App-Dochazka-REST
view release on metacpan or search on metacpan
fine-grained acl_profile definition
- t/dispatch/activity.t: test above handler
0.274 2014-11-13 10:43 CET
- config/dispatch/: allow 'inactive' to view own priv/schedule history
- Dispatch/Shared.pm: refactor 'current' routine to use a dispatch table
- Docs/Workflow.pm: add verbiage
- Test.pm: create_{active,inactive}_employee return $eid
- t/: start fixing regressions
0.275 2014-11-13 15:01 CET
- fix regression: "GET schedule/eid/:eid vomits 500 or returns nonsense"
- Dispatch/Shared.pm: the regression was caused by not saving the return
value from the call to {priv,schedule}_by_eid in the 'current' routine
- t/dispatch/schedule.t: add test case for this regression
0.276 2014-11-13 15:37 CET
- t/dispatch/schedule.t: add more positive tests focused on 'current' dispatch
target
0.277 2014-11-13 16:30 CET
- Dispatch/Schedule.pm: cleanup
- t/dispatch/schedule.t: add negative tests for 'schedule/eid/:eid/?:ts'
0.278 2014-11-13 22:32 CET
- t/dispatch/schedule.t: add more negative tests
- ../development-checklist, Docs/Workflow.pm: start blocking in interval
and lock resources; add verbiage
- config/dispatch/: make 'employee/self' be a synonym for 'employee/current'
and enable POST requests on these resources so employees can, e.g., change
their own password; update documentation of history resources
- REST_Config.pm: add 'DOCHAZKA_PROFILE_EDITABLE_FIELDS' for POST requests
on 'employee/self'
- t/dispatch/employee.t: run all 'employee/current' tests on 'employee/self'
as well; realize that if a resource returns 405 it will do so regardless
of which user we authenticate as (even non-existent user)
0.279 2014-11-14 10:39 CET
- Dispatch/Employee.pm: add _post_current (dispatch target for POST
'employee/{current, self}'
- t/dispatch/employee.t: ACL checks are not working for resources with
fine-grained ACL profile definition: add a test case for this
0.280 2014-11-14 11:29 CET
- employee_Config.pm: fix 'employee/self' acl_profile property
- Dispatch/Employee.pm: request body needs to be a hashref - check for that
where we really care about it - in _put_post_delete_employee_by_eid
- Dispatch/Shared.pm: pre_update_comparison was causing DOCHAZKA_BAD_INPUT to
be returned if no fields would actually change on update, but this might be
confusing - change it to allow updates in such cases
- t/dispatch/employee.t: add test cases for POST employee/{current,self} by
inactive and active employees; adapt tests to current state
0.281 2014-11-14 16:42 CET
- finish implementation (including test cases) of POST dispatch
target for 'employee/{current,self}' resource
0.282 2014-11-14 21:36 CET
- dbinit_Config.pm: add trigger clause to make 'sid' field immutable
- Docs/Workflow.pm: add verbiage
- t/model/schedule.t: add test case verifying that 'update' method does not
change the database even if the 'sid' field is changed
0.283 2014-11-18 07:45 CET
- REST_Message_en.conf: add finer-grained notice messages for 'cud'
- Model/Shared.pm: in cud, check return value of '$sth->execute' and
return finer-grained notices to distinguish various edge cases
- t/: adapt to current state
0.284 2014-11-18 11:01 CET
- unit tests: move existing '002-root' and '003-current-priv' units to
new t/sql directory; add new 't/sql/immutable_id.t' unit to test
new triggers to make 'eid', 'iid', etc. fields immutable
- config/sql/dbinit_Config.pm: add "immutability" triggers for 'employees.eid',
'schedhistory.shid' and 'privhistory.phid'
0.285 2014-11-18 11:53 CET
- dbinit_Config.pm, t/sql/immutable_id.t: finish making '*id' fields immutable
0.286 2014-11-18 12:49 CET
- dispatch_Config.pm, interval_Config.pm: add basic set of 'intervals'
resources
0.287 2014-11-18 15:33 CET
- config/dispatch/HTTP_Message_en.conf: make a separate message file for codes
that map directly to an HTTP error code
- config/, lib/: transform DOCHAZKA_BAD_INPUT and DOCHAZKA_INSUFFICENT_PRIV into
special status codes that map directly to HTTP error codes
- Resource.pm: when target returns certain status codes (see package variable
%status_http_map), translate them directly into HTTP error codes
- t/: adapt to current state
0.288 2014-11-19 10:05 CET
- Dispatch/Lock.pm: lay groundwork for locks
- t/dispatch/interval.t: new tests
- interval_Config.pm, dispatch_Message_en.conf: minor fixes
- Dispatch/Interval.pm: add special ACL handling
- Model/Interval.pm: fix bug (wrong order of properties in call to 'cud')
- Test.pm: let 'req' handle any user as long as "passhash" property is
set the same as "nick"
0.289 2014-11-19 11:08 CET
- interval_Config.pm: make not-implemented resources use 'not_implemented'
dispatch target
- t/dispatch/interval.pm: add some missing boilerplate tests
0.290 2014-11-19 11:23 CET
- interval_Config.pm: 'interval/nick/:nick/:tsrange' resource was broken due to
missing EOH - fixed
- t/dispatch/interval.t: $base for 'interval/nick/:nick/:tsrange' resource was
set to wrong value - fixed
0.291 2014-11-19 15:19 CET
- HTTP_Message_en.conf, Resources.pm: add 404 status trigger
