Commit Graph

1975 Commits

Author SHA1 Message Date
Ingo Schommer
30096ee730 BUGFIX Keep Member.PasswordEncryption setting on empty passwords
This will prevent empty passwords to set the encryption to 'none',
which in turn will store any subsequent password changes in cleartext.
Reproduceable e.g. with ConfirmedPasswordField and setCanBeEmpty(true).
2013-02-17 23:30:41 +01:00
Ingo Schommer
f06ba70fc9 BUG Undefined $allowed_actions overrides parent definitions, stricter handling of $allowed_actions on Extension
Controller (and subclasses) failed to enforce $allowed_action restrictions
on parent classes if a child class didn't have it explicitly defined.

Controllers which are extended with $allowed_actions (through an Extension)
now deny access to methods defined on the controller, unless this class also has them in its own
$allowed_actions definition.
2013-02-17 23:30:36 +01:00
Hamish Friedlander
2335c074b3 NEW Make shortcode parser more clever about placement
Shortcodes have traditionally had a problem that they are inside <p> tags,
but generate block level elements. This breaks HTML compliance.

This makes the shortcode parser now mutate the DOM based on the "class" attribute on
the shortcode to insert the generated block level element at the right place in the DOM

 - for "left" and "right" elements it puts them just before the block level
   element they are inside

 - for "leftAlone" and "center" elements it splits the DOM around the shortcode.

The trade off is that shortcodes are no longer "text level" features. They need
knowledge of the HTML they are in to perform this transformation, so they can
only be used in (valid) HTML
2013-02-18 10:49:52 +13:00
Ingo Schommer
37e10d14f3 Merge pull request #1184 from ajshort/named-services
BUG: Fixed the injection of named services.
2013-02-15 10:46:33 -08:00
Ingo Schommer
6ff1f9050d Merge pull request #1187 from dhensby/restfulservice-improvements
API Restfulservice improvements
2013-02-15 10:45:43 -08:00
Daniel Hensby
920fd71a2f Adding default curl options
Because I removed completely the static setting of SSL_VERIFYPEER I've
added the ability to declare default curl options on the class. This
means that users that really want to one line turn off SSL_VERIFYPEER
can do so without needing to pass a custom option in every request()
call.
2013-02-15 11:45:52 +00:00
Daniel Hensby
f003359047 RestfulService_Response now gets response headers
Before now, the RestfulService_Response object was never sent the
response headers. For APIs that rely on the response headers to send
back information (signatures, pagination info, etc).

This change makes the curl response have the full HTTP response
(including Headers). We then extract the body and the header information
and assign them to relevant vars and then construct the response as
before (with the addition of the headers array).

This change required two new functions:
extractResponse: This extracts the HTTP Headers and the payload from the
curl response and assigns it to the relevany vars that are passed by
reference
parseRawHeaders: This was designed to mimic http_parse_headers (a
non-standard php class). It converts the headers into an associative
array.
2013-02-15 11:45:36 +00:00
Marcus Nyeholt
428cbe4b03 FIX issue with Injector::create not passing args
If creating an object using Injector::create() and constructor arguments
are passed through, in some cases where the object being created had a yml
configuration set for it, the passed in constructor arguments weren't being
passed through to the instantiation of the object.
2013-02-15 10:24:47 +11:00
Ingo Schommer
f4068371fc Merge pull request #1159 from chillu/pulls/datetimefield-field-setters
DatetimeField->setDateField()/setTimeField()
2013-02-14 11:31:31 -08:00
Julian Seidenberg
f931b8d326 API Data corruption on Versioned due to lazy loading
Lazy loading no longer loads fields from the versions table when querying. This could lead to incorrect data being displayed if the data on the object and the version it pointed to did not match.

