mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 12:05:37 +00:00
Merge branch '4.0' into 4
This commit is contained in:
commit
e4bf9a31ed
32
docs/en/04_Changelogs/3.5.6.md
Normal file
32
docs/en/04_Changelogs/3.5.6.md
Normal file
@ -0,0 +1,32 @@
|
||||
# 3.5.6
|
||||
|
||||
<!--- Changes below this line will be automatically regenerated -->
|
||||
|
||||
## Change Log
|
||||
|
||||
### Security
|
||||
|
||||
* 2017-11-30 [6ba00e829](https://github.com/silverstripe/silverstripe-framework/commit/6ba00e829a9fb360dfe5cb0bc3d4544016c82357) Prevent disclosure of sensitive information via LoginAttempt (Damian Mooyman) - See [ss-2017-009](http://www.silverstripe.org/download/security-releases/ss-2017-009)
|
||||
* 2017-11-30 [25e276cf3](https://github.com/silverstripe/silverstripe-framework/commit/25e276cf3784dc1ab3a38252192ccd61f9d63121) user agent invalidation on session startup (Damian Mooyman) - See [ss-2017-006](http://www.silverstripe.org/download/security-releases/ss-2017-006)
|
||||
* 2017-11-29 [22ccf3e2f](https://github.com/silverstripe/silverstripe-framework/commit/22ccf3e2f9092f51e7f7288ce108598c6f17b49c) Ensure xls formulae are safely sanitised on output (Damian Mooyman) - See [ss-2017-007](http://www.silverstripe.org/download/security-releases/ss-2017-007)
|
||||
* 2017-11-21 [0f2049d4d](https://github.com/silverstripe/silverstripe-framework/commit/0f2049d4d466e05f5d7f07fc63580836de8c6bff) SQL injection in search engine (Daniel Hensby) - See [ss-2017-008](http://www.silverstripe.org/download/security-releases/ss-2017-008)
|
||||
|
||||
### Bugfixes
|
||||
|
||||
* 2017-11-30 [84d7afb34](https://github.com/silverstripe/silverstripe-framework/commit/84d7afb3477885e9d69f2ac10838179efc1d3b91) Use baseDataClass for allVersions as with other methods (Daniel Hensby)
|
||||
* 2017-11-24 [09a003bc1](https://github.com/silverstripe/silverstripe-framework/commit/09a003bc13390359fa717a4256f9278303d59544) deprecated usage of getMock in unit tests (Daniel Hensby)
|
||||
* 2017-11-23 [2ad3cc07d](https://github.com/silverstripe/silverstripe-framework/commit/2ad3cc07d583041e23a5dca0d53ffbdf8c9cd0d0) Update meber passwordencryption to default on password change (Daniel Hensby)
|
||||
* 2017-11-16 [dda14e895](https://github.com/silverstripe/silverstripe-framework/commit/dda14e89596a0de0b70eace27f7015bc0bb40669) HTTP::get_mime_type with uppercase filenames. (Roman Schmid)
|
||||
* 2017-11-16 [52f0eadd3](https://github.com/silverstripe/silverstripe-framework/commit/52f0eadd3b1ad37806a95b6dd05427add3166cc5) for #7606: Ensure the object we're handling is actually an Image instance before calling methods specific to that class (e.g. in case of using SVG's in <img> tag which may be File instances). (Patrick Nelson)
|
||||
* 2017-11-15 [ce3fd370f](https://github.com/silverstripe/silverstripe-framework/commit/ce3fd370fb07ffc18742323b0dd99f30cf28cf14) ManyMany link table joined with LEFT JOIN (Daniel Hensby)
|
||||
* 2017-11-09 [1053de7ec](https://github.com/silverstripe/silverstripe-framework/commit/1053de7ec39d1a2ce6826ea2db8f55114755098d) Don't redirect in force_redirect() in CLI (Damian Mooyman)
|
||||
* 2017-10-25 [cbac37559](https://github.com/silverstripe/silverstripe-framework/commit/cbac3755909bc5d72d923b07747fd6a98e2215dc) Helpful warning when phpunit bootstrap appears misconfigured (Daniel Hensby)
|
||||
* 2017-10-25 [32cef975e](https://github.com/silverstripe/silverstripe-framework/commit/32cef975ef6c816d8b5bc953cffbd18492686281) Use self::inst() for Injector/Config nest methods (Daniel Hensby)
|
||||
* 2017-10-19 [a73d5b41](https://github.com/silverstripe/silverstripe-cms/commit/a73d5b4177be445128a6fa42e20dd8df13eaf554) revert to this button after archiving (Christopher Joe)
|
||||
* 2017-10-12 [fd39faee](https://github.com/silverstripe/silverstripe-cms/commit/fd39faeefd5241cf96313e968142183de767c51b) UploadField overwriteWarning isn't working in AssetAdmin (Jason)
|
||||
* 2017-10-09 [264cec123](https://github.com/silverstripe/silverstripe-framework/commit/264cec1239ee8d75e67c5402970a91cf58e50539) Dont use var_export for cache key generation as it fails on circular references (Daniel Hensby)
