Commit Graph

2303 Commits

Author SHA1 Message Date
Hamish Friedlander
8801a50704 FIX oembed to avoid mixed media issues 2013-10-17 17:06:40 +13:00
Damian Mooyman
24950692cd BUG Fixes serious issue with FieldList::addFieldsToTab failing to accept multiple field groups.
Additional groups beyond the first are ignored.
Test cases included.
2013-10-17 15:38:22 +13:00
Will Rossiter
813d34b15e FIX: Use Injector API for managing Member_Validator instance.
Updates the CMS profile page and SecurityAdmin to give developers a few ways to customise the required fields.

Added extension hook updateValidator for getValidator for things like modules to inject required fields to go along with Injector for replacing the entire class for project specific use.
2013-10-16 11:29:43 +13:00
Marcus Nyeholt
7bcb180f27 BUG Director::test now calls RequestProcessor
This fixes https://github.com/silverstripe/silverstripe-framework/issues/2517
and provides some testing around the use of RequestProcessor in general.
2013-10-15 07:53:34 +11:00
Devlin
1e5679f20f BUGFIX i18n module load order in i18n::include_by_locale()
The "project" module (normally mysite) is considered with the highest priority. Yet, the project's i18n is loaded first and cannot overwrite existing translations. I've added a array_reverse(), so the iteration keeps the translation of the module with the highest priority.

Old $sortedModules: mysite, (other_modules,) cms, admin, framework.
New $sortedModules: framework, admin, cms, (other_modules,) mysite.
2013-10-11 15:20:51 +02:00
Loz Calver
51be1e858a Unit tests for Email
It's not much, but it's a start
2013-10-09 11:51:29 +01:00
Andrew Short
a339687493 API: Pass extra context information to shortcode handlers.
This allows shortcodes to perform more complex actions on the element
which contains them. For example, the element reference can be used
to add extra classes or attributes to links which provide additional
metadata.
2013-10-09 15:05:17 +11:00
Ingo Schommer
e489384eea Moved manage-files.feature to cms module 2013-10-08 11:21:36 +02:00
Ingo Schommer
8d5209aef6 Migrated page-specific behat features to cms module 2013-10-08 00:24:05 +02:00
Ingo Schommer
6a665b4ca2 Behat jQuery reference 2013-10-07 23:44:13 +02:00
Ingo Schommer
795d3e4b3b Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	dev/install/install.php5
	docs/en/index.md
	tests/core/CoreTest.php
2013-10-07 16:18:20 +02:00
Ingo Schommer
7f0e589bf5 Behat test for language switching 2013-10-07 00:04:50 +02:00
Damian Mooyman
f67b549b77 BUG Fixed cross-platform issues with test cases and file utilities 2013-10-04 13:54:33 +13:00
Sean Harvey
38e4070ff7 Merge pull request #2477 from tractorcow/pulls/3.1-sqlquery-sort-order
BUG Sort column order maintained correctly when using expressions
2013-10-03 14:27:38 -07:00
Damian Mooyman
4b850fb41c BUG Fixed cross-platform issues with test cases and file utilities 2013-10-03 14:49:18 +13:00
Damian Mooyman
afaf7f6b4e BUG Sort column order maintained correctly when using expressions in SQLQuery and DataQuery 2013-10-03 14:20:31 +13:00
Ingo Schommer
a534b7c784 Merge remote-tracking branch 'origin/3.0' into 3.1 2013-10-02 12:21:35 +02:00
Ingo Schommer
06b5f142b6 Increased CacheTest time delay, avoid flickering tests
Setting a cache lifetime of half a second seems to be
unreliable on Travis when just waiting a second,
so let's wait a bit longer.
2013-10-02 12:13:22 +02:00
Andrew Short
c26c9e641a Fix test relying on specific member title format.
If a custom member title format was used, the test would fail as it
only expected the default member title format.
2013-10-02 15:16:33 +10:00
Ingo Schommer
21c226a5d2 Merge remote-tracking branch 'origin/3.0' into 3.1 2013-09-30 23:44:12 +02:00
Ingo Schommer
a68e0ba365 Check for jQuery in Behat tests
Identified as one potential cause for flickering tests
on our own Selenium box.
2013-09-30 23:36:46 +02:00
Daniel Hensby
6c943007a1 removeRequiredField() limits field (fixes #2165)
Added tests to RequiredFields and fixed bugs that were found

