135931 jkaabimofrad: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
135804 jkaabimofrad: APPSREPO-35, APPSREPO-118: Added tests for reset password service and REST API.
- Added a utility class (EmailUtil) to work with MailActionExecutor in test mode
- Added a new workflow task responsible for sending the reset password confirmation email (per peer review)
- Changed the reset-password endpoint to return a 202 response for an inactive workflow or invalid workflow id, key or mismatched user
- Some other minor changes as the result of adding tests
- Also, fixed tests failures by changing the reset password workflow definition target namespace URI.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137435 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135899 aforascu: REPO-2156 / MNT-16748: Failing to extract auditing entries from SearchService using Share, CMIS.
- Added two JUnit tests that test that the audit records are added when using SearchService query(SearchParameters): one in the AuditMethodInterceptorTest and another one in AuditWebScriptTest that is using the Rest-API get audit method to query the audit
- Refactored also an existing test in AuditMethodInterceptorTest
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137433 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135620 jvonka: REPO-2110 / MNT-17477: CMIS: SXSS+CSRF vulnerability (browser binding)
- force download=attachment (Content-Disposition headers) for all content types except those white-listed (eg. pdf & specific img types)
- follow-on for r135606 to fix fallout caught by TestPublicApiBrowser11TCK.testCMISTCKQuery()
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137405 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135566 jkaabimofrad: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
135505 jkaabimofrad: APPSREPO-137: Made quick-share email template configurable via properties file. The template path property value could be an XPATH, a NodeRef of the template or a class path of the template.
- Added a helper class to provide email template related utility functions
- Added share as a default registered client for sending email - the template assets (images) will be available in share.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137402 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135565 jkaabimofrad: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
135229 jkaabimofrad: APPSREPO-136: Updated the API framework so that WebApiNoAuth annotation can be used with operations.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137401 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135306 cturlica: Merged 5.2.0-CLOUD45 (Cloud ) to 5.2.N (5.2.1)
135265 cturlica: CLD-67: TestSiteMembershipRequests tests failing after cloud update from 5.2-SNAPSHOT to 5.2.0-CLOUD45-SNAPSHOT (plat/share)
- we shouldn't have default null value for not set properties (partial change for REPO-892)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137385 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135255 arebegea: MNT-17427 : api/invite/cancel deletes records in the database with a GET: CSRF/XSS attack
- delete the script/org/alfresco/repository/invite/invite.get
- use the alternatives: script/org/alfresco/repository/site/invitation/invitation.post and script/org/alfresco/repository/site/invitation/invitation.delete
- updating the tests
- updating the controller for the invitation.delete to a java controller
- fix test fallout (SiteServiceTest testInviteDisabledUser - expected error status code)
- improve security by allowing only invitationIDs that belong the the site passed as parameter to be canceled
- be consistent and return 404 when an invitationID can not be found
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137384 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
134806 mward: Merged mward/repo-1600-zonesfilter (5.2.1) to 5.2.N (5.2.1)
134741 mward: REPO-1600: added support for zone filtering to GET /people/{personId}/groups
Also brought in-line with spec to return an empty list rather than a 404 if the zone is non-existent.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137365 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
134804 mward: Merged mward/repo-1600-zonesfilter (5.2.1) to 5.2.N (5.2.1)
134686 mward: REPO-1600: implemented logical conjunction for where clause
e.g.
isRoot=true AND zones in ('MY.ZONE')
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137363 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
134802 mward: Merged mward/repo-1600-zonesfilter (5.2.1) to 5.2.N (5.2.1)
134670 mward: REPO-1600: initial groundwork
Includes impl for path where no isRoot parameter is supplied.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137361 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
134674 cpopa: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
134665 cpopa: APPSREPO-105 : Add an API to download multiple file/folders as a zip
- test fixes to get rid of unpredictable failures
- fixes after Gavin's OpenAPI spec review
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137351 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
134673 cpopa: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
134653 cpopa: APPSREPO-105 : Add an API to download multiple file/folders as a zip
- Fixed a test which failed due to an incorrect wait time.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137350 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
134671 cpopa: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
134630 cpopa: APPSREPO-105 : Add an API to download multiple file/folders as a zip
- Added an API for creating a download, retrieving download info and canceling a download
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137348 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
