- Jan 24, 2023
-
-
Navneet Singh authored
The user images were not being displayed on the when profile entity is somehow added to landing_page content type, for example, having a featured section in a landing page having profile entity display. Reason: https://github.com/goalgorilla/open_social/blob/main/modules/social_features/social_profile/social_profile.module#L727 called for access check on File entity. This called https://git.drupalcode.org/project/drupal/-/blob/9.5.x/core/modules/file/src/FileAccessControlHandler.php#L21 In the function mentioned above, the $entity_and_field_access = $referencing_entity->access('view', $account, TRUE)->andIf($referencing_entity->$field_name->access('view', $account, TRUE)); resulted in AccessResultAllowed This line checked for access on both File $referencing_entity->$field_name->access('view', $account, TRUE) and Profile $referencing_entity->access('view', $account, TRUE) Now, File access check returned false but Profile access check returned TRUE which shouldn’t be the access as our user is anonymous. On further digging, Profile entity access check was passed through https://git.drupalcode.org/project/drupal/-/blob/9.5.x/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php#L61 This called for invoking of alter hooks in $this->moduleHandler()->invokeAll('entity_access', [$entity, $operation, $account]) and $this->moduleHandler()->invokeAll($entity->getEntityTypeId() . '_access', [$entity, $operation, $account]) We have written social_profile_profile_access which was introduced in https://github.com/goalgorilla/open_social/pull/2224 This checked for current node type and provided access for profiles to anonymous users. This made the statement mentioned in step 3 return “Allowed” instead of “Neutral” which then failed in the https://github.com/goalgorilla/open_social/blob/main/modules/social_features/social_profile/social_profile.module#L727 On landing_page, where this code mentioned in social_profile_profile_accessis called and due to which the reported behavior is seen. Solution: We added checks on basis of current user status and file system to avoid this conflict.
- Jan 19, 2023
-
-
Zan Vidmar authored
Add patch to fix the Drupal core issue #1236098 (Notice: Undefined index: 'base' in _color_rewrite_stylesheet()). (cherry picked from commit 8d84fb9e)
-
- Jan 17, 2023
- Jan 12, 2023
-
-
Issue #3330544 by nkoporec: Social follow taxonomy popup doesn't appear
-
- Jan 11, 2023
-
-
Issue #3318303 by rolki: Add support for allowed_values_function in entity_access_by_field
-
- Jan 10, 2023
-
- Jan 06, 2023
-
-
Issue #3301508 by ribel: Allow to filter by Flexible groups in custom content list block.
-
In PR 2962 we introduce a dependency towards graphql_oauth, this means it will enable simple_oauth while we still use a different module for the native app, namely oauth2_server. This causes the native app to break, also the simple_oauth will be enabled without any configuration. As some point we want the simple_oauth to take over, but in a smooth way. Also at first it will start calling a function in getExtension while there is nothing enabled yet and also breaking that.
-
-
- Jan 05, 2023
-
-
We are not using this library in code base anywhere. In the pages of history, this was somewhere used in Open Social style guide which we do not support anymore. This was first introduced in https://github.com/goalgorilla/open_social/pull/1358. It was added as dependency of KSS in our socialblue theme which can be seen here: https://github.com/goalgorilla/open_social/pull/1358/files#diff-f688afcb60f350ef698bb13a058e38938e27379d4fc5ec1152b4fdecf1ae2de7R3451 This library helped us in having highlighted snippets in our editors like code block: ``` <pre><code class="language-markup" data-language="html">{{ section.markup|escape('html') }}</code></pre> ``` We are removing it as we don't require it any more.
-
- Jan 03, 2023
-
- Jan 02, 2023
-
-
- Dec 20, 2022
-
-
Issue #3318902 by rolki: Add a new filtering option by "Future and ongoing" to Custom content list block
-
- Dec 19, 2022
-
-
Issue #3326223 by vnech: Hide "Enroll" button on events with "Invite-only" joining
-
- Dec 15, 2022
-
-
Nejc Koporec authored
-
Nejc Koporec authored
-
- Dec 13, 2022
-
-
Issue #3321091 by kashandarash: Update Post form to keep album relation on edit
- Dec 08, 2022
- Dec 05, 2022
-
-
Zan Vidmar authored
- Dec 02, 2022
-
-
Issue #3324951 by navneet0693: Unpublished Profile Tags are available for selection in Profile form. The tag field in the profile uses profile_tags vocabulary. The terms on profile entity are fetched by https://github.com/goalgorilla/open_social/blob/main/modules/social_features/social_profile/src/SocialProfileTagService.php in functions https://github.com/goalgorilla/open_social/blob/main/modules/social_features/social_profile/src/SocialProfileTagService.php#L87 and https://github.com/goalgorilla/open_social/blob/main/modules/social_features/social_profile/src/SocialProfileTagService.php#L118 These functions internally call the function https://github.com/goalgorilla/open_social/blob/main/modules/social_features/social_profile/src/SocialProfileTagService.php#L222 which was not checking if the term is published or not. This check is added in original class here: https://github.com/goalgorilla/open_social/blob/main/modules/social_features/social_tagging/src/SocialTaggingService.php#L291 So, we added the checks in SocialProfileTagService class as well.
-
- Nov 30, 2022
-
-
Navneet Singh authored
-
Navneet Singh authored
-
Navneet Singh authored
-
- Nov 29, 2022
-
-
Taras Kruts authored
Issue #3320482 by kashandarash: Album cover image is not displayed in activity stream
-
Tiago authored
- Nov 25, 2022
-
-
Navneet Singh authored
-
Social post install update hook number mixes up with Open Social profile
-
Taras Kruts authored
Issue #3306287 by chmez: Content tags for any entity type
-
Taras Kruts authored
Issue #3302921 by chmez: Support visibility tooltip for any entity type
-
- Nov 24, 2022
-
-
Issue #3322858 by zanvidmar: Broken date filter on search
-
- Nov 22, 2022
-
-
Tiago authored
-
- Nov 18, 2022
-
-
Tiago authored
-
- Nov 17, 2022
-
-
vnech authored
-