Change History¶
2.0.9 - 2022-05-05¶
- Replace
py-bcrypt
(unmaintained, last release in 2013) withbcrypt
. - Pin bleach to
<5
(incompatible API changes).
2.0.8 - 2022-05-05¶
- Brownbag release (hidden).
2.0.7 - 2021-09-02¶
- Add compatibility for (and require) SQLAlchemy 1.4.
- Fix
url_normalizer
tests (not picked up before). - Optimize traversal for applications with large
Node
subclass hierarchies. - Add proper caching for
get_root
.
2.0.6 - 2021-05-12¶
- Fix performance issue:
Content._tags
is configured withlazy="select"
now. This doesn’t cause any change in API usage, however it speeds up selects onNode
and descendants by 1-2 orders of magnitude in some cases at the price of a slight performance degradation in scenarios with few tables and heavy tag usage. - Update dependencies to their most recent compatible versions.
2.0.5 - 2021-03-16¶
- Fix sanitizer error when values are None (ie nothing to sanitize at all).
- Pin Pyramid to < 2 (for now).
- Pin SQLAlchemy to < 1.4 to prevent no longer working private import in sqlalchemy-utils.
2.0.4 - 2020-11-20¶
- Replace deprecated
bleach_whitelist
with its successorbleach-allowlist
. - Upgrade
iso8601
.
2.0.3 - 2020-11-18¶
- Upgrade to
pytest>=6
. - Replace
pytest-pep8
withpytest-flake8
; fix or silence flake8 warnings/errors in existing code (mostly tests and migrations).
2.0.2 - 2020-06-22¶
- Upgrade
requirements.txt
. [fixes #576] - Remove CircleCI
- Fix broken tags widget (#562).
- Run
pyupgrade --py36-plus
on all Python files to use some more modern language features where appropriate (for example f-strings). - Declare Python 3.7 and 3.8 compatibility.
- Remove Python 3.5 compatibility.
- Remove
rfc6266-parser
dependency.
2.0.1 - 2019-01-09¶
- Reformat source code with black.
- Remove testing import from package code.
2.0.0 - 2019-01-07¶
- Update documentation (kotti-cookiecutter is the new scaffolding template). See https://github.com/Kotti/kotti-cookiecutter
- Require pytest >= 4.1.0, use
request.node.get_closest_marker
instead of deprecatedrequest.keywords
.
2.0.0b2 - 2018-04-04¶
- Fix CSRF issue in
@@share
view (#551).
2.0.0b1 - 2018-03-19¶
- Remove links to the demo site, which has been down for too long.
2.0.0a1 - 2018-02-22¶
This is a alpha release. Blindly upgrading your production environments will make the universe collapse!
Backward Incompatibilities¶
Python 3 compatibility
Kotti now runs on Python >= 3.5.
Python 2.x support was dropped entirely and won’t come back until somebody implements it or is willing to pay for it.
Everything marked as deprecated in Kotti 1.x was removed.
Scaffolding support via
pcreate
was dropped as it’s deprecated by Pyramid now. An alternate solution (cookiecutter template) might become available again in the future.
New Features¶
- Python 3 compatibility
- Extensive testing and code analysis on Circle CI, Travis CI and Scrutinizer.
Fixes¶
- Avoid deprecation warning
pyramid.security.has_permission
1.3.2 - 2018-04-04¶
This release fixes a CSRF (Cross Site Request Forgery) security vulnerablity which was reported in #551. You should upgrade your installations ASAP.
1.3.1 - 2018-01-17¶
- When rendering slot views, use
request.blank()
to create the request. This is the proper behaviour, in tune with customizingkotti.request_factory
. Also addedblank()
method tokotti.testing.DummyRequest
. - When authenticated, show workflow state in the edit bar. Before it was shown only if the ‘edit’ permission was available.
- Optimize the File edit form: don’t load initial file data to session data and don’t rewrite the file data after saving the form if that data has not been changed through the edit form.
- Bugfix: when showing addable content in the menu, check if the factory has a defined add_view. This avoids a hard crash with, for example, a content type derived from Content that has no add_view defined.
- Added
nav-bar
slot toedit/master.pt
,edit-bar
andnav-bar
slots toview/master.pt
- Bugfix: Simplify 404 page, no longer crash when authenticated
- Change: simplify kotti.util.LinkBase.selected(): use request.view_name instead of deriving the view name from request.url. Also, consider the View editor bar entry as selected even when the url doesn’t end with a slash ‘/’
- Feature: add Czech translation.
- remove pytest-warnings from test dependencies (already integrated in modern pytest versions)
1.3.0 - 2016-10-10¶
Breaking Changes¶
- Upgrade to
repoze.workflow==1.0b
. If your application has a custom ``workflow.zcml``, it needs a little modification: ``state`` and ``transition`` titles are no longer ``key`` nodes, but attributes on the respective ``state`` or ``transition`` nodes. See Kotti’s ``workflow.zcml`` for an example.