API methods to allow setting of the context of the query that generated the DataObject on that object (used by the lazy loading mechanism to correctly query the Stage, Live, or Versions tables)

See https://github.com/silverstripe/sapphire/pull/1178 for context.
2013-02-14 14:18:10 +01:00
Simon Welsh
be8482aa73 Merge pull request #1173 from ajshort/include-object-argument
BUG: Pass named include argument as objects.
2013-02-13 23:44:29 -08:00
ajshort
d3629be344 BUG: Pass named include argument as objects.
This means you can pass objects such as lists as named parameters, not
just strings.
2013-02-14 18:31:40 +11:00
ajshort
ff19f3b11a BUG: Fixed the injection of named services. 2013-02-13 23:06:15 +11:00
Ingo Schommer
b44720179c Merge pull request #1180 from mateusz/css-combining-media
API Add possibility to combine media-targeting stylesheets.
2013-02-12 14:13:45 -08:00
Mateusz Uzdowski
53feb3a5ae API Add possibility to combine media-targeting stylesheets. 2013-02-13 11:04:05 +13:00
Ingo Schommer
14a56c18e9 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	control/Director.php
2013-02-07 21:45:16 +01:00
Ingo Schommer
083b6b2164 NEW Upload->replaceFile setting 2013-02-05 19:28:24 +01:00
Ingo Schommer
6c22545639 DatetimeField->setDateField()/setTimeField()
Useful e.g. to override the time field with the
"silverstripe/timefield" dropdown
2013-02-05 11:03:19 +01:00
Ingo Schommer
d77e06d585 Merge pull request #1123 from chillu/pulls/revert-content-length
API Remove Content-Length setting from HTTPResponse (fixes #8010)
2013-01-31 10:19:17 -08:00
Ingo Schommer
634c91c6ff Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	email/Mailer.php
2013-01-30 12:46:24 +01:00
Sam Minnee
1e1df8c43e BUGFIX: Improved detection of empty HTMLText fields. 2013-01-29 18:03:47 +01:00
Sam Minnee
d8bfc0bb48 API CHANGE: Added Security::set_login_url() so that you can define an alternative log-in page if you have made one yourself. 2013-01-29 18:03:47 +01:00
Damian Mooyman
1ca15d0399 API HTTP::urlRewriter with (string)$code deprecated in 3.1. Fixed regressions and CSS urls.
urlRewriter will expect a callable as a second parameter,
but will work with the current api and simply raise a deprecation error.

HTTP::absoluteURLs now correctly rewrites urls into absolute urls. Resolves introduced in c56a80d6ce

HTTP::absoluteURLs now handles additional cases where urls were not translated.

Test cases for HTTP::absoluteURLs added for both css and attribute links.

