Merge remote-tracking branch 'origin/3.1'

Conflicts:
	dev/install/install.php5
	docs/en/changelogs/index.md
	security/Security.php
This commit is contained in:
Damian Mooyman 2014-11-19 11:16:46 +13:00
commit 6baf63e18c
8 changed files with 100 additions and 69 deletions

View File

@ -1556,24 +1556,26 @@ HTML;
else $baseClause = "";
$modulePath = FRAMEWORK_NAME;
$rewrite = <<<TEXT
# Deny access to templates (but allow from localhost)
<Files *.ss>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files>
# Deny access to IIS configuration
<Files web.config>
Order deny,allow
Deny from all
</Files>
# This denies access to all yml files, since developers might include sensitive
# information in them. See the docs for work-arounds to serve some yaml files
# Deny access to YAML configuration files which might include sensitive information
<Files *.yml>
Order allow,deny
Deny from all
</Files>
# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
@ -1582,10 +1584,13 @@ ErrorDocument 500 /assets/error-500.html
RewriteEngine On
$baseClause
# Deny access to potentially sensitive files and folders
RewriteRule ^vendor(/|$) - [F,L,NC]
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
RewriteRule composer\.(json|lock) - [F,L,NC]
# Process through SilverStripe if no file with the requested name exists.
# Pass through the original path as a query parameter, and retain the existing parameters.
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* $modulePath/main.php?url=%1 [QSA]

View File

@ -0,0 +1,15 @@
# 3.1.8
# Overview
This release replaces the 3.1.7 release, and resolves a critical issue in the installer which prevented setup.
### Bugfixes
* 2014-11-18 [d849264](https://github.com/silverstripe/sapphire/commit/d849264) Security::findAnAdministrator doesn't always find an admin (Damian Mooyman)
## Changelog
* [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.1.8)
* [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.1.8)
* [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.1.8)

View File

@ -11,6 +11,7 @@ For information on how to upgrade to newer versions consult the [upgrading](/ins
* [3.2.0](3.2.0) - Unreleased
* [3.1.8](3.1.8) - 18 November 2014
* [3.1.7](3.1.7) - 14 November 2014
* [3.1.6](3.1.6) - 25 August 2014
* [3.1.5](3.1.5) - 13 May 2014

Binary file not shown.