Features and Fixes¶
- Add a fallback in
contents.pt
whencreation_date
ormodification_date
isNone
. - Transform workflow state title to TranslationStrings without eval and deprecate it.
- Replace some Python 2 only code with equivalents that also support Python 3.
- Use generic SQLAlchemy type Text as base type for JsonType. This allows SQLAlchemy to map Text type to the most suitable type available on given database system. Previously used TEXT type is not available in Oracle database. In case of existing installation of Kotti with database system, for which SQLAlchemy maps generic Text type to type different than TEXT it’s necessary to either convert existing columns “nodes._acl” and “nodes.annotations” to that type or configure SQLAlchemy to map generic Text type to existing type of these two columns. For example of how to do this please see http://stackoverflow.com/a/36506666/95735. For all database systems for which SQLAlchemy provides dialects except Oracle (Firebird, Microsoft SQL Server, MySQL, Postgres, SQLite, Sybase) there’s no need to do anything.
- We use PEP 440 normalized form for the project’s version thus current “1.3.0-alpha.5-dev” became “1.3.0a5.dev0”.
- Upgrade tests to
zope.testbrowser>=5.0.0
. This removes themechanize
andwsgi_intercept
dependencies and thus the last blocker for Python 3 compatibility. - Move
pytest
config fromsetup.cfg
to newpytest.ini
. This prevents a deprecation warning withpytest>=3.0
. - Rename
kotti.testing.TestingRootFactory
tokotti.testing.RootFactory
to prevent another deprecation warning withpytest>=3.0
.
1.3.0-alpha.4 - 2015-01-15¶
This is a alpha release. Blindly upgrading your production environments will make the universe collapse!
- Add a
kotti.depot_replace_wsgi_file_wrapper
option to replace the WSGI file wrapper withpyramid.response.FileIter
for problematic environments.
1.3.0-alpha.3 - 2016-01-11¶
This is a alpha release. Blindly upgrading your production environments will make the universe collapse!
- Bugfix: don’t try to get api.root via the lineage if not in a location aware context (for example 404 view). Return the site root instead.
1.3.0-alpha.2 - 2016-01-05¶
This is a alpha release. Blindly upgrading your production environments will make the universe collapse!
- Add a custom traverser, which gets all nodes in a single DB query. For deeply nested trees this results in drastic performance improvements. See https://kotti.readthedocs.io/en/master/api/kotti.traversal.html for details.
- Bugfix: copy and paste of file nodes wouldn’t create a new depot file, but instead lead to multiple references to a single file which would cause undesired results when one of them was deleted later.
- Bugfix: local ‘role:owner’ was not set when a new node was created by copy and paste.
- Bugfix: kotti.events._update_children_paths could fail under unclear conditions (at least under Python 2.6 with SQLite).
- Get rid of more browser doctests (converted to webtest).
1.3.0-alpha.1 - 2015-12-22¶
This is a alpha release. Blindly upgrading your production environments will make the universe collapse!
Completely revised
Depot
integration. See https://kotti.readthedocs.io/en/latest/developing/advanced/blobs.html for details.Make
kotti.resources.SaveDataMixin
more versatile in that it now supports adata_filters
attribute (or even a completely overriddendata
attribute) on subclasses. For an example for what this is useful, see the newkotti_image
package’s readme and the Depot documentation (https://depot.readthedocs.io/en/latest/database.html#custom-behaviour-in-attachments).These changes require a database migration.
A migration script is included, which can be executed by running
kotti-migrate <your.ini> upgrade_all
. However, this script will fail if you subclassed fromkotti.resources.Image
in your application. It also doesn’t cover custom classes inherited fromkotti.resources.File
(other than Kotti’sImage
). Migration of those can be performed easily, by copying the code from the included migration step to your package’s migration environment and adjust it to your needs.Move all image related code to the new
kotti_image
add on package. All classes and functions are imported into their former place, so that code that imports from there will still be working.Fix broken upload type selector.
Create RFC6266 compliant content disposition headers for non-ASCII filenames.
Add request.uploaded_file_response method.
1.2.4 - 2015-11-26¶
- Fix broken packaging of 1.2.3. Sorry for the inconvenience!
1.2.3 - 2015-11-26¶
- Add Kotti logo and icon to static assets.
- Use Kotti logo as favicon.
- Move favicon definition to separate template to make it easily overridable.
- Fix permission check in
kotti.views.util.nodes_tree
.
1.2.2 - 2015-10-28¶
- Add simple, default
not found view
. - In
workflow-dropdown
replace hard-coded permission check with individual permission checks for each existing transition. - Upgrade requirements.
1.2.1 - 2015-10-07¶
- Outfactor the code that runs after successful authentication into a
configurable
kotti.login_success_callback
function. - Outfactor the code that runs after a valid password reset request into a
configurable
kotti.password_reset_callback
function. - Support principal search on non string attributes.
- Support principal searches matching all arguments
(i.e. using the
and
operator,or
is still the default). - Support optional –rev with kotti-migrate upgrade.
