Commit Graph

407 Commits

Author SHA1 Message Date
Hamish Friedlander
0a79ac3592 Merge branch 'origin/3.1'
Conflicts:
	templates/forms/CheckboxSetField.ss
	templates/forms/FormField_holder.ss
	templates/forms/OptionsetField.ss
2013-07-19 16:25:38 +12:00
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
Andrew Short
8a62593754 Merge branch '3.1' 2013-07-10 18:27:19 +10:00
Simon Welsh
e5ed8f1ef2 Merge branch '3.0' into 3.1 2013-07-10 12:31:38 +12:00
Simon Welsh
b506eb1b29 Use httpError() instead of non-existent HTTPResponse_Exception class 2013-07-10 12:30:27 +12:00
Simon Welsh
fbce9fd7cd Merge branch '3.1'
Conflicts:
	.travis.yml
	docs/en/misc/contributing/code.md
	javascript/HtmlEditorField.js
2013-07-05 10:22:58 +12:00
Ingo Schommer
a9f150126c Fix CMSBatchActionHandler::$allowed_actions
Regression from earlier API change to deny actions unless specified
2013-06-28 10:07:57 +02:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
ARNHOE
6e7cae50fd Updated helplink to 3.1 2013-06-22 18:08:25 +02:00
Tom Densham
3596892001 FIX: GridField button styling
Remove all top/bottom margins from buttons and apply to GridFieldButtonRow component. Ensure that all buttons are added to a suitable GridFieldButtonRow in ModelAdmin, SecurityAdmin and Group.
2013-06-21 14:22:00 +01:00
Ingo Schommer
94b4237372 Merge remote-tracking branch 'origin/3.1' 2013-06-19 11:17:33 +02:00
Sean Harvey
726e4c313e Merge pull request #2084 from chillu/pulls/cmsform
Handle ValidationException on CMS forms
2013-06-18 14:41:51 -07:00
Ingo Schommer
d42cbdd613 Removed "Last visited" from admin/myprofile (fixes #648)
It doesn't make any sense in this context
2013-06-13 15:01:23 +02:00
Ingo Schommer
bfff11eb9c API New CMSForm class to allow validation responses in CMS (fixes #1777)
Thanks to @willmorgan for getting this discussion started
(see https://github.com/silverstripe/sapphire/pull/1814).
2013-06-13 07:51:05 +02:00
Will Rossiter
db85f3ca16 FIX extra_requirements to accept non associative arrays.
Added unit tests for extra_requirements_js and extra_requirements_css.

Fixed YAML documentation to indicate list syntax.
2013-06-02 13:37:34 +12:00
Ingo Schommer
5a1d476e8d Merge branch 'idvalidattr' of git://github.com/wilr/sapphire into wilr-idvalidattr 2013-05-31 19:27:19 +02:00
Sam Minnee
4548b67538 NEW: Add LeftAndMain.session_keepalive_ping config option.
The Session-keepalive ping that is built into LeftAndMain (i.e. all of the CMS admin) can now be
turned off.  The main reason you would want to do this is if you have enabled Session.timeout,
and you want users to be locked out of the CMS after a period.
2013-05-31 16:27:30 +12:00
Sean Harvey
a29c51d2db Merge pull request #2032 from phptek/bug/revert-9741d1
BUGFIX: Removed regression introduced in 9741d1.
2013-05-29 21:13:22 -07:00
Russell Michell
b154c0f0e7 BUGFIX: Removed regression introduced in 9741d1. With the former in place, CMS authors can no longer perform batch publish actions 2013-05-30 16:05:56 +12:00
Ingo Schommer
bd918915e2 Merge pull request #2023 from g4b0/left-and-main-classes
BUG: correct handling of multiple classes
2013-05-29 07:23:26 -07:00
Loz Calver
9be5f07231 Fixes for LeftAndMain::require_themed_css()
LeftAndMain::require_themed_css() was setting an incorrect property, and a typo meant that those requirements would never be detected anyway
2013-05-28 15:48:23 +01:00
g4b0
9fc58feb03 BUG: correct handling of multiple classes 2013-05-28 16:25:25 +02:00
Will Rossiter
e1ce3e15d8 PHPDoc updates 2013-05-26 11:11:54 +12:00
Ingo Schommer
67d1327b90 Avoid collision of status flags in tree items when updating tree nodes
Fixes silverstripe/silverstripe-cms#445
See https://github.com/silverstripe/silverstripe-framework/pull/1996
Thanks to Jean-Fabien for getting this started
2013-05-25 11:27:50 +02:00
Russell Michell
9741d1f63b BUGFIX: Pages set as 'deletedindraft' were allowed to be published through CMS batch-actions leaving an empty title in the SiteTree. 2013-05-24 15:40:46 +12:00
Will Rossiter
ddcfcf7bed Update @package, @subpackage labels
Cleanup of framework's use of @package and @subpackage labels and additional of labels for classes missing packages.