Cleaned up replacement expression and improved documentation.
2013-01-24 09:49:44 +01:00
Damian Mooyman
657c14fd82 Added test cases for exception error logging 2013-01-24 09:36:42 +01:00
Ingo Schommer
c69381c33e API Remove Content-Length setting from HTTPResponse (fixes #8010)
This reverts commit 356a367eb5.
We can't use headers_sent() to determine an accurate
content length, since PHP defaults to buffering a couple of bytes
even without ob_start() (see "output_buffering" setting).
This makes the patch harmful, since it breaks any responses relying
on more structure data, like removing closing brackets from JSON.
Which in turn breaks the CMS in horrible ways (see #8010).
See #7574 for context.
2013-01-23 15:05:33 +01:00
Ingo Schommer
c11b3918fc Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	core/PaginatedList.php
	email/Mailer.php
2013-01-21 11:14:57 +01:00
Ingo Schommer
27d2f75d9d Added test for DataList filters with array and modifiers (see #8162) 2013-01-15 01:11:35 +01:00
micschk
7f605cfb54 NEW Disable items in DropdownField and GroupedDropdownField 2013-01-11 16:32:20 +01:00
Ingo Schommer
3a1df46743 Merge pull request #1055 from stojg/bug-relField
BUG Calling DataObject::relField() on a object with an empty relation list
2013-01-11 07:09:55 -08:00
Ingo Schommer
4f39af1a85 Merge pull request #1090 from sminnee/fix-get-one-case
FIX: Fix DataObject::get_one() when the classname is passed with imprope...
2013-01-11 01:42:29 -08:00
Ingo Schommer
f3c0669fec Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	_config/uploadfield.yml
	css/UploadField.css
	forms/UploadField.php
	scss/UploadField.scss
	templates/UploadField.ss
	tests/forms/uploadfield/UploadFieldTest.php
2013-01-11 10:02:39 +01:00
Ingo Schommer
9e82d8e857 Fixed line lengths 2013-01-11 09:59:33 +01:00
Ingo Schommer
212c4f1e51 Fixed UploadField regression from 4da1af9c3 2013-01-11 09:30:21 +01:00
Sam Minnee
cc7318fde4 NEW: Added canAttachExisting config option for UploadField.
This is the companion setting to canUpload, letting you control whether existing files from the asset store can be referenced.  It's particularly useful when using UploadField on the front-end.
2013-01-11 09:29:02 +01:00
Ingo Schommer
2dfd42795e NEW Restrict upload abilities in UploadField
Conflicts:
	css/UploadField.css
	templates/UploadField.ss
2013-01-11 09:07:42 +01:00
Sam Minnee
f4efaeefa7 FIX: Fix DataObject::get_one() when the classname is passed with improper casing. 2013-01-11 12:20:57 +13:00
Ingo Schommer
9310b8d86d NEW Restrict upload abilities in UploadField 2013-01-10 00:15:34 +01:00
Ingo Schommer
e8bfc241fd Setting SapphireTest::is_running_test() in PHPUnit bootstrap
Otherwise conditional logic will only succeed
when run through "sake dev/tests", not when
run through phpunit directly (which is the recommended way now)
2013-01-09 23:31:10 +01:00
g4b0
e53280c650 BUG SQLQuery::aggregate() with limit, groupBy and orderBy (fixes #8148) 2012-12-21 15:20:59 +01:00
Ingo Schommer
8ec3641e60 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.FieldHelp.js
	lang/en.yml
	model/URLSegmentFilter.php
2012-12-21 15:04:17 +01:00
Ingo Schommer
f0f83b26a8 BUG Graceful handling of sprintf with too few params in i18n::_t()
Originally discovered as a problem with the 'GridFieldDetailForm.Saved' in nl.yml
2012-12-21 11:46:39 +01:00
Sean Harvey
aa3b358469 Adding test for SortColumn to SQLQueryTest
Mostly for the benefit of MSSQLDatabase which is having problems
with subselects and alias functions.
2012-12-20 15:52:46 +13:00
Kirk Mayo
561e629c16 NEW Show the allowed extensions as a toggle tip as per trac 7993
NEW Added a behat test for showing extension trac 7993
2012-12-19 17:00:39 +01:00
Stig Lindqvist
22efd3848e BUG Calling DataObject::relField() on a object with an empty relation list
This causes a 'Fatal error: Call to a member function hasMethod() on a non-object'.

This can happen when displaying a field in a gridfield on a belongs_to relationship.
2012-12-19 16:47:07 +13:00
Mateusz Uzdowski
d5a1c3d99a BUG SS has problems handling + in URLs. Filter them out.
+ has a special meaning in the URLs so overall it's a good idea to
strip them out. Otherwise they would need to appear in their ugly url
encoded form "%2B".

Refer: http://open.silverstripe.org/ticket/7929
2012-12-18 09:44:47 +01:00
Sam Minnée
e4198de115 Merge pull request #1047 from simonwelsh/ns_class_parse
FIX Handle namespaced classes in Object::parse_class_spec()
2012-12-17 23:55:50 -08:00
Sam Minnée
9460e8704c Merge pull request #1043 from tractorcow/3.1-deleted-pages-fixes
Fix for issue #7975 - Issue with retrieving deleted pages
2012-12-17 19:50:27 -08:00
Simon Welsh
94be5c6d87 FIX Handle namespaced classes in Object::parse_class_spec() 2012-12-18 15:00:45 +13:00
Ingo Schommer
618a3d0314 Requirements acces to files with query strings (fixes #7735)
Originally authored by florian.thoma, tests added
by Ingo Schommer. Also removed query params from
file paths before calling mtime() on it.

