mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Merge remote-tracking branch 'origin/3.1'
Conflicts: dev/install/install.php5 docs/en/changelogs/index.md security/Security.php
This commit is contained in:
commit
6baf63e18c
@ -1556,24 +1556,26 @@ HTML;
|
||||
else $baseClause = "";
|
||||
$modulePath = FRAMEWORK_NAME;
|
||||
$rewrite = <<<TEXT
|
||||
# Deny access to templates (but allow from localhost)
|
||||
<Files *.ss>
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from 127.0.0.1
|
||||
</Files>
|
||||
|
||||
# Deny access to IIS configuration
|
||||
<Files web.config>
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
</Files>
|
||||
|
||||
# This denies access to all yml files, since developers might include sensitive
|
||||
# information in them. See the docs for work-arounds to serve some yaml files
|
||||
# Deny access to YAML configuration files which might include sensitive information
|
||||
<Files *.yml>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</Files>
|
||||
|
||||
# Route errors to static pages automatically generated by SilverStripe
|
||||
ErrorDocument 404 /assets/error-404.html
|
||||
ErrorDocument 500 /assets/error-500.html
|
||||
|
||||
@ -1582,10 +1584,13 @@ ErrorDocument 500 /assets/error-500.html
|
||||
RewriteEngine On
|
||||
$baseClause
|
||||
|
||||
# Deny access to potentially sensitive files and folders
|
||||
RewriteRule ^vendor(/|$) - [F,L,NC]
|
||||
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
|
||||
RewriteRule composer\.(json|lock) - [F,L,NC]
|
||||
|
||||
|
||||
# Process through SilverStripe if no file with the requested name exists.
|
||||
# Pass through the original path as a query parameter, and retain the existing parameters.
|
||||
RewriteCond %{REQUEST_URI} ^(.*)$
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteRule .* $modulePath/main.php?url=%1 [QSA]
|
||||
|
15
docs/en/changelogs/3.1.8.md
Normal file
15
docs/en/changelogs/3.1.8.md
Normal file
@ -0,0 +1,15 @@
|
||||
# 3.1.8
|
||||
|
||||
# Overview
|
||||
|
||||
This release replaces the 3.1.7 release, and resolves a critical issue in the installer which prevented setup.
|
||||
|
||||
### Bugfixes
|
||||
|
||||
* 2014-11-18 [d849264](https://github.com/silverstripe/sapphire/commit/d849264) Security::findAnAdministrator doesn't always find an admin (Damian Mooyman)
|
||||
|
||||
## Changelog
|
||||
|
||||
* [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.1.8)
|
||||
* [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.1.8)
|
||||
* [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.1.8)
|
@ -11,6 +11,7 @@ For information on how to upgrade to newer versions consult the [upgrading](/ins
|
||||
|
||||
* [3.2.0](3.2.0) - Unreleased
|
||||
|
||||
* [3.1.8](3.1.8) - 18 November 2014
|
||||
* [3.1.7](3.1.7) - 14 November 2014
|
||||
* [3.1.6](3.1.6) - 25 August 2014
|
||||
* [3.1.5](3.1.5) - 13 May 2014
|
||||
|
Binary file not shown.
Before Width: | Height: | Size: 10 KiB After Width: | Height: | Size: 10 KiB |
@ -2,92 +2,71 @@
|
||||
|
||||
## Introduction
|
||||
A report is a little bit of functionally in the CMS designed to provide a report of your data or content. You can access
|
||||
the site reports by clicking "Site Reports" in the left hand side bar and selecting the report you wish to view.
|
||||
the site reports by clicking *Reports* in the left hand side bar and selecting the report you wish to view.
|
||||
|
||||
![](_images/sitereport.png)
|
||||
|
||||
By default the CMS ships with a couple of basic reports -
|
||||
|
||||
## Default Reports
|
||||
|
||||
* "Empty Pages" which will generate a list of pages without content
|
||||
* "Pages edited in the last 2 weeks" which will list all the pages edited in the last 2 weeks in order of most recently
|
||||
edited.