1.2.0 - 2015-09-27¶
- Greatly reduce the number of queries that are sent to the DB: - Add caching for the root node. - Use eager / joined loading for local_groups. - Don’t query principals for roles
- Add “missing” foreign key indices (with corresponding migration step).
- Add a
kotti.modification_date_excludes
configuration option. It takes a list of attributes in dotted name notation that should not trigger an update ofmodification_date
on change. Defaults tokotti.resources.Node.position
. - Don’t try to set a caching header from the NewRequest handler when Pyramid’s
tweens didn’t follow the usual chain of calls. This fixes compatibility with
bowerstatic
. - Don’t assume
renderer_name
exists in a rendering event (ex. BeforeRender). The official docstring ofpyramid.interfaces.IRenderer
is a bit ambigous in regards to what thesystem
parameter should include when a renderer gets called. This fixes compatibility withpyramid_layout
. - Add a
kotti.modification_date_excludes
configuration option. It takes a list of attributes in dotted name notation that should not trigger an update ofmodification_date
on change. Defaults tokotti.resources.Node.position
.
1.1.5 - 2015-09-04¶
- Fix migration error on MySQL.
- Only wrap methods that do exist on the wrapped type (in
kotti.sqla.MutationList
/kotti.sqla.MutationDict
). This fixes an error that occurs when MutationLists are exposed to the UI viacolander.SequenceSchema
. - Upgrade requirements to latest versions (
filedepot
,waitress
).
1.1.4 - 2015-06-27¶
- Add compatibility with SQLAlchemy 1.0. Also require SQLAlchemy 1.0.6 now.
- Ignore HTTPForbidden exceptions during slot rendering
1.1.3 - 2015-06-17¶
- Fix a bug in kotti-migrate that prevented initial migration steps from being run successfully.
- Require kotti_tinymce 0.5.3.
1.1.2 - 2015-06-12¶
Enlarge column sizes for
name
,path
andtitle
(see #427). Upgrading from any version older than 1.1.2 requires you to run a migration script on your database. To run the migration, call:$ bin/kotti-migrate <myconfig.ini> upgrade
Add length validator for
title
(fix partially #404). See #428Remove 40 chars max length constraint for the html segment
name
(Kotti.util.title_to_name
). See #428Update italian translation
Update documentation
Add an
add_permission
attribute tokotti.resources.TypeInfo
with a default value ofadd
. See #436Add a “cancel” button to the delete node view.
1.1.1 2015-05-11¶
- Update scaffold’s README file. See #417.
- Fix broken multifile upload. See #425.
1.1.0 2015-04-16¶
- Separate the default actions to a
kotti.resources.default_actions
variable, to allows easier customization of default actions of all content types. This is aLinkParent
, you can append newkotti.util.Link
objects to itschildren
. - Add
target
option tokotti.util.Link
. See #405. - Add sanitizers. See
docs/development/advanced/sanitizers
andkotti.sanitizers
for details. This fixes #296. - Added new document on how to customize the edit interface.
See
docs/development/advanced/add-to-edit-interface
. - Make it easier to customize default actions by separating them to a new
kotti.resources.default_actions
variable. Before, to customize them, you’d have to changeContent.type_info.edit_links[3].children
, now you can mutatedefault_actions
directly. Seedocs/development/advanced/add-to-edit-interface
for details. - Upgrade
WebOb
,html2text
,pyramid
andxlwt
to their latest stable versions.
1.1.0-alpha.1 - 2015-03-19¶
Allow moving
File
andImage
blob data from the database to configurable storages. To achieve this we use filedepot, a third-party library with several plugin storages already built in. See docs/developing/advanced/blobs.rst for details on what this brings. Upgrading from any version older then 1.1.0 requires you to run a migration script on your database. To run the migration, call:$ bin/kotti-migrate <myconfig.ini> upgrade
Please note that, before running the migration, you should take the time to read the documentation and configure your desired storage scheme.
- Allow storing blob data in the database using
DBStoredFile
andDBFileStorage
, a database centered storage plugin forfiledepot
. This storage is the default storage for blob data, unless configured otherwise. - Added a script to migrate blob data between depot storages. See docs/developing/advanced/blobs.rst for details on how to use it.
- Simplify serving blob data by using
kotti.views.file.UploadedFileResponse
, which also streams data. Please note that the defaultDBStoredFile
still needs to load its entire data in memory, to benefit from this feature you should configure another default depot storage. - Added three new test fixtures:
mock_filedepot
, to be used in simple unit tests with no dependency on a database session,filedepot
, which integrates with thedbsession
fixture andno_filedepot
, a fixture that can be used in developing tests for new file depot plugins - by preserving the depot configuration before and after running the test. NOTE: in order to test edit views with uploaded data in the request, you need to mixin thefiledepot
fixture. - Initialize pyramid.paster.logging for custom commands defined via
kotti.util.command
, to allow log message output for kotti sessions started via custom commands. - Remove unused
kotti.js
. - Remove deprecated
kotti.views.slots.local_navigation
andkotti.views.slots.includeme_local_navigation
. Usekotti.views.navigation.local_navigation
andkotti.views.navigation.includeme_local_navigation
instead. - Upgrade
plone.scale
andSQLAlchemy
to their latest stable versions. - Change
height
property onbody
’s widget (RichTextField
) for improved usability. See #403.