|
||||
* 2017-10-04 [24e190ea](https://github.com/silverstripe/silverstripe-cms/commit/24e190ea8265d16445a3210f7b06de191e474004) TreeDropdownField showing broken page icons (fixes silverstripe/silverstripe-framework#7420) (Loz Calver)
|
||||
* 2017-09-12 [0aac4ddb](https://github.com/silverstripe/silverstripe-cms/commit/0aac4ddb7ecf0f17eda8add235017c10c9f57255) Default LoginForm generated from default_authenticator (Daniel Hensby)
|
||||
* 2017-08-13 [2f579b64c](https://github.com/silverstripe/silverstripe-framework/commit/2f579b64cb9cb8986489e312b253dba5061e304b) Files without extensions (folders) do not have a trailing period added (Robbie Averill)
|
||||
* 2017-07-04 [00f1ad5d6](https://github.com/silverstripe/silverstripe-framework/commit/00f1ad5d692f0a44b58bb216e5378e51dc96243d) Fixes #7116 Improves server requirements docs viz: OpCaches. (Russell Michell)
|
||||
* 2016-03-20 [805c38f10](https://github.com/silverstripe/silverstripe-framework/commit/805c38f107e7e332d2846407e0a89cade1d33ed1) don't try and switch out of context of the tab system (Stevie Mayhew)
|
34
docs/en/04_Changelogs/3.6.3.md
Normal file
34
docs/en/04_Changelogs/3.6.3.md
Normal file
@ -0,0 +1,34 @@
|
||||
# 3.6.3
|
||||
|
||||
<!--- Changes below this line will be automatically regenerated -->
|
||||
|
||||
## Change Log
|
||||
|
||||
### Security
|
||||
|
||||
* 2017-11-30 [6ba00e829](https://github.com/silverstripe/silverstripe-framework/commit/6ba00e829a9fb360dfe5cb0bc3d4544016c82357) Prevent disclosure of sensitive information via LoginAttempt (Damian Mooyman) - See [ss-2017-009](http://www.silverstripe.org/download/security-releases/ss-2017-009)
|
||||
* 2017-11-30 [db54112f3](https://github.com/silverstripe/silverstripe-framework/commit/db54112f3cca012e33257c782dffd7154bf663a5) user agent invalidation on session startup (Damian Mooyman) - See [ss-2017-006](http://www.silverstripe.org/download/security-releases/ss-2017-006)
|
||||
* 2017-11-29 [22ccf3e2f](https://github.com/silverstripe/silverstripe-framework/commit/22ccf3e2f9092f51e7f7288ce108598c6f17b49c) Ensure xls formulae are safely sanitised on output (Damian Mooyman) - See [ss-2017-007](http://www.silverstripe.org/download/security-releases/ss-2017-007)
|
||||
* 2017-11-21 [0f2049d4d](https://github.com/silverstripe/silverstripe-framework/commit/0f2049d4d466e05f5d7f07fc63580836de8c6bff) SQL injection in search engine (Daniel Hensby) - See [ss-2017-008](http://www.silverstripe.org/download/security-releases/ss-2017-008)
|
||||
|
||||
### Bugfixes
|
||||
|
||||
* 2017-12-05 [8477de15](https://github.com/silverstripe/silverstripe-siteconfig/commit/8477de15203c4c80ca55365200fa3c7c031d70d8) Remove unused Behat tests from 3.6 branch (Robbie Averill)
|
||||
* 2017-11-30 [84d7afb34](https://github.com/silverstripe/silverstripe-framework/commit/84d7afb3477885e9d69f2ac10838179efc1d3b91) Use baseDataClass for allVersions as with other methods (Daniel Hensby)
|
||||
* 2017-11-24 [09a003bc1](https://github.com/silverstripe/silverstripe-framework/commit/09a003bc13390359fa717a4256f9278303d59544) deprecated usage of getMock in unit tests (Daniel Hensby)
|
||||
* 2017-11-23 [2ad3cc07d](https://github.com/silverstripe/silverstripe-framework/commit/2ad3cc07d583041e23a5dca0d53ffbdf8c9cd0d0) Update meber passwordencryption to default on password change (Daniel Hensby)
|
||||
* 2017-11-22 [ef6d86f2c](https://github.com/silverstripe/silverstripe-framework/commit/ef6d86f2c695d319f9c07ccd9f4d93e83263e356) Allow lowercase and uppercase delcaration of legacy Int class (Daniel Hensby)
|
||||
* 2017-11-16 [dda14e895](https://github.com/silverstripe/silverstripe-framework/commit/dda14e89596a0de0b70eace27f7015bc0bb40669) HTTP::get_mime_type with uppercase filenames. (Roman Schmid)
|
||||
* 2017-11-16 [52f0eadd3](https://github.com/silverstripe/silverstripe-framework/commit/52f0eadd3b1ad37806a95b6dd05427add3166cc5) for #7606: Ensure the object we're handling is actually an Image instance before calling methods specific to that class (e.g. in case of using SVG's in <img> tag which may be File instances). (Patrick Nelson)
|
||||
