136902 aepure: MNT-17199 - CSV user import: if password is left blank it should be randomly generated
Modified UserCSVUploadPost behaviour to use an empty string for password creation instead of the user's first name.
Modified RepositoryAuthenticationDao > createUser behaviour to treat the case when the password is an empty string or null.
Added a Unit test.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137534 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
136755 jkaabimofrad: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
136745 jkaabimofrad: APPSREPO-147: Added an optional "include=path" parameter to the "list favorites" API as well as create and get a single favorite endpoints.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137504 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
136710 jkaabimofrad: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
136704 jkaabimofrad: APPSREPO-165: Added tests for testing the 'include' parameter with 'path' and/or 'allowableOperations' upon creating a shared link.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137499 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
136663 amukha: MNT-17850 Add configurable login page link to auth response page
The new configuration property is giving an ability to configure
a link to custom login page in Alfresco web app which is displayed
on the page after failed auth:
kerberos.authentication.sso.login.page.link
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137494 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135931 jkaabimofrad: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
135804 jkaabimofrad: APPSREPO-35, APPSREPO-118: Added tests for reset password service and REST API.
- Added a utility class (EmailUtil) to work with MailActionExecutor in test mode
- Added a new workflow task responsible for sending the reset password confirmation email (per peer review)
- Changed the reset-password endpoint to return a 202 response for an inactive workflow or invalid workflow id, key or mismatched user
- Some other minor changes as the result of adding tests
- Also, fixed tests failures by changing the reset password workflow definition target namespace URI.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137435 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135899 aforascu: REPO-2156 / MNT-16748: Failing to extract auditing entries from SearchService using Share, CMIS.
- Added two JUnit tests that test that the audit records are added when using SearchService query(SearchParameters): one in the AuditMethodInterceptorTest and another one in AuditWebScriptTest that is using the Rest-API get audit method to query the audit
- Refactored also an existing test in AuditMethodInterceptorTest
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137433 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135620 jvonka: REPO-2110 / MNT-17477: CMIS: SXSS+CSRF vulnerability (browser binding)
- force download=attachment (Content-Disposition headers) for all content types except those white-listed (eg. pdf & specific img types)
- follow-on for r135606 to fix fallout caught by TestPublicApiBrowser11TCK.testCMISTCKQuery()
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137405 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135566 jkaabimofrad: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
135505 jkaabimofrad: APPSREPO-137: Made quick-share email template configurable via properties file. The template path property value could be an XPATH, a NodeRef of the template or a class path of the template.
- Added a helper class to provide email template related utility functions
- Added share as a default registered client for sending email - the template assets (images) will be available in share.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137402 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135565 jkaabimofrad: Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)
135229 jkaabimofrad: APPSREPO-136: Updated the API framework so that WebApiNoAuth annotation can be used with operations.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137401 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135306 cturlica: Merged 5.2.0-CLOUD45 (Cloud ) to 5.2.N (5.2.1)
135265 cturlica: CLD-67: TestSiteMembershipRequests tests failing after cloud update from 5.2-SNAPSHOT to 5.2.0-CLOUD45-SNAPSHOT (plat/share)
- we shouldn't have default null value for not set properties (partial change for REPO-892)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137385 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
135255 arebegea: MNT-17427 : api/invite/cancel deletes records in the database with a GET: CSRF/XSS attack
- delete the script/org/alfresco/repository/invite/invite.get
- use the alternatives: script/org/alfresco/repository/site/invitation/invitation.post and script/org/alfresco/repository/site/invitation/invitation.delete
- updating the tests
- updating the controller for the invitation.delete to a java controller
- fix test fallout (SiteServiceTest testInviteDisabledUser - expected error status code)
- improve security by allowing only invitationIDs that belong the the site passed as parameter to be canceled
- be consistent and return 404 when an invitationID can not be found
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@137384 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
