Elgg 2.0.0-alpha.3 released

Elgg 2.0.0-alpha.3 is now available for download. This pre-release is meant for early testers and plugin developers. Please do not use it in production.

Contributors

  • Evan Winslow (6)
  • Jeroen Dalsem (3)
  • Juho Jaakkola (3)
  • Steve Clay (3)
  • Jerôme Bakker (1)
  • Juho Jaakkola (1)
  • Matt Beckett (1)

Features

  • developers: Always show human-readable translations (43c19644, closes #8834)
  • i18n: abbreviations for months and weekdays (889617ed)
  • views:
    • added html5 audio support to the file plugin (e5a32390)
    • Allow sites to specify views.php at root (625c1ddd)

Performance

  • nginx: Turn on gzip by default (49f776d3)

Bug Fixes

  • cli: Rewrite ::installDir() to Directory\Local::root() in CLI server (1e1f446b)
  • discussions: Body of discussion notification mail is not empty anymore (23ab3e51)
  • entities: Entity creation no longer needlessly checks owner container (5adf98fd, closes #4231)
  • icons: sizes of Font awesome icons are now more consistent with old icons (11386003, closes #8733, #8861)

Breaking Changes

  • If a plugin has removed or replaced messages_notifier to hide/alter the inbox icon, the plugin must instead do the same for the topbar menu handler (messages_register_topbar).

Fixes #8862 (67cff474)

  • When creating within a group, ElggEntity::create used to always separately check if the current user can use the owner's account as a container. This made sure that one group member could not post to the group using another member as owner. This separate check led to confusion, as handlers of the container_permissions_check hook were told that the owner was to be the container, when it was actually the group.

Here we bypass the separate owner container check if the desired owner_guid is the logged in user GUID. This eliminates the check under all normal circumstances but leaves it in place in case a poorly coded plugin allows the impersonation described above.

This also denies creation if the owner/container GUIDs are set but can't be loaded. Before, create() would simply bypass the permissions check if it couldn't load the owner/container.

Fixes #4231 (5adf98fd)

  • We've removed the "categories" plugin from core.

You may access it at https://github.com/Elgg/categories

Fixes #7584 (ba0c12f2)

Latest comments