| Age | Commit message (Collapse) | Author |
|---|
|
Kohana makes this type of transition fairly straightforward in that
all controllers/helpers/etc are still located in the cascading
filesystem without any extra effort, except that I've temporarily
added a hack to force modules/gallery into the module path.
Rename what's left of "core" to be "application" so that it conforms
more closely to the Kohana standard (basically, just
application/config/config.php which is the minimal thing that you need
in the application directory)
There's still considerable work left to be done here.
|
|
Install: <module>_installer::install() is called, any necessary tables
are created.
Activate: <module>_installer::activate() is called. Module
controllers are routable, helpers are accessible, etc. The module is
in use.
Deactivate: <module>_installer::deactivate() is called. Module code
is not accessible or routable. Module is *not* in use, but its tables
are still around.
Uninstall: <module>_installer::uninstall() is called. Module is
completely removed from the database.
Admin > Modules will install and activate modules, but will only
deactivate (will NOT uninstall modules).
|
|
back to our users in the edit permissions dialog.
|
|
|
|
|
|
|
|
don't pass in a Group_Model as the argument. This prevents us from
setting permissions on the wrong group by accidentally passing in a
User_Model.
|
|
database, Kohana gets confused an appends the prefix outside of the
back ticks
|
|
mirror the drupal pattern of using braces {}.
|
|
tag, search, comment and notification modules (Ticket #68)
|
|
|
|
generating it lazily.
|
|
|
|
|
|
Convert all item->type == "photo" to item->is_photo()
|
|
problem where the install.sql had the wrong view permissions.
|
|
File_Structure_Test to make sure we don't regress.
According to the PHP docs, the "public" keyword is implied on static
functions, so remove it. Also, require private static functions to
start with an _.
http://php.net/manual/en/language.oop5.visibility.php
|
|
|
|
|
|
yet, but it shows you which items have locked view perms.
|
|
allowing or resetting permission further down in the tree. This bug
was introduced when I refactored the view permission cache into the
items table. Updated test to catch it.
|
|
|
|
|
|
|
|
_update_htaccess_files in preparation for supporting the view_full
permission.
|
|
|
|
admin more control. You can now track running tasks, resume stalled
tasks, cancel running tasks, and remove finished tasks.
Added graphics::compose() as a placeholder for future watermark
operations.
Added CSRF protection to maintenance urls.
|
|
1) Deleted in-place-editing. We'll be replacing this with a real edit
system that groups settings together and is more coherent.
2) Tweaked the way that dialog boxes work to get the ajax stuff working
again. It's imperfect and does not work properly for uploading images.
This is going to get redone also, but this is a good resting point.
3) Created edit forms for albums and photos. Moved _update and _create out
of Items_Controller and into the individual subclasses.
4) Created access::required which is a shorthand for:
if (!access::can(...)) {
access::forbidden();
}
5) Added validation rules to Items_Model
6) Converted login to use the regular modal dialog approach in the theme.
|
|
place for it, but it'll do for now.
Do CSRF checking in the Admin controller so that we're safe across the
board on the admin side.
|
|
|
|
|
|
into the session, for easy access. This cuts down the number of
queries when we're loading images through file_proxy.php
|
|
Item_Model and simplifies
file_proxy. It also means we can stop munging file names in the var/resizes hierarchy.
In the process, rename "thumbnail" to "thumb" everywhere in honor of
Chad (well, ok because it's shorter)..
|
|
protection on var/albums and var/resizes and only displays files to
the user if they have "view" permission on the base ite.
|
|
|
|
o Add model_cache::get() which caches models avoiding duplicate lookups
o Stop using ORM relationships for Item_Model::owner so that we can use caching
o For Item_Model::xxx_edit fields, don't make them editable for guests
o Other minor stuff.
These optimizations reduce the number of queries for a 9-photos page from ~200
to ~45. Still way too many!
|
|
|
|
the group::everybody() user.
|
|
|
|
|
|
created albums and photos.
|
|
|
|
Unit tests ftw!
|
|
other functionality. This makes our user/group and access code
fully consistent.
|
|
non-view. This is a step along the path towards moving the view
access cache into the item model.
|
|
access_group::can method.
|
|
minimize reloading objects from the database.
|
|
|
|
model.
|
|
given permission.
|
