===================
REST API
--------
Features
~~~~~~~~
- Added a ``/tasks/purge/`` API to do bulk-deletion of old tasks.
Over time, the database can fill with task-records. This API allows
an installation to bulk-remove records based on their completion
timestamps.
NOTE: this endpoint is in tech-preview and may change in backwards
incompatible ways in the future.
:redmine:`8554`
- Added a role model to support RBAC and the utility functions ``assign_role`` and ``remove_role``.
The field ``permissions_assignment`` of access policies has been renamed to ``creation_hooks``. A
compatibility patch has been added to be removed with pulpcore=3.20.
The ``permissions`` argument to ``creation_hooks`` has been deprecated to be removed with
pulpcore=3.20.
:redmine:`9411`
- Added views to assign model and object level roles to users and groups.
:redmine:`9413`
- Rewrote existing access policies on viewsets to use roles.
:redmine:`9415`
- Added validation to prevent credentials in remote urls. Also added data migration to move
credentials out of remote url and into remote username/password fields for existing remotes.
:redmine:`9459`
- Reworked RBAC Content Guards to now use roles. Added new endpoints ``{list, add, remove}_roles`` and ``my_permissions`` to the RBAC content guard viewset.
:redmine:`9498`
- Content-type and Content-disposition headers are now sent in the AzureStorage.url.
:redmine:`9518`
- SigningService scripts can now access the public key fingerprint using the ``PULP_SIGNING_KEY_FINGERPRINT`` environment variable.
This allows for more generic scripts, that do not need to "guess" (hardcode) what key they should use.
:redmine:`9532`
- Added object specific endpoints ``{list,add}_roles``, ``remove_roles`` and ``my_permissions`` to tasks and groups viewsets.
:redmine:`9604`
- Added a ``reset`` endpoint to the access policy viewset to revert to the provided default uncustomized access policy.
:redmine:`9606`
Bugfixes
~~~~~~~~
- PulpImporter now unpacks into the task-worker's working directory rather than /tmp. Unpacking
large files into /tmp could cause the operation to fail, or even cause stability issues for
Pulp instance, due to running /tmp out of space.
:redmine:`8610`
- Missing worker records are now kept in the database for seven days allowing time for post-mortem
analysis of them. The user-facing data in the status API remains unmodified.
:redmine:`8988`
- Made Pulp to be fault-tolerant to Redis server connection issues.
:redmine:`8997`
- Cache is now properly invalidated after reclaim disk task.
:redmine:`9215`
- Fixed bug where the content app would stop working after a brief loss of connection to the database.
:redmine:`9276`
- Improved messaging around timeout requests.
:redmine:`9301`
- Updated the distribution validation to properly handle the use of ``repository`` / ``repository_version`` / ``publication``.
:redmine:`9434`
- Fixed issue with listing repository versions while running orphan cleanup task.
:redmine:`9481`
- Fixed erroneous ordering filters from appearing in HTML views and causing 500 errors when used.
:redmine:`9496`
- Fixed bug where Artifacts were being downloaded even if they were already saved in Pulp.
:redmine:`9542`
- Fixed a bug in pulpcore-worker, where wakeup and cancel signals could be lost due to a race
condition.
:redmine:`9549`
- Fixed bug where chunked uploads were being assembled in /tmp.
:redmine:`9550`
- Created a proxy model for Groups to allow using creation_hooks with them.
:redmine:`9588`
- Fixed permission errors on artifact retrieval from object storage when redis caching is enabled.
:redmine:`9595`
Improved Documentation
~~~~~~~~~~~~~~~~~~~~~~
- Adjusted the RBAC documentation for the roles framework.
:redmine:`9411`
- Added documentation for ``DB_ENCRYPTION_KEY`` setting.
:redmine:`9495`
- Fixed the path to uploaded artifacts.
:redmine:`9527`
Removals
~~~~~~~~
- The ``pulpcore-worker`` binary no longer accepts the ``--resource-manager`` flag. There is no
resource manager anymore, so this flag is no longer needed.
:redmine:`9327`
- Removed tech previewed ``assign_permission`` and ``remove_permission`` endpoints from RBAC content guard viewset.
:redmine:`9498`
Misc
~~~~
- :redmine:`9353`, :redmine:`9354`, :redmine:`9506`
Plugin API
----------
Features
~~~~~~~~
- Added ``get_objects_for_user`` to support queryset filtering by roles.
Added hooks in ``AutoAddObjPermsMixin`` to support auto-assignment of roles.
Changed the lookup for creation hooks so hooks need to be registered in
``REGISTERED_CREATION_HOOKS`` on the model to be used. The signature for creation hooks that are
registered must match the exploded version of the dict parameters from the access policy.
Unregistered creation hooks are deprecated and support will be dropped in pulpcore 3.20.
:redmine:`9411`
- Made RepositoryAddRemoveContentSerializer available for plugin writers.
:redmine:`9504`
- Added ability to pass headers through the AzureStorage.url.
:redmine:`9518`
- ``Remote.get_remote_artifact_url`` now accepts a ``request`` parameter.
:redmine:`9554`
- Added ``initialize_new_version`` function to ``Repository`` model.
:redmine:`9579`
- `DownloaderFactory.user_agent()` method is now available if plugin needs to generate User-Agent header value to use in their custom (subclasssed) downloader factory.
:redmine:`9591`
- Added ability to use a custom download factory. `Remote.get_downloader` now accepts a `download_factory` parameter.
:redmine:`9592`
- ``Handler._serve_content_artifact`` method accepts new positional argument ``request``.
:redmine:`9595`
- Added Group model to plugin api.
Added ``RolesMixin`` to for viewsets to allow managing object roles based on permissions.
:redmine:`9604`
- Added new async sign method ``asign`` to the ``SigningService`` model.
:redmine:`9615`
- ``SigningService.sign`` and ``SigningService.asign`` now accepts a ``env_var`` parameter that makes
it possible to pass environment variables to the signing script.
:redmine:`9621`
Bugfixes
~~~~~~~~
- Include additional information about which AccessPolicy is using deprecated policy features.
:redmine:`9608`