* 2017-11-15 [ce3fd370f](https://github.com/silverstripe/silverstripe-framework/commit/ce3fd370fb07ffc18742323b0dd99f30cf28cf14) ManyMany link table joined with LEFT JOIN (Daniel Hensby)
|
||||
* 2017-11-09 [1053de7ec](https://github.com/silverstripe/silverstripe-framework/commit/1053de7ec39d1a2ce6826ea2db8f55114755098d) Don't redirect in force_redirect() in CLI (Damian Mooyman)
|
||||
* 2017-10-25 [cbac37559](https://github.com/silverstripe/silverstripe-framework/commit/cbac3755909bc5d72d923b07747fd6a98e2215dc) Helpful warning when phpunit bootstrap appears misconfigured (Daniel Hensby)
|
||||
* 2017-10-25 [32cef975e](https://github.com/silverstripe/silverstripe-framework/commit/32cef975ef6c816d8b5bc953cffbd18492686281) Use self::inst() for Injector/Config nest methods (Daniel Hensby)
|
||||
* 2017-10-19 [a73d5b41](https://github.com/silverstripe/silverstripe-cms/commit/a73d5b4177be445128a6fa42e20dd8df13eaf554) revert to this button after archiving (Christopher Joe)
|
||||
* 2017-10-12 [fd39faee](https://github.com/silverstripe/silverstripe-cms/commit/fd39faeefd5241cf96313e968142183de767c51b) UploadField overwriteWarning isn't working in AssetAdmin (Jason)
|
||||
* 2017-10-09 [264cec123](https://github.com/silverstripe/silverstripe-framework/commit/264cec1239ee8d75e67c5402970a91cf58e50539) Dont use var_export for cache key generation as it fails on circular references (Daniel Hensby)
|
||||
* 2017-10-04 [24e190ea](https://github.com/silverstripe/silverstripe-cms/commit/24e190ea8265d16445a3210f7b06de191e474004) TreeDropdownField showing broken page icons (fixes silverstripe/silverstripe-framework#7420) (Loz Calver)
|
||||
* 2017-09-12 [0aac4ddb](https://github.com/silverstripe/silverstripe-cms/commit/0aac4ddb7ecf0f17eda8add235017c10c9f57255) Default LoginForm generated from default_authenticator (Daniel Hensby)
|
||||
* 2017-08-13 [2f579b64c](https://github.com/silverstripe/silverstripe-framework/commit/2f579b64cb9cb8986489e312b253dba5061e304b) Files without extensions (folders) do not have a trailing period added (Robbie Averill)
|
||||
* 2017-07-04 [00f1ad5d6](https://github.com/silverstripe/silverstripe-framework/commit/00f1ad5d692f0a44b58bb216e5378e51dc96243d) Fixes #7116 Improves server requirements docs viz: OpCaches. (Russell Michell)
|
||||
* 2016-03-20 [805c38f10](https://github.com/silverstripe/silverstripe-framework/commit/805c38f107e7e332d2846407e0a89cade1d33ed1) don't try and switch out of context of the tab system (Stevie Mayhew)
|
31
docs/en/04_Changelogs/rc/3.5.6-rc1.md
Normal file
31
docs/en/04_Changelogs/rc/3.5.6-rc1.md
Normal file
@ -0,0 +1,31 @@
|
||||
# 3.5.6-rc1
|
||||
|
||||
<!--- Changes below this line will be automatically regenerated -->
|
||||
|
||||
## Change Log
|
||||
|
||||
### Security
|
||||
|
||||
* 2017-11-30 [6ba00e829]() Prevent disclosure of sensitive information via LoginAttempt (Damian Mooyman) - See [ss-2017-009](http://www.silverstripe.org/download/security-releases/ss-2017-009)
|
||||
* 2017-11-30 [25e276cf3]() user agent invalidation on session startup (Damian Mooyman) - See [ss-2017-006](http://www.silverstripe.org/download/security-releases/ss-2017-006)
|
||||
* 2017-11-29 [22ccf3e2f]() Ensure xls formulae are safely sanitised on output (Damian Mooyman) - See [ss-2017-007](http://www.silverstripe.org/download/security-releases/ss-2017-007)
|
||||
|
||||
### Bugfixes
|
||||
|
||||
* 2017-11-30 [84d7afb34]() Use baseDataClass for allVersions as with other methods (Daniel Hensby)
|
||||
* 2017-11-24 [09a003bc1]() deprecated usage of getMock in unit tests (Daniel Hensby)
|
||||
* 2017-11-23 [2ad3cc07d]() Update meber passwordencryption to default on password change (Daniel Hensby)
|
||||
* 2017-11-16 [dda14e895]() HTTP::get_mime_type with uppercase filenames. (Roman Schmid)
|
||||
* 2017-11-16 [52f0eadd3]() for #7606: Ensure the object we're handling is actually an Image instance before calling methods specific to that class (e.g. in case of using SVG's in <img> tag which may be File instances). (Patrick Nelson)
|
||||
* 2017-11-15 [ce3fd370f]() ManyMany link table joined with LEFT JOIN (Daniel Hensby)
|
||||
* 2017-11-09 [1053de7ec]() Don't redirect in force_redirect() in CLI (Damian Mooyman)
|
||||