1.0.0 - 2015-01-20¶
- No changes.
1.0.0-alpha.4 - 2015-01-29¶
- Added experimental Docker support. See #374.
- Allow restricting add views to specific contexts. This allows third party
developers to register new content types that are addable in specific
type of contexts, by specifying
context=SomeContentType
in their add view registration and havingtype_info.addable=['SomeContentType']
in the type info. - For documents with duplicate titles that end in a number, append a counter instead of incrementing their number. Fixes #245
- Update all requirements (except alembic) to their latest respective versions.
1.0.0-alpha.3 - 2015-01-13¶
- Explicitly implement
pyramid.interfaces.IRequest
forkotti.request.Request
. This allows add-on packages to useconfig.add_request_method
(with reify) andconfig.add_request_property
without breaking the interfaces provided by the request. Fixes #369
1.0.0-alpha.2 - 2015-01-01¶
- Require
kotti_tinymce==0.5.1
. This fixes #365.
1.0.0-alpha - 2014-12-20¶
- Add a new scaffold based on Pyramid’s
pcreate
. To run the tests for the scaffold, you must invokepy.test
with the--runslow
option. This is enabled by default on Travis. kotti._resolve_dotted
now return a resolved copy of the settings (instead of in place resolving as before).- Factor out DBMS specific patches and make them available to the test fixtures.
- Add new fixtures that can also be used in add on tests:
custom_settings
does nothing and is meant to be overridden in add on test suites. It allows injection of arbitrary key / values into the settings dict used in tests.unresolved_settings
is guaranteed to only contain unresolved string values (or lists therof).settings
is now guaranteed to be fully resolved.webtest
returns awebtest.TestApp
instance with support for the@user
marker. This should be used instead of browser doctests for functional tests.
- Use RTD theme for documentation.
- Use latest versions of all requirements. The only upgrade with notable
differences is
lingua
(from 1.4 to 3.6.1). This completely changes lingua’s API. See docs/developing/basic/translations.rst for details on the greatly simplified new usage. - Remove code (incl. tests) that has been marked as deprecated since (at least) Kotti 0.8.
- Revise UI to make better use of Bootstrap 3.
- Allow parameters for move-child-position views to either be in
request.POST
orrequest.json_body
. - Don’t use Pyramid code that is marked as deprecated:
- replace
pyramid.security.authenticated_userid
withrequest.authenticated_userid
.
- replace
- Deprecate
kotti.security.has_permission
to be consistent with the corresponding deprecation in Pyramid 1.5. You should now userequest.has_permission
instead. - Make all values in
Node.path
end in/
. This makes it consistent over all nodes (including root) and correspond to the values ofrequest.resource_url
. As a side effect querying becomes easier. However, this might need adjustments in your code if you were expecting the old path values before. A migration step for DB upgrades is included.
0.10b1 - 2014-07-11¶
Add a
__json__
method to MutationList and MutationDict.This is to allow Pyramid’s serializer to just work.
0.10a4 - 2014-06-19¶
- Upgrade Pyramid to version 1.5.1.
0.10a3 - 2014-06-11¶
- Upgrade SQLAlchemy and alembic dependencies from 0.8.2 and 0.5.0 to 0.9.4 and 0.6.5 respectively.
- Do not flush within
Node.path
event handlers. We would otherwise trigger object handlers with funny object states. - Fix bug with
Node.path
where we attach a Node instance to a parent that has been loaded from the database, but its parents have not been loaded yet. - Fix deprecation warnings with regard to Pyramid’s
custom_view_predicates
andset_request_property
. Also deprecatekotti.views.util.is_root
.
0.10a2 - 2014-06-05¶
Add
Node.path
column. This allows queries based on path, so it’s much easier just to find all children, grandchildren etc. of a given node:DBSession.query(Node).filter(Node.path.startswith(mynode.path))
Adds
session
attribute to the request attributes to copy to the slot view request.
Migrations¶
Upgrading from 0.9.2 to 0.10 requires you to run a migration script on your database. To run the migration, call:
$ bin/kotti-migrate <myconfig.ini> upgrade
Make sure you backup your database before running the migration!
0.10a1 - 2014-05-19¶
Kotti is now based on Bootstrap 3 (and therefore Deform 2).
THIS IS A BACKWARD INCOMPATIBLE CHANGE W.R.T. MOST TEMPLATES, INCLUDING FORM TEMPLATES! IF YOUR PROJECT EITHER HAS TEMPLATE CUSTOMIZATIONS OR DEPENDS ON ADD-ONS THINGS WILL LOOK BROKEN!
If you only use Kotti’s default UI, chances are good that your application will continue to work well unchanged. Kotti’s API is mostly unchanged and fully backward compatible though.
