As discussed on issue #15225, it should be possible for system administrators
to disable the 1-click installation system.
The plan is to disable the feature by default, but make it relatively easy
to turn on when it is explicitly desired.
1. At the moment we cannot guarantee that all Apps published on the Odoo Apps
Store are safe. And it is a security risk to let end-users deploy Python
code on their Odoo servers without requiring any review/deployment by a
competent system administrator.
We will work on improving the validation process of the Store, but this
will require time, and won't probably be a 100% safe process in any case.
2. The one-click install feature is however really useful to help
non-technical users install Apps, as long as the feature has been
explicitly allowed by the system administrator. This is a common feature
in other software suites as well. So we'd like to keep it as an opt-in
feature.
3. Administrators of multi-tenant servers, cloud hosting services, etc.
understandably expect to be able to turn off the feature for
security/control reasons.
4. By turning off the feature by default, but still exposing it in the UI,
we keep it *discoverable* for users. The error message should be
helpful to direct users to their sysadmins.
5. By using the permissions of the download folder as a flag for turning
off the feature, we avoid introducing an extra server parameter.
The folder is still created (read-only) by default, for the sole purpose
of making it easier to locate.
Fixes#15225
According to PEP302, the signature of `Finder.find_module` should be
`find_module(fullname, path=None)`.
Ever since it was introduced in 64ec5f36df the addons import hook
defines the second parameter as mandatory, which is an issue for
systems relying on the specified behaviour (and not needing to
provide a path) like the stdlib's `pkgutil.find_loader`.
fixes#10670
* document and warn that checks and fast_suite in tests sub-packages are
deprecated and have no effect
* avoid iterating all currently loaded modules when looking for test
modules in a tests sub-package
* replace use of __import__ by importlib
Fixes#3152
- sessions are now shared between series.
- use site data dir instead of user data dir if user has no home dir.
- in http and module handling, `data-dir` was used before being
initialized, using the default value instead of user input
(fixes#308, #904)
A squashed merge is required as the conversion of the apiculture branch from
bzr to git was not correctly done. The git history contains irrelevant blobs
and commits. This branch brings a lot of changes and fixes, too many to list
exhaustively.
- New orm api, objects are now used instead of ids
- Environements to encapsulates cr uid context while maintaining backward compatibility
- Field compute attribute is a new object oriented way to define function fields
- Shared browse record cache
- New onchange protocol
- Optional copy flag on fields
- Documentation update
- Dead code cleanup
- Lots of fixes
Add a loglevel 25 to log some INFO to runbot
Add timers for loading and testing
Silence empty test suite
ir_logging use relative pathname, warning this doesnt work for --addons-path modules yet.
- output "error" if any qunit tests failed
- failed js tests are logged as errors
- when running phantomjs considere empty waiting condition or initialisation code as "true"
- lint phantomtest.js file
remove deprecated zipfile support
add preload_registry option when server is running
allow registries to be used in contruction in test mode
add a rollback test case for http tests
add a phantomjs helper
bzr revid: al@openerp.com-20140209004005-p5pwym4sqc23vw5b
When --test-enable is used, it is expected that test output is visible,
thus using log-level INFO is natural.
On the down side you lose the nice blue hint that tests did actually
run when --log-level test was given.
bzr revid: vmt@openerp.com-20130326155844-83e2tcqokvblr0ln