* 2017-10-25 [cbac37559]() Helpful warning when phpunit bootstrap appears misconfigured (Daniel Hensby)
|
||||
* 2017-10-25 [32cef975e]() Use self::inst() for Injector/Config nest methods (Daniel Hensby)
|
||||
* 2017-10-19 [a73d5b41](https://github.com/silverstripe/silverstripe-cms/commit/a73d5b4177be445128a6fa42e20dd8df13eaf554) revert to this button after archiving (Christopher Joe)
|
||||
* 2017-10-12 [fd39faee](https://github.com/silverstripe/silverstripe-cms/commit/fd39faeefd5241cf96313e968142183de767c51b) UploadField overwriteWarning isn't working in AssetAdmin (Jason)
|
||||
* 2017-10-09 [264cec123]() Dont use var_export for cache key generation as it fails on circular references (Daniel Hensby)
|
||||
* 2017-10-04 [24e190ea](https://github.com/silverstripe/silverstripe-cms/commit/24e190ea8265d16445a3210f7b06de191e474004) TreeDropdownField showing broken page icons (fixes silverstripe/silverstripe-framework#7420) (Loz Calver)
|
||||
* 2017-09-12 [0aac4ddb](https://github.com/silverstripe/silverstripe-cms/commit/0aac4ddb7ecf0f17eda8add235017c10c9f57255) Default LoginForm generated from default_authenticator (Daniel Hensby)
|
||||
* 2017-08-13 [2f579b64c]() Files without extensions (folders) do not have a trailing period added (Robbie Averill)
|
||||
* 2017-07-04 [00f1ad5d6]() Fixes #7116 Improves server requirements docs viz: OpCaches. (Russell Michell)
|
||||
* 2016-03-20 [805c38f10]() don't try and switch out of context of the tab system (Stevie Mayhew)
|
34
docs/en/04_Changelogs/rc/3.6.3-rc2.md
Normal file
34
docs/en/04_Changelogs/rc/3.6.3-rc2.md
Normal file
@ -0,0 +1,34 @@
|
||||
# 3.6.3-rc2
|
||||
|
||||
<!--- Changes below this line will be automatically regenerated -->
|
||||
|
||||
## Change Log
|
||||
|
||||
### Security
|
||||
|
||||
* 2017-11-30 [6ba00e829]() Prevent disclosure of sensitive information via LoginAttempt (Damian Mooyman) - See [ss-2017-009](http://www.silverstripe.org/download/security-releases/ss-2017-009)
|
||||
* 2017-11-30 [db54112f3]() user agent invalidation on session startup (Damian Mooyman) - See [ss-2017-006](http://www.silverstripe.org/download/security-releases/ss-2017-006)
|
||||
* 2017-11-29 [22ccf3e2f]() Ensure xls formulae are safely sanitised on output (Damian Mooyman) - See [ss-2017-007](http://www.silverstripe.org/download/security-releases/ss-2017-007)
|
||||
* 2017-11-21 [0f2049d4d]() SQL injection in search engine (Daniel Hensby) - See [ss-2017-008](http://www.silverstripe.org/download/security-releases/ss-2017-008)
|
||||
|
||||
### Bugfixes
|
||||
|
||||
* 2017-12-05 [8477de15](https://github.com/silverstripe/silverstripe-siteconfig/commit/8477de15203c4c80ca55365200fa3c7c031d70d8) Remove unused Behat tests from 3.6 branch (Robbie Averill)
|
||||
* 2017-11-30 [84d7afb34]() Use baseDataClass for allVersions as with other methods (Daniel Hensby)
|
||||
* 2017-11-24 [09a003bc1]() deprecated usage of getMock in unit tests (Daniel Hensby)
|
||||
* 2017-11-23 [2ad3cc07d]() Update meber passwordencryption to default on password change (Daniel Hensby)
|
||||
* 2017-11-22 [ef6d86f2c]() Allow lowercase and uppercase delcaration of legacy Int class (Daniel Hensby)
|
||||
* 2017-11-16 [dda14e895]() HTTP::get_mime_type with uppercase filenames. (Roman Schmid)
|
||||
* 2017-11-16 [52f0eadd3]() for #7606: Ensure the object we're handling is actually an Image instance before calling methods specific to that class (e.g. in case of using SVG's in <img> tag which may be File instances). (Patrick Nelson)
|
||||
* 2017-11-15 [ce3fd370f]() ManyMany link table joined with LEFT JOIN (Daniel Hensby)
|
||||
* 2017-11-09 [1053de7ec]() Don't redirect in force_redirect() in CLI (Damian Mooyman)
|
||||
* 2017-10-25 [cbac37559]() Helpful warning when phpunit bootstrap appears misconfigured (Daniel Hensby)
|
||||
* 2017-10-25 [32cef975e]() Use self::inst() for Injector/Config nest methods (Daniel Hensby)
|
||||
* 2017-10-19 [a73d5b41](https://github.com/silverstripe/silverstripe-cms/commit/a73d5b4177be445128a6fa42e20dd8df13eaf554) revert to this button after archiving (Christopher Joe)
|
||||