See https://github.com/silverstripe/sapphire/pull/1023
2012-12-18 01:01:19 +01:00
Ingo Schommer
8f239d6373 SimpleXML string casting in tests for older PHPUnit 2012-12-17 15:52:01 +01:00
Ingo Schommer
7950584b3a SimpleXML string casting in tests for older PHPUnit 2012-12-17 15:46:09 +01:00
Damian Mooyman
6aa16e1f01 BUG Test case for versioned now correctly checks IDs returned from Versioned::get_including_deleted
BUG Issue with deleted records not being queried properly.
API DataQuery::expressionForField no longer requires a second parameter. Rather the query object is inferred from the DataQuery itself. This should improve consistency of use of this function.
2012-12-17 17:15:26 +13:00
Ingo Schommer
bbc8e06d49 API Show GridFieldEditButton even without edit permissions (for readonly forms) 2012-12-17 00:47:23 +01:00
Ingo Schommer
1848d7e90a API Check model permissions in GridField 2012-12-17 00:46:51 +01:00
Ingo Schommer
22eeaa4ac1 BUG Members should not be allowed to delete themselves (fixes #8121) 2012-12-16 23:53:45 +01:00
Ingo Schommer
e6bf19928f Less far-future date assertions, seems to throw off some PHP installs
Apparently not all PHPs (Travis) are build to last a 100 years,
who would've thought ;)
2012-12-14 11:25:24 +01:00
Ingo Schommer
d13c53fda6 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	tests/model/DataQueryTest.php
2012-12-14 10:57:28 +01:00
Ingo Schommer
963f02e7a3 Using new description style in MemberDateTimeOptionSetField 2012-12-14 01:58:04 +01:00
Ingo Schommer
559abecd56 API Copying instance props on FormField readonly/disabled transformations
Introduced new FormField->castedCopy() method
which tries to replicate the existing form field instance
as closely as possible.

Primarily, the fix was targeted at consistently passing
through FormField->description to all of its variations.
2012-12-14 01:58:04 +01:00
Hamish Friedlander
27113f82c3 API Make DataList and ArrayList immutable
In 3.0 there was some confusion about whether DataLists and ArrayLists
were mutable or not. If DataLists were immutable, they'd return the result, and your code
would look like

  $list = $list->filter(....);

If DataLists were mutable, they'd operate on themselves, returning nothing, and your code
would look like

 $list->filter(....);

This makes all DataLists and ArrayList immutable for all _searching_ operations.
Operations on DataList that modify the underlying SQL data store remain mutating.

- These functions no longer mutate the existing object, and if you do not capture the value
returned by them will have no effect:

  ArrayList#reverse
  ArrayList#sort
  ArrayList#filter
  ArrayList#exclude

  DataList#dataQuery (use DataList#alterDataQuery to modify dataQuery in a safe manner)
  DataList#where
  DataList#limit
  DataList#sort
  DataList#addFilter
  DataList#applyFilterContext
  DataList#innerJoin
  DataList#leftJoin
  DataList#find
  DataList#byIDs
  DataList#reverse

- DataList#setDataQueryParam has been added as syntactic sugar around the most common
cause of accessing the dataQuery directly - setting query parameters

- RelationList#setForeignID has been removed. Always use RelationList#forForeignID
when querying, and overload RelationList#foreignIDList when subclassing.

- Relatedly,the protected variable RelationList->foreignID has been removed, as the ID is
now stored on a query parameter. Use RelationList#getForeignID to read it.
2012-12-14 13:30:35 +13:00
Ingo Schommer
644cc79ebb API Removed methods previously deprecated in 3.0 2012-12-14 01:16:47 +01:00
Ingo Schommer
c6b1d4aa6b API Storing alternative DB name in cookie rather than session
Session is not initialized by the time we need to use
the setting in DB::connect(). Cookie values get initialized
automatically for each request.