Now you:
1. Can't add the same field name many times
2. Can use append RequiredFields correctly without fear of duplicates

I've also added a Deprecation warning to $useLabels as it's not used
*anywhere* in framework
2013-09-27 19:58:59 +02:00
Ingo Schommer
48021e9fd3 Merge pull request #2166 from dhensby/patch-2
FormFields now allow setting of extra CSSClasses en masse
2013-09-24 11:50:01 -07:00
Ingo Schommer
5b3f8bc04d Merge pull request #2435 from hafriedlander/fix/join_links_query_params
FIX Use last of duplicate query params in join_links
2013-09-20 02:27:49 -07:00
Hamish Friedlander
b1f03db4ff FIX Improve recent RestfulService fix for proxies 2013-09-20 16:26:39 +12:00
Mateusz Uzdowski
7ddd5b57c3 BUG Do not rely on broken curl header size calculation.
Header parsing now takes into account situations like a proxy or
redirections. Works around the curl issue.

Also fixes the issue when a redirected request would cause a double
amount of headers coming out of the parser - it would merrily process
anything that's in key:value format even if it was two distinct headers.
2013-09-20 15:02:40 +12:00
Hamish Friedlander
a8c1dd7f53 FIX Use last of duplicate query params in join_links
When using Controller::join_links to join two links with identical query
params, both query params would be used in the result, ending up with
links that look like `../edit/show/14?locale=en_NZ&locale=mi_NZ`

This patch eliminates duplicate query params, so only the last one
for any key is present in the output.
2013-09-20 11:33:03 +12:00
Ingo Schommer
ba5984e2bf Only compare array notations in SQLQuery->getOrderedJoins()
If more than two $from were added through SQLQuery->addFrom(),
the getOrderedJoins() comparison kicks in. It assumes all $from
parts are in array notation, which isn't always the case.
For legacy reasons, and because we don't have full API support,
you can still add literal joins through addFrom('INNER JOIN ...').
On PHP 5.3, the ordering comparison still works because it
allows array access in strings, with string rather than numeric indexes.
Thankfully that's no longer supported in PHP 5.4.
2013-09-17 22:08:48 +02:00
Ingo Schommer
a87000170a Behat: "apply formatting" steps 2013-09-15 01:50:10 +02:00
Ingo Schommer
849f2c1cb1 Behat: "insert external link" feature 2013-09-14 19:50:22 +02:00
Ingo Schommer
d68a016026 Behat: Friendler field reference 2013-09-14 19:50:21 +02:00
Ingo Schommer
2fbe0c39f2 Behat: Correctly quote selector in dropdown step 2013-09-14 19:50:21 +02:00
Ingo Schommer
c9047a386f Behat: "insert link" feature 2013-09-14 19:50:21 +02:00
Ingo Schommer
7a4a1bbadb Behat: More "insert image" steps
Still needs definitions
2013-09-14 19:50:21 +02:00
Ingo Schommer
e202d4b3b0 Behat: Avoid false positives in dropdown traversal
Was identifying fields like <input value="Select a page">
when querying for a drop down labelled "Page"
2013-09-14 19:50:21 +02:00
Ingo Schommer
8de227554e Behat: More verbose error message in HTML field assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
fde6b65769 Behat: Allow quoted HTML in assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
35a32d608d More specific behat tree assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
5a0b4b0f03 Shorter behat feature name
Looks better in relishapp ;)
2013-09-13 18:52:02 +02:00
Ingo Schommer
819eebb5dc Behat: Profile feature (steps only) 2013-09-13 18:44:17 +02:00
Ingo Schommer
aa80c4eed2 Behat feature indentation (no content changes) 2013-09-13 18:42:27 +02:00
lukepercy
e6f7f637f3 Added feature file for behat test
- Added content formatting behat feature file Updated Given statement for Insert link behat feature file
- Added Behat test feature file for alignment buttons Updated formatting buttons feature file to include strikethrough formatting
2013-09-13 17:00:43 +02:00
Sean Harvey
17fb7752db Skipping SQLQueryTest::testZeroLimitWithOffset() for MSSQLDatabase.
This test doesn't work on MSSQLDatabase.
2013-09-13 15:50:36 +12:00
Sean Harvey
bf1110d911 Adding a test for SQLQuery::setLimit() parsing OFFSET string clause. 2013-09-13 15:44:46 +12:00
Russell Michell
bbda63a16f MINOR: Corrected tests to use assertFalse|True() 2013-09-13 12:27:37 +12:00
Russell Michell
3aaa12f114 FIX: Fixes #2398
- hasAmount() failed to return true for values <= 0.99 and >= 0.01
- Added unit tests
2013-09-13 12:21:21 +12:00
Ingo Schommer
c2b312d76f Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-09-12 17:24:42 +02:00
Ingo Schommer
05757efceb FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:43 +02:00
Ingo Schommer
720c149aee FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:42 +02:00
Ingo Schommer
cfa88adf4b FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00
Ingo Schommer
68ca47b0dd FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:35 +02:00
Sean Harvey
95bb799e6f BUG Fixing SQLQuery::aggregate() adding ORDER BY when no limit.
DataQuery::initialiseQuery() will add a default sort to a query,
and when calling up an aggregate it will make a query like this
which doesn't make sense:

SELECT MAX("LastEdited") FROM "Member" ORDER BY "ID"

In this case there is no need to add the ORDER BY, and it will
break databases like MSSQL in cases such as
GenericTemplateGlobalProvider
which provides a default List() function for adding aggregates
into SSViewer template cacheblocks.

If we add a limit, however, then it does make sense:

SELECT MAX("LastEdited") FROM "Member" ORDER BY "ID" LIMIT 10

This fixes SQLQuery::aggregate() to NOT add an ORDER BY to an
aggregate call if there is no limit.
2013-09-06 18:11:11 +12:00
Ingo Schommer
1c31c098ee FIX Correct Zend_Locale fallbacks in i18n/DateField/DateTimeField
Due to the recent change of translations to transifex, some
locales changed their names, which prompted a fix to
i18n::get_available_translations() (see 00ffe7294).
This caused a regression where short locales are determined
from the YAML file names (e.g. "en"), but weren't matched up
with fully qualified locales from get_available_translations() (e.g. "en_US").
Since this list is used in the admin/myprofile dropdown for the Member.Locale value,
it didn't match up with any entries and defaulted to the first one ("Africaans").

Note that the behaviour of admin/myprofile is still a bit weird:
It defaults the locale on new members to the one set for the current administrator.
So if a site defaults to en_US in _config.php, but the admin happens to view
his backend in de_DE, all members he creates default to de_DE as well.