* 2017-10-12 [fd39faee](https://github.com/silverstripe/silverstripe-cms/commit/fd39faeefd5241cf96313e968142183de767c51b) UploadField overwriteWarning isn't working in AssetAdmin (Jason)
|
||||
* 2017-10-09 [264cec123]() Dont use var_export for cache key generation as it fails on circular references (Daniel Hensby)
|
||||
* 2017-10-04 [24e190ea](https://github.com/silverstripe/silverstripe-cms/commit/24e190ea8265d16445a3210f7b06de191e474004) TreeDropdownField showing broken page icons (fixes silverstripe/silverstripe-framework#7420) (Loz Calver)
|
||||
* 2017-09-12 [0aac4ddb](https://github.com/silverstripe/silverstripe-cms/commit/0aac4ddb7ecf0f17eda8add235017c10c9f57255) Default LoginForm generated from default_authenticator (Daniel Hensby)
|
||||
* 2017-08-13 [2f579b64c]() Files without extensions (folders) do not have a trailing period added (Robbie Averill)
|
||||
* 2017-07-04 [00f1ad5d6]() Fixes #7116 Improves server requirements docs viz: OpCaches. (Russell Michell)
|
||||
* 2016-03-20 [805c38f10]() don't try and switch out of context of the tab system (Stevie Mayhew)
|
@ -50,6 +50,20 @@ abstract class DBSchemaManager
|
||||
*/
|
||||
protected $supressOutput = false;
|
||||
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
protected static $table_name_warnings = [];
|
||||
|
||||
/**
|
||||
* @param string
|
||||
* @deprecated 4.0..5.0
|
||||
*/
|
||||
public static function showTableNameWarning($table, $class)
|
||||
{
|
||||
static::$table_name_warnings[$table] = $class;
|
||||
}
|
||||
|
||||
/**
|
||||
* Injector injection point for database controller
|
||||
*
|
||||
@ -409,6 +423,27 @@ abstract class DBSchemaManager
|
||||
$this->requireIndex($table, $indexName, $indexSpec);
|
||||
}
|
||||
}
|
||||
|
||||
// Check and display notice about $table_name
|
||||
static $table_name_info_sent = false;
|
||||
|
||||
if (isset(static::$table_name_warnings[$table])) {
|
||||
if (!$table_name_info_sent) {
|
||||
$this->alterationMessage(
|
||||
<<<'MESSAGE'
|
||||
<strong>Please note:</strong> It is strongly recommended to define a
|
||||
table_name for all namespaced models. Not defining a table_name may cause generated table
|
||||
names to be too long and may not be supported by your current database engine. The generated
|
||||
naming scheme will also change when upgrading to SilverStripe 5.0 and potentially break.
|
||||
MESSAGE
|
||||
,
|
||||
'error'
|
||||
);
|
||||
$table_name_info_sent = true;
|
||||
}
|
||||
|
||||
$this->alterationMessage('table_name not set for class ' . static::$table_name_warnings[$table], 'notice');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -3332,12 +3332,15 @@ class DataObject extends ViewableData implements DataObjectInterface, i18nEntity
|
||||
*/
|
||||
public function summaryFields()
|
||||
{
|
||||
$fields = $this->config()->get('summary_fields');
|
||||
$rawFields = $this->config()->get('summary_fields');
|
||||
|
||||
// if fields were passed in numeric array,
|
||||
// convert to an associative array
|
||||
if ($fields && array_key_exists(0, $fields)) {
|
||||
$fields = array_combine(array_values($fields), array_values($fields));
|
||||
// Merge associative / numeric keys
|
||||
$fields = [];
|
||||
foreach ($rawFields as $key => $value) {
|
||||
if (is_int($key)) {
|
||||
$key = $value;
|
||||
}
|
||||
$fields[$key] = $value;
|
||||
}
|
||||
|
||||
if (!$fields) {
|
||||
|
@ -11,6 +11,7 @@ use SilverStripe\Core\Config\Configurable;
|
||||
use SilverStripe\Core\Injector\Injectable;
|
||||
use SilverStripe\Core\Injector\Injector;
|
||||
use SilverStripe\Dev\TestOnly;
|
||||
use SilverStripe\ORM\Connect\DBSchemaManager;
|
||||
use SilverStripe\ORM\FieldType\DBComposite;
|
||||
use SilverStripe\ORM\FieldType\DBField;
|
||||
|
||||
@ -317,18 +318,13 @@ class DataObjectSchema
|
||||
return $class;
|
||||
}
|
||||
|
||||
if (!ClassInfo::classImplements($class, TestOnly::class) && $this->classHasTable($class)) {
|
||||
trigger_error(
|
||||
"It is recommended to define a table_name for your '$class'." .
|
||||
' Not defining a table_name may cause subsequent table names to be too long and may not be supported' .
|
||||
' by your current database engine, the generated naming scheme will also change when upgrading to' .