Tightened name format validation to ensure it can only
be used for temporary databases, rather than switching
the browser session to a different production database.

Encrypting token for secure cookie usage.
Added dev/generatesecuretoken to generate this token.
Not storing in YML config directly because of web access issues.
2012-12-13 23:21:48 +01:00
Ingo Schommer
7e4629073a NEW Date->Ago() with "less than a minute" support 2012-12-13 19:01:27 +01:00
Ingo Schommer
2e9b5e9221 Merge branch 'orm-join-bug' of git://github.com/stojg/sapphire into stojg-orm-join-bug 2012-12-12 15:53:19 +01:00
Ingo Schommer
441bb5f74c Added travis environment info output 2012-12-12 15:13:26 +01:00
Ingo Schommer
f03ad7b0dd Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.AddForm.js
	control/Director.php
	control/HTTPResponse.php
	dev/Profiler.php
	email/Mailer.php
	forms/ComplexTableField.php
	forms/ManyManyComplexTableField.php
	forms/SimpleImageField.php
	forms/TableField.php
	forms/TableListField.php
	javascript/ComplexTableField.js
	javascript/ImageFormAction.js
	javascript/TableField.js
	javascript/TableListField.js
	security/Member.php
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/forms/TableListFieldTest.php
2012-12-12 10:11:56 +01:00
Ingo Schommer
8fdea7a2ab Merge pull request #1019 from nyeholt/injector_convert_service_params
BUG Fixed issue with convertServiceProperty
2012-12-12 01:07:47 -08:00
Sam Minnée
b618909220 Merge pull request #1007 from simonwelsh/indent-sniff
Add codesniffer that ensures indentation is with tabs
2012-12-11 20:46:47 -08:00
Simon Welsh
b0121b541c Add codesniffer that ensures indentation is with tabs. 2012-12-12 17:33:31 +13:00
Marcus Nyeholt
4f63f91cc8 BUG Fixed issue with convertServiceProperty
Fixed issue where convertServiceProperty is called when creating objects
with user-supplied constructor arguments, so that it's only called when
creating objects using injector configuration. This reduces the overhead
of unnecessary calls to convertServiceProperty.

Updated test cases to validate behaviour
2012-12-12 15:22:23 +11:00
Ingo Schommer
6571c17992 Merge remote-tracking branch 'origin/3.0' 2012-12-11 17:16:19 +01:00
Ingo Schommer
e8fbfc0bd1 NEW FixtureFactory separated out from YamlFixture
Enables more generic use of the fixture facilities
without dependency on the YAML format, for example
when creating fixtures from Behat step definitions.

Note: The YamlFixture class needs to be created via
Injector::inst()->create('YamlFixture') now,
direct instantiation is no longer supported.
2012-12-11 17:06:27 +01:00
Simon Welsh
fc5dd2994c Add codesniffer that ensures indentation is with tabs. 2012-12-12 00:12:11 +13:00
Ingo Schommer
98034594e0 Fixed SelectionGroupTest 2012-12-11 11:38:31 +01:00
Ingo Schommer
548ad503ed API Removed keyed arrays for title/value setting in SelectionGroup
Use SelectionGroup_Item class instead. Necessary because
of removal of array key support from ArrayList (see d12b49702).
2012-12-11 11:06:06 +01:00
Andrew O'Neil
9d74c99e08 BUGFIX: ArrayList now discards keys of the array passed in and keeps the numerically indexed array sequential.
This fixes FirstLast and EvenOdd in templates, and makes ArrayList more consistent, as several methods already discarded the keys.
2012-12-11 10:12:00 +01:00
stojg
efa9ff9b08 API: Queries added by DataList::addInnerJoin() and DataList::leftJoin() come after the base joins, not before.
This bug will surface when using the ORM and adding an join to DataList
where a DataObject inherits another DataObject.

