Commit Graph

384 Commits

Author SHA1 Message Date
Ingo Schommer
b56ca812dc Merge remote-tracking branch 'origin/3.1'
Conflicts:
	tests/security/MemberTest.php
2013-10-23 14:53:29 +02:00
Ingo Schommer
d7e10e620a Merge pull request #2537 from wilr/membervalidator
FIX: Use Injector API for managing Member_Validator instance.
2013-10-23 03:01:15 -07:00
Ingo Schommer
25b6175e67 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
	forms/FormField.php
2013-10-20 13:52:56 +02:00
Loz Calver
3bbfca820b Allow non-action buttons to pass through validation (fixes #2527)
The specific example for this issue is InlineFormField - results in actionName() on non-object error. See #2527 for context.

Include parentheses for coding conventions
2013-10-16 10:39:31 +01:00
Will Rossiter
813d34b15e FIX: Use Injector API for managing Member_Validator instance.
Updates the CMS profile page and SecurityAdmin to give developers a few ways to customise the required fields.

Added extension hook updateValidator for getValidator for things like modules to inject required fields to go along with Injector for replacing the entire class for project specific use.
2013-10-16 11:29:43 +13:00
Will Rossiter
8febaeafb9 Update docblocks 2013-10-15 11:29:58 +13:00
Ingo Schommer
8727d1b1eb Merge remote-tracking branch 'origin/3.1' 2013-10-10 12:11:50 +02:00
Andrew Short
ed9f8dcf1f BUG: Fix CMS forms with validation errors responding incorrectly.
A new form instance was being constructed for the response, which mean
that a lot of the validation information was lost. This fix means that:

* Enterered data is correctly persisted.
* A validation error notification is displayed.
2013-10-09 23:27:56 +11:00
Ingo Schommer
93558a6d62 Globalization in TreeDropdownField JS 2013-10-08 12:12:25 +02:00
Ingo Schommer
d485faf0c9 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
	forms/Form.php
2013-10-08 11:17:06 +02:00
Ingo Schommer
60fc7e5346 Merge remote-tracking branch 'origin/3.1' 2013-10-06 19:07:39 +02:00
Loz Calver
3172c7732e Allow setting of specific form actions that do not require validation
Move validation exemptions into CMSForm

Also fix buttonClicked() to skip CompositeField

Whitespace

Adding unit tests
2013-10-04 10:30:20 +01:00
Ingo Schommer
e7953f3b41 Merge pull request #2474 from wilr/externalcmslink
API: Add attributes argument for CMSMenuItem for external links
2013-10-02 02:38:56 -07:00
Will Rossiter
2d0a354405 API: Add attributes argument for CMSMenuItem.
Currently help menu item is the only external link in the CMS and the ability for it to work is hardcoded in the template. This request makes the target attribute definable by CMSMenu::add_link().

