Commit Graph

12107 Commits

Author SHA1 Message Date
Ingo Schommer
e202d4b3b0 Behat: Avoid false positives in dropdown traversal
Was identifying fields like <input value="Select a page">
when querying for a drop down labelled "Page"
2013-09-14 19:50:21 +02:00
Ingo Schommer
8de227554e Behat: More verbose error message in HTML field assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
fde6b65769 Behat: Allow quoted HTML in assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
35a32d608d More specific behat tree assertion 2013-09-14 19:50:21 +02:00
Simon Welsh
55fc0265f4 Merge pull request #2419 from bilekt3/patch-1
Update 3.1.0-rc2.md
2013-09-13 14:33:41 -07:00
Ingo Schommer
5a0b4b0f03 Shorter behat feature name
Looks better in relishapp ;)
2013-09-13 18:52:02 +02:00
Tomáš Bílek
65d5f10e60 Update 3.1.0-rc2.md
Corrected RC number in heading of page.
2013-09-13 18:50:45 +02:00
Ingo Schommer
819eebb5dc Behat: Profile feature (steps only) 2013-09-13 18:44:17 +02:00
Ingo Schommer
aa80c4eed2 Behat feature indentation (no content changes) 2013-09-13 18:42:27 +02:00
lukepercy
e6f7f637f3 Added feature file for behat test
- Added content formatting behat feature file Updated Given statement for Insert link behat feature file
- Added Behat test feature file for alignment buttons Updated formatting buttons feature file to include strikethrough formatting
2013-09-13 17:00:43 +02:00
Will Rossiter
2c11710832 Fix for duplicate class definition introduced in ddcfcf7. 2013-09-13 19:26:06 +12:00
Sean Harvey
17fb7752db Skipping SQLQueryTest::testZeroLimitWithOffset() for MSSQLDatabase.
This test doesn't work on MSSQLDatabase.
2013-09-13 15:50:36 +12:00
Sean Harvey
bf1110d911 Adding a test for SQLQuery::setLimit() parsing OFFSET string clause. 2013-09-13 15:44:46 +12:00
Sean Harvey
e4ff3b8ec8 Merge pull request #2414 from phptek/issue/2398
FIX: Fixes #2398
2013-09-12 17:26:13 -07:00
Russell Michell
bbda63a16f MINOR: Corrected tests to use assertFalse|True() 2013-09-13 12:27:37 +12:00
Russell Michell
3aaa12f114 FIX: Fixes #2398
- hasAmount() failed to return true for values <= 0.99 and >= 0.01
- Added unit tests
2013-09-13 12:21:21 +12:00
Ingo Schommer
a7f38f7b4d Merge pull request #2413 from ss23/patch-1
Update 3.0.6.md
2013-09-12 16:08:04 -07:00
Stephen Shkardoon
f765696d26 Update 3.0.6.md
Add reference to information disclosure in Versioned.php (SS-2013-006)
2013-09-13 10:34:51 +12:00
Ingo Schommer
92c9febb99 Merge pull request #2406 from dangerdan/testing
Resubmitting pull request, changes to docs: topics/testing
2013-09-12 13:09:07 -07:00
Dan Brooks
6afad377cb Changes to topics/testing 2013-09-12 18:22:46 +01:00
Ingo Schommer
03d1d58148 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/code/SecurityAdmin.php
	css/AssetUploadField.css
	docs/en/topics/configuration.md
	security/PermissionRole.php
2013-09-12 17:33:36 +02:00
Ingo Schommer
c2b312d76f Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-09-12 17:24:42 +02:00
Ingo Schommer
7627d95555 Updated changelog 2013-09-12 17:02:13 +02:00
Ingo Schommer
505db1f731 Updated translations 2013-09-12 16:53:32 +02:00
Ingo Schommer
24bae3f922 Tagged 3.0.6-rc2 2013-09-12 16:48:20 +02:00
Ingo Schommer
a6b402f491 Added 3.0.6-rc2 changelog 2013-09-12 16:48:15 +02:00
Ingo Schommer
2da4d76c3b Updated translations 2013-09-12 16:37:12 +02:00
Ingo Schommer
7c99cb4668 Merge branch 'pulls/security-issues-august-3.0' into 3.0 2013-09-12 15:45:13 +02:00
Ingo Schommer
5e0315dc62 Safety note on DataObject::validation_enabled 2013-09-12 15:42:43 +02:00
