fixes #4250 - API v2 - add compute profiles
fixes #5471 html escape auto-completer values (CVE-2014-0208)
fixes #5612 - use correct permissions for authz in parameters API
fixes #5506 - added scoped search to SmartProxy for UI and API v2
fixes #2785 - host model clone method also copies relationships using deep_cloneable gem
fixes #5436 - provisioning templates are world accessible
fixes #4597 - map host disassociate actions to permission
fixes #4204 - add config groups feature - assign multiple config groups to a host or hostgroup
fixes #4122 and new charts design
fixes #3914 - set current taxonomies on login from user defaults
fixes #4895 - Adds CSRF protection check to the API if a session user is present
fixes #4806 add support to register compute resource provider from a plugin
fixes #3592 lazy load vm with ajax in host show page.
fixes #4863 - API V2 - add puppetclasses format style=list and module_name to base.json.rabl
fixes #4462 - extending the /users/login handling to process REMOTE_USER through intercept
fixes #1809 - foreman realm integration
Fixes #4851: a SmartProxy.with_features scope replaces feature-specific scopes generated during class loading
Fixes #4884 : remove duplicate slashes from the gravatar url
The issue is that request.protocol returns http:// instead of http. The code assumed no trailing slashes
fixes #4776 - support session[:expires_at] for api requests
There are situations where the UI needs to invoke requestson the API controllers; therefore, we need to ensure thatthe session expiration accounts for them. This is a commonfor plugins, such as Katello, which leverage the...
fixes #3214 - set taxonomy for hosts created via Puppet from facts or a default setting
fixes #4457 - Session fixation, new session IDs are not generated on login (CVE-2014-0090)
fixes #4256 - makes columns sortable in the UI
fixes #4617 - add feature to change parent of location or organization
fixes #4123 - libvirt imaging support using backing volumes
fixes #3827 - adds ldap avatar support
fixes #3475 - make it possible to force the 401 status.
fixes #4581 Implement available_networks API for VMware
fixes #4194, #4459 - add main_app to root_path references for isolated engines
fixes #4201 - update operating system by label, use description or fallname otherwise
fixes #4539 - changed os minor attribute to not required
fixes #812 - new permissions model, user group role and nest support, role filters for better granularity
fixes #4393 - rename ancestry label to title
fixes #4423 - allow puppet classes to be imported by environment
fixes #4015 - support oVirt using templates like images
fixes #3876 - API find_resource by name even if name starts with integer
fixes #4222 Add capability to compute resource API to retrieve cluster,network,storage info on oVirt
fixes #3912 - add inheritance for locations / organizations
fixes #3939 - add option to 'inherit from parent' for hostgroup attributes
fixes #4268 - don't search for host with nil IP on hostname spoofing
fixes #3845 - user login session ending clears chosen organization
fixes #3596 - validation error when user with hostgroup subscription creates a new hostgroup
fixes #3519 - taxonomies include authorization module
fixes #3553 - add "except" option to prevent puppet class import to select types of import
fixes #3960 - wrap APIv2 errors in an "error" node
fixes #3909 - add disassociate and bulk action disassociate to interface
fixes #3828 - set language locale for API messages and error responses
fixes #3826: no more sql errors when trying to search for environments (also domains, operatingsystems, and models)
fixes #3925 - create apipie param_groups for API v2 to DRY documentation
fixes #3920 - prevent 500 ScopedSearch errors on the API, raise UI errors correctly
fixes #359 - hostname spoofing for unattended installation templates
fixes #3760 - API v2 define metadata @total for each controller
fixes #3940 - extlogout page layout fixed
fixes #2231 - hostgroup deletion is restricted to hostgroups without children
Fixes #4022: Make api puppetrun a PUT for REST standards
fixes #3515 - API handles not found objects with 404
Fixes #4020 - enable @static to work on all OS template types
fixes #3906 - Support for Junos ZTP
fixes #3099 - Adding parameters to locations and organizations
Fixes #3927 - Allow VMs to provision via user-data
Fixes wrong os family caused by 'becomes' refs #3962
Fixes #3962 - Refactor class overwriting
fixes #3178 - add feature for compute profiles for hostgroups and hosts
fixes #3658 - support smart proxy's chef proxy feature
fixes #3261 - use the action the host is about to perform for power action notifications
refs #3935 - fixes hash style to support ruby 1.87
fixes #3935 new login page RCUE style
fixes #3853 - allow rabl template override to be specified
3853-taxonomy-rabl - changed style of override
fixes #2794 - set api_version and app_info in v1 and v2 base_controllers
fixes #3928 - API v2 - update os_default_templates for operating system
fixes #3930 - refactoring of edit_self implementation.
fixes #3752 - move data population from migrations into seed script
fixes #3889 - don't reload nested lookup keys during render, so validation errors aren't lost
fixed #3905 - wrong route in apidoc for reports delete (API v2)
fixes #3280 - authenticate returns true for API requests when login:false
fixes #3339 - nested fact support, allow fact importers to be registered by plugins
fixes #3693 - API v2 - accept GET json format of object in PUT/POST requests to add/remove has_many associations
Fixes #3720 - Add description field to operatingsystem
Fixes #3753 - always use main_app to determine paths for running an isolated namespace plugin
fixes #2983 - Add autosign#index to API v1 and v2 and remove from UI controller
fixes #2572 - FreeBSD unattended installation support via mfsbsd
fixes #3776 - change NAME_MAP to be a method
Fixes #3777 - typo in Settings cleanup message
fixes #3137 - API v2 - show error if optional nested object does not exist for nested route
fixes #3018 - API v2 metadata for pagination, search, order in index collection json response
fixes #3011 - default root node name for api collections json response to :results but make it configurable
fixes #3736 - users API uses login name as an identifying attribute
fixes #3510 - plugin interface for registering a plugin, updated menu system
fixes #2763 - correcting doco links
fixes #3603 - replaced a relation with a collection in 'where' conditions
fixes #3516 - resource names (inc. domains) are now being parametrized when used to construct urls
fixes #3017 - split APIv2 controllers from v1 parents
fixes #3312 - support /users/extlogin as a login page based on REMOTE_USER
fixes #3587, #2855 - print an error on invalid json vs 500 error
fixes #3578 - minor SQL and whitespaces updates to the smart proxy class
fixes #3566 - exposes orchestration tasks via the API at /api/orchestration/id/tasks
fixes #3577 - do not treat `params[:dryrun]` with value `false` as true
fixes #2951 - Host API documentation lacks compute_resource_id
fixes #3550 - correct HTTP method for puppet class import API
fixes #1830 - auto assign puppet proxy if its not defined upon facts/reports event
fixes #3538 - workaround for broken #pluck on lower Rails versions
