Spynl update 5.39
Voor de klant niet zo zeer zichtbare updates, maar wel intern belangrijk om het systeem meer toekomstbestendig te maken.
Important highlights from this release
- /settings endpoints
- modelling resources more explictly and giving them ACLs in support of role authorization
- webshop 1.0 support
- reducing user and tenant lookups w.r.t. v5.38
- Spynl plugins can define their dependencies themselves in their own setup.sh script
All updates for this release
Bug
- i81n endpoint missing in DEV
- Reset Password returns user's email
- Reset Password Internal Server Error
- db access functions should complain when no tenant is used
- Pdf comparison doesn't work across computers
- spynl.pdf cannot install pybarcode from bitbucket
- sku lookup in spynl.b2b should use plural terms
- empty Purchase Order is added successfully
- decrease number of DB roundtrips in session handling
- Swagger docs don't load over HTTPS
Story
- Give db access endpoints to All mongo-based reource classes
- util functions: check_user, check_user_belongs_to_current_tenant
- Return roles in /me and /set-tenant
- Move pwd reset related code from spynl.auth to spynl.hr
- move some code from spynl.mongo to spynl.auth
- set untested endpoints to be usable only outside of production
- move from user.applications to user.roles
- Role Management endpoints
- Allow editing settings of a different user
- Add support of $nin to spynl.main.serial objects.py
- add/edit Resources in spynl.transactions, spynl.upload, spynl.external, spynl.webshops
- move authentication-related tests from spynl.mongo to spynl.auth
- spynl.retail
- separate spynl.user into spynl.auth and spynl.hr
- Investigate tenant and user find ones in requests
- map resources to roles
- POS - agg customer transactions items for a given time period
- pylint doesn't find the pylintrc file when in the tests folder
- create spynl.webshops and offer /webshop-order/send
- Find out what other softwear6 queries are using the /agg endpoint
- Spynl should fail by default when an email cannot be sent
- support /pick-ticket/add
- insert Spynl version number into sessions on creation
- Write up resource-centric refactoring proposal
- Draw resource class diagram
- Spynl settings endpoint all-settings
- Integrating spynl.b2b into b2b webshop
- Put pylint settings in the repositories themselves
- Change email pdf endpoint to add inline SVG images for barcodes
- Finish all the spynl.b2b #TODO and #FIXME
- /user-settings
- /account-settings endpoint
- subset authorization
- use ini-setting to restrict transaction types which spynl.b2b will add
- Deprecate support for created/modified.utc_date_str property
- Session ID should change each time /login is visited or user changes
- "valuePrice" has to be pulled from Sku collection not from a transaction receipt.
- install script (per Spynl plugin) for Debian dependencies
- plugin-specific (de)serialisation
- make generic Spynl plugin template