Moved all GridField related components to the one name.

Countless spelling fixes, grammar for other comments.

Link ClassName references in file headers.
2013-05-21 22:24:41 +12:00
Ingo Schommer
e5d3a1da6b Disable ContentNegotiator in CMS (fixes #1850) 2013-05-08 23:45:53 +02:00
Ingo Schommer
310bc8d09c Better default icon for ModelAdmin
Cogwheels doesn't really communicate its meaning well...
New icon is from http://thenounproject.com/noun/database/#icon-No6001,
doesn't require permanent attribution (CC0)
2013-04-09 13:43:32 +02:00
Ingo Schommer
17362f9474 Showing "Help" menu item below "Settings" 2013-04-09 12:20:20 +02:00
Ingo Schommer
7d600f57d5 CMSMenu sort order (fixes #1716)
Regression caused by b645703eb9
2013-04-09 12:19:33 +02:00
Sam Minnee
e6d8280296 Removed notice-level erorr in CMS page list. 2013-04-09 11:42:30 +12:00
Ingo Schommer
01f46d039f NEW Enforce max node counts to avoid excessive resource usage
Rendering potentially 1000s of nodes can exceed the CPU and memory constraints
of a normal PHP process, as well as the rendering capabilities of browsers.
Set a hard maximum for the renderable nodes, deferring to a "show as list" action
in the main CMS tree. For TreeDropdownField, we don't have the list fallback option,
so ask the user to search for the node title instead.

Also makes both the "node_threshold_total" and "node_threshold_leaf" values configurable
2013-04-09 10:24:18 +12:00
Ingo Schommer
828ac7fe4f API Replaced SSViewer.custom_theme with SSViewer.theme_enabled
Since we can't influence the setting of configuration values,
we also can't set/unset the 'custom_theme' value based on which
theme is set. This means the 'custom_theme' value goes stale,
and we can't rely on it e.g. in FilesystemPublisher.

The 'theme_enabled' toggle is a cleaner solution to the same problem,
since the 'custom_theme' was really just a way to remember the original
theme, while still disabling it. The toggle makes this more explicit,
but also requires users of the 'theme' setting to check for it.
2013-04-07 23:59:10 +02:00
Ingo Schommer
1dda9ae45f Fixed extra_requirements docs 2013-04-05 15:35:30 +02:00
g4b0
f033321adc Solved json obj to array issue 2013-03-28 22:06:37 +01:00
g4b0
93428bd8f2 Solved json obj to array issue 2013-03-28 14:52:13 +01:00
Ingo Schommer
3c30c36b71 Fixed help_link config usage 2013-03-27 21:48:55 +01:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
53c84ee1fe Merge remote-tracking branch 'origin/3.0' into 3.1 2013-03-19 14:04:29 +01:00
Ingo Schommer
52ffb307a7 Fixed ValidationException handling in LeftAndMain
getResult() isn't always available, and has the same content
as the native Exception->getMessage() anyway
2013-03-19 14:02:28 +01:00
Andrew Short
b8a51c3792 Merge branch '3.0' into 3.1 2013-03-19 22:27:09 +11:00
Ingo Schommer
dd6f33ab37 FIX Respect tree node limits, fix search result node display
- Renamed $minNodeCount to more accurate $nodeCountThreshold
- The $minNodeCount attribute wasn't properly respected
during actual querying, so SilverStripe would always traverse
the entire tree (and load all objects into memory),
before then marking nodes as "unexpanded", which prevents
them from actually being rendered.
- Fixes nodes on search results to be expanded by default
- Fixes nodes on search results to correctly ajax-expand
2013-03-19 00:05:14 +01:00
Andrew Short
6ae931df24 Merge branch '3.0' into 3.1 2013-03-15 21:47:23 +11:00
Ingo Schommer
b81f39aee5 API Handle uncaught ValidationException on CMS controller execution
This removes the need for a lot of boilerplate code
around DataObject->write() logic, and avoids generic 500 errors
on user-level failures. This should really be a per-project choice,
but at the moment request handling doesn't allow to configure
custom exception handling.
2013-03-08 12:55:30 +01:00
Ingo Schommer
2b6d735182 Using composer.lock for LeftAndMain->CMSVersion()
See https://github.com/silverstripe/silverstripe-cms/pull/289 for context
2013-02-28 13:38:19 +01:00
Ingo Schommer
64b465f0cb Merge pull request #1143 from svandragt/3.1
ENHANCEMENT Sort menu items according to priority descending, then title ascending
2013-02-27 01:25:49 -08:00
Hamish Friedlander
4b54383d68 API change request handling to be more orthogonal
RequestHandler#handleAction now exists. It takes the request, and
the action to call on itself. All calls from handleRequest to call an action
will go through this method

