Commit Graph

900 Commits

Author SHA1 Message Date
Ingo Schommer
091c096dbf FIX Disallow permissions assign for APPLY_ROLES (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00
Ingo Schommer
cfa88adf4b FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00
Ingo Schommer
68ca47b0dd FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:35 +02:00
Ingo Schommer
1c31c098ee FIX Correct Zend_Locale fallbacks in i18n/DateField/DateTimeField
Due to the recent change of translations to transifex, some
locales changed their names, which prompted a fix to
i18n::get_available_translations() (see 00ffe7294).
This caused a regression where short locales are determined
from the YAML file names (e.g. "en"), but weren't matched up
with fully qualified locales from get_available_translations() (e.g. "en_US").
Since this list is used in the admin/myprofile dropdown for the Member.Locale value,
it didn't match up with any entries and defaulted to the first one ("Africaans").

Note that the behaviour of admin/myprofile is still a bit weird:
It defaults the locale on new members to the one set for the current administrator.
So if a site defaults to en_US in _config.php, but the admin happens to view
his backend in de_DE, all members he creates default to de_DE as well.

Thanks to @tractorcow for contributing and peer reviewing!
2013-08-30 10:18:00 +02:00
Julian Seidenberg
17e0432252 BUG adding a more descriptive message when the CMS session times out. It used to say "Forbidden", now it says "Not logged in". 2013-08-06 17:27:37 +12:00
Mateusz Uzdowski
d4a6f7304e BUG First error should take precedence here. No further checks needed. 2013-07-19 08:54:52 +12:00
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Simon Welsh
1d5ac5876b Only redirect on logout if we're not already redirecting 2013-06-27 09:49:10 +12:00
Stig Lindqvist
2eafd63297 Merge pull request #2077 from halkyon/changepassword_validation_redirection_issue
BUG If BackURL set, validation errors send the user to wrong place.
2013-06-07 22:44:13 -07:00
Sean Harvey
83bff54ec2 BUG If BackURL set, validation errors send the user to wrong place.
If there's validation errors in the ChangePasswordForm, the user
is taken to the BackURL because redirectBack() will go there if
it's set.

Instead of this, just redirect back to the "changepassword" action
on the Security controller.
2013-06-08 11:34:58 +12:00
Sean Harvey
7862ececbd Allow PasswordValidator to be translated 2013-06-08 10:48:27 +12:00
Will Morgan
1c0ae76f8e Adding passwordless message instead of throwing an exception 2013-06-07 16:52:44 +02:00
Sam Minnée
628391e3f1 Merge pull request #1979 from nedmas/patch-1
BUGFIX: singleton('Group')->Members() fails
2013-05-24 19:45:54 -07:00
Ingo Schommer
016368afdc Merge pull request #1994 from mateusz/logout-cleanup
BUG Clean up the logOut and session destructon routines.
2013-05-24 16:01:42 -07:00
Tom Densham
d36fbfb1b2 BUGFIX: singleton('Group')->Members() fails
Running Members() on a Group that has no Db record causes UnsavedRelationList to be returned by DirectMembers() which in turn causes alterDataQuery() to fall over when called on an UnsavedRelationList. This just adds a simple check to prevent it.
2013-05-23 17:31:19 +02:00
Sean Harvey
ac2216dabc Merge pull request #1969 from robert-h-curry/patch-1
Only show direct members of a group in the members field
2013-05-22 20:28:17 -07:00
Mateusz Uzdowski
2f7fd967b2 BUG Clean up the logOut and session destructon routines. 2013-05-23 13:27:41 +12:00
Ingo Schommer
ee784c3663 Fix priority of Member->getHtmlEditorConfigForCMS() (silverstripe/silverstripe-cms#728) 2013-05-22 21:31:42 +02:00
Robert Curry
aeb5a2e42a Only show direct members of a group in the members field
The call to Members() includes members of child groups, which was causing any members added through the grid field to be added to the child groups as well.
2013-05-22 18:48:36 +12:00
Sean Harvey
abad856534 Use create() to instantiate Member_GroupSet on Member::Groups()
Keeps it consistent with how HasManyList and ManyManyList are
instantiated in DataObject.
2013-05-22 13:56:36 +12:00
Sean Harvey
15f7c884f8 Merge pull request #1756 from halkyon/permission_denied_hook
BUG Security::permissionFailure() fixing permissionDenied hook inconsistency
2013-05-13 02:15:58 -07:00
Ingo Schommer
3e88c98ca5 API Restrict MemberLoginForm to POST requests for increased security
CVE-2013-2653 - Thanks to Fara Rustein of Deloitte Argentina for reporting.
2013-05-08 10:25:28 +02:00
Josua2012
59be4a3be0 Allow custom ChangePasswordForm form
With this modification we can use Object::useCustomClass() to create a
custom ChangePasswordForm form:
Object::useCustomClass('ChangePasswordForm',
'CustomChangePasswordForm');
2013-05-08 09:39:39 +02:00
Will Morgan
8f6451612b Use correct config variable name in encrypt_password
Use correct config variable name in encrypt_password
Fixes https://github.com/silverstripe/sapphire/issues/1709
2013-04-28 09:58:42 +12:00
Marvin Dickhaus
ea558828c9 Group description in CMSFields 2013-04-14 22:11:19 +02:00
Sean Harvey
1eadff5a4f BUG Security::permissionFailure() fixing permissionDenied hook inconsistency
permissionDenied only works if Security::permissionFailure() is called when
there's currently no logged in Member. This fixes it so failed attempts
with logged in Member also includes the permissionDenied hook.