Ingo Schommer
f803704d91 FIX Disallow permissions assign for APPLY_ROLES (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:43 +02:00
Ingo Schommer
8b5c8eab72 Linking to older security issue in change log
Mainly for consistency with the newer format
2013-09-12 15:42:43 +02:00
Ingo Schommer
05757efceb FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:43 +02:00
Ingo Schommer
6cff9671d4 FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-09-12 15:42:43 +02:00
Ingo Schommer
720c149aee FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:42 +02:00
Ingo Schommer
cb517fda9e Safety note on DataObject::$validation_enabled 2013-09-12 15:42:36 +02:00
Ingo Schommer
091c096dbf FIX Disallow permissions assign for APPLY_ROLES (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00
Ingo Schommer
a492d56f7c 3.1.0-rc2 changelog 2013-09-12 15:42:36 +02:00
Ingo Schommer
cfa88adf4b FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00
Ingo Schommer
46556b609e FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-09-12 15:42:35 +02:00
Ingo Schommer
68ca47b0dd FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:35 +02:00
Ingo Schommer
d747334737 Merge pull request #2401 from adrexia/tree-value
BUG: TreeDropdownField remove call to get value on search
2013-09-11 01:30:32 -07:00
Sean Harvey
a1939dccd1 Merge pull request #2400 from jbridson/patch-9
Update 2-extending-a-basic-site.md
2013-09-10 21:47:36 -07:00
Sean Harvey
c309867a1c Merge pull request #2373 from chillu/pulls/treedropdown-searchfield-default
Default TreeDropdown to "Title" search if $labelField isn't in DB
2013-09-10 21:45:40 -07:00
Sean Harvey
58da57dd1b Merge pull request #2390 from phptek/2389
Prevent circular refs in `GridFieldAddExistingAutocompleter` when linking DataObjects whose ID == current object's ID
2013-09-10 21:43:31 -07:00
Naomi Guyer
697972699d BUG: TreeDropdownField remove call to get value on search
This call was placing the id of the currently selected record into the
search box. Related to
https://github.com/silverstripe/silverstripe-framework/commit/93ea066f53
d5d2b2a19cf0dd2e9479a3fc5796f7
2013-09-11 13:22:27 +12:00
Simon Welsh
c2105db6d0 Count, not Length 2013-09-11 12:05:43 +12:00
jbridson
a4fbff4df5 Update 2-extending-a-basic-site.md
Fixed a few wording issues and added some clarity to links eg: Tutorial One (Building a basic site)
2013-09-11 11:20:41 +12:00
Ingo Schommer
8864256601 Merge pull request #2391 from halkyon/orderby_limit_aggregate
BUG Fixing SQLQuery::aggregate() adding ORDER BY when no limit.
2013-09-06 02:21:30 -07:00
Sean Harvey
95bb799e6f BUG Fixing SQLQuery::aggregate() adding ORDER BY when no limit.
DataQuery::initialiseQuery() will add a default sort to a query,
and when calling up an aggregate it will make a query like this
which doesn't make sense:

SELECT MAX("LastEdited") FROM "Member" ORDER BY "ID"

In this case there is no need to add the ORDER BY, and it will
break databases like MSSQL in cases such as
GenericTemplateGlobalProvider
which provides a default List() function for adding aggregates
into SSViewer template cacheblocks.

If we add a limit, however, then it does make sense:

SELECT MAX("LastEdited") FROM "Member" ORDER BY "ID" LIMIT 10

This fixes SQLQuery::aggregate() to NOT add an ORDER BY to an
aggregate call if there is no limit.
2013-09-06 18:11:11 +12:00
Sean Harvey
e43ca931d6 Merge pull request #2343 from chillu/pulls/security-404
Returning 404 on /Security, instead of Controller.ss template
2013-09-05 18:56:23 -07:00