Thanks to @tractorcow for contributing and peer reviewing!
2013-08-30 10:18:00 +02:00
Johannes Hammersen, x75
b8495da5d9 BUG Cached images stored in wrong folder
If multiple image manipulations are performend the resulting cached image is stored in assets/_resampled because the cached version of the image has no ParentID, which cacheFilename needs to set the correct path.
2013-08-26 10:16:42 +02:00
Ingo Schommer
eb311691be Fixed 3.1-specific switchToWindow() behat feature 2013-08-22 14:10:54 +02:00
Ingo Schommer
4a3a88710f Merge remote-tracking branch 'origin/3.1.0' into 3.1
Conflicts:
	dev/BehatFixtureFactory.php
	model/Hierarchy.php
	tests/behat/features/bootstrap/FeatureContext.php
	tests/core/CoreTest.php
2013-08-22 13:00:25 +02:00
Ingo Schommer
40c239076b Merge remote-tracking branch 'origin/3.0' into 3.1.0
Conflicts:
	model/Hierarchy.php
2013-08-22 12:55:47 +02:00
Ingo Schommer
54edc0ddac Fix Behat window switching in chrome
Workaround only, see https://groups.google.com/forum/#!topic/behat/QNhOuGHKEWI
2013-08-22 12:49:38 +02:00
Simon Welsh
c66cc952d2 Correct line length and indentation 2013-08-21 21:27:16 +12:00
Simon Welsh
4cb98f1afd Only have Scrutinizer check PHP files 2013-08-21 21:02:12 +12:00
Simon Welsh
151baeede1 Correct line length and indentation 2013-08-21 18:54:05 +12:00
Simon Welsh
4db6520357 Only have Scrutinizer check PHP files 2013-08-21 17:57:31 +12:00
Ingo Schommer
a6da1f5570 Merge pull request #2294 from wilr/fixgridexport
FIX: Remove limit on GridField export
2013-08-20 14:08:18 -07:00
Ingo Schommer
46362175f0 Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-08-20 20:59:31 +02:00
Ingo Schommer
a592c36adf Merge remote-tracking branch 'origin/3.0' into 3.1.0
Conflicts:
	docs/en/changelogs/index.md
2013-08-20 20:49:01 +02:00
Ingo Schommer
699cbfe851 Merge branch '3.1.0' into 3.1
Conflicts:
	thirdparty/jquery-entwine/dist/jquery.concrete-dist.js
	thirdparty/jquery-entwine/spec/SpecRunner.html
	thirdparty/jquery-entwine/spec/spec.entwine.eventcapture.js
	thirdparty/jquery-entwine/spec/spec.entwine.namespaces.js
	thirdparty/jquery-entwine/src/domevents/jquery.entwine.domevents.addrem.js
	thirdparty/jquery-entwine/src/jquery.entwine.eventcapture.js
	thirdparty/jquery-entwine/src/jquery.entwine.js
	thirdparty/jquery-entwine/src/jquery.focusinout.js
2013-08-20 16:58:40 +02:00
Ingo Schommer
2fd5558a70 Fixed "insert image" behat feature
Was using wrong button label, and ignoring the
"unsaved changes" warning dialog
2013-08-20 16:19:30 +02:00
Hamish Friedlander
4a7aef0e25 FIX Double slashes in ParameterConfirmationToken 2013-08-19 11:35:34 +12:00
Will Rossiter
c7bdfcd76a Merge pull request #2293 from robert-h-curry/empty-arraylist
Preempt fatal errors when making some function calls on an empty ArrayList
2013-08-17 16:53:48 -07:00
Ingo Schommer
de3b1b22d3 Fixed behat tests for confirming grid field dialogs 2013-08-16 13:34:23 +02:00
Ingo Schommer
362d35742f Fixed behat tests to confirm file deletion dialog 2013-08-16 13:34:23 +02:00
Ingo Schommer
afe06661ef Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/templates/Includes/LeftAndMain_Menu.ss
	admin/templates/Includes/ModelAdmin_ImportSpec.ss
	admin/templates/Includes/ModelAdmin_Tools.ss
	admin/templates/LeftAndMain.ss
	admin/templates/ModelSidebar.ss
	i18n/i18n.php
	templates/ComplexTableField.ss
	templates/ComplexTableField_popup.ss
	templates/FileIFrameField_iframe.ss
	templates/Includes/GridFieldItemEditView.ss
	templates/Includes/TableListField_PageControls.ss
	templates/RelationComplexTableField.ss
	templates/TableField.ss
	templates/TableListField.ss
2013-08-07 17:14:47 +02:00
Ingo Schommer
00ffe72944 Translations: Switch to Transifex format
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
  which SilverStripe's i18n system can't handle
  (needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
- Only allow selection of locales registered through i18n::$all_locales to avoid
  issues with unknown locales in Zend's CLDR database
2013-08-07 00:25:16 +02:00
Hamish Friedlander
2110493466 Merge branch '3.0' into 3.1 2013-08-07 09:43:52 +12:00
Will Rossiter
65d96e8d7c FIX: Remove limit on GridField export
Allow DataList::limit() to take a null value to remove the limit.