Rework implementation of ‘kotti.util.Link’ (‘ViewLink’) to be more flexible.
There’s now proper support for nesting ‘edit_links’, so that the special ‘action_links’ list is no longer necessary. Links now also make better use of templates for rendering, and are probably easier to customize overall.
Added compatiblity for and now require Pyramid>=1.5. #273
In tests, turned settings and setup_app into fixtures to ease overriding.
Add
kotti_context_url
JS global variable. For more details on why this is needed see:Adds
delete
permission needed for ‘delete’ and ‘delete_nodes’ views. The default workflow was updated in consequence. It allows to elaborate more fine grained workflows : for instance, create a role which can edit a content but not delete it.To make existent Kotti’s instances using default workflow compatibles and avoid users that have ‘editor’ role (and so far, whom have the possibility to edit and delete the content) to not be able to delete contents, it’s needed to reset workflow with “kotti-reset-workflow <application ini file>” command.
Fix #308: Unique name constraint issue during paste of a cut node.
0.9.2 - 2013-10-15¶
- Fix #268: Convert None to colander.null in get_appstruct so that serialization doesn’t fail (needed due to recent changes in colander).
0.9.1 - 2013-09-25¶
- Allow user admins to modify user passwords.
- Require newer kotti_tinymce (source code editing was broken in 0.4).
0.9 - 2013-09-17¶
Add multi file content upload. You can now select several files from your local storage that you want to upload and chose what content nodes shall be created in your Kotti site. Currently files with MIME types of
image/*
can be uploaded and be created as eitherImage
orFile
nodes, all other MIME types will be created asFile
. In future releases (or add-on products) this can be extended with additional converters allowing for example to upload HTML files and createDocument
nodes with the content of thetitle
tag becoming the node’s title, the content of thebody
tag becoming the node’s body and so on.Fix #253: Many translations weren’t included in the last release.
‘–use-fuzzy’ translations when running ‘compile_catalog’ adds back translations that were recently marked as fuzzy. (All translations that were marked as fuzzy in German were still accurate.)
Fix #252: Wrap templates where extract_messages failed with <tal:block>
Fix #249: TinyMCE translations work again.
0.9b2 - 2013-08-20¶
- Fix #251: Broken comparison of NestedMutationDict and NestedMutationList.
- Update kotti_tinymce to version 4.0.2.
- Fix bug in kotti.views.content.FileEditForm to preserve file content while editing it.
0.9b1 - 2013-06-26¶
Add
kotti.util.ViewLink.visible
method for better control over whether a view link should be visible or not. This allows us to move formerly hardcoded action links defined inkotti.views.edit.actions
intoTypeInfo.action_links
and thus make them configurable either globally or per content type.kotti.security.view_permitted
will now check forpyramid.security.view_execution_permitted
with a request method set to ‘GET’ by default. It used to check for a view that matches the current request’s method.This fixes an issue where
kotti.util.ViewLink.permitted
would by mistake check for a ‘POST’ view when the current request was ‘POST’.Add
INavigationRoot
interface andTemplateAPI.navigation_root
property. The latter returns the first content node in the lineage that implementsINavigationRoot
or the root node ifINavigationRoot
is not implemented by any node in the lineage. Make thenav.pt
template useapi.navigation_root
instead ofapi.root
. This allows third party add-ons to define content types that can reside somewhere in the content tree while still being the root for the navigation.Move navigation related view code to new module
kotti.views.navigation
. Deprecate imports from the old locations.Remove some code that has been deprecated in 0.6 or 0.7.
A view assigned to a slot can access the slot name where its rendered.
Add missing transaction.commit() in kotti-reset-workflow.
Fix bug in kotti.views.util.render_view where local roles weren’t respected correctly.
Add helper method kotti.message.send_email for sending general emails. These emails must follow a particular structure. Look at kotti:templates/email-set-password.pt as an example.
0.9a2 - 2013-05-04¶
Fix #222: Use SQLAlchemy’s before_flush event for object events.
We were using the wrong events previously. The problem with before_insert, before_update, and before_delete was that event handlers could not reliably call Session.add, Session.delete, and change mapped relationships. But only SQLAlchemy 0.8 started emitting a warning when that was done.
Also deprecated ObjectAfterDelete because I don’t think it’s useful.
Remove the html5shim from the master templates and use the fanstatic package js.html5shiv instead.
A temporary fix for #187. Basically suppresses DetachedInstanceError.
Add
kotti.events.subscribe
decorator. See the also updated docs on that topic / module for details.
0.9a1 - 2013-03-12¶
- Fix ordering on how
include_me
functions are loaded. This puts Kotti’s own and Kotti add-on search paths in front of deform_bootstrap’s. - Add image thumbs with preview popovers to @@contents view.
- Add drag’n’drop ordering support to @@contents view.
- Add “toggle all” checkbox to @@contents view.
- Add contents path bar to @@contents view.
0.8 - 2013-03-12¶
- No changes.
0.8b2 - 2013-02-08¶
- Fix Kotti’s tests to no longer trigger deprecation warnings. Kotti’s funcargs need to be better documented still, see #141.