Adds documentation for how to add a basic external link to the CMS.
2013-10-02 19:06:54 +13:00
Ingo Schommer
455e550d9a Merge remote-tracking branch 'origin/3.1'
Conflicts:
	docs/en/topics/testing/create-silverstripe-test.md
	forms/Form.php
	i18n/i18n.php
	model/Image.php
2013-09-27 19:22:14 +02:00
Andrew Short
9e984b8c99 Add an extension hook for the batch actions form. 2013-09-27 15:46:01 +10:00
Ingo Schommer
debd81d380 Merge pull request #2453 from chillu/pulls/escape-3.1.0
Escaping 3.1
2013-09-25 16:02:45 -07:00
Ingo Schommer
78ce99be09 FIX Escape breadcrumbs in SecurityAdmin (SS-2013-007) 2013-09-24 21:41:18 +02:00
Ingo Schommer
1bb993b0b3 Form errors in LeftAndMain response negotiation
The session key for form errors changed from "Form_EditForm" to "CMSForm_EditForm",
causing a mismatch. See https://github.com/silverstripe/silverstripe-framework/pull/2084/files#r6338249 for discussion
2013-09-18 14:30:37 +02:00
Ingo Schommer
c2b312d76f Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-09-12 17:24:42 +02:00
Ingo Schommer
46556b609e FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-09-12 15:42:35 +02:00
Ingo Schommer
20b49e215c Merge pull request #2136 from nedmas/fix-remove-export-button-padding
FIX: GridField button styling
2013-08-30 00:24:21 -07:00
Ingo Schommer
2a35f2f928 Merge remote-tracking branch 'origin/3.1' 2013-08-07 17:34:11 +02:00
Ingo Schommer
afe06661ef Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/templates/Includes/LeftAndMain_Menu.ss
	admin/templates/Includes/ModelAdmin_ImportSpec.ss
	admin/templates/Includes/ModelAdmin_Tools.ss
	admin/templates/LeftAndMain.ss
	admin/templates/ModelSidebar.ss
	i18n/i18n.php
	templates/ComplexTableField.ss
	templates/ComplexTableField_popup.ss
	templates/FileIFrameField_iframe.ss
	templates/Includes/GridFieldItemEditView.ss
	templates/Includes/TableListField_PageControls.ss
	templates/RelationComplexTableField.ss
	templates/TableField.ss
	templates/TableListField.ss
2013-08-07 17:14:47 +02:00
Ingo Schommer
00ffe72944 Translations: Switch to Transifex format
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
  which SilverStripe's i18n system can't handle
  (needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
- Only allow selection of locales registered through i18n::$all_locales to avoid
  issues with unknown locales in Zend's CLDR database
2013-08-07 00:25:16 +02:00
Ingo Schommer
542728cd94 Merge remote-tracking branch 'origin/3.1' 2013-08-03 19:47:32 +02:00
Will Rossiter
919a8c21c3 FIX: pass controller as reference inside closure.
Non referenced causes segfaults on PHP <= 5.3.8 environments when opening subtrees in the CMS. Likely the cause of silverstripe-cms/issues/803.
2013-07-31 14:12:08 +12:00
Hamish Friedlander
0a79ac3592 Merge branch 'origin/3.1'
Conflicts:
	templates/forms/CheckboxSetField.ss
	templates/forms/FormField_holder.ss
	templates/forms/OptionsetField.ss
2013-07-19 16:25:38 +12:00
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
Andrew Short
8a62593754 Merge branch '3.1' 2013-07-10 18:27:19 +10:00
Simon Welsh
e5ed8f1ef2 Merge branch '3.0' into 3.1 2013-07-10 12:31:38 +12:00
Simon Welsh
b506eb1b29 Use httpError() instead of non-existent HTTPResponse_Exception class 2013-07-10 12:30:27 +12:00
Simon Welsh
fbce9fd7cd Merge branch '3.1'
Conflicts:
	.travis.yml
	docs/en/misc/contributing/code.md
	javascript/HtmlEditorField.js
2013-07-05 10:22:58 +12:00
Ingo Schommer
a9f150126c Fix CMSBatchActionHandler::$allowed_actions
Regression from earlier API change to deny actions unless specified
2013-06-28 10:07:57 +02:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
ARNHOE
6e7cae50fd Updated helplink to 3.1 2013-06-22 18:08:25 +02:00
Tom Densham
3596892001 FIX: GridField button styling
Remove all top/bottom margins from buttons and apply to GridFieldButtonRow component. Ensure that all buttons are added to a suitable GridFieldButtonRow in ModelAdmin, SecurityAdmin and Group.
2013-06-21 14:22:00 +01:00
Ingo Schommer
94b4237372 Merge remote-tracking branch 'origin/3.1' 2013-06-19 11:17:33 +02:00
Sean Harvey
726e4c313e Merge pull request #2084 from chillu/pulls/cmsform
Handle ValidationException on CMS forms
2013-06-18 14:41:51 -07:00
Ingo Schommer
d42cbdd613 Removed "Last visited" from admin/myprofile (fixes #648)
It doesn't make any sense in this context
2013-06-13 15:01:23 +02:00
Ingo Schommer
bfff11eb9c API New CMSForm class to allow validation responses in CMS (fixes #1777)
Thanks to @willmorgan for getting this discussion started
(see https://github.com/silverstripe/sapphire/pull/1814).
2013-06-13 07:51:05 +02:00
Will Rossiter
db85f3ca16 FIX extra_requirements to accept non associative arrays.
Added unit tests for extra_requirements_js and extra_requirements_css.

Fixed YAML documentation to indicate list syntax.
2013-06-02 13:37:34 +12:00
Ingo Schommer
5a1d476e8d Merge branch 'idvalidattr' of git://github.com/wilr/sapphire into wilr-idvalidattr 2013-05-31 19:27:19 +02:00
Sam Minnee
4548b67538 NEW: Add LeftAndMain.session_keepalive_ping config option.
The Session-keepalive ping that is built into LeftAndMain (i.e. all of the CMS admin) can now be
turned off.  The main reason you would want to do this is if you have enabled Session.timeout,
and you want users to be locked out of the CMS after a period.
2013-05-31 16:27:30 +12:00
Sean Harvey
a29c51d2db Merge pull request #2032 from phptek/bug/revert-9741d1
BUGFIX: Removed regression introduced in 9741d1.
2013-05-29 21:13:22 -07:00
Russell Michell
b154c0f0e7 BUGFIX: Removed regression introduced in 9741d1. With the former in place, CMS authors can no longer perform batch publish actions 2013-05-30 16:05:56 +12:00
Ingo Schommer
bd918915e2 Merge pull request #2023 from g4b0/left-and-main-classes
BUG: correct handling of multiple classes
2013-05-29 07:23:26 -07:00
Loz Calver
9be5f07231 Fixes for LeftAndMain::require_themed_css()
LeftAndMain::require_themed_css() was setting an incorrect property, and a typo meant that those requirements would never be detected anyway
2013-05-28 15:48:23 +01:00
g4b0
9fc58feb03 BUG: correct handling of multiple classes 2013-05-28 16:25:25 +02:00
Will Rossiter
e1ce3e15d8 PHPDoc updates 2013-05-26 11:11:54 +12:00