Thomas Portelange
0586c55e62
prevent spaces in emails
...
so this is not the first time a customer of mine is just copy pasting stuff in emails fields and somehow, a space at the end skips validation. this update ensure there is no space before or after the email, it would probably save a lot of time for everyone to have this build in.
it's probably better to fix it here rather than at form level because this also happens for csv imports etc
2021-03-19 10:11:02 +01:00
William Desportes
c932d7e7fb
Fix the phpdoc blocks
2020-12-21 22:23:23 +01:00
Alessandro Marotta
f3d1e308e5
Update Member.php
...
The public function isLockedOut() in Member.php call LoginAttempt::getByEmail but serves to it the unique_identifier_field.
This PR could allow to extensions to patch the use of uniqueidentifierfield (otherwise it would be necessary to extends the Member Class to override the isLockedOut function, with a lot of problems)
2020-05-10 19:07:22 +02:00
Daniel Hensby
237b2d5f74
Convert array delcarations to short array syntax
2020-04-20 18:58:09 +01:00
Matt Clegg
e80f1b2b83
[DOCS] Member::logInAs is not a valid example
...
Member::logInAs doesn't exist as a static function.
Additionally, `logInAs` does exist as a function in SapphireTest.php, so, should this be updated to also use `Member::actAs` for consistency?
2020-03-31 18:20:21 +05:45
Robbie Averill
e8c2f963fd
FIX Member::getLastName() now correctly returns the Member surname
2019-09-06 12:12:27 -07:00
Hels666
22a6a5b1e3
NEW Add getLastName() method to Member.php ( #9222 )
...
* Add getLastName() method to Member.php
Add getLastName() method to Silverstripe\Security\Member.php to allow use of $LastName instead of $Surname in templates as it is a common mistake made
this is for issue #9219
as discussed in Slack on 04-Sep-2019
* Minor doc block clean-up
* Update src/Security/Member.php - typo fix
Co-Authored-By: Guy Marriott <guy@scopey.co.nz>
2019-09-06 20:31:22 +12:00
Robbie Averill
bae7e32680
FIX Member::changePassword() no longer applies password validation rules to the hashed value
2019-08-16 09:06:07 +12:00
Robbie Averill
ee24413c30
Merge branch '4.2' into 4
2018-10-03 15:28:05 +02:00
Robbie Averill
231d6d9a9f
FIX New members now receive the configured default locale, not the current locale
2018-09-28 16:25:10 +02:00
Robbie Averill
f842ee2eec
Update deprecation PHPDocs to be PSR-5 compliant
...
See: https://github.com/php-fig/fig-standards/blob/master/proposed/phpdoc-tags.md#55-deprecated
2018-09-28 10:49:14 +02:00
Anh Le
68f75a9e25
Password changing notification issue on new member
...
With `notify_password_change = true`, new member is receiving notification email regarding password changing when they should not.
2018-08-13 14:13:05 +07:00
Robbie Averill
c8b0bc0ad7
Merge branch '4.0' into 4.1
...
# Conflicts:
# src/ORM/DataObject.php
# tests/php/ORM/DataObjectDuplicationTest.php
# tests/php/ORM/DataObjectDuplicationTest/Class1.php
2018-05-30 14:52:07 +12:00
Robbie Averill
3a537bc745
Merge branch 'heads/4.0.4' into 4.0
2018-05-28 17:50:07 +12:00
Robbie Averill
722202fef4
Merge remote-tracking branch 'origin/4.0.4' into 4.1.1
...
# Conflicts:
# src/Control/Director.php
2018-05-24 15:41:11 +12:00
Damian Mooyman
e409d6f673
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-14 17:10:22 +12:00
azt3k
6b39b25e20
Fixes a count() php warning without an api change
...
Warning: count(): Parameter must be an array or an object that implements Countable in /path/to/vendor/silverstripe/framework/src/Security/Member.php on line 1355
2018-04-27 09:31:07 +01:00
Damian Mooyman
625f7b4eee
Merge remote-tracking branch 'origin/4.0' into 4.1
2018-03-13 14:26:18 +13:00
JorisDebonnet
3e0984db49
Delete orphaned Group_Members records after deleting a Member
2018-02-27 19:47:26 +01:00
Damian Mooyman
2f1f5c0caa
Merge remote-tracking branch 'origin/4.0' into 4
2018-02-07 11:48:46 +13:00
Daniel Hensby
660dfd34a8
FIX Issue where default admin has no password encryption
2018-02-06 20:18:32 +00:00
Damian Mooyman
bc2fc7f2db
BUG Prevent invalid members being written to database if validation_enabled is false
2018-02-01 16:24:31 +13:00
Christopher Joe
456871fd91
Enhancement Updated PasswordValidator to fallback to config options - still retains instance variables
2018-01-31 10:54:43 +13:00
Daniel Hensby
db610aaf3b
Fixing string concat CS issues
2018-01-16 18:39:30 +00:00
Daniel Hensby
1c72d6946d
Merge branch '3.6' into 4.0
2017-12-14 21:01:35 +00:00
Damian Mooyman
f1dd3d6f03
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt
2017-11-30 17:00:49 +13:00
Robbie Averill
897cba55cb
FIX Move Member log out extension points to non-deprecated methods
2017-11-02 11:39:02 +13:00
Robbie Averill
413034f684
Remove psuedo-property SetPassword from Member
2017-10-05 16:55:24 +13:00
Robbie Averill
cdf6ae45a3
NEW Ensure changePassword is called by onBeforeWrite for a consistent API
2017-10-05 16:14:15 +13:00
Robbie Averill
6b52412693
NEW Make Member::changePassword extensible
2017-10-05 11:18:34 +13:00
Damian Mooyman
f4b1417612
ENHANCEMENT Use less expensive i18n defaults in Member::populateDefaults()
...
