tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-29 16:09:23 +02:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/4.1' into 4

Browse Source
This commit is contained in:
Damian Mooyman 2018-06-13 11:25:20 +12:00
commit 6c985c4e5f
No known key found for this signature in database
GPG Key ID: 78B823A10DE27D1A
9 changed files with 181 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.upgrade.yml
View File

@ -1171,8 +1171,6 @@ warnings:
message: 'moved to SilverStripe\View\HTML->createTag()' message: 'moved to SilverStripe\View\HTML->createTag()'
'SilverStripe\Forms\Form->transformTo()': 'SilverStripe\Forms\Form->transformTo()':
message: 'Removed' message: 'Removed'
'SilverStripe\Forms\Form->callfieldmethod()':
message: 'Removed'
'SilverStripe\Forms\Form::single_field_required()': 'SilverStripe\Forms\Form::single_field_required()':
message: 'Removed' message: 'Removed'
'SilverStripe\Forms\Form::current_action()': 'SilverStripe\Forms\Form::current_action()':
@ -1183,8 +1181,6 @@ warnings:
message: 'Renamed to restoreFormState()' message: 'Renamed to restoreFormState()'
'SilverStripe\Forms\Form->resetValidation()': 'SilverStripe\Forms\Form->resetValidation()':
message: 'Renamed to clearFormState()' message: 'Renamed to clearFormState()'
'SilverStripe\Forms\Form->transformTo()':
message: 'Removed'
'SilverStripe\Forms\Form->callfieldmethod()': 'SilverStripe\Forms\Form->callfieldmethod()':
message: 'Removed' message: 'Removed'
'SilverStripe\Forms\Form->addErrorMessage()': 'SilverStripe\Forms\Form->addErrorMessage()':
@ -1323,8 +1319,6 @@ warnings:
message: 'Use new asset abstraction' message: 'Use new asset abstraction'
url: 'https://docs.silverstripe.org/en/4/changelogs/4.0.0#asset-storage' url: 'https://docs.silverstripe.org/en/4/changelogs/4.0.0#asset-storage'
constants: constants:
'SS_TRUSTED_PROXY_HOST_HEADER':
message: 'See TrustedProxyMiddleware'
'SS_TRUSTED_PROXY_PROTOCOL_HEADER': 'SS_TRUSTED_PROXY_PROTOCOL_HEADER':
message: 'See TrustedProxyMiddleware' message: 'See TrustedProxyMiddleware'
'SS_TRUSTED_PROXY_IP_HEADER': 'SS_TRUSTED_PROXY_IP_HEADER':

45
docs/en/00_Getting_Started/01_Installation/How_To/Configure_Nginx.md
View File

@ -16,15 +16,19 @@ If you don't fully understand the configuration presented here, consult the
Especially be aware of [accidental php-execution](https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/ "Don't trust the tutorials") when extending the configuration. Especially be aware of [accidental php-execution](https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/ "Don't trust the tutorials") when extending the configuration.
</div> </div>
But enough of the disclaimer, on to the actual configuration — typically in `nginx.conf`: ## Caveats about the sample configuration below
* It does not cover serving securely over HTTPS.
* It uses the new filesystem layout (with `public` directory) introduced in version 4.1.0. If your installation has been upgraded to 4.1+ from an older version and you have not [upgraded to the public folder](/changelogs/4.1.0.md), see the version of this documentation for version 4.0.
* The error pages for 502 (Bad Gateway) and 503 (Service Unavailable) need to be manually created and published in the CMS (assuming use of the silverstripe/errorpage module).
```nginx ```nginx
server { server {
include mime.types; include mime.types;
default_type application/octet-stream; default_type application/octet-stream;
client_max_body_size 0; # Manage this in php.ini client_max_body_size 0; # Manage this in php.ini (upload_max_filesize & post_max_size)
listen 80; listen 80;
root /path/to/ss/folder; root /path/to/ss/folder/public;
server_name example.com www.example.com; server_name example.com www.example.com;
# Defend against SS-2015-013 -- http://www.silverstripe.org/software/download/security-releases/ss-2015-013 # Defend against SS-2015-013 -- http://www.silverstripe.org/software/download/security-releases/ss-2015-013
@ -39,6 +43,10 @@ server {
error_page 404 /assets/error-404.html; error_page 404 /assets/error-404.html;
error_page 500 /assets/error-500.html; error_page 500 /assets/error-500.html;
# See caveats
error_page 502 /assets/error-500.html;
error_page 503 /assets/error-500.html;
location ^~ /assets/ { location ^~ /assets/ {
sendfile on; sendfile on;
try_files $uri =404; try_files $uri =404;
@ -54,37 +62,6 @@ server {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params; include fastcgi_params;
} }
# Denials
location ~ /\.. {
deny all;
}
location ~ \.ss$ {
satisfy any;
allow 127.0.0.1;
deny all;
}
location ~ web\.config$ {
deny all;
}
location ~ \.ya?ml$ {
deny all;
}
location ~* README.*$ {
deny all;
}
location ^~ /vendor/ {
deny all;
}
location ~* /silverstripe-cache/ {
deny all;
}
location ~* composer\.(json|lock)$ {
deny all;
}
location ~* /(cms|framework)/silverstripe_version$ {
deny all;
}
} }
``` ```