If you for example want to restrict the number of pages that only have a
related Staff object:

    $list = DataList::create('Page')
		->InnerJoin('Staff', '"Staff"."ID" = "Page"."StaffID");

This will create a SQL query where the INNER JOIN is before the
LEFT JOIN of Page and SiteTree in the resulting SQL string. In MySQL
and PostgreSQL this will create an invalid query.

This patch solves the problem by sorting the joins.
2012-12-11 11:04:29 +13:00
Ingo Schommer
0fd6d14f94 Fixed Behat steps for preview feature 2012-12-10 18:06:49 +01:00
Ingo Schommer
fa84c2d705 Merge remote-tracking branch 'origin/3.0' 2012-12-10 17:50:43 +01:00
Ingo Schommer
1e0b0e7f56 More flexible Behat steps for HTML fields 2012-12-10 15:39:20 +01:00
Simon Welsh
aadefbb641 Sort lists that check ordering of results
These tests would randomly fail, mostly on Postgres, as the result
is an unordered set, not the ordered set expected.
2012-12-07 08:45:52 +13:00
Will Rossiter
683db8dc1d API Explicitly load project template files after modules
Resolves an issue where if not using the themes directory (i.e just a single app folder) you cannot override module templates.
Changes the SS_TemplateManifest constructor with a new $project argument.
2012-12-04 10:47:37 +01:00
Ingo Schommer
a108f67476 Merge pull request #922 from simonwelsh/rellist-presave
NEW: Allows setting of has_many and many_many relations before writing
2012-12-04 01:25:15 -08:00
Damian Mooyman
65002f6b83 BUG GD::greyscale did not correctly preserve alpha component of images Added test cases to test greyscale operation across various image formats Replaced various magic numbers with IMAGETYPE_XXX definitions 2012-12-04 09:47:26 +01:00
Ingo Schommer
fa2057bcd9 Merge remote-tracking branch 'origin/3.0'
Conflicts:
	search/FulltextSearchable.php
2012-11-30 14:25:06 +01:00
Ingo Schommer
3f67404a8a Revert "BUGFIX: ArrayList now discards keys of the array passed in and keeps the numerically indexed array sequential."
This reverts commit b6017a7c90.
It breaks SelectionGroup, and its most prominent usage,
the "add page" dialog.
2012-11-30 14:24:03 +01:00
Ingo Schommer
0dba1485a5 Merge remote-tracking branch 'origin/3.0' 2012-11-28 16:36:21 +01:00
Ingo Schommer
9e44672433 Using $TRAVIS_BRANCH again, since its now available on travis-ci.org 2012-11-28 16:35:29 +01:00
Simon Welsh
bbc4443af7 NEW: Allows setting of has_many and many_many relations before writing
Adds a new wrapper list, UnsavedRelationList, that maintains the relations until
writing, where it is converted into the correct RelationList.
2012-11-28 09:37:08 +13:00
jean
fbfff8df28 FIX 7934 When lazy loading fields respect version of the record 2012-11-27 17:31:45 +01:00
Ingo Schommer
8108f7f936 NEW Relation search for GridFieldAddExistingAutocompleter
Now also searches 1:n relations if they where defined in searchableFields() with dot notation.
2012-11-27 10:51:10 +01:00
Ingo Schommer
c8136f5d4c NEW Many-many relation data editing in GridFieldDetailForm
Also adds GridFieldDetailForm->setFields() for customizing
the displayed form fields (required for adding relational fields).
2012-11-27 10:45:43 +01:00
Ingo Schommer
15a687f1e7 Merge remote-tracking branch 'origin/3.0' 2012-11-23 15:31:08 +01:00
Ingo Schommer
aa72425e84 Fixed PHPUnit assertions for incomplete tests in core
Avoid PHPUnit throwing "test didn't run any assertions"
notices in PHP. If nothing else, it keeps test output
looking less broken by