- Add a fanstatic.Group ‘tagit’ and need() it in the defered widget. This is needed to make the tags widget render correctly with a theme package enabled until the defered widget is replaced by a widget class that declares its requirements in the usual deform style.
- Transform
setup_users
,setup_user
andprefs
views into class-based views. Add a little text at subsectionSecurity
on developer manual mentioning those views.
0.8b1 - 2012-12-30¶
- No changes
0.8a2 - 2012-12-15¶
- Remove test related dependencies on requirements.txt. So now we need to run python setup.py dev to get testing dependencies.
- Update packages versions on requirements.txt for latest working versions.
- Added a tags display in views for documents, files, folders, and images, where they show up as a horizontal list between description and body.
- Modified general search to include simple tags searching. The default search in Kotti works on a simple search term matching basis. Tags searching is added here in a simple fashion also, such that you can only search for one tag at a time, but partial matches work: searching for ‘foo’ finds content tagged ‘foo bar’. You can also search on single tags by clicking an individual tag in the tags display of an item. More sophisticated tags searching, just as for general search, is left to dedicated add-ons.
0.8a1 - 2012-11-13¶
- Make language-dependent URL normalization the default. (How to do this used to be a cookbook entry.)
- Cleanup node edit actions and use decorated view classes.
- Add contents view with actions for multiple items.
- Add children_with_permission method to ContainerMixin.
- Add UI for default_view selection.
- Deprecate ‘kotti.views.edit.generic_add’ and ‘generic_edit’. Just use class-based forms instead.
0.7.2 - 2012-10-02¶
- Improve installation instructions. Now uses tagged requirements.txt file.
- Added event request POST vars to the request for the slot viewlet.
- Added IFile and IImage interfaces to allow for file and image subclasses to reuse the same view (registrations).
0.7.1 - 2012-08-30¶
- Add deletion of users to the users management.
- Fix tag support for files and images.
- Upgrade to Twitter Bootstrap 2.1
- remove lots of CSS that is no longer needed
- fix responsive layout that was broken on some phone size screen resolutions
- Add “Site Setup” submenu / remove @@setup view.
0.7 - 2012-08-16¶
- Fix critical issue with migrations where version number would not be persisted in the Alembic versions table.
0.7rc1 - 2012-08-14¶
- No changes.
0.7a6 - 2012-08-07¶
- Fix a bug with connections in the migration script. This would
previously cause Postgres to deadlock when calling
kotti-migrate
.
0.7a5 - 2012-08-07¶
Add workflow support based on
repoze.workflow
. A simple workflow is included inworkflow.zcml
and is active by default. Usekotti.use_workflow = 0
to deactivate. The workflow support adds a drop-down that allows users withstate_change
permission to modify the workflow state.Change the default layout
Kotti’s new default look is now even closer to the Bootstrap documentation, with the main nav bar at the very top and the edit bar right below.
Upgrade note: if you have a customized main_template and want to use the recent changes in that template, you need to swap positions of
nav.pt
andeditor-bar.pt
api.render_template
calls and remove thesearch.pt
call from the main_template (it’s now called from withinnav.pt
). Everything else is completely optional.Add migrations via Alembic. A new script
kotti-migrate
helps with managing database upgrades of Kotti and Kotti add-ons. Runkotti-migrate <your.ini> upgrade
to upgrade the Kotti database to the latest version.Add-on authors should see the
kotti.migrate
module’s docstring for more details.Make
Document.body
searchable (and therefore the search feature actually useful for the first time).Add a “minify” command to compress CSS and JS resources.
To use it run:
python setup.py dev python setup.py minify
The
minify
command assumes, that all resources are inkotti/static/
.YUI compressor
is used for compression and will be automatically installed when runningpython setup.py dev
. However, you still need a JVM on your development machine to be able to use theminify
command.Fix settings: only values for kotti* keys should be converted to unicode strings.
Fix #89: Validate email address for uniqueness when user changes it.
Fix #91: Styling of search box.
Fix #104: Make fanstatic resources completely overridable.
Enabled deferred loading on File.data column.
Migrations¶
Upgrading from 0.6 to 0.7 requires you to run a migration script on your database. To run the migration, call:
$ bin/kotti-migrate <myconfig.ini> upgrade
Make sure you backup your database before running the migration!
Upgrading to 0.7 will initialize workfow state and permissions for all your content objects, unless you’ve overwritten
kotti-use_workflow
to not use a workflow (use0
) or a custom one.It is important that sites that have custom permissions, e.g. custom modifications to SITE_ACL, turn off workflow support prior to running the upgrade script.
0.7a4 - 2012-06-25¶
- Add minified versions JS/CSS files.
- Fix #88: logging in with email.
- Update translations.
0.7a3 - 2012-06-15¶
Include
kotti.tinymce
which adds plug-ins for image and file upload and content linking to the TinyMCE rich text editor.Slot renderers have been replaced by normal views (or viewlets).
kotti.views.slots.register
has been deprecated in favour ofkotti.views.slots.assign_slot
, which works similarly, but takes a view name of a registered view instead of a function for registration.Switch to fanstatic for static resource management.
