folders, which allows a great deal of flexibility.
  • Corrected PTKDemo.File.edit to avoid replacing file contents with empty string when no file is uploaded (PTK Tracker #152).
  • Remove distribution-tab verisons of TTW products.
  • Remove derived UML model files (UML-HTML).
  • Added the PortalGenerator class, which is a subclassable portal instance creator, and created a new addable meta type.
  • Removed ZClass dependency from PropertiesTool.
  • Corrected glitch that PTKDemo.PortalObject.manage_options was inherited from ObjectManager rather than PortalFolder.
  • Add PUT_factory to PTKBase.PortalFolder (make it replaceable, too!)
  • Register PTKDemo content class metatypes with PTKBase.PortalFolder's MIME-type registry.
  • Unscrew PTKDemo.Document's dependence on vanished NullPortalResource.
  • Clean up CSS in DemoPortal (PTK Tracker #124).
  • Remove dependency on PythonMethod in DemoPortal (PTK Tracker #151).
  • Integrated user preference for "skin" with portal_skins options.
  • Added capability to filter * PortalFolder.content{Ids,ValuesItems} based on metadata queries.
  • Migrated skins from DemoPortal/Interfaces folders into filesystem skins directories.
  • Improved integration of FSDTMLMethod and FSImage with output from the FSDump product.
  • New tab for the member data tool: contents displays the number of members stored in the member data tool and also the number of "orphaned" members, meaning those that do not appear in the underlying acl_users anymore. a button is provided to "prune" those orphaned members.
  • Added methods to examine the contents of the meber data tool and to prune all those members who have been deleted out of the underlying acl_users.
  • Fixed bug when adding the mailhost during Portal initialization.
  • Added the portal_memberdata tool, which can wrap any user object with member properties. Yeehaw! the portal no longer needs a special user folder!
  • Add portal_skins tool, enabling safe TTW customization of the default portal UI, which will be delivered as filesystem-based skin folders. Huge kudos to Shane Hathaway, who figured out a sane way to do this!
  • Extend fix for PTK Tracker #149 to generic and sweng interfaces.
  • Append /view to search results in order to allow navigation to objects which don't use standard header/footer in their index_html, e.g., Images. (PTK Tracker Issue #149)
  • Add meta_type to DiscussionItem (PTK Tracker Issue #150).
  • Integrate Dan Pierson's patch to show discussion threads inline (PTK Tracker issue #93).
  • Fix PTK Tracker #145 (PTKDemo/Portal.py or MailHost broken): the 2000/12/08 hotfix removed the "legacy" name, manage_addMailHost.
  • Fix PTK Tracker #148 (Table rows need vertical align)
  • Fix PTK Tracker #147 ("PTKDemo's Metadata HTML is ugly").
  • Fix PTK Tracker issue #136 (CSS selection broken).
  • Fix Tracker issue #141 (Wizard product has broken subobjects list).
  • Remove redundant description arg from constructors (PTK Tracker issue #142; thanks to [email protected] for reporting this).
  • Enable FTP upload/creation of NewsItems
  • Add the ability to query and set DublinCore metadata via FTP:
    • Updated PTKDemo.DemoDublinCore.DemoDublinCore to add a method, getMetadataHeaders(), which builds a list of DublinCore headers, suitable for inclusion in tags or in "Structured Text Headers".
    • Updated PTKDemo.Document.Document to export/import the metadata when accessed via FTP.
  • Fix PortalFolder.all_meta_types() to allow non-content.
  • Fix PortalFolder.listActions() to return a tuple, not a list