Added tests for limit(). Note the one failure, currently the ORM doesn't support unlimited values with an offset.
2013-08-05 19:59:12 +12:00
Robert Curry
d69520bd70 Preempt fatal errors when making some function calls on an empty ArrayList
The function "first" on ArrayList uses the PHP function "reset", which
returns false if there aren't any elements in the array. Two functions
inside ArrayList use this function, "canFilterBy" and "byID". I've
changed these functions to catch the possibility of a false return from
first().
2013-08-05 15:47:58 +12:00
Hamish Friedlander
342058742c FIX Flush on memory exhaustion and headers sent 2013-08-02 09:41:16 +12:00
Hamish Friedlander
541436feb0 Merge branch 'origin/3.0' into 3.1 2013-07-24 12:09:44 +12:00
Hamish Friedlander
a1ea905ca8 FIX Nice errors and allows flush on module removal 2013-07-24 09:57:01 +12:00
Hamish Friedlander
d38bd7d5cb Merge branch 'origin/3.0' into 3.1 2013-07-19 14:18:49 +12:00
Hamish Friedlander
1298d4a5bd FIX Prevent DOS by checking for env and admin on ?flush=1 (#1692) 2013-07-19 12:24:32 +12:00
Ingo Schommer
920edf88e7 Test allowedExtensions in UploadField, return correct HTTP status 2013-07-12 13:16:34 +02:00
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Daniel Hensby
378d829e8f Adding test to prove issue with HTTP Header parsing in RestfulService
I have a header like:
X-BB-Auth: xxxx

and it is being given back to me as X-Bb-Auth - i want to prove the issue and the fix
2013-07-10 12:47:13 +01:00
Cam Spiers
b44641336b FIX ConfigManifest regenerating every request if variantKeySpec is an empty array() 2013-07-10 11:53:44 +12:00
Cam Spiers
2d30592f72 Improve memory performance when generating config static and class caches 2013-07-08 21:24:14 +12:00
Jeremy Thomerson
f6ff39369f FEATURE: <% include %> inherits iterator scope of parent template 2013-07-07 12:39:42 +00:00
Sam Minnée
0173707cd1 Merge pull request #2164 from tractorcow/3.1-datetimefield-fixes
BUG Fixed DateTimeField where time value was being parsed incorrectly.
2013-07-06 19:03:33 -07:00
Sam Minnée
ecf8f273c0 Merge pull request #2201 from hafriedlander/fix/session
Fixes to session, primarily around cookie_secure
2013-07-06 18:59:07 -07:00
Hamish Friedlander
2886f6ee14 FIX Session was started every time, even if no data set
Session tracks the user agent in the session, to add some detection of
stolen session IDs. However this was causing a session to always be
created, even if this request didnt store any data in the session.
2013-07-07 09:12:10 +12:00
Cam Spiers
0aeb2293bb Allow module directories to be named with more valid characters ensuring that module names in fragment meta-data are correct.
Unit tests for ConfigManifest reference path parsing
2013-07-06 14:16:59 +12:00
Simon Welsh
ff45f7ce4d DataListTest should not rely on order of values when not explictly sorting 2013-07-05 11:45:34 +12:00
Ingo Schommer
c3e9e44204 Merge pull request #2197 from hafriedlander/fix/dbapichange
FIX Recent patch to DataObject#db changed API which broke core
2013-07-04 15:20:52 -07:00
Simon Welsh
d844c74e3c Merge branch '3.0' into 3.1
Conflicts:
	.travis.yml
	control/HTTP.php
	email/Mailer.php
	tests/control/HTTPTest.php
2013-07-05 10:17:14 +12:00
Hamish Friedlander
ca63e33c19 FIX Recent patch to DataObject#db changed API which broke core 2013-07-05 10:11:35 +12:00
Damian Mooyman
11f4b2c620 API HTTP::urlRewriter with (string)$code deprecated in 3.1. Fixed regressions and CSS urls.
urlRewriter will expect a callable as a second parameter,
but will work with the current api and simply raise a deprecation error.