Upgrade note: This requires changes to existing *.ini application configuration files. Concretely, you’ll need to add a
filter:fanstatic
section and apipeline:main
section and rename an existingapp:main
section toapp:Kotti
or the like. Take a look at Kotti’s owndevelopment.ini
for an example.Retire the undocumented
kotti.resources.Setting
class and table.kotti.get_settings
will now returnregistry.settings
straight, without looking for persistent overrides in the database.Drop support for Pyramid<1.3, since we use
pyramid.response.FileResponse
, and kotti_tinymce usespyramid.view.view_defaults
.Fix encoding error with non-ascii passwords.
0.7a2 - 2012-06-07¶
- Do not allow inactive users to reset their password.
0.7a1 - 2012-06-01¶
Features¶
- Add a new ‘Image’ content type and image scaling, originally from
the kotti_image_gallery add-on. See
kotti.image_scales.*
settings. - Add search and related setting
kotti.search_content
. - Add subscriber to set cache headers based on caching rules. See
also related setting
kotti.caching_policy_chooser
. - Remove TinyMCE from the core.
- Move email templates into page templates in
kotti:templates/email-set-password.pt
andkotti:templates/email-reset-password.pt
. This is to make them easier to translate and customize. This deprecateskotti.message.send_set_password
. - Add a ‘edit_inhead’ slot for stuff that goes into the edit interface’s head. ‘inhead’ is no longer be used in ‘edit/master.pt’.
- For more details, see also http://danielnouri.org/notes/2012/05/28/kotti-werkpalast-sprint-wrap-up/
Bugs¶
- Fix bug with group edit views. See https://github.com/Pylons/Kotti/pull/61
- Fix bug where
user.last_login_date
was not set during automic login after the set password screen.
0.6.3 - 2012-05-08¶
- Add tag support. All content objects now have tags. They can be added in the UI using the “jQuery UI Tag-it!” widget. See https://github.com/Pylons/Kotti/pull/55 .
- Fix a bug with file download performance.
0.6.2 - 2012-04-21¶
- Links in Navigation view lead to node view. Added edit links to view the node’s edit form.
- Hitting ‘Cancel’ now returns to the context node for add/edit views
0.6.1 - 2012-03-30¶
- Added button to show/hide nodes from navigation in the order screen.
- The ‘rename’ action now strips slashes out of names. Fixes #53.
- Add Dutch translation.
- Allow translation of TinyMCE’s UI (starting with deform 0.9.5)
- Separated out testing dependencies. Run
bin/python setup.py dev
to install Kotti with extra dependencies for testing. - Deprecate ‘kotti.includes’ setting. Use the standard ‘pyramid.includes’ instead.
- Setting ‘Node.__acl__’ to the empty list will now persist the empty list instead of setting ‘None’.
- Let ‘pyramid_deform’ take care of configuring deform with translation dirs and search paths.
0.6.0 - 2012-03-22¶
- Add Japanese translation.
- Enforce lowercase user names and email with registration and login.
- Moved SQLAlchemy related stuff from kotti.util into kotti.sqla.
- You can also append to ‘Node.__acl__’ now in addition to setting the attribute.
0.6.0b3 - 2012-03-17¶
- Have the automatic
__tablename__
andpolymorphic_identity
for CamelCase class names use underscores, so a class ‘MyFancyDocument’ gets a table name of ‘my_fancy_documents’ and a type of ‘my_fancy_document’.
0.6.0b2 - 2012-03-16¶
- Make the ‘item_type’ attribute of AddForm optional. Fixes #41.
kotti.util.title_to_name
will now return a name with a maximum length of 40. Fixes #31.
0.6.0b1 - 2012-03-15¶
Use declarative style instead of class mapper for SQLAlchemy resources.
Unfortunately, this change is backwards incompatible with existing content types (not with existing databases however). Updating your types to use Declarative is simple. See kotti_calendar for an example: https://github.com/dnouri/kotti_calendar/commit/509d46bd596ff338e0a88f481339882de72e49e0#diff-1
0.5.2 - 2012-03-10¶
- A new ‘Actions’ menu makes copy, paste, delete and rename of items more accessible.
- Add German translation.
- Populators no longer need to call
transaction.commit()
themselves.
0.5.1 - 2012-02-27¶
- Internationalize user interface. Add Portuguese as the first translation.
- A new ‘Add’ menu in the editor toolbar allows for a more intuitive adding of items in the CMS.
- Refine
Node.copy
. No longer copy over local roles per default.
0.5.0 - 2012-02-15¶
- Move Kotti’s default user interface to use Twitter Bootstrap 2.
- Add a new ‘File’ content type.
- Add CSRF protection to some forms.
- Remove Kotti’s
FormController
in favor of usingpyramid_deform
. - Use plone.i18n to normalize titles to URL parts.