- interval_Config.pm: call the hypothetical error code DISPATCH_TOO_MANY_RECORDS_FOUND
- top_Config.pm: fix factual error in documentation
- dispatch_Message_en.conf: add DISPATCH_TOO_MANY_RECORDS_FOUND definition
- Dispatch/Shared.pm->history: trigger 404 when no records found
- Model/Employee.pm: return DISPATCH_NO_RECORDS_FOUND with status level 'NOTICE'
- t/dispatch/history.t: explore more possibilities for entering an invalid EID;
adapt to current state (status-triggered 404 errors)
in /usr/lib/perl5/site_perl
0.403 2015-02-18 11:59 CET
- use normalize_filespec to avoid $ENV{'HOME'}, which does not work on Windows
systems
0.404 2015-02-18 17:59 CET
- dispatch_Messages_en.conf, Auth.pm: define and use DISPATCH_ACL_CHECK_FAILED message
- Dispatch.pm: remove extraneous 'my'
0.405 2015-02-20 15:24 CET
- ACL.pm: add 'acl_check_is_me' - generalized check for handlers that have
acl_profile "passerby" but may only used to operate on one's own records
- ResourceDefs.pm, Dispatch.pm: use 'acl_check_is_me' in several handlers
0.406 2015-02-20 20:55 CET
- config/sql: add SQL_EMPLOYEE_SELECT_BY_SEC_ID
- ResourceDefs.pm: add employee/sec_id/:sec_id
0.407 2015-02-21 15:30 CET
- t/dispatch/employee.t: adapt tests to new ACL policy
0.408 2015-02-21 15:58 CET
- Model/Employee.pm: add load_by_sec_id routine
- t/model/employee.t: add rudimentary unit tests for load_by_sec_id
- Shared.pm: change all instances of $self to $d_obj since none of the routines
in this module use method calls; add sec_id to shared_first_pass_lookup
0.409 2015-02-22 16:36 CET
- implement shared_get_employee and use it to implement three resource handlers
0.410 2015-02-23 20:42 CET
- t/dispatch/employee.t: add rudimentary tests of "employee/sec_id/:sec_id"
resource
0.411 2015-02-24 10:55 CET
- Build.PL: no longer re-create README on each build
- README: instead, point would-be readers to metacpan.org
- REST.pm: work on POD
0.412 2015-03-20 21:35 CET
- config/sql/dbinit_Config.pm: add disabled_to_zero trigger to convert NULL
values to "false" in the disabled field
- t/sql/disabled_to_zero.t: test disabled_to_zero trigger
0.413 2015-03-24 21:30 CET
- allow single-character nicks
0.414 2015-03-25 16:24 CET
- Dispatch.pm: convert "hardcoded text as status codes" into proper status
codes
0.415 2015-03-30 17:29 CEST
- require App::Dochazka 0.186 for 'scode' property in schedule class
- make test suite tolerate 'scode' property
- t/sql/schedule_Config.pm: add scode property to all SQL statements where it
makes sense
- implement 'schedule/scode/:scode' property with basic test cases
0.416 2015-04-01 09:39 CEST
- t/dispatch/schedule.t: trying to verify with tests that the new schedule
insert logic really does what we want
0.417 2015-04-02 22:06 CEST
- use TDD to get what we want: POST schedule/new ignores scode value when given
schedule exactly matches an existing schedule with a different (non-NULL)
scode
0.418 2015-04-03 09:08 CEST
- SQL: split 'disabled_to_zero' function/triggers into separate variants for
insert and update; confidently add 'NOT NULL' constraint to 'disabled' fields
- t/sql/disabled_to_zero.t: adapt to current state
- t/model/schedule.t: add notes the way it should have been from the beginning
0.419 2015-04-03 18:06 CEST
- ResourceDefs.pm: change ACL of 'GET schedule/all' so inactives and actives
can do it, too
- t/dispatch/schedule.t: add appropriate test cases
0.420 2015-04-04 21:18 CEST
- SQL: implement 'not_before_1892' function to enforce sane timestamp policy
(no dates before 1892 in the database)
- t/: adapt tests; add test cases
0.421 2015-04-05 13:34 CEST
- REST/Shared.pm: in 'shared_get_privsched', return 404 if no priv/schedule
assigned (instead of returning 200 OK with a null priv/schedule)
- t/dispatch/schedule.t: adapt tests
0.422 2015-04-05 20:45 CEST
- dbinit_Config.pm: make schedule_at_timestamp return SID instead of the
schedule JSON itself
- Model/Shared.pm: schedule_by_eid returns SID
- REST/Shared.pm: shared_get_privsched looks up the SID and returns the
entire schedule
- t/dispatch/schedule.t: adapt tests affected by the above change
- t/sql/disabled_to_zero.t: clean up after ourselves
0.423 2015-04-06 13:42 CEST
- REST/Shared.pm: make shared_employee_acl_part2 declare 403 status with a
proper App::CELL::Status instead of a hard-coded string
0.424 2015-04-06 18:59 CEST
- ResourceDefs.pm: allow inactives and actives to view their own privilege
and schedule histories; fix spelling of the word 'schedule' in the 'cli'
property
0.425 2015-04-06 22:15 CEST
- ResourceDefs.pm, config/sql/: modifications to allow POST (update) on
'priv/history/phid/:phid' and 'schedule/history/shid/:shid'
- Model/Privhistory.pm, Model/Schedhistory.pm: add update method
- UPDATE privhistory does not work as it should
- tests not running cleanly
0.426 2015-04-07 07:15 CEST
- dbinit_Config.pm: fix bug in 'root_immutable_old' that was causing
NEW.* values to be replaced with OLD.* on updates
- t/sql/privhistory.t: add test case for the above bug
- t/sql/root.t: replace comments with note()s
0.427 2015-04-07 09:14 CEST
( run in 1.936 second using v1.01-cache-2.11-cpan-e1769b4cff6 )