Fixes #7381
2017-09-29 16:40:17 +13:00
Loz Calver
7431122b58
Make auto login token expiry configurable ( closes #7278 )
2017-09-18 14:06:13 +01:00
Damian Mooyman
f65e3627dc
BUG Implement or exclude all pending upgrader deltas
2017-07-03 12:21:47 +12:00
Daniel Hensby
30986b4ea3
[SS-2017-002] FIX Lock out users who dont exist in the DB
2017-06-29 13:58:55 +12:00
Sam Minnee
254204a3a6
NEW: Replace AuthenticationRequestFilter with AuthenticationMiddleware
2017-06-27 13:32:39 +12:00
Ingo Schommer
fa568e333e
Fixed linting errors
2017-06-23 11:19:16 +12:00
Damian Mooyman
3873e4ba00
API Refactor bootstrap, request handling
...
See https://github.com/silverstripe/silverstripe-framework/pull/7037
and https://github.com/silverstripe/silverstripe-framework/issues/6681
Squashed commit of the following:
commit 8f65e5653276f95944fa9379834cb4188ce35d827ed4660e7a738f50c4976279d28e5e5c90d53a84f9b2ba47555b59a912b6e2c4a18f635d235e64f3d88d4ed4e4f7946aec3312bd31f936bba97911462a10c2397bd75a8d1d9306364af3c32a278e2953b65c21241bd1d4375c95b220534f06603704165c2f6336a15bfc7188da7da0ae723514ca03395251c66d433977f26ae75c6e001d559662de079c041d
2017-06-22 22:50:45 +12:00
Damian Mooyman
024371c37e
API Change authentication ValidationResult handling to pass by-reference
2017-06-15 17:25:23 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services
...
API Improve validation of authentication process
2017-06-15 15:53:57 +12:00
Simon Erkelens
576eee72dc
Remove DefaultAdmin things from Security and Member into the MemberAuthenticator, unifying and removing duplicate code.
2017-06-15 14:20:29 +12:00
Damian Mooyman
62753b3cb1
Cleanup and RequestFilter refactor
2017-06-09 15:07:35 +12:00
Simon Erkelens
082db89550
Feedback from Damian.
...
- Move the success and message to a validationresult
- Fix tests for validationresult return
- We need to clear the session in Test logOut method
- Rename to MemberAuthenticator and CMSMemberAuthenticator for consistency.
- Unify all to getCurrentUser on Security
- ChangePasswordHandler removed from Security
- Update SapphireTest for CMS login/logout
- Get the Member ID correctly, if it's an object.
- Only enable "remember me" when it's allowed.
- Add flag to disable password logging
- Remove Subsites coupling, give it an extension hook to disable itself
- Change cascadeLogInTo to cascadeInTo for the logout method logic naming
- Docblocks
- Basicauth config
2017-06-08 17:50:20 +12:00
Simon Erkelens
2b26cafcff
Separate out the log-out handling.
...
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
2017-06-07 21:11:58 +12:00
Sam Minnee
f9ea752bae
NEW: Add AuthenticationHandler interface
...
NEW: Add IdentityStore for registering log-in / log-out data
NEW: Add AuthenticationRequestFilter for managing login
NEW: Add Security:setCurrentUser() / Security::getCurrentUser()
NEW: Add FunctionalTest::logOut()
2017-06-07 21:11:55 +12:00
Simon Erkelens
c4194f0ed2
CMS Login Handling
...
Move to canLogin in the authentication check. Protected isLockedOut
Enable login to be called with a different login service (CMSLogin), enabling CMS Log in. Seems the styling and/or output is still broken.
logOut could be managed from the Authenticator instead of the member
2017-06-07 21:11:54 +12:00
Damian Mooyman
0b70b008b3
API Implement InheritedPermission calculator ( #6877 )
...
* API Implement InheritedPermission calculator
* API Rename RootPermissions to DefaultPermissionChecker
API Refactor inherited permission fields into InheritedPermissionExtension
API Introduce PermissionChecker interface
2017-05-11 21:07:27 +12:00
Aaron Carlino
c99ed2d262
Reorganise i18n keys
2017-05-08 23:34:39 +12:00
Damian Mooyman
942c0257b7
API Upgrade to behat 3
2017-05-05 14:32:07 +12:00
Uncle Cheese
494cbd1875
Ran upgrader for lang files
2017-04-28 14:59:42 +12:00
Ingo Schommer
3b94d14e42
MERGE
2017-04-03 12:11:21 +12:00
