wagtail/docs/releases/1.5.rst

==========================================
Wagtail 1.5 release notes - IN DEVELOPMENT
==========================================

.. contents::
    :local:
    :depth: 1


What's new
==========

Improvements to the "Image serve view"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

:ref:`using_images_outside_wagtail`

This view, which is used for requesting image thumbnails from an external app, has had some improvements made to it in this release.

 - A "redirect" action has been added which will redirect the user to where the resized image is hosted rather than serving it from the app. This may be beneficial for performance if the images are hosted externally (eg, S3)
 - It now takes an optional extra path component which can be used for appending a filename to the end of the URL
 - The key is now configurable on the view so you don't have to use your project's ``SECRET_KEY``
 - It's been refactored into a class based view and you can now create multiple serve views with different image models and/or keys

Minor features
~~~~~~~~~~~~~~

 * Moved lesser-user actions in the page explorer into a 'More' dropdown
 * Added a hook :ref:`register_page_listing_buttons` for adding action buttons to the page explorer
 * Added 'revisions' action to pages list (Roel Bruggink)
 * Added a hook :ref:`insert_global_admin_js` for inserting custom JavaScript throughout the admin backend (Tom Dyson)
 * The type of the ``search_fields`` attribute on ``Page`` models (and other searchable models) has changed from a tuple to a list (see upgrade consideration below) (Tim Heap)
 * Use `PasswordChangeForm` when user changes their password, requiring the user to enter their current password (Matthijs Melissen)
 * Highlight current day in date picker (Jonas Lergell)
 * Eliminated the deprecated ``register.assignment_tag`` on Django 1.9 (Josh Schneier)
 * Increased size of Save button on site settings (Liam Brenner)
 * Optimised Site.find_for_request to only perform one database query (Matthew Downey)
 * Notification messages on creating / editing sites now include the site name if specified (Chris Rogers)

Bug fixes
~~~~~~~~~

 * The currently selected day is now highlighted only in the correct month in date pickers (Jonas Lergell)
 * Fixed crash when an image without a source file was resized with the "dynamic serve view"
 * Registered settings admin menu items now show active correctly (Matthew Downey)


Upgrade considerations
======================

The ``search_fields`` attribute on models should now be set to a list
=====================================================================

On searchable models (eg, ``Page`` or custom ``Image`` models) the ``search_fields`` attribute should now be a list instead of a tuple.

For example, the following ``Page`` model:

.. code-block:: python

    class MyPage(Page):
        ...

        search_fields = Page.search_fields + (
            indexed.SearchField('body'),
        )

Should be changed to:

.. code-block:: python

    class MyPage(Page):
        ...

        search_fields = Page.search_fields + [
            indexed.SearchField('body'),
        ]

To ease the burden on third-party modules, adding tuples to ``Page.search_fields`` will still work. But this backwards-compatibility fix will be removed in Wagtail 1.7.

Elasticsearch backend now defaults to verifying SSL certs
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Previously, if you used the Elasticsearch backend, configured with the URLS property like:


.. code-block:: python

    WAGTAILSEARCH_BACKENDS = {
        'default': {
            'BACKEND': 'wagtail.wagtailsearch.backends.elasticsearch',
            'URLS': ['https://example.com/'],
        }
    }

Elasticsearch would not be configured to verify SSL certificates for HTTPS URLs. This has been changed so that SSL certificates are verified for HTTPS connections by default.

If you need the old behaviour back, where SSL certificates are not verified for your HTTPS connection, you can configure the Elasticsearch backend with the ``HOSTS`` option, like so:

.. code-block:: python

    WAGTAILSEARCH_BACKENDS = {
        'default': {
            'BACKEND': 'wagtail.wagtailsearch.backends.elasticsearch',
            'HOSTS': [{
                'host': 'example.com'
                'use_ssl': True,
                'verify_certs': False,
            }],
        }
    }

See the `Elasticsearch-py documentation <http://elasticsearch-py.readthedocs.org/en/stable/#ssl-and-authentication>`_ for more configuration options.
Version-bump to start work on 1.5 2016-03-11 12:02:13 +00:00			`==========================================`
			`Wagtail 1.5 release notes - IN DEVELOPMENT`
			`==========================================`

			`.. contents::`
			`:local:`
			`:depth: 1`


			`What's new`
			`==========`

Changelog/release note for #1913 2016-04-04 09:35:32 +00:00			`Improvements to the "Image serve view"`
			`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

			:ref:`using_images_outside_wagtail`

			`This view, which is used for requesting image thumbnails from an external app, has had some improvements made to it in this release.`

			`- A "redirect" action has been added which will redirect the user to where the resized image is hosted rather than serving it from the app. This may be beneficial for performance if the images are hosted externally (eg, S3)`
			`- It now takes an optional extra path component which can be used for appending a filename to the end of the URL`
			- The key is now configurable on the view so you don't have to use your project's ``SECRET_KEY``
			`- It's been refactored into a class based view and you can now create multiple serve views with different image models and/or keys`

Release notes for #1940 2016-03-11 15:33:10 +00:00			`Minor features`
			`~~~~~~~~~~~~~~`