HTTP::absoluteURLs now correctly rewrites urls into absolute urls. Resolves introduced in c56a80d6ce

HTTP::absoluteURLs now handles additional cases where urls were not translated.

Test cases for HTTP::absoluteURLs added for both css and attribute links.

Cleaned up replacement expression and improved documentation.
2013-07-05 09:08:58 +12:00
Ingo Schommer
067a94bd93 Postgres compat in MemberCsvBulkLoaderTest and GroupTest 2013-07-04 22:46:23 +02:00
Ingo Schommer
cf20923fd6 Postgres compat in SQLQueryTest 2013-07-04 22:28:13 +02:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Jeremy Thomerson
50e9eee2e9 FIX #2174: SearchFilter needs casting helper for DataObject base fields
Commit 964b3f2 fixed an issue where dbObject was returning casting helpers for
fields that were not actually DB objects, but had something in $casting config.

However, because dbObject was no longer calling DataObject->castingHelper, this
exposed a bug that the underlying function db($fieldName) was not returning
field specs for the base fields that are created by SS automatically on all
DataObjects (i.e. Created, LastEdited, etc).

This commit fixes the underlying issue that DataObject->db($fieldName) should
return the field specs for *all* DB fields like its documentation says it will,
including those base fields that are automatically created and do not appear in
$db.
2013-07-03 03:03:40 +00:00
Ingo Schommer
429bbc5223 Merge pull request #2137 from jthomerson/pulls/fix_viewable_data_wrapped_value
FIX: ViewableData wasn't setting values when using default cast
2013-07-02 00:40:56 -07:00
Mateusz Uzdowski
21844a8a07 Merge branch 'pr/2173' into 3.1 2013-07-02 15:52:31 +12:00
Mateusz Uzdowski
f9ede95e5b Add configuration system tests for Only and Except combinations. 2013-07-02 15:51:53 +12:00
Hamish Friedlander
5484283a25 FIX changing environment in config.php changes matched yaml rules 2013-07-02 13:21:27 +12:00
Hamish Friedlander
e74c002647 FIX Only and Except rules in Configs not working 2013-07-01 15:47:37 +12:00
Daniel Hensby
9a40b16496 Adding tests to FormField and Form for extra classes
Added tests that were missing from `Form` and ones for my new logic
2013-06-29 13:35:34 +01:00
Ingo Schommer
a6c3d1e269 Flag "insert image" behat test as @assets
Required in order to run them remotely, which currently
doesn't support file upload through Selenium
2013-06-28 12:21:00 +02:00
Damian Mooyman
feb03f5443 BUG Fixed issue where time value was being parsed incorrectly in some locales 2013-06-28 16:45:33 +12:00
Simon Welsh
aecda4882b Merge pull request #2150 from hafriedlander/fix/templatevars-v2
FIX Arguments to method calls reseting scope
2013-06-25 21:59:14 -07:00
Simon Welsh
e55be50783 FIX: ConfigStaticManifest not handling multipart namespaces
Fixes #2126
2013-06-26 16:01:55 +12:00
Hamish Friedlander
ae3e3f3b44 FIX Arguments to method calls reseting scope 2013-06-25 17:35:16 +12:00
Simon Welsh
1edf45fbed Merge pull request #2130 from chillu/pulls/allowed_actions-deny
API Enforce $allowed_actions in RequestHandler->checkAccessAction()
2013-06-24 12:41:15 -07:00
Ingo Schommer
2f9eaeea41 Merge pull request #2021 from jthomerson/fix_if_link_not_working
FIX: <% if Link %> wasn't working
2013-06-24 06:16:21 -07:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Jeremy Thomerson
e6bfabfd6c TEST: additional test for ViewableData not wrapping cached strings 2013-06-21 16:20:00 +00:00
CheeseSucker
761eec7736 Unit test for bugfix in ViewableData::obj(). 2013-06-21 16:17:22 +00:00
Hamish Friedlander
328467f1b5 FIX: ConfirmedPasswordField used to expose existing hash 2013-06-20 14:09:30 +12:00
Ingo Schommer
2160fb8000 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.js
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/control/ControllerTest.php
2013-06-19 14:03:43 +02:00
Sam Minnee
526b40414a FIX: Ensure that actions inferred from templates with the "_action" suffix also respect allowed_actions.
FIX: Ensure SSViewer::hasTemplate() is aware of themes.