|
||||
* "To Do" which displays all the ToDo notes you have added to each page and a link to the page. Note: This is in 2.2.2 and
|
||||
later
|
||||
* Also the Ecommerce module provides 2 or 3 reports out of box. Such as All Products, Orders...
|
||||
By default the CMS ships with several basic reports:
|
||||
|
||||
* VirtualPages pointing to deleted pages
|
||||
* RedirectorPages pointing to deleted pages
|
||||
* Pages with broken files
|
||||
* Pages with broken links
|
||||
* Broken links report
|
||||
* Pages with no content
|
||||
* Pages edited in the last 2 weeks
|
||||
|
||||
Modules may come with their own additional reports.
|
||||
|
||||
## Creating Custom Reports
|
||||
|
||||
You can create reports for you own data quickly and easily. A general knowledge of SilverStripe's
|
||||
[Datamodel](/topics/datamodel) would help before you attempt this.
|
||||
Custom reports can be created quickly and easily. A general knowledge of SilverStripe's
|
||||
[Datamodel](/topics/datamodel) is useful before creating a custom report.
|
||||
|
||||
Inside the Mysite/Code folder - your projects code, create a file called `CustomSideReport` or `MyProjectSiteReport` and
|
||||
inside this file we can add our site reports.
|
||||
Inside the *mysite/code* folder create a file called *CustomSideReport.php*. Inside this file we can add our site reports.
|
||||
|
||||
CustomSideReport.php
|
||||
The following example will create a report to list every page on the current site.
|
||||
|
||||
###CustomSideReport.php
|
||||
|
||||
:::php
|
||||
<?php
|
||||
class CustomSideReport_NameOfReport extends SideReport {
|
||||
class CustomSideReport_NameOfReport extends SS_Report {
|
||||
|
||||
// the name of the report
|
||||
public function title() {
|
||||
// the name of our report
|
||||
}
|
||||
public function records() {
|
||||
// what we want the report to return and what order
|
||||
}
|
||||
public function fieldsToShow() {
|
||||
// which fields on that object do we want to show? Title, Author?
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
|
||||
Now this won't do anything! You will just get a blank report that doesn't work! So for this to do something we have to
|
||||
fill in these 3 methods title() records() and fieldsToShow() till we have something like this. For example if you want
|
||||
to list every Page on your site!
|
||||
|
||||
CustomSideReport.php
|
||||
|
||||
:::php
|
||||
<?php
|
||||
/**
|
||||
* This report lists all the pages in the CMS
|
||||
* of type Page. Sorted by title.
|
||||
*/
|
||||
class CustomSideReport_AllPages extends SideReport {
|
||||
public function title() {
|
||||
// this is the title of the report
|
||||
return "All Pages";
|
||||
return 'All Pages';
|
||||
}
|
||||
|
||||
public function records() {
|
||||
// the data the report returns all the dataobjects of type Page and sorted by title. See datamodel for more info
|
||||
return Page::get()->sort("Title");
|
||||
// what we want the report to return
|
||||
public function sourceRecords($params = null) {
|
||||
return Page::get()->sort('Title');
|
||||
}
|
||||
|
||||
public function fieldsToShow() {
|
||||
// fields you want to display. This will display a list of titles which link to the page in the cms. Handy!
|
||||
return array(
|
||||
"Title" => array("NestedTitle", array("2")),
|
||||
// which fields on that object we want to show
|
||||
public function columns() {
|
||||
$fields = array(
|
||||
'Title' => 'Title'
|
||||
);
|
||||
}
|
||||
|
||||
return $fields;
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
|
||||
Reload the CMS and test it out for your self! You should be able to select the report and view all the pages.
|
||||
|
||||
More useful reports can be created by changing the `DataList` returned in the `sourceRecords` function.
|
||||
|
||||
## Notes
|
||||
|
||||
* Your CustomSideReport_ReportName must extend SideReport!
|
||||
* You can have more then 1 report in the 1 file. Actually its recommended!. You should create 1 CustomSideReport.php
|
||||
file and add class's as you need them inside that for each report.
|
||||
* `CustomSideReport_ReportName` must extend `SS_Report`
|
||||
* It is recommended to place all custom reports in the 1 file.
|
||||
* Create a *CustomSideReport.php* file and add classes as you need them inside for each report
|
||||
|
||||
## TODO
|
||||
|
||||
* How to format and make nicer reports.
|
||||
* More examples.
|
||||
* How to format and make advanced reports.
|
||||
* More examples
|
||||
|
||||
## API Documentation
|
||||
`[api:ReportAdmin]`
|
||||
`[api:ReportAdmin]`
|
||||
|
@ -50,6 +50,15 @@ code or any other framework code.
|
||||
})
|
||||
})(jQuery);
|
||||
|
||||
### Custom jQuery/JavaScript in the CMS
|
||||
|
||||
To call additional Javascript or jQuery files in to the CMS, edit your mysite/config/config.yml file as follows:
|
||||
|
||||
:::javascript
|
||||
LeftAndMain:
|
||||
extra_requirements_javascript:
|
||||
- '/path/to/file.js'
|
||||
|
||||
### jQuery Plugins
|
||||
|
||||
A jQuery Plugin is essentially a method call which can act on a collection of DOM elements. It is contained within the `jQuery.fn` namespace, and attaches itself automatically to all jQuery collections. The basics for are outlined in the
|
||||
|
@ -767,11 +767,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
||||
$member = null;
|
||||
|
||||
// find a group with ADMIN permission
|
||||
$adminGroup = DataObject::get('Group')
|
||||
->where(array('"Permission"."Code"' => 'ADMIN'))
|
||||
->sort('"Group"."ID"')
|
||||
->innerJoin("Permission", '"Group"."ID" = "Permission"."GroupID"')
|
||||
->First();
|
||||
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
|
||||
|
||||
if(is_callable('Subsite::changeSubsite')) {
|
||||
Subsite::changeSubsite($origSubsite);
|
||||
@ -783,6 +779,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
||||
|
||||
if(!$adminGroup) {
|
||||
singleton('Group')->requireDefaultRecords();
|
||||
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
|
||||
}
|
||||
|
||||
if(!$member) {
|
||||
@ -794,6 +791,14 @@ class Security extends Controller implements TemplateGlobalProvider {
|
||||
$member = Member::default_admin();
|
||||
}
|
||||
|
||||
if(!$member) {
|
||||
// Failover to a blank admin
|
||||
$member = Member::create();
|
||||
$member->FirstName = _t('Member.DefaultAdminFirstname', 'Default Admin');
|
||||
$member->write();
|
||||
$member->Groups()->add($adminGroup);
|
||||
}
|
||||
|
||||
return $member;
|
||||
}
|
||||
|
||||
|
@ -51,6 +51,23 @@ class SecurityDefaultAdminTest extends SapphireTest {
|
||||
$this->assertNull($admin->Password);
|
||||
}
|
||||
|
||||
public function testFindAnAdministratorWithoutDefaultAdmin() {
|
||||
// Clear default admin
|
||||
Security::clear_default_admin();
|
||||
|
||||
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
||||
$this->assertEquals(0, $adminMembers->count());
|
||||
|
||||
$admin = Security::findAnAdministrator();
|
||||
|
||||
$this->assertInstanceOf('Member', $admin);
|
||||
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
||||
|
||||
// User should be blank
|
||||
$this->assertEmpty($admin->Email);
|
||||
$this->assertEmpty($admin->Password);
|
||||
}
|
||||
|
||||
public function testDefaultAdmin() {
|
||||
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
||||
$this->assertEquals(0, $adminMembers->count());
|
||||
|
Loading…
Reference in New Issue
Block a user