- Add a separate navigation screen that replaces the former intelligent breadcrumbs menu.
- Use
pyramid_beaker
as the default session factory. - Make
kotti.messages.send_set_password
a bit more flexible.
0.4.5 - 2012-01-19¶
Add ‘kotti.security.has_permission’ which may be used instead of ‘pyramid.security.has_permission’.
The difference is that Kotti’s version will set the “authorization context” to be the context that you pass to ‘has_permission’. The effect is that ‘list_groups’ will return a more correct list of local roles, i.e. the groups in the given context instead of ‘request.context’.
Add a template (‘forbidden.pt’) for when user is logged in but still getting HTTPForbidden.
0.4.4 - 2012-01-05¶
- The “Forbidden View” will no longer redirect clients that don’t accept ‘text/html’ to the login form.
- Fix bug with ‘kotti.site_title’ setting.
0.4.3 - 2011-12-22¶
- Add ‘kotti.root_factory’ setting which allows the override Kotti’s default Pyramid root factory. Also, make master templates more robust so that a minimal root with ‘__parent__’ and ‘__name__’ can be rendered.
- The ‘kotti.tests’ was factored out. Tests should now import from ‘kotti.testing’.
0.4.2 - 2011-12-20¶
- More convenient overrides for add-on packages by better use of ‘config.commit()’.
0.4.1 - 2011-12-20¶
- Modularize Kotti’s Paste App Factory ‘kotti.main’.
- Allow explicit setting of tables that Kotti creates (‘kotti.use_tables’).
0.4.0 - 2011-12-14¶
- Remove configuration variables ‘kotti.templates.*’ in favour of ‘kotti.asset_overrides’, which uses Pyramid asset specs and their overrides.
- Remove ‘TemplateAPI.__getitem__’ and instead add ‘TemplateAPI.macro’ which has a similar but less ‘special’ API.
- Factor snippets in ‘kotti/templates/snippets.pt’ out into their own templates. Use ‘api.render_template’ to render them instead of macros.
0.3.1 - 2011-12-09¶
- Add ‘keys’ method to mutation dicts (see 0.3.0).
0.3.0 - 2011-11-30¶
Replace Node.__annotations__ in favor of an extended Node.annotations.
Node.annotations will attempt to not only recognize changes to subobjects of type dict, it will also handle list objects transparently. That is, changing arbitrary JSON structures should just work with regard to calling node.annotations.changed() when the structure was changed.
0.2.10 - 2011-11-22¶
- ‘api.format_datetime’ now also accepts a timestamp in addition to datetime.
0.2.9 - 2011-11-21¶
- Remove MANIFEST.in in favour of using ‘setuptools-git’.
0.2.8 - 2011-11-21¶
- Remove ‘PasteScript’ dependency since that would result in spurious errors when installing Kotti. See http://jenkins.danielnouri.org/job/Kotti/42/TOXENV=py27/console
0.2.7 - 2011-11-20¶
- Add ‘PasteScript’ dependency.
- Fix #11 where ‘python setup.py test’ would look into a hard-coded ‘bin’ directory.
- Structural analysis documentation. (Unfinished; in ‘analysis’ directory during development. Will be moved to main docs when finished.)
0.2.6 - 2011-11-17¶
Add Node.__annotations__ convenience attribute.
Node.__annotations__ will wrap the annotations dict in such a way that both item and attribute access are possible. It’ll also record changes to dicts inside dicts and mark the parent __annotations__ attribute as dirty.
Add a welcome page.
Delete the demo added in version 0.2.4.
0.2.5 - 2011-11-14¶
- Add ‘TemplateAPI.render_template’; allow templates to be rendered conveniently from templates.
0.2.4 - 2011-11-13¶
- Adjust for Pyramid 1.2: INI file, pyramid_tm, Wsgiref server, pcreate and pserve. (MO)
- Add Kotti Demo source and documentation.
0.2.3 - 2011-10-28¶
Node.__getitem__
will now also accept a tuple as key.folder['1', '2']
is the same asfolder['1']['2']
, just more efficient.Added a new cache decorator based on
repoze.lru
.
0.2.2 - 2011-10-10¶
- Change the function signature of
kotti.authn_policy_factory
,kotti.authz_policy_factory
andkotti.session_factory
to include all settings from the configuration file.
0.2.1 - 2011-09-29¶
- Minor changes to events setup code to ease usage in tests.
0.2 - 2011-09-16¶
- No changes.
0.2a2 - 2011-09-05¶
- Fix templates to be compatible with Chameleon 2. Also, require Chameleon>=2.
- Require pyramid>=1.2. Also, enable pyramid_debugtoolbar for
development.ini
profile.
0.2a1 - 2011-08-29¶
Improve database schema for
Nodes
. SplitNode
class intoNode
andContent
.This change is backward incompatible in that existing content types in your code will need to subclass
Content
instead ofNode
. The example in the docs has been updated. Also, the underlying database schema has changed.Improve user database hashing and local roles storage.
Compatibility fix for Pyramid 1.2.