Merged from branches/2.3

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75572 467b73ca-7a2a-4603-9d3b-597d59a354a9

api/RestfulServer.php

@@ -383,29 +383,46 @@ class RestfulServer extends Controller {
 	 * current resolves in creatig a new element,
 	 * rather than a "Conflict" message.
 	 */
-	protected function postHandler($className, $id) {
+	protected function postHandler($className, $id, $relation) {
 		if($id) {
-			$this->response->setStatusCode(409);
-			return 'Conflict';
+			if(!$relation) {
+				$this->response->setStatusCode(409);
+				return 'Conflict';
+			}
+			
+			$obj = DataObject::get_by_id($className, $id);
+			if(!$obj) return $this->notFound();
+			
+			if(!$obj->hasMethod($relation)) {
+				return $this->notFound();
+			}
+			
+			if(!$obj->stat('allowed_actions') || !in_array($relation, $obj->stat('allowed_actions'))) {
+				return $this->permissionFailure();
+			}
+			
+			$obj->$relation();
+			
+			$this->getResponse()->setStatusCode(204); // No Content
+			return true;
+		} else {
+			if(!singleton($className)->canCreate()) return $this->permissionFailure();
+			$obj = new $className();
+		
+			$reqFormatter = $this->getRequestDataFormatter();
+			if(!$reqFormatter) return $this->unsupportedMediaType();
+		
+			$responseFormatter = $this->getResponseDataFormatter();
+		
+			$obj = $this->updateDataObject($obj, $reqFormatter);
+		
+			$this->getResponse()->setStatusCode(201); // Created
+			$this->getResponse()->addHeader('Content-Type', $responseFormatter->getOutputContentType());
+			$objHref = Director::absoluteURL(self::$api_base . "$obj->class/$obj->ID");
+			$this->getResponse()->addHeader('Location', $objHref);
+		
+			return $responseFormatter->convertDataObject($obj);
 		}
-		
-		if(!singleton($className)->canCreate()) return $this->permissionFailure();
-		$obj = new $className();
-		
-		$reqFormatter = $this->getRequestDataFormatter();
-		if(!$reqFormatter) return $this->unsupportedMediaType();
-		
-		$responseFormatter = $this->getResponseDataFormatter();
-		
-		$obj = $this->updateDataObject($obj, $reqFormatter);
-		
-		$this->getResponse()->setStatusCode(201); // Created
-		$this->getResponse()->addHeader('Content-Type', $responseFormatter->getOutputContentType());
-		$objHref = Director::absoluteURL(self::$api_base . "$obj->class/$obj->ID");
-		$this->getResponse()->addHeader('Location', $objHref);
-		
-		return $responseFormatter->convertDataObject($obj);
-		
 	}
 	
 	/**

core/Requirements.php

@@ -647,7 +647,7 @@ class Requirements_Backend {
 			$this->javascript(SAPPHIRE_DIR . '/javascript/i18n.js');
 
 			if(substr($langDir,-1) != '/') $langDir .= '/';
-		
+			
 			$this->javascript($langDir . i18n::default_locale() . '.js');
 			$this->javascript($langDir . i18n::get_locale() . '.js');
 		

core/SSViewer.php

@@ -123,7 +123,6 @@ class SSViewer extends Object {
 		if (isset($_GET['flush']) && $_GET['flush'] == 'all') {
 			if(Director::isDev() || Permission::check('ADMIN')) {
 				self::flush_template_cache();
-				Debug::message('flushed!');
 			} else {
 				Security::permissionFailure(null, 'Please log in as an administrator to flush the template cache.');
 			}

core/control/ContentController.php

@@ -262,7 +262,7 @@ JS
 				$surname = Convert::raw2xml($member->Surame);
 				$logInMessage = _t('ContentController.LOGGEDINAS', 'Logged in as') ." {$firstname} {$surname} - <a href=\"Security/logout\">". _t('ContentController.LOGOUT', 'Log out'). "</a>";
 			} else {
-				$logInMessage = _t('ContentController.NOTLOGGEDIN', 'Not logged in') ." - <a href='Security/login'>". _t('ContentController.LOGIN', 'Login') ."</a>";
+				$logInMessage = _t('ContentController.NOTLOGGEDIN', 'Not logged in') ." - <a href=\"Security/login\">". _t('ContentController.LOGIN', 'Login') ."</a>";
 			}
 			$viewPageIn = _t('ContentController.VIEWPAGEIN', 'View Page in:');
 			/**
@@ -423,4 +423,4 @@ HTML
 	}
 }
 
-?>
+?>

core/control/Controller.php

@@ -518,7 +518,7 @@ class Controller extends RequestHandler {
 	 */
 	function isAjax() {
 		return (
-			isset($this->requestParams['ajax']) ||
+			isset($this->requestParams['ajax']) || isset($_REQUEST['ajax']) ||
 			(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == "XMLHttpRequest")
 		);
 	}

core/control/Director.php

@@ -808,4 +808,4 @@ class Director {
 	}
 
 }
-?>
+?>

core/control/ModelAsController.php

@@ -18,7 +18,8 @@ class ModelAsController extends Controller implements NestedController {
 		// If the basic database hasn't been created, then build it.
 		if(!DB::isActive() || !ClassInfo::hasTable('SiteTree')) {
 			$this->response = new HTTPResponse();
-			$this->redirect("dev/build?returnURL=" . urlencode($_GET['url']));
+			$this->redirect("dev/build?returnURL=" . (isset($_GET['url']) ? urlencode($_GET['url']) : ''));
+			$this->popCurrent();
 			return $this->response;
 		}
 

core/model/DataObject.php

@@ -3142,6 +3142,11 @@ class DataObject extends ViewableData implements DataObjectInterface, i18nEntity
 	 */
 	public static $summary_fields = null;
 	
+	/**
+	 * Provides a list of allowed methods that can be called via RESTful api.
+	 */
+	public static $allowed_actions = null;
+	
 	/**
 	 * Collect all static properties on the object
 	 * which contain natural language, and need to be translated.

filesystem/Folder.php

@@ -448,4 +448,4 @@ HTML;
 	
 }
 
-?>
+?>

search/SearchContext.php

@@ -108,7 +108,7 @@ class SearchContext extends Object {
 		if($existingQuery) {
 			$query = $existingQuery;
 		} else {
-			$query = $model->buildSQL();
+			$query = $model->extendedSQL();
 		}
 
 		$SQL_limit = Convert::raw2sql($limit);