|
||||
' SilverStripe 5.0 and potentially break.',
|
||||
E_USER_WARNING
|
||||
);
|
||||
}
|
||||
$separator = DataObjectSchema::config()->uninherited('table_namespace_separator');
|
||||
$table = str_replace('\\', $separator, trim($class, '\\'));
|
||||
|
||||
if (!ClassInfo::classImplements($class, TestOnly::class) && $this->classHasTable($class)) {
|
||||
DBSchemaManager::showTableNameWarning($table, $class);
|
||||
}
|
||||
|
||||
return $table;
|
||||
}
|
||||
|
||||
|
@ -1716,7 +1716,7 @@ class Member extends DataObject
|
||||
$encryption_details = Security::encrypt_password(
|
||||
$this->Password,
|
||||
$this->Salt,
|
||||
$this->PasswordEncryption ?: Security::config()->get('password_encryption_algorithm'),
|
||||
$this->isChanged('PasswordEncryption') ? $this->PasswordEncryption : null,
|
||||
$this
|
||||
);
|
||||
|
||||
|
@ -1176,6 +1176,7 @@ class Security extends Controller implements TemplateGlobalProvider
|
||||
* </code>
|
||||
* If the passed algorithm is invalid, FALSE will be returned.
|
||||
*
|
||||
* @throws PasswordEncryptor_NotFoundException
|
||||
* @see encrypt_passwords()
|
||||
*/
|
||||
public static function encrypt_password($password, $salt = null, $algorithm = null, $member = null)
|
||||
|
@ -2,11 +2,13 @@
|
||||
|
||||
namespace SilverStripe\Security;
|
||||
|
||||
use Exception;
|
||||
use SilverStripe\Control\Controller;
|
||||
use SilverStripe\Control\HTTPRequest;
|
||||
use SilverStripe\Control\Session;
|
||||
use SilverStripe\Core\Config\Configurable;
|
||||
use SilverStripe\Core\Injector\Injectable;
|
||||
use SilverStripe\Core\Injector\Injector;
|
||||
use SilverStripe\Forms\FieldList;
|
||||
use SilverStripe\Forms\HiddenField;
|
||||
use SilverStripe\View\TemplateGlobalProvider;
|
||||
@ -56,7 +58,7 @@ class SecurityToken implements TemplateGlobalProvider
|
||||
protected static $enabled = true;
|
||||
|
||||
/**
|
||||
* @var String $name
|
||||
* @var string $name
|
||||
*/
|
||||
protected $name = null;
|
||||
|
||||
@ -110,7 +112,7 @@ class SecurityToken implements TemplateGlobalProvider
|
||||
}
|
||||
|
||||
/**
|
||||
* @return String
|
||||
* @return string
|
||||
*/
|
||||
public static function get_default_name()
|
||||
{
|
||||
@ -146,11 +148,11 @@ class SecurityToken implements TemplateGlobalProvider
|
||||
}
|
||||
|
||||
/**
|
||||
* @return String
|
||||
* @return string
|
||||
*/
|
||||
public function getValue()
|
||||
{
|
||||
$session = Controller::curr()->getRequest()->getSession();
|
||||
$session = $this->getSession();
|
||||
$value = $session->get($this->getName());
|
||||
|
||||
// only regenerate if the token isn't already set in the session
|
||||
@ -163,12 +165,30 @@ class SecurityToken implements TemplateGlobalProvider
|
||||
}
|
||||
|
||||
/**
|
||||
* @param String $val
|
||||
* @param string $val
|
||||
* @return $this
|
||||
*/
|
||||
public function setValue($val)
|
||||
{
|
||||
$session = Controller::curr()->getRequest()->getSession();
|
||||
$session->set($this->getName(), $val);
|
||||
$this->getSession()->set($this->getName(), $val);
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the current session instance from the injector
|
||||
*
|
||||
* @return Session
|
||||
* @throws Exception If the HTTPRequest class hasn't been registered as a service and no controllers exist
|
||||
*/
|
||||
protected function getSession()
|
||||
{
|
||||
$injector = Injector::inst();
|
||||
if ($injector->has(HTTPRequest::class)) {
|
||||
return $injector->get(HTTPRequest::class)->getSession();
|
||||
} elseif (Controller::has_curr()) {
|
||||
return Controller::curr()->getRequest()->getSession();
|
||||
}
|
||||
throw new Exception('No HTTPRequest object or controller available yet!');
|
||||
}
|
||||
|
||||
/**
|
||||
@ -188,8 +208,8 @@ class SecurityToken implements TemplateGlobalProvider
|
||||
*
|
||||
* Typically you'll want to check {@link Form->securityTokenEnabled()} before calling this method.