Controller#handleAction has had it's signature changed to
match new RequestHandler#handleAction

RequestHandler#findAction has been added, which extracts the
"match URL to rules to find action" portion of RequestHandler#handleRequest
into a separate, overrideable function

GridField#handleAction has beeen renamed to handleAlterAction and
CMSBatchActionHandler#handleAction has been renamed to handleBatchAction to
avoid name clash with new RequestHandler#handleAction

Reason for change: The exact behaviour of request handling depended heavily
on whether you inherited from RequestHandler or Controller, and whether the
rule extracted it's action directly (like "foo/$ID" => 'foo') or dynamically
(like "$Action/$ID" => "handleAction"). This cleans up behaviour so
all calls follow the same path through handleRequest and handleAction, and
the additional behaviour that Controller adds is clear.
2013-02-18 14:56:04 +13:00
Sander van Dragt
b645703eb9 Sort menu items according to priority descending, then title ascending 2013-01-29 15:30:35 +00:00
Ingo Schommer
072b485f66 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	lang/en.yml
2013-01-22 12:05:48 +01:00
Ingo Schommer
f7c8778466 Breadcrumb/back nav in ModelAdmin now retains search params 2013-01-21 12:04:20 +01:00
Ingo Schommer
c11b3918fc Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	core/PaginatedList.php
	email/Mailer.php
2013-01-21 11:14:57 +01:00
Ingo Schommer
89176e8f5d Unescaped breadcrumbs for inline groups display (fixes #7936) 2013-01-21 08:51:16 +01:00
Nicolaas
7523fe4ef7 Update admin/code/ModelAdmin.php
Changed "Clear Database before import" - which is incorrect (not the whole database gets wiped, only the data in the model at hand) with the simpler: "replace data".
2013-01-19 22:38:55 +13:00
Jeremy Bridson
a93f8841d7 BUGFIX:fixed broken styling of iframe in IE for member and group import 2013-01-15 00:57:47 +01:00
Loz Calver
8066376290 ENHANCEMENT: LeftAndMain breadcrumbs to use MenuTitle
Breadcrumbs in the CMS currently only use title, when MenuTitle is
probably more appropriate (if it is set).
2012-12-17 17:41:04 +01:00
uniun
77212c0647 CMS Titles does not support UTF-8
Title in CMS is set using header X-Title. But UTF-8 characters can't be used in HTTP headers. So the title should be encoded just before sending X-Title header and decoded before setting HTML document title (fixes #7942).
2012-12-17 17:36:00 +01:00
Ingo Schommer
b3657147bf BUG Remove "delete" button from "My Profile" (fixes #8121) 2012-12-15 20:02:17 +01:00
Naomi Guyer
5cef05ebea Separate out ActionTabSet functionality into a new file & clean up. 2012-12-13 17:43:25 +01:00
Simon Welsh
b0121b541c Add codesniffer that ensures indentation is with tabs. 2012-12-12 17:33:31 +13:00
Simon Welsh
fc5dd2994c Add codesniffer that ensures indentation is with tabs. 2012-12-12 00:12:11 +13:00
Mateusz Uzdowski
4fa2b0f3ff API Support disabling/enabling of previews.
This fixes the problem of panels flipping back to the Pages section if
loading a non-previewable section, and also initialisation problems.
2012-12-10 17:52:01 +01:00
Mateusz Uzdowski
8f5acd70b3 API Move state to enwtine properties, provide API for preview.
Also the preview state is now kept between panel loads. We also use a
redraw function to update appearance based on the state.
2012-12-10 17:52:01 +01:00
Mateusz Uzdowski
d4f13fe532 API Refactor the CMS layouting to provide access to options.
It is now possible to change the threeColumnLayout width options for the
columns via entwine property LayoutOptions and accessor methods.

