Merge branch '4.1' into 4

This commit is contained in:
Robbie Averill 2018-05-30 15:08:39 +12:00
commit e0993043f8
17 changed files with 85 additions and 23 deletions

View File

@ -37,6 +37,7 @@ matrix:
- DB=PGSQL
- PHPUNIT_TEST=framework
- php: 7.1
if: type IN (cron)
env:
- DB=MYSQL
- PDO=1

View File

@ -8,29 +8,28 @@
[![License](https://poser.pugx.org/silverstripe/framework/license.svg)](https://github.com/silverstripe/silverstripe-framework#license)
[![Dependency Status](https://www.versioneye.com/php/silverstripe:framework/badge.svg)](https://www.versioneye.com/php/silverstripe:framework)
[![Reference Status](https://www.versioneye.com/php/silverstripe:framework/reference_badge.svg?style=flat)](https://www.versioneye.com/php/silverstripe:framework/references)
![helpfulrobot](https://helpfulrobot.io/silverstripe/framework/badge)
PHP5 framework forming the base for the SilverStripe CMS ([http://silverstripe.org](http://silverstripe.org)).
Requires a [`silverstripe-installer`](http://github.com/silverstripe/silverstripe-installer) base project. Typically used alongside the [`cms`](http://github.com/silverstripe/silverstripe-cms) module.
PHP framework forming the base for the SilverStripe CMS ([https://silverstripe.org](https://silverstripe.org)).
Requires a [`silverstripe-installer`](https://github.com/silverstripe/silverstripe-installer) base project. Typically used alongside the [`cms`](https://github.com/silverstripe/silverstripe-cms) module.
## Installation ##
See [installation on different platforms](http://doc.silverstripe.org/framework/en/installation/),
and [installation from source](http://doc.silverstripe.org/framework/en/installation/from-source).
See [installation on different platforms](https://doc.silverstripe.org/framework/en/installation/),
and [installation from source](https://doc.silverstripe.org/framework/en/installation/from-source).
## Bugtracker ##
Bugs are tracked on [github.com](https://github.com/silverstripe/silverstripe-framework/issues).
Please read our [issue reporting guidelines](http://doc.silverstripe.org/framework/en/misc/contributing/issues).
Please read our [issue reporting guidelines](https://doc.silverstripe.org/framework/en/misc/contributing/issues).
## Development and Contribution ##
If you would like to make changes to the SilverStripe core codebase, we have an extensive [guide to contributing code](http://doc.silverstripe.org/framework/en/misc/contributing/code).
If you would like to make changes to the SilverStripe core codebase, we have an extensive [guide to contributing code](https://docs.silverstripe.org/en/contributing/code/).
## Links ##
* [Server Requirements](http://doc.silverstripe.org/framework/en/installation/server-requirements)
* [Changelogs](http://doc.silverstripe.org/framework/en/changelogs/)
* [Server Requirements](https://doc.silverstripe.org/framework/en/installation/server-requirements)
* [Changelogs](https://doc.silverstripe.org/framework/en/changelogs/)
* [Bugtracker: Framework](https://github.com/silverstripe/silverstripe-framework/issues)
* [Bugtracker: CMS](https://github.com/silverstripe/silverstripe-cms/issues)
* [Bugtracker: Installer](https://github.com/silverstripe/silverstripe-installer/issues)

View File

@ -32,8 +32,7 @@ As you've added new files to your SilverStripe installation, make sure you clear
### Configuring themes
After installing the files through either method, update the current theme in SilverStripe. This can be done by
either altering the `SSViewer.themes` setting in a [config.yml](../configuration) or by changing the current theme in
the Site Configuration panel (http://yoursite.com/admin/settings)
altering the `SSViewer.themes` setting in a [config.yml](../configuration)
**mysite/_config/app.yml**

View File

@ -0,0 +1,9 @@
# 3.5.8
<!--- Changes below this line will be automatically regenerated -->
## Change Log
### Security
* 2018-04-11 [577138882](https://github.com/silverstripe/silverstripe-framework/commit/577138882) Restrict non-admins from being assigned to admin groups (Damian Mooyman) - See [ss-2018-001](http://www.silverstripe.org/download/security-releases/ss-2018-001)

View File

@ -0,0 +1,17 @@
# 3.6.6
This security release removes the following file extensions from the default whitelist of accepted types for
uploaded files: `dotm`, `potm`, `jar`, `css`, `js` and `xltm`.
If you require the ability to upload these file types in your projects, you will need to add them back in again.
For more information, see ["Limit the allowed file types"](https://docs.silverstripe.org/en/3/developer_guides/forms/field_types/uploadfield/#limit-the-allowed-filetypes).
<!--- Changes below this line will be automatically regenerated -->
## Change Log
### Security
* 2018-05-08 [19fdebfa2](https://github.com/silverstripe/silverstripe-framework/commit/19fdebfa2) Remove dotm, potm, jar, css, js, xltm from default File.allowed_extensions (Robbie Averill) - See [ss-2018-014](http://www.silverstripe.org/download/security-releases/ss-2018-014)
* 2018-04-11 [577138882](https://github.com/silverstripe/silverstripe-framework/commit/577138882) Restrict non-admins from being assigned to admin groups (Damian Mooyman) - See [ss-2018-001](http://www.silverstripe.org/download/security-releases/ss-2018-001)