|
||||
*
|
||||
* @param String $compare
|
||||
* @return Boolean
|
||||
* @param string $compare
|
||||
* @return boolean
|
||||
*/
|
||||
public function check($compare)
|
||||
{
|
||||
@ -246,8 +266,8 @@ class SecurityToken implements TemplateGlobalProvider
|
||||
}
|
||||
|
||||
/**
|
||||
* @param String $url
|
||||
* @return String
|
||||
* @param string $url
|
||||
* @return string
|
||||
*/
|
||||
public function addToUrl($url)
|
||||
{
|
||||
@ -272,7 +292,7 @@ class SecurityToken implements TemplateGlobalProvider
|
||||
/**
|
||||
* @uses RandomGenerator
|
||||
*
|
||||
* @return String
|
||||
* @return string
|
||||
*/
|
||||
protected function generate()
|
||||
{
|
||||
|
@ -2,26 +2,24 @@
|
||||
|
||||
namespace SilverStripe\ORM\Tests;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use LogicException;
|
||||
use SilverStripe\Core\Config\Config;
|
||||
use SilverStripe\Dev\SapphireTest;
|
||||
use SilverStripe\i18n\i18n;
|
||||
use SilverStripe\ORM\Connect\MySQLDatabase;
|
||||
use SilverStripe\ORM\DataObject;
|
||||
use SilverStripe\ORM\DataObjectSchema;
|
||||
use SilverStripe\ORM\DB;
|
||||
use SilverStripe\ORM\FieldType\DBBoolean;
|
||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||
use SilverStripe\ORM\FieldType\DBField;
|
||||
use SilverStripe\ORM\DataObject;
|
||||
use SilverStripe\ORM\DB;
|
||||
use SilverStripe\ORM\Connect\MySQLDatabase;
|
||||
use SilverStripe\ORM\FieldType\DBPolymorphicForeignKey;
|
||||
use SilverStripe\ORM\FieldType\DBVarchar;
|
||||
use SilverStripe\ORM\ManyManyList;
|
||||
use SilverStripe\ORM\Tests\DataObjectTest\Player;
|
||||
use SilverStripe\ORM\ValidationException;
|
||||
use SilverStripe\View\ViewableData;
|
||||
use stdClass;
|
||||
use ReflectionException;
|
||||
use InvalidArgumentException;
|
||||
|
||||
class DataObjectTest extends SapphireTest
|
||||
{
|
||||
@ -88,11 +86,11 @@ class DataObjectTest extends SapphireTest
|
||||
|
||||
// Test with table required
|
||||
$this->assertEquals(
|
||||
DataObjectTest\TeamComment::class.'.Varchar',
|
||||
DataObjectTest\TeamComment::class . '.Varchar',
|
||||
$schema->fieldSpec(DataObjectTest\TeamComment::class, 'Name', DataObjectSchema::INCLUDE_CLASS)
|
||||
);
|
||||
$this->assertEquals(
|
||||
DataObjectTest\TeamComment::class.'.Text',
|
||||
DataObjectTest\TeamComment::class . '.Text',
|
||||
$schema->fieldSpec(DataObjectTest\TeamComment::class, 'Comment', DataObjectSchema::INCLUDE_CLASS)
|
||||
);
|
||||
$dbFields = $schema->fieldSpecs(DataObjectTest\ExtendedTeamComment::class);
|
||||
@ -706,8 +704,8 @@ class DataObjectTest extends SapphireTest
|
||||
$obj->getChangedFields(true, DataObject::CHANGE_VALUE),
|
||||
array(
|
||||
'FirstName' => array(
|
||||
'before'=>'Captain',
|
||||
'after'=>'Captain-changed',
|
||||
'before' => 'Captain',
|
||||
'after' => 'Captain-changed',
|
||||
'level' => DataObject::CHANGE_VALUE
|
||||
)
|
||||
),
|
||||
@ -1191,15 +1189,13 @@ class DataObjectTest extends SapphireTest
|
||||
$summaryFields = $team->summaryFields();
|
||||
|
||||
$this->assertEquals(
|
||||
'Custom Title',
|
||||
$summaryFields['Title'],
|
||||
'Custom title is preserved'
|
||||
);
|
||||
|
||||
$this->assertEquals(
|
||||
'Captain\'s shirt number',
|
||||
$summaryFields['Captain.ShirtNumber'],
|
||||
'Custom title on relation is preserved'
|
||||
[
|
||||
'Title' => 'Custom Title',
|
||||
'Title.UpperCase' => 'Title',
|
||||
'Captain.ShirtNumber' => 'Captain\'s shirt number',
|
||||
'Captain.FavouriteTeam.Title' => 'Captain\'s favourite team',
|
||||
],
|
||||
$summaryFields
|
||||
);
|
||||
}
|
||||
|
||||
@ -1461,7 +1457,7 @@ class DataObjectTest extends SapphireTest
|
||||
$this->expectExceptionMessage('Controller is not a valid subclass of DataObject');
|
||||
/**
|
||||
* @skipUpgrade
|
||||
*/
|
||||
*/
|
||||
$dataObject->newClassInstance('Controller');
|
||||
}
|
||||
|
||||
@ -1798,7 +1794,7 @@ class DataObjectTest extends SapphireTest
|
||||
$company = new DataObjectTest\Company();
|
||||
|
||||
$this->assertEquals(
|
||||
array (
|
||||
array(
|
||||
'CurrentStaff' => DataObjectTest\Staff::class,
|
||||
'PreviousStaff' => DataObjectTest\Staff::class
|
||||
),
|
||||
@ -1813,16 +1809,16 @@ class DataObjectTest extends SapphireTest
|
||||
);
|
||||
|
||||
$this->assertEquals(
|
||||
array (
|
||||
'CurrentStaff' => DataObjectTest\Staff::class.'.CurrentCompany',
|
||||
'PreviousStaff' => DataObjectTest\Staff::class.'.PreviousCompany'
|
||||
array(
|
||||
'CurrentStaff' => DataObjectTest\Staff::class . '.CurrentCompany',
|
||||
'PreviousStaff' => DataObjectTest\Staff::class . '.PreviousCompany'
|
||||
),
|
||||
$company->hasMany(false),
|
||||
'has_many returns field name data when $classOnly is false.'