In addition, fix an undefined $member variable
2013-04-12 10:59:00 +12:00
Ingo Schommer
7d6edccb0a Marked Security.token as private 2013-04-09 01:48:20 +02:00
Ingo Schommer
cfafa19cc3 FIX Disallow group removal when member is edited in groups view
It would invalidate this view. Only allow group editing
for new members added to this group (with a group default),
and for members edited through the "root" view.
2013-04-05 00:51:24 +02:00
Will Rossiter
70144ad549 FIX: Groups should be able to have titles longer than 50 characters (Fixes: open/5611) 2013-03-26 22:05:37 +13:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
4cd6d00159 Fixed forceExpiry() usage 2013-03-19 10:49:52 +01:00
Ingo Schommer
b416e50bff Fixed deprecations 2013-03-19 10:38:14 +01:00
Ingo Schommer
bea1b9002d Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	control/HTTP.php
2013-02-26 13:28:35 +01:00
Ingo Schommer
0c6ac1960e Fixed whitespace usage 2013-02-18 15:43:52 +01:00
Ingo Schommer
92458d9f43 Fixed line lengths 2013-02-18 14:41:49 +01:00
Hamish Friedlander
7efae6b95f Merge remote-tracking branch 'origin/3.0' into 3.1 2013-02-18 14:31:57 +13:00
Ingo Schommer
30096ee730 BUGFIX Keep Member.PasswordEncryption setting on empty passwords
This will prevent empty passwords to set the encryption to 'none',
which in turn will store any subsequent password changes in cleartext.
Reproduceable e.g. with ConfirmedPasswordField and setCanBeEmpty(true).
2013-02-17 23:30:41 +01:00
Ingo Schommer
14a56c18e9 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	control/Director.php
2013-02-07 21:45:16 +01:00
Ingo Schommer
79eacb2439 FIX Group->canEdit() correct non-admin checks (fixes #8250)
Due to changed return value of DataObject::get(),
the (negated) check always returned false.
This wasn't noticed in 3.0 because Group->canEdit() is rarely
enforced, but does become noticeable in 3.1 where GridField
checks those object-level permissions.

Thanks to @purplespider for reporting!
2013-02-07 09:19:57 +01:00
Ingo Schommer
18c9a95996 API Removed 'BadLoginURL' session var from MemberLoginForm
It was never set in core, and is generally undocumented,
hence just unnecessarily increases the security surface
of this sensitive class.
2013-02-05 22:49:06 +01:00
Ingo Schommer
634c91c6ff Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	email/Mailer.php
2013-01-30 12:46:24 +01:00
Simon Welsh
c9f728fefb FIX Only check the remember token if a user exists 2013-01-30 09:17:47 +13:00
jean
c048a019f6 BUGFIX Avoid infinite redirection when logging out and when showing a custom login page after displaying the draft version of a page. 2013-01-29 19:24:37 +01:00
Sam Minnee
5f9348b016 FIX: Ensure that Security views respect redirections triggered by Page_Controller::init()
Sometimes Page_Controller::init() will trigger a redirection.  For example, it may redirect to a
canonical URL.  In this case, the Security views, which co-opt Page_Controller, need to respect
this.
2013-01-29 18:19:15 +01:00
Sam Minnee
f54697930e API CHANGE: Add a PermissionFailureException that can be thrown to trigger a log-in. 2013-01-29 18:10:42 +01:00
Sam Minnee
d8bfc0bb48 API CHANGE: Added Security::set_login_url() so that you can define an alternative log-in page if you have made one yourself. 2013-01-29 18:03:47 +01:00
Ingo Schommer
c11b3918fc Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	core/PaginatedList.php
	email/Mailer.php
2013-01-21 11:14:57 +01:00
Ingo Schommer
e74ec57756 BUG Permission checkbox display on members (fixes #8193) 2013-01-17 19:36:53 +01:00
Ingo Schommer
f07ad307e4 API Removed non-functional $join argument from DataObject::get() and other APIs
See 68bb74820
2013-01-09 18:28:55 +01:00