Thanks @robert-h-curry, @clarkepaul for contributing!
2012-12-10 17:52:01 +01:00
Mateusz Uzdowski
f4b080ee06 NEW Side by side editing functionality - first cut (os#7412)
Introduces a preview window that appears when the screen is wide enough,
removes old preview button, adds a draft-public switch, adds variety of
preview options which are not hooked up yet.

Goes along with cms commit fa3738a9f4c5181eabf18a77ca89792d31592250
2012-12-10 17:51:35 +01:00
Ingo Schommer
4d106aa998 BUG Fixed unintentional ParentID reset in "add page" form
Side effects from old JS hanging around which was no longer used.
See d364070941
for background discussion.
2012-12-04 11:30:29 +01:00
Ingo Schommer
c55c7c33f8 Merge branch '3.0'
Conflicts:
	admin/code/CMSProfileController.php
	composer.json
	tests/model/DataObjectTest.php
2012-11-22 23:51:28 +01:00
Sean Harvey
6a9617bf6b Remove deprecated LeftAndMainDecorator, use LeftAndMainExtension instead 2012-11-15 14:43:11 +13:00
Loz Calver
ea2dc9da0e ENHANCEMENT: Add ability to change URL for SS logo in CMS Menu 2012-11-09 11:06:04 +01:00
Sean Harvey
aec59de955 Adding title to CMSProfileController so translations get default 2012-11-07 11:41:48 +13:00
Andrew O'Neil
0c8de0a1de APICHANGE: Use late static binding for Object::has_extension() 2012-11-07 11:07:55 +13:00
Ingo Schommer
3214a0a756 Merge remote-tracking branch 'origin/3.0'
Conflicts:
	admin/css/screen.css
2012-11-06 19:56:34 +01:00
Ingo Schommer
ff39f9ad38 Upgrade jQuery UI to 1.9
- Fixed jQuery.tabs remote tabs loading behaviour (see http://forum.jquery.com/topic/tabs-api-redesign)
2012-11-06 19:45:56 +01:00
Sean Harvey
169366a011 Merge branch '3.0' 2012-11-06 13:04:21 +13:00
Sean Harvey
3451da001a BUG Fixing session keep alive for non-ADMIN users
SecurityAdmin isn't always available for CMS users, as they might
not have permission to view that section. This fixes the problem
with session keep alive by moving the ping to Security/ping, which
is available for all users.
2012-11-05 15:41:10 +13:00
Sean Harvey
fbc6e3366b Merge branch '3.0' 2012-11-05 15:11:48 +13:00
Sean Harvey
7a7c1a6857 BUG Escape tree title 2012-11-05 13:19:02 +13:00
Simon Welsh
0b279a2cbc Changes ping to POST and clears Requirements for ping
GET requests can, and do, get cached. Using POST forces them not to.
Clears requirements so that the SecurityAdmin JS isn't injected.
2012-11-01 21:15:43 +13:00
Ingo Schommer
bcbf4636fc BUG Remove .ss-tabset class from CMS tabs to prevent rogue ajax load (#7980)
The existence of .ss-tabset triggers JS which applies $.tabs(),
and in turn interprets the first available link as the tab navigation.
jQuery UI subsequently tries to ajax-load this link, which is not
desired. Instead, $.tabs() should *only* be applied to a container
DOM element with .cms-tabset applied.
2012-11-01 00:25:13 +01:00
Ingo Schommer
08832261c1 Fixed merge errors in CMSProfileController 2012-10-30 18:03:49 +01:00
Ingo Schommer
efabde1416 Merge remote-tracking branch 'origin/3.0'
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	security/Member.php
2012-10-30 17:52:49 +01:00
Saophalkun Ponlu
e3a27ea7da CMS member profile now is no longer in a popup (#7880) 2012-10-08 12:57:55 +02:00
Sam Minnee
1f7fc1f76a FIX Remove instances of lines longer than 120c
The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit.  This is in preparation for the enforcement of this rule with PHP_CodeSniffer.
2012-09-30 17:18:13 +13:00
Simon Erkelens
f991401a52 Translation possible for clear before import
I couldn't figure out why it wouldn't translate...
2012-09-28 09:45:16 +03:00
Ingo Schommer
e2f073f38a Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
Ingo Schommer
2f643817a4 LeftAndMain::$session_namespace
More fine-grained control over session storage,
particularly when reusing the "current page" state.
2012-08-29 15:10:05 +02:00
martimiz
82500dd4c4 NEW Custom menu icons for the CMS main menu
Add optional custom menu icons to the CMS main menu for every class
extending LeftAndMain (ModelAdmin). Works by setting optional static
$menu_icon = '/path/to/image' and providing custom styling for added
icons. Works for the menu as well as icon in the right-side (GridField) pane header.
2012-08-29 13:14:59 +02:00
Hamish Friedlander
05fade3249 FIX 7763 TreeDropdownField needs to refresh after CMS edit form save 2012-08-29 10:52:56 +12:00
Kirk Mayo
3e351bc421 BUG: open ticket 7812 correcting filter syntax on a DataObject used by function updatetreenodes 2012-08-27 14:41:07 +12:00
Ingo Schommer
2fab657fce i18n for CMS section titles (see #7798) 2012-08-26 23:58:31 +02:00
Hamish Friedlander
b560d258d3 Re-enable Entwine Inspector in CMS & document 2012-08-20 11:26:11 +12:00
Ingo Schommer
c7fd9a6605 CMS Localization 2012-08-10 00:17:34 +02:00
Ingo Schommer
77d939f0b2 CMS Localization 2012-08-09 23:55:30 +02:00
Hamish Friedlander
22d6c7afa4 BUG Updating node would position wrong, Sort isnt === offset 2012-07-23 22:15:11 +12:00
Ingo Schommer
120de7cba2 NEW Tree node updates after save (fixes #7450, #7389)
- Updates icon, badges, title, and position in hierarchy
- New LeftAndMain_TreeNode API to allow rendering of single tree nodes
without their hierarchy, extracted from LeftAndMain->getSiteTreeFor()
- New LeftAndMain->updatetreenodes() endpoint to request updated state
for one or more nodes. Triggered on demand by form refreshes.
2012-07-23 17:21:49 +12:00
Ingo Schommer
faff2c122d Localized CMS breadcrumbs title 2012-07-18 13:51:12 +02:00
Ingo Schommer
d4b8db27af Marking fake LeftAndMain->redirect() responses as finished
Introduce new LeftAndMain_HTTPResponse class for this purpose,
to mark a response as finished regardless of HTTP status.
This is required for ajax responses which do redirects on app layer
rather than HTTP (to avoid double processing).