16
src/Control/Middleware/CanonicalURLMiddleware.php
View File

@ -51,7 +51,8 @@ class CanonicalURLMiddleware implements HTTPMiddleware
/** /**
* Environment variables this middleware is enabled in, or a fixed boolean flag to * Environment variables this middleware is enabled in, or a fixed boolean flag to
* apply to all environments * apply to all environments. cli is disabled unless present here as `cli`, or set to true
* to force enabled.
* *
* @var array|bool * @var array|bool
*/ */
@ -325,7 +326,7 @@ class CanonicalURLMiddleware implements HTTPMiddleware
} }
/** /**
* Get enabled flag, or list of environments to enable in * Get enabled flag, or list of environments to enable in.
* *
* @return array|bool * @return array|bool
*/ */
@ -335,6 +336,10 @@ class CanonicalURLMiddleware implements HTTPMiddleware
} }
/** /**
* Set enabled flag, or list of environments to enable in.
* Note: CLI is disabled by default, so `"cli"(string)` or `true(bool)` should be specified if you wish to
* enable for testing.
*
* @param array|bool $enabledEnvs * @param array|bool $enabledEnvs
* @return $this * @return $this
*/ */
@ -359,6 +364,13 @@ class CanonicalURLMiddleware implements HTTPMiddleware
if (is_bool($enabledEnvs)) { if (is_bool($enabledEnvs)) {
return $enabledEnvs; return $enabledEnvs;
} }
// If CLI, EnabledEnvs must contain CLI
if (Director::is_cli() && !in_array('cli', $enabledEnvs)) {
return false;
}
// Check other envs
return empty($enabledEnvs) || in_array(Director::get_environment_type(), $enabledEnvs); return empty($enabledEnvs) || in_array(Director::get_environment_type(), $enabledEnvs);
} }

5
src/Core/Injector/Injector.php
View File

@ -584,6 +584,11 @@ class Injector implements ContainerInterface
$factory = isset($spec['factory']) ? $this->get($spec['factory']) : $this->getObjectCreator(); $factory = isset($spec['factory']) ? $this->get($spec['factory']) : $this->getObjectCreator();
$object = $factory->create($class, $constructorParams); $object = $factory->create($class, $constructorParams);
// Handle empty factory responses
if (!$object) {
return null;
}
// figure out if we have a specific id set or not. In some cases, we might be instantiating objects // figure out if we have a specific id set or not. In some cases, we might be instantiating objects
// that we don't manage directly; we don't want to store these in the service cache below // that we don't manage directly; we don't want to store these in the service cache below
if (!$id) { if (!$id) {

9
src/Forms/DateField.php
View File

@ -353,9 +353,12 @@ class DateField extends TextField
public function performReadonlyTransformation() public function performReadonlyTransformation()
{ {
$field = $this->castedCopy(DateField_Disabled::class); $field = $this
$field->setValue($this->dataValue()); ->castedCopy(DateField_Disabled::class)
$field->setReadonly(true); ->setValue($this->dataValue())
->setLocale($this->getLocale())
->setReadonly(true);
return $field; return $field;
} }

50
src/Forms/DateField_Disabled.php
View File

@ -14,27 +14,51 @@ class DateField_Disabled extends DateField
protected $disabled = true; protected $disabled = true;
public function Field($properties = array()) public function Field($properties = [])
{ {
if ($this->valueObj) { // Default display value
if ($this->valueObj->isToday()) { $displayValue = '<i>(' . _t(DateField::class . '.NOTSET', 'not set') . ')</i>';
$val = Convert::raw2xml($this->valueObj->toString($this->getConfig('dateformat'))
. ' (' . _t('SilverStripe\\Forms\\DateField.TODAY', 'today') . ')'); $value = $this->dataValue();
if ($value) {
$value = $this->tidyInternal($value);
$df = new DBDate($this->name);
$df->setValue($value);
if ($df->IsToday()) {
// e.g. 2018-06-01 (today)
$format = '%s (%s)';
$infoComplement = _t(DateField::class . '.TODAY', 'today');
} else { } else {
$df = new DBDate($this->name); // e.g. 2018-06-01, 5 days ago
$df->setValue($this->dataValue()); $format = '%s, %s';
$val = Convert::raw2xml($this->valueObj->toString($this->getConfig('dateformat')) $infoComplement = $df->Ago();
. ', ' . $df->Ago());
} }
} else {
$val = '<i>(' . _t('SilverStripe\\Forms\\DateField.NOTSET', 'not set') . ')</i>'; // Render the display value with some complement of info
$displayValue = Convert::raw2xml(sprintf(
$format,
$this->Value(),
$infoComplement
));
} }
return "<span class=\"readonly\" id=\"" . $this->ID() . "\">$val</span>"; return sprintf(
"<span class=\"readonly\" id=\"%s\">%s</span>",
$this->ID(),
$displayValue
);
} }
public function Type() public function Type()
{ {
return "date_disabled readonly"; return "date_disabled readonly " . parent::Type();
}
public function getHTML5()
{
// Always disable HTML5 feature when using the readonly field.
return false;
} }
} }