|
||||
);
|
||||
|
||||
$this->assertEquals(
|
||||
DataObjectTest\Staff::class.'.CurrentCompany',
|
||||
DataObjectTest\Staff::class . '.CurrentCompany',
|
||||
DataObject::getSchema()->hasManyComponent(DataObjectTest\Company::class, 'CurrentStaff', false),
|
||||
'has_many returns field name data on single records when $classOnly is false.'
|
||||
);
|
||||
|
@ -59,7 +59,7 @@ class Team extends DataObject implements TestOnly
|
||||
);
|
||||
|
||||
private static $summary_fields = array(
|
||||
'Title' => 'Custom Title',
|
||||
'Title', // Overridden by Team_Extension
|
||||
'Title.UpperCase' => 'Title',
|
||||
'Captain.ShirtNumber' => 'Captain\'s shirt number',
|
||||
'Captain.FavouriteTeam.Title' => 'Captain\'s favourite team'
|
||||
|
@ -7,6 +7,10 @@ use SilverStripe\ORM\DataExtension;
|
||||
|
||||
class Team_Extension extends DataExtension implements TestOnly
|
||||
{
|
||||
private static $summary_fields = [
|
||||
'Title' => 'Custom Title', // override non-associative 'Title'
|
||||
];
|
||||
|
||||
private static $db = array(
|
||||
'ExtendedDatabaseField' => 'Varchar'
|
||||
);
|
||||
|
@ -3,6 +3,7 @@
|
||||
namespace SilverStripe\Security\Tests;
|
||||
|
||||
use SilverStripe\Control\Cookie;
|
||||
use SilverStripe\Core\Config\Config;
|
||||
use SilverStripe\Core\Convert;
|
||||
use SilverStripe\Core\Injector\Injector;
|
||||
use SilverStripe\Dev\FunctionalTest;
|
||||
@ -56,6 +57,22 @@ class MemberTest extends FunctionalTest
|
||||
Member::set_password_validator(null);
|
||||
}
|
||||
|
||||
public function testPasswordEncryptionUpdatedOnChangedPassword()
|
||||
{
|
||||
Config::modify()->set(Security::class, 'password_encryption_algorithm', 'none');
|
||||
$member = Member::create();
|
||||
$member->Password = 'password';
|
||||
$member->write();
|
||||
$this->assertEquals('password', $member->Password);
|
||||
$this->assertEquals('none', $member->PasswordEncryption);
|
||||
Config::modify()->set(Security::class, 'password_encryption_algorithm', 'blowfish');
|
||||
$member->Password = 'newpassword';
|
||||
$member->write();
|
||||
$this->assertNotEquals('password', $member->Password);
|
||||
$this->assertNotEquals('newpassword', $member->Password);
|
||||
$this->assertEquals('blowfish', $member->PasswordEncryption);
|
||||
}
|
||||
|
||||
public function testWriteDoesntMergeNewRecordWithExistingMember()
|
||||
{
|
||||
$this->expectException(ValidationException::class);
|
||||
@ -91,8 +108,8 @@ class MemberTest extends FunctionalTest
|
||||
$memberWithPassword->Password = 'mypassword';
|
||||
$memberWithPassword->write();
|
||||
$this->assertEquals(
|
||||
$memberWithPassword->PasswordEncryption,
|
||||
Security::config()->get('password_encryption_algorithm'),
|
||||
$memberWithPassword->PasswordEncryption,
|
||||
'Password encryption is set for new member records on first write (with setting "Password")'
|
||||
);
|
||||
|
||||
@ -104,27 +121,6 @@ class MemberTest extends FunctionalTest
|
||||
);
|
||||
}
|
||||
|
||||
public function testDefaultPasswordEncryptionDoesntChangeExistingMembers()
|
||||
{
|
||||
$member = new Member();
|
||||
$member->Password = 'mypassword';
|
||||
$member->PasswordEncryption = 'sha1_v2.4';
|
||||
$member->write();
|
||||
|
||||
Security::config()->set('password_encryption_algorithm', 'none');
|
||||
|
||||
$member->Password = 'mynewpassword';
|
||||
$member->write();
|
||||
|
||||
$this->assertEquals(
|
||||
$member->PasswordEncryption,
|
||||
'sha1_v2.4'
|
||||
);
|
||||
$auth = new MemberAuthenticator();
|
||||
$result = $auth->checkPassword($member, 'mynewpassword');
|
||||
$this->assertTrue($result->isValid());
|
||||
}
|
||||
|
||||
public function testKeepsEncryptionOnEmptyPasswords()
|
||||
{
|
||||
$member = new Member();
|
||||
@ -136,8 +132,8 @@ class MemberTest extends FunctionalTest
|
||||
$member->write();
|
||||
|
||||
$this->assertEquals(
|
||||
$member->PasswordEncryption,
|
||||
'sha1_v2.4'
|
||||
Security::config()->get('password_encryption_algorithm'),
|
||||
$member->PasswordEncryption
|
||||
);
|
||||
$auth = new MemberAuthenticator();
|
||||
$result = $auth->checkPassword($member, '');
|
||||
|
Loading…
x
Reference in New Issue
Block a user