To do this, RequestHandler::definingClassForAction() has been created, splitting out the code that looks up the class that defines a given action into its own method.  This is then overridden in Controller to look at templates.
2013-06-19 20:11:50 +12:00
Ingo Schommer
1d402dd513 Unset test state in DirectorTest
This broke RSSFeedTest when running through 'sake'
2013-06-18 23:24:22 +02:00
Jeremy Thomerson
964b3f2d48 FIX: <% if Link %> wasn't working
Since ViewableData was returning a casting helper for Link, but DataObject was
only using $this->$fieldname to set values on that casting helper, you could
not use <% if Link %> (or <% if $Link %>) in your templates because Link is not
a field, and thus had no value to be set on the casting helper, causing
hasValue to think that there was no value.  Since DataObject->dbObject says that
"it only matches fields and not methods", it seems safe to have it call db(..)
to get the field spec, and not call ViewableData->castingHelper at all.
2013-06-15 13:44:03 +00:00
Will Rossiter
9775204436 FIX Allow filtering on joined columns 2013-06-15 12:06:24 +12:00
Will Rossiter
0129e185b8 Coding conventions, PHPDoc cleanup 2013-06-15 12:06:24 +12:00
Damian Mooyman
be986c6524 API Allow $summary_fields to support methods on DBFields 2013-06-13 09:41:24 +12:00
Ingo Schommer
71a5615213 Test $allowed_actions on controllers with template name=action conventions 2013-06-10 12:33:30 +02:00
Stig Lindqvist
dbc2b62c69 Merge pull request #2054 from chillu/pulls/dataobject-duplicate-hasone
BUG Correct relation saving in DataObject->duplicateRelations()
2013-06-07 22:54:36 -07:00
Mike Parkhill
574c11a834 Behat: "Insert image from web" feature
Partially fixes https://github.com/silverstripe/silverstripe-cms/issues/628
Modified a bit by Ingo :)
2013-06-07 16:10:21 +02:00
Ingo Schommer
fd6060e7be Behat: More robust "field should contain" logic 2013-06-07 16:02:29 +02:00
Ingo Schommer
924664527b Less assumptions in "HTML field contains" step
Not using the loose idea of a "field name" in the NamedSelector
sense of the word as "field with id exists".
2013-06-07 15:46:05 +02:00
Ingo Schommer
7dfe5ccbd2 Limit "should see a button" to actually visible elements 2013-06-07 15:45:15 +02:00
Stig Lindqvist
17bca1db86 Behat: Adding context for 'Given I should not see a "xxx" button' 2013-06-07 12:06:01 +02:00
Ingo Schommer
ff5624c57e BUG Fixed dropdown step definition for "preview" dropdowns
Broke after I optimized it to work with a TreeDropdownField
which assumes <li><a> structures that thie "preview" dropdowns
don't have. I also failed at the recursion assignment, causing
infinite loops...
2013-06-07 11:45:09 +02:00
Ingo Schommer
23e51b871b BUG Accept $limit=0 in SQLQuery->setLimit()
SQLQuery->setLimit(0, 99) should result in "SELECT ... LIMIT 0 OFFSET 1".
In fact it does "SELECT ..." without a LIMIT clause at all,
which is unexpected. This is regardless of the $offset value.
2013-06-06 15:27:14 +02:00
Ingo Schommer
4603378e00 Behat: Fixed step notation 2013-06-06 15:26:50 +02:00
Ingo Schommer
7791f20f49 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
2013-06-05 15:17:06 +02:00
Ingo Schommer
d3a4161a94 Behat: Backport improved dropdown step handler 2013-06-05 14:59:01 +02:00
Ingo Schommer
1d01347fd3 Behat: Use explicit fixtures 2013-06-05 14:32:42 +02:00
Ingo Schommer
f8b1c08c67 Behat: Copy fixture identifier to "Name" or "Title" by default
This makes fixture setup less verbose, particularly for behat
tests (e.g. with "Given a page 'About Us'")
2013-06-05 14:32:42 +02:00
Ingo Schommer
bb92e494d7 Behat fixture refactoring (shared factory instance) 2013-06-05 14:32:42 +02:00
Ingo Schommer
a9ed6b34cb Behat: Support for TreeDropdownField 2013-06-05 14:32:42 +02:00
Ingo Schommer
a39adb46db Behat: New fixture notation in "manage files" tests 2013-06-05 14:32:41 +02:00
Ingo Schommer
f61ab7305d BUG Correct relation saving in DataObject->duplicateRelations()
This caused problems when duplicate() was used in the CMS UI
to duplicate a SiteTree object. Since every object of this type
has a ParentID relation, it copied this empty relation into
new "ghost page".

