Merge branch '3.3' into 3.4

admin/javascript/LeftAndMain.js

@@ -179,7 +179,7 @@ jQuery.noConflict();
 			var msg = (xhr.getResponseHeader('X-Status')) ? xhr.getResponseHeader('X-Status') : xhr.statusText,
 				reathenticate = xhr.getResponseHeader('X-Reauthenticate'),
 				msgType = (xhr.status < 200 || xhr.status > 399) ? 'bad' : 'good',
-				ignoredMessages = ['OK', 'success'];
+				ignoredMessages = ['OK', 'success', 'HTTP/2.0 200'];
 
 			// Enable reauthenticate dialog if requested
 			if(reathenticate) {

forms/Form.php

@@ -416,7 +416,8 @@ class Form extends RequestHandler {
 			$this->controller->hasMethod($funcName)
 			&& !$this->controller->checkAccessAction($funcName)
 			// If a button exists, allow it on the controller
-			&& !$this->actions->dataFieldByName('action_' . $funcName)
+			// buttonClicked() validates that the action set above is valid
+			&& !$this->buttonClicked()
 		) {
 			return $this->httpError(
 				403,
@@ -475,16 +476,28 @@ class Form extends RequestHandler {
 	 * @return bool
 	 */
 	public function checkAccessAction($action) {
-		return (
-			parent::checkAccessAction($action)
+		if (parent::checkAccessAction($action)) {
+			return true;
+		}
+
 		// Always allow actions which map to buttons. See httpSubmission() for further access checks.
-			|| $this->actions->dataFieldByName('action_' . $action)
+		$fields = $this->fields->dataFields() ?: array();
+		$actions = $this->actions->dataFields() ?: array();
+
+		$fieldsAndActions = array_merge($fields, $actions);
+ 		foreach ($fieldsAndActions as $fieldOrAction) {
+			if ($fieldOrAction instanceof FormAction && $fieldOrAction->actionName() === $action) {
+				return true;
+			}
+		}
+
 		// Always allow actions on fields
-			|| (
-				$field = $this->checkFieldsForAction($this->Fields(), $action)
-				&& $field->checkAccessAction($action)
-			)
-		);
+		$field = $this->checkFieldsForAction($this->Fields(), $action);
+		if ($field && $field->checkAccessAction($action)) {
+			return true;
+		}
+
+		return false;
 	}
 
 	/**
@@ -1635,11 +1648,21 @@ class Form extends RequestHandler {
 	 * @return FormAction
 	 */
 	public function buttonClicked() {
-		foreach($this->actions->dataFields() as $action) {
-			if($action->hasMethod('actionname') && $this->buttonClickedFunc == $action->actionName()) {
-				return $action;
+		$fields = $this->fields->dataFields() ?: array();
+		$actions = $this->actions->dataFields() ?: array();
+
+ 		if(!$actions && !$fields) {
+			return null;
+		}
+
+		$fieldsAndActions = array_merge($fields, $actions);
+ 		foreach ($fieldsAndActions as $fieldOrAction) {
+			if ($fieldOrAction instanceof FormAction && $this->buttonClickedFunc === $fieldOrAction->actionName()) {
+				return $fieldOrAction;
 			}
 		}
+
+		return null;
 	}
 
 	/**

tests/forms/FormTest.php

@@ -565,6 +565,60 @@ class FormTest extends FunctionalTest {
 		$this->assertEquals('bar', $attrs['foo']);
 	}
 
+	public function testButtonClicked() {
+		$form = $this->getStubForm();
+		$action = $form->buttonClicked();
+		$this->assertNull($action);
+
+		$controller = new FormTest_Controller();
+		$form = $controller->Form();
+		$request = new SS_HTTPRequest('POST', 'FormTest_Controller/Form', array(), array(
+			'Email' => 'test@test.com',
+			'SomeRequiredField' => 1,
+			'action_doSubmit' => 1
+		));
+
+		$form->httpSubmission($request);
+		$button = $form->buttonClicked();
+		$this->assertInstanceOf('FormAction', $button);
+		$this->assertEquals('doSubmit', $button->actionName());
+
+		$form = new Form(
+			$controller,
+			'Form',
+			new FieldList(new FormAction('doSubmit', 'Inline action')),
+			new FieldList()
+		);
+		$form->disableSecurityToken();
+		$request = new SS_HTTPRequest('POST', 'FormTest_Controller/Form', array(), array(
+			'action_doSubmit' => 1
+		));
+
+		$form->httpSubmission($request);
+		$button = $form->buttonClicked();
+		$this->assertInstanceOf('FormAction', $button);
+		$this->assertEquals('doSubmit', $button->actionName());
+	}
+
+	public function testCheckAccessAction() {
+		$controller = new FormTest_Controller();
+		$form = new Form(
+			$controller,
+			'Form',
+			new FieldList(),
+			new FieldList(new FormAction('actionName', 'Action'))
+		);
+		$this->assertTrue($form->checkAccessAction('actionName'));
+
+		$form = new Form(
+			$controller,
+			'Form',
+			new FieldList(new FormAction('inlineAction', 'Inline action')),
+			new FieldList()
+		);
+		$this->assertTrue($form->checkAccessAction('inlineAction'));
+	}
+
 	public function testAttributesHTML() {
 		$form = $this->getStubForm();