			`* Moved lesser-user actions in the page explorer into a 'More' dropdown`
			* Added a hook :ref:`register_page_listing_buttons` for adding action buttons to the page explorer
Add 'revisions' action to 'more'. 2016-04-04 18:20:27 +00:00			`* Added 'revisions' action to pages list (Roel Bruggink)`
Release note for #2333 2016-03-11 17:21:53 +00:00			* Added a hook :ref:`insert_global_admin_js` for inserting custom JavaScript throughout the admin backend (Tom Dyson)
Changelog/release note/upgrade consideration for #2388 2016-03-24 21:21:05 +00:00			* The type of the ``search_fields`` attribute on ``Page`` models (and other searchable models) has changed from a tuple to a list (see upgrade consideration below) (Tim Heap)
Ask user for old password when changing password This is accomplished by using PasswordChangeForm instead of SetPasswordForm. This adds extra security, as without this commit, an attacker that has access to a user's session at one point in time will be able to change the user's password and gain permanent access. 2016-03-01 00:34:24 +00:00			* Use `PasswordChangeForm` when user changes their password, requiring the user to enter their current password (Matthijs Melissen)
Release notes for #2260 2016-03-22 03:36:21 +00:00			`* Highlight current day in date picker (Jonas Lergell)`
Fix deprecated usage of register.assignment_tag 2016-04-03 21:14:02 +00:00			* Eliminated the deprecated ``register.assignment_tag`` on Django 1.9 (Josh Schneier)
Changed button class for saving settings 2016-03-20 22:20:27 +00:00			`* Increased size of Save button on site settings (Liam Brenner)`
updated Site.find_for_request() to only hit the database once, and related unit tests 2015-11-27 00:41:51 +00:00			`* Optimised Site.find_for_request to only perform one database query (Matthew Downey)`
Use site_name for display for sites if available 2016-01-24 19:05:20 +00:00			`* Notification messages on creating / editing sites now include the site name if specified (Chris Rogers)`
Release notes for #2260 2016-03-22 03:36:21 +00:00
			`Bug fixes`
			`~~~~~~~~~`

			`* The currently selected day is now highlighted only in the correct month in date pickers (Jonas Lergell)`
Changelog/release note for #1913 2016-04-04 09:35:32 +00:00			`* Fixed crash when an image without a source file was resized with the "dynamic serve view"`
updated changelog for registered settings menu items 2016-03-04 00:39:41 +00:00			`* Registered settings admin menu items now show active correctly (Matthew Downey)`
Release notes for #1940 2016-03-11 15:33:10 +00:00
Version-bump to start work on 1.5 2016-03-11 12:02:13 +00:00
			`Upgrade considerations`
			`======================`
Changelog/release note/upgrade consideration for #2388 2016-03-24 21:21:05 +00:00
			The ``search_fields`` attribute on models should now be set to a list
			`=====================================================================`

			On searchable models (eg, ``Page`` or custom ``Image`` models) the ``search_fields`` attribute should now be a list instead of a tuple.

			For example, the following ``Page`` model:

			`.. code-block:: python`

			`class MyPage(Page):`
			`...`

			`search_fields = Page.search_fields + (`
			`indexed.SearchField('body'),`
			`)`

			`Should be changed to:`

			`.. code-block:: python`

			`class MyPage(Page):`
			`...`

			`search_fields = Page.search_fields + [`
			`indexed.SearchField('body'),`
			`]`

			To ease the burden on third-party modules, adding tuples to ``Page.search_fields`` will still work. But this backwards-compatibility fix will be removed in Wagtail 1.7.
Verify SSL certificates for Elasticsearch connections by default Making developers opt out of extra security is better than making them opt in, especially when they may not be aware of the security they are missing out on. 2016-03-24 00:34:31 +00:00
			`Elasticsearch backend now defaults to verifying SSL certs`
			`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

			`Previously, if you used the Elasticsearch backend, configured with the URLS property like:`


			`.. code-block:: python`

			`WAGTAILSEARCH_BACKENDS = {`
			`'default': {`
			`'BACKEND': 'wagtail.wagtailsearch.backends.elasticsearch',`
			`'URLS': ['https://example.com/'],`
			`}`
			`}`

			`Elasticsearch would not be configured to verify SSL certificates for HTTPS URLs. This has been changed so that SSL certificates are verified for HTTPS connections by default.`

			If you need the old behaviour back, where SSL certificates are not verified for your HTTPS connection, you can configure the Elasticsearch backend with the ``HOSTS`` option, like so:

			`.. code-block:: python`

			`WAGTAILSEARCH_BACKENDS = {`
			`'default': {`
			`'BACKEND': 'wagtail.wagtailsearch.backends.elasticsearch',`
			`'HOSTS': [{`
			`'host': 'example.com'`
			`'use_ssl': True,`
			`'verify_certs': False,`
			`}],`
			`}`
			`}`

			See the `Elasticsearch-py documentation <http://elasticsearch-py.readthedocs.org/en/stable/#ssl-and-authentication>`_ for more configuration options.