See https://github.com/silverstripe/silverstripe-cms/issues/689
2013-06-03 15:57:20 +02:00
Ingo Schommer
f5f2864024 Merge pull request #2046 from wilr/leftandmain_requirements
FIX LeftAndMain::extra_requirements to accept non associative arrays.
2013-06-02 14:35:40 -07:00
Ingo Schommer
a3c406e4d2 NEW Merge i18nTextCollector with existing (fixes #1838)
This is a necessity for any further 3.1 pushes of master files to getlocalization.
Because we'd otherwise remove existing master strings for CTF etc,
which means we can no longer backport new translations to 3.0
(and there's no way for users to contribute translations to 3.0 via getlocalization).

It's still a very monolithic class, but at least I've refactored it to return
all collected strings without writing it to files (for easier testing).
2013-06-02 20:17:28 +02:00
Will Rossiter
db85f3ca16 FIX extra_requirements to accept non associative arrays.
Added unit tests for extra_requirements_js and extra_requirements_css.

Fixed YAML documentation to indicate list syntax.
2013-06-02 13:37:34 +12:00
Sean Harvey
f5b6c55245 Updating FileTest to use the correct shortcode format with commas 2013-06-01 11:25:10 +12:00
Loz Calver
4a158454d6 FIX: Convert newlines to <br /> tags in string fields (fixes #1942) 2013-05-30 09:26:58 +01:00
Damian Mooyman
163917b83e Fixed scrutiniser issues 2013-05-27 15:42:10 +12:00
Damian Mooyman
7f057ce343 API UploadField functions on new records
Fixed regression from 1e5d40474d (UploadField::canPreviewFolder).
Merged in pull request #2009 - (6018bdd631).
Merged pull request #1259 (34bfc862ee).
2013-05-27 15:22:59 +12:00
Stephen Shkardoon
d6c2c2e07f Fixes #1892 - Stop session hijacking with UA check 2013-05-25 19:29:08 +12:00