Newsletter March 2018

Icon on tab

Sao, the web client, received the support of icon on tab of the forms. Meanwhile on the desktop client, the same icon on tab has been moved on the left of the label.

Stock quantity per template

The stock quantity was only computed per product because it is the column stored in the stock move. But it may be useful for some cases to compute the stock quantity per template. Indeed products from the same template share the same default unit of measure so their quantities can be summed. So issue7068 added on the products_by_location method the possibility to group by product columns like the template, but also a relate action from the template which show quantity per locations.

Spell checking

The spell checking is now activated on the web client. The spell checking can be activated on any text widget by adding the spell attribute with a PYSON expression that returns the language code.

More protections against flooding

A malicious hacker could flood the LoginAttempt table by sending failing request for different logins. Even if the size of the record is limited and the records are purged frequently. So the server limits the number of attempt also per IP network. The size of the network can be configured for each version (IPv4 and IPv6). This are only the last level of protection, it is still recommended to use a proxy and to set up IDS.

The web_user implement also the same protection.

Reset password

The administrator can now reset the password of the user with a simple click. The server will generate a random reset password which is available for 1 day by default and send it by email to the user. This reset password is only valid until the user has set a new password. It is also possible to reset this way the admin password using the trytond-admin command line tool.

Add cache when checking XML record

Tryton prevents by default to modify records that are part of the setup (which are created by XML file in the modules). This requires to make a query on the ModelData table on each modification or deletion. But usually only a few models have such records, so we could put in memory the list of models that should be checked. So this allows to skip the query for most of the models and thus save some queries.

Add depends on Button

Buttons can be defined with PYSON expressions for the invisible or readonly attributes. Some times, the developer wants to be sure that the field used in the PYSON expressions are read by the client. So a depends attributes have been added which ensure that the listed fields will be included in all the view where the button is displayed.

Remove deprecated feature on GTK+-3

As the desktop client development has switched to GTK+-3. A cleaning of deprecated features has started:

• Use GtkSpell from introspection;
• Remove *gtk-can-change-accels*;

Database connection leak

The PostgreSQL backend uses a pool of connections for performance. During a load test, we has detected a leak of connections from this pool. Some code were not protected by a try/finally to ensure to put always put back the connection used.

A generic contact mechanism retrieval

Similar to the design of the addresses which can be flagged for invoice or delivery usage, the contact mechanism receive the same feature. So the code may now request a contact mechanism of a type and for a specific usage. For example, it is possible now to define which email address of a party should be used to send the invoices. The modules notification_email has been updated to use this method.

FEC export prior to closing fiscal year

It is often requested to be able to export the FEC on a non-closed fiscal year. So the issue5306 make it possible such export. In this case, the generated file will not have an official name as it is still a draft.

Tooltips

More modules have been reviewed for tooltips:

• carrier
• carrier_weight

Bug fixes & Improvements

• issue7085: The unittest for fields have been refactored to follow the best practice: Arrange, Act, Assert.
• issue7041: The email notification module was putting in the email header the list of blind carbon copied emails.
• issue7057: The import zip script from the country module is now Python3 compatible.
• issue7071: Since few releases the date format from the user language was not correctly set and so the client was falling back to the system format. This is now fixed and a common method is used everywhere to ensure coherence.
• issue7076: All ComboBox has been reviewed to ensure to disable 'scroll-event' and prevent 'move-active' when read-only.
• issue7087: It prevents to get the same session keys when creating many session with one call. In practice, such call does not exist in standard modules.
• issue7101: The Promotion registration was missing from the issue6827, this is now fixed. So now the shipment cost is really the unit price when computing the promotion.
• issue7107: The shipping reference and label were kept when copying packages. But as those values come from the carrier, they should be reset.
• issue7064: It enforces the consistency for the unit of measure between the display digits and the rounding factor.
• issue7079: It ensures that all modules requested have been activated by the testing tools. The silent failure was often the source of time lost when writing tests.
• issue7097: It fixes the string formatting of TrytonException under Python3.
• issue7092: It improves the performance of Party.address_get by relying on the ORM cache instead of doing a search query. So successive calls to the method will no more perform a query to the database.
• issue7118: With this change, trytond will not more try to delete translations when a record is deleted if it has not at least one translatable field.
• issue7104: The shipment cost is improved to not be computed when no goods is shipped. But also in case of return sale, the original shipment cost is not re-computed.
• issue7112: It prevents to set time converter with a value of zero because the clients do not support such configuration.
• issue2939: We have closed a pretty old feature request which prevents to close a period if there are still running asset lines.
• issue6931: The inventory should not remove line for inactive products as there could still be some quantity left in the location.
• issue7011: The consignment create also invoice line when product are consumed at the production or from the production locations.
• issue7083: The idempotency key for Stripe payment is always filled. Before it was only set if the checkout process was used.
• issue7110: The context has a new optional key _request which contains some informations like the remote address, the HTTP host etc. Those values are correctly setup if the server run behind a proxy which set the X-Forwarded headers.
• issue7022: The invoice lines from backorder are now correctly linked to right stock moves.
• issue6987: The party required option is hidden for non deferral accounts because they do not support this feature.
• issue7094: Fix the exception management in the desktop client following the refactoring from issue6907.
• issue7120: In some cases, the SQLite backend did not create the columns with the right types.
• issue5182: The usage of chardet to detect the encoding of HTML in the rich text widget was never fully reliable. Now we try common standard encoding and fallback to ASCII.
• issue7106: The default search on party will now also search on contact mechanism.
• issue7141: The API of Product.products_by_location and StockMixin._get_quantity have been changed. They no more accept a product_ids argument by only a grouping_filter. The two options were overlapping and creating errors when misused.
• issue7159, issue7160 and issue7161: They fix the computation of price when the quantity is negative (aka return).