• last updated 49 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Fix potential problems when calling polymorphic SQL functions from Tcl

Some functions are defined in the database with the same number of

arguments but different types, e.g., first argument "package_key"

(type text) or "package_id" (type integer). This is fine from the SQL

standpoint, but when calling from Tcl via bind-vars

(e.g. ":package_id"), everything is passed as a string, and

potentially, the wrong function is called.

Now, all the automatically generated subs are generated with casts,

when the integer based variant must be called.

Some examples:

Before:

set s [ns_pg_bind 0or1row $__DB {select apm__set_value(:package_id,:parameter_name,:attr_value)}]

set s [ns_pg_bind 0or1row $__DB {select apm__get_value(:package_id,:parameter_name)}]

Now:

set s [ns_pg_bind 0or1row $__DB {select apm__set_value(CAST(:package_id AS integer),:parameter_name,:attr_value)}]

set s [ns_pg_bind 0or1row $__DB {select apm__get_value(CAST(:package_id AS integer),:parameter_name)}]

- bumped version number to 5.10.1b11

fixed resource leak

    • -45
    • +45
    ./tcl/test/acs-tcl-test-procs.tcl
reduced verbosity

Make localurl filter more robust to invalid URLs: fail validation in this case, intead of crashing

fixed resource leaks

dom trees were not deleted

ad_dom_sanitize_html: fixed 2 resource leaks

in case of parsing errors in the input string the following structures leaked:

- dom tree

- stuct::tree

make sure to delete tdom document

Delete nodes explicitly, otherwise it survives the end of the proc.

fixed icanuse-test for deleting samesite cookies

More resource-info updates:

- fixed wrong and inconsistent naming of dict members (many thanks to Sebastian Scheder for figuring this out)

- removed duplicated slashes in resource paths

- fixed incorrect paths when CDN is used

- simplified handling of cspMaps

- added test checking consistency of resource-info dicts

  1. … 9 more files in changeset.
file resource-info-procs.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./tcl/test/resource-info-procs.tcl
fix for regression test case ad_context_bar_multirow

originally, site-node entries survived the test

after the first fix, the regression test was failing (sometimes?) the complaint was about a missing package.

now, the test seems to work always correctyl, and the site-nodes entries are gone as well

Fix regression in db_multirow_group_last_row_p

Row is last when the next value changes

Many thanks to Miachel Aram for reporting the issue

fix typo

::util::resources::resource_info_procs: function to improve roustness of fetching of resource info procs

bumped version number to 5.10.1b10

improved souce code documentation

added link to snyk advisor (bumped version to 5.10.1b9)

Further simplify handling of resource_info specs

- Added convenience function "::util::resources::register_urns" to

register all URNs with CSP handling provided by a package (denoted

by its top level namespace)

- made parameter "version" in "check-installed" include optional

- bumped version number to 5.10.1b8

reduced verbosity in the system log, provide hint to message

Fixed issue in cluster mode, denoted by Khy H in the OpenACS forum

A new command "ad_parameter_cache_flush_dict" was introduced to handle

the case, where a cluster node modifies a parameter value without

having it read before. This case could lead to a coherency problem for

parameter values.

Background:

This proc is necessary in cases, where a node writes a new

parameter value before it has read the old one.

Since a plain "nsv_dict unset ad_param $key $parameter_name"

raises an exception, when the pair does not exist, and we do

not want to allow in cluster requests arbitrary "catch"

commands, we allow "ad_parameter_cache_flush_dict" instead.

Probably, the best solution is to add support for

nsv_dict unset -nocomplain -- ad_param $key $parameter_nam

The existing nsv_dict was built after Tcl's "dict unset",

which does not have the "-nocomplain" option either. However,

an atomic operation would certainly be preferable over an exists/unset

pair, which is no acceptable solution.

For details, see https://openacs.org/forums/message-view?message_id=5822470

perform proper cleanup after regressin test

Prettify subsite admin page

- Made explicit that "Administration" means "Subsite Administration"

(use the term consistently)

- Changed message key of acs-subsite.administration to "Subsite Administration"

- added icons to subsite admin index page (full set only for bootstrap icons)

  1. … 8 more files in changeset.
use tag <i> for technical terms as on other places

fix over-eager renaming

spell "site-wide" consistently with a dash

  1. … 33 more files in changeset.
improved the site-wide admin pages for external ja libraries

- add a sample for pinning the version number via the NaviServer configuration file

- privide a link to the requirements and background page explaining the implemented policies

factored out vulerability check to make it reusable

- New proc ::util::resources::check_vulnerability

- bumped verison number to 5.10.1b7

added titles for the action URLs to guide the user

Let site-wide admin pages of external js pages modify, create and delete package parameters

The real change escaped with the previous commit.

improved spelling

  1. … 1 more file in changeset.
added comment