View File

@ -0,0 +1,9 @@
# 3.5.8-rc1
<!--- Changes below this line will be automatically regenerated -->
## Change Log
### Security
* 2018-04-11 [577138882]() Restrict non-admins from being assigned to admin groups (Damian Mooyman) - See [ss-2018-001](http://www.silverstripe.org/download/security-releases/ss-2018-001)

View File

@ -0,0 +1,16 @@
# 3.6.6-rc1
This security release removes the following file extensions from the default whitelist of accepted types for
uploaded files: `dotm`, `potm`, `jar`, `css`, `js` and `xltm`.
If you require the ability to upload these file types in your projects, you will need to add them back in again.
For more information, see ["Limit the allowed file types"](https://docs.silverstripe.org/en/3/developer_guides/forms/field_types/uploadfield/#limit-the-allowed-filetypes).
<!--- Changes below this line will be automatically regenerated -->
## Change Log
### Security
* 2018-05-08 [19fdebfa2]() Remove dotm, potm, jar, css, js, xltm from default File.allowed_extensions (Robbie Averill) - See [ss-2018-014](http://www.silverstripe.org/download/security-releases/ss-2018-014)
* 2018-04-11 [577138882]() Restrict non-admins from being assigned to admin groups (Damian Mooyman) - See [ss-2018-001](http://www.silverstripe.org/download/security-releases/ss-2018-001)

View File

@ -132,7 +132,7 @@ class DevelopmentAdmin extends Controller
// in CLI we cant use httpError because of a bug with stuff being in the output already, see DevAdminControllerTest
throw new Exception($msg);
} else {
$this->httpError(500, $msg);
$this->httpError(404, $msg);
}
}

View File

@ -257,8 +257,7 @@ class FieldList extends ArrayList
* This is most commonly used when overloading getCMSFields()
*
* @param string $tabName The name of the tab or tabset. Subtabs can be referred to as TabSet.Tab
* or TabSet.Tab.Subtab.
* This function will create any missing tabs.
* or TabSet.Tab.Subtab. This function will create any missing tabs.
* @param array $fields An array of {@link FormField} objects.
* @param string $insertBefore Name of field to insert before
*

View File

@ -29,7 +29,7 @@ class GridState extends HiddenField
/**
* @param GridField $grid
* @param string $value json encoded string
* @param string $value JSON encoded string
*/
public function __construct($grid, $value = null)
{

View File

@ -190,7 +190,7 @@ class HTMLEditorSanitiser
/**
* Given an attribute name, return the rule structure for that attribute
*
* @param stdClass $elementRule
* @param object $elementRule
* @param string $name The attribute name
* @return stdClass The attribute rule
*/
@ -211,7 +211,7 @@ class HTMLEditorSanitiser
* Given a DOMElement and an element rule, check if that element passes the rule
* @param DOMElement $element The element to check
* @param stdClass $rule The rule to check against
* @return bool true if the element passes (and so can be kept), false if it fails (and so needs stripping)
* @return bool True if the element passes (and so can be kept), false if it fails (and so needs stripping)
*/
protected function elementMatchesRule($element, $rule = null)
{

View File

@ -654,7 +654,7 @@ class TreeDropdownField extends FormField
}
/**
* @return String
* @return string
*/
public function getKeyField()
{

View File

@ -131,7 +131,7 @@ trait UploadReceiver
* Set custom validator for this field
*
* @param Upload_Validator $validator
* @return $this Self reference
* @return $this
*/
public function setValidator(Upload_Validator $validator)
{
@ -143,7 +143,7 @@ trait UploadReceiver
* Sets the upload folder name
*
* @param string $folderName
* @return $this Self reference
* @return $this
*/
public function setFolderName($folderName)
{

View File

@ -247,6 +247,7 @@ class ArrayLib
* @param array $array
* @param boolean $preserveKeys
* @param array $out
*
* @return array
*/
public static function flatten($array, $preserveKeys = true, &$out = array())

View File

@ -532,7 +532,13 @@ class DataObject extends ViewableData implements DataObjectInterface, i18nEntity
// Copy all components from source to destination
$source = $sourceObject->getManyManyComponents($relation);
$dest = $destinationObject->getManyManyComponents($relation);
$extraFieldNames = $source->getExtraFields();
if ($source instanceof ManyManyList) {
$extraFieldNames = $source->getExtraFields();
} else {
$extraFieldNames = [];
}
foreach ($source as $item) {
// Merge extra fields
$extraFields = [];

View File

@ -1360,6 +1360,11 @@ class Member extends DataObject
*/
public static function mapInCMSGroups($groups = null)
{
// non-countable $groups will issue a warning when using count() in PHP 7.2+
if (!$groups) {
$groups = [];
}
// Check CMS module exists
if (!class_exists(LeftAndMain::class)) {
return ArrayList::create()->map();

View File

@ -38,6 +38,7 @@ class DataObjectDuplicationTest extends SapphireTest
// Check 'bobcats' relation duplicated
$twoOne = $this->objFromFixture(DataObjectDuplicationTest\Bobcat::class, 'one');
$twoTwo = $this->objFromFixture(DataObjectDuplicationTest\Bobcat::class, 'two');
$this->assertListEquals(
[
['Title' => 'Bobcat two'],