16
tests/php/Core/Injector/InjectorTest.php
View File

@ -14,6 +14,7 @@ use SilverStripe\Core\Tests\Injector\InjectorTest\CircularOne;
use SilverStripe\Core\Tests\Injector\InjectorTest\CircularTwo; use SilverStripe\Core\Tests\Injector\InjectorTest\CircularTwo;
use SilverStripe\Core\Tests\Injector\InjectorTest\ConstructableObject; use SilverStripe\Core\Tests\Injector\InjectorTest\ConstructableObject;
use SilverStripe\Core\Tests\Injector\InjectorTest\DummyRequirements; use SilverStripe\Core\Tests\Injector\InjectorTest\DummyRequirements;
use SilverStripe\Core\Tests\Injector\InjectorTest\EmptyFactory;
use SilverStripe\Core\Tests\Injector\InjectorTest\MyChildClass; use SilverStripe\Core\Tests\Injector\InjectorTest\MyChildClass;
use SilverStripe\Core\Tests\Injector\InjectorTest\MyParentClass; use SilverStripe\Core\Tests\Injector\InjectorTest\MyParentClass;
use SilverStripe\Core\Tests\Injector\InjectorTest\NeedsBothCirculars; use SilverStripe\Core\Tests\Injector\InjectorTest\NeedsBothCirculars;
@ -102,6 +103,21 @@ class InjectorTest extends SapphireTest
); );
} }
public function testEmptyFactory()
{
$this->expectException(InjectorNotFoundException::class);
$injector = new Injector();
$services = array(
'SomeClass' => array(
'class' => AnotherService::class,
'factory' => EmptyFactory::class,
)
);
$injector->load($services);
$injector->create('SomeClass');
}
public function testConfiguredInjector() public function testConfiguredInjector()
{ {
$injector = new Injector(); $injector = new Injector();

13
tests/php/Core/Injector/InjectorTest/EmptyFactory.php Normal file
View File

@ -0,0 +1,13 @@
<?php
namespace SilverStripe\Core\Tests\Injector\InjectorTest;
use SilverStripe\Core\Injector\Factory;
class EmptyFactory implements Factory
{
public function create($service, array $params = array())
{
return null;
}
}

79
tests/php/Forms/DateField_DisabledTest.php Normal file
View File

@ -0,0 +1,79 @@
<?php
namespace SilverStripe\Forms\Tests;
use IntlDateFormatter;
use SilverStripe\Dev\SapphireTest;
use SilverStripe\Forms\DateField_Disabled;
use SilverStripe\Forms\RequiredFields;
use SilverStripe\i18n\i18n;
use SilverStripe\ORM\FieldType\DBDatetime;
/**
* @skipUpgrade
*/
class DateField_DisabledTest extends SapphireTest
{
protected function setUp()
{
parent::setUp();
i18n::set_locale('en_NZ');
DBDatetime::set_mock_now('2011-02-01 8:34:00');
}
public function testFieldToday()
{
// Today date with normal local
$actual = DateField_Disabled::create('Test')
->setValue('2011-02-01')
->Field();
$expected = '<span class="readonly" id="Test">1/02/2011 (today)</span>';
$this->assertEquals($expected, $actual);
// Test today's date with time
$actual = DateField_Disabled::create('Test')
->setValue('2011-02-01 10:34:00')
->Field();
$this->assertEquals($expected, $actual);
}
public function testFieldWithDifferentDay()
{
// Test past
$actual = DateField_Disabled::create('Test')
->setValue('2011-01-27')
->Field();
$expected = '<span class="readonly" id="Test">27/01/2011, 5 days ago</span>';
$this->assertEquals($expected, $actual);
// Test future
$actual = DateField_Disabled::create('Test')
->setValue('2011-02-06')
->Field();
$expected = '<span class="readonly" id="Test">6/02/2011, in 5 days</span>';
$this->assertEquals($expected, $actual);
}
public function testFieldWithDifferentLocal()
{
// Test different local
$actual = DateField_Disabled::create('Test')
->setValue('2011-02-06')
->setHTML5(false)
->setLocale('de_DE')
->Field();
$expected = '<span class="readonly" id="Test">06.02.2011, in 5 days</span>';
$this->assertEquals($expected, $actual);
}
public function testFieldWithNonValue()
{
// Test none value
$actual = DateField_Disabled::create('Test')->Field();
$expected = '<span class="readonly" id="Test"><i>(not set)</i></span>';
$this->assertEquals($expected, $actual);
$actual = DateField_Disabled::create('Test')->setValue('This is not a date')->Field();
$this->assertEquals($expected, $actual);
}
}