Specifically required to decorate LeftAndMain->init()
in the 'translatable' module (TranslatableCMSMainExtension),
which marks the response as finished through its redirect,
avoiding further processing after init().
2012-07-16 23:30:59 +02:00
Ingo Schommer
712f28bc78 Scoped deprecation messages (fixes #7645) 2012-07-13 11:37:35 +02:00
Simon Welsh
8d670283c9 FIX Santise model classes in ModelAdmin
As ModelAdmin puts classes directly into links, a namespaced class
has its \s turned into /s, breaking the links. This escapes them by
converting each \ to a -, then converting them back when loading.
2012-06-29 13:52:33 +12:00
Ingo Schommer
ba9c3c7b8e BUGFIX Type checking in CMS URL params (fixes #7187)
Nasty issue where nested requests to sub-controllers within LeftAndMain->EditForm() would fail because of
LeftAndMain->currentPageID() being taken from the URL, even though it was a field action name.
Example: POST /admin/pages/edit/EditForm/field/MyGridField/item/1/ItemEditForm/field/MyUploadField/upload
The current ID would be detected as "field" in this case.
Bug was previously fixed for AssetAdmin.
2012-06-22 17:47:45 +02:00
Hamish Friedlander
03469230ff BUGFIX: Add batch handler status messages (fixes #7427)
7427 was mostly fixed by Ingos previous patch. But two batch actions, delete from draft site and delete from published site werent returning
status messages. Abstracted out the status preperation code that the batch actions that were returning status messages were using, and
used that to add status messages to the problem two
2012-06-22 13:59:08 +12:00