Before

Width:  |  Height:  |  Size: 10 KiB

After

Width:  |  Height:  |  Size: 10 KiB

View File

@ -2,92 +2,71 @@
## Introduction
A report is a little bit of functionally in the CMS designed to provide a report of your data or content. You can access
the site reports by clicking "Site Reports" in the left hand side bar and selecting the report you wish to view.
the site reports by clicking *Reports* in the left hand side bar and selecting the report you wish to view.
![](_images/sitereport.png)
By default the CMS ships with a couple of basic reports -
## Default Reports
* "Empty Pages" which will generate a list of pages without content
* "Pages edited in the last 2 weeks" which will list all the pages edited in the last 2 weeks in order of most recently
edited.
* "To Do" which displays all the ToDo notes you have added to each page and a link to the page. Note: This is in 2.2.2 and
later
* Also the Ecommerce module provides 2 or 3 reports out of box. Such as All Products, Orders...
By default the CMS ships with several basic reports:
* VirtualPages pointing to deleted pages
* RedirectorPages pointing to deleted pages
* Pages with broken files
* Pages with broken links
* Broken links report
* Pages with no content
* Pages edited in the last 2 weeks
Modules may come with their own additional reports.
## Creating Custom Reports
You can create reports for you own data quickly and easily. A general knowledge of SilverStripe's
[Datamodel](/topics/datamodel) would help before you attempt this.
Custom reports can be created quickly and easily. A general knowledge of SilverStripe's
[Datamodel](/topics/datamodel) is useful before creating a custom report.
Inside the Mysite/Code folder - your projects code, create a file called `CustomSideReport` or `MyProjectSiteReport` and
inside this file we can add our site reports.
Inside the *mysite/code* folder create a file called *CustomSideReport.php*. Inside this file we can add our site reports.
CustomSideReport.php
The following example will create a report to list every page on the current site.
###CustomSideReport.php
:::php
<?php
class CustomSideReport_NameOfReport extends SideReport {
class CustomSideReport_NameOfReport extends SS_Report {
// the name of the report
public function title() {
// the name of our report
}
public function records() {
// what we want the report to return and what order
}
public function fieldsToShow() {
// which fields on that object do we want to show? Title, Author?
}
}
?>
Now this won't do anything! You will just get a blank report that doesn't work! So for this to do something we have to
fill in these 3 methods title() records() and fieldsToShow() till we have something like this. For example if you want
to list every Page on your site!
CustomSideReport.php
:::php
<?php
/**
* This report lists all the pages in the CMS
* of type Page. Sorted by title.
*/
class CustomSideReport_AllPages extends SideReport {
public function title() {
// this is the title of the report
return "All Pages";
return 'All Pages';
}
public function records() {
// the data the report returns all the dataobjects of type Page and sorted by title. See datamodel for more info
return Page::get()->sort("Title");
// what we want the report to return
public function sourceRecords($params = null) {
return Page::get()->sort('Title');
}
public function fieldsToShow() {
// fields you want to display. This will display a list of titles which link to the page in the cms. Handy!
return array(
"Title" => array("NestedTitle", array("2")),
// which fields on that object we want to show
public function columns() {
$fields = array(
'Title' => 'Title'
);
return $fields;
}
}
?>
Reload the CMS and test it out for your self! You should be able to select the report and view all the pages.
More useful reports can be created by changing the `DataList` returned in the `sourceRecords` function.
## Notes
* Your CustomSideReport_ReportName must extend SideReport!
* You can have more then 1 report in the 1 file. Actually its recommended!. You should create 1 CustomSideReport.php
file and add class's as you need them inside that for each report.
* `CustomSideReport_ReportName` must extend `SS_Report`
* It is recommended to place all custom reports in the 1 file.
* Create a *CustomSideReport.php* file and add classes as you need them inside for each report
## TODO
* How to format and make nicer reports.
* More examples.
* How to format and make advanced reports.
* More examples
## API Documentation
`[api:ReportAdmin]`

View File

@ -50,6 +50,15 @@ code or any other framework code.
})
})(jQuery);
### Custom jQuery/JavaScript in the CMS
To call additional Javascript or jQuery files in to the CMS, edit your mysite/config/config.yml file as follows:
:::javascript
LeftAndMain:
extra_requirements_javascript:
- '/path/to/file.js'
### jQuery Plugins
A jQuery Plugin is essentially a method call which can act on a collection of DOM elements. It is contained within the `jQuery.fn` namespace, and attaches itself automatically to all jQuery collections. The basics for are outlined in the

View File

@ -767,11 +767,7 @@ class Security extends Controller implements TemplateGlobalProvider {
$member = null;
// find a group with ADMIN permission
$adminGroup = DataObject::get('Group')
->where(array('"Permission"."Code"' => 'ADMIN'))
->sort('"Group"."ID"')
->innerJoin("Permission", '"Group"."ID" = "Permission"."GroupID"')
->First();
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
if(is_callable('Subsite::changeSubsite')) {
Subsite::changeSubsite($origSubsite);
@ -783,6 +779,7 @@ class Security extends Controller implements TemplateGlobalProvider {
if(!$adminGroup) {
singleton('Group')->requireDefaultRecords();
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
}
if(!$member) {
@ -794,6 +791,14 @@ class Security extends Controller implements TemplateGlobalProvider {
$member = Member::default_admin();
}
if(!$member) {
// Failover to a blank admin
$member = Member::create();
$member->FirstName = _t('Member.DefaultAdminFirstname', 'Default Admin');
$member->write();
$member->Groups()->add($adminGroup);
}
return $member;
}

View File

@ -51,6 +51,23 @@ class SecurityDefaultAdminTest extends SapphireTest {
$this->assertNull($admin->Password);
}
public function testFindAnAdministratorWithoutDefaultAdmin() {
// Clear default admin
Security::clear_default_admin();
$adminMembers = Permission::get_members_by_permission('ADMIN');
$this->assertEquals(0, $adminMembers->count());
$admin = Security::findAnAdministrator();
$this->assertInstanceOf('Member', $admin);
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
// User should be blank
$this->assertEmpty($admin->Email);
$this->assertEmpty($admin->Password);
}
public function testDefaultAdmin() {
$adminMembers = Permission::get_members_by_permission('ADMIN');
$this->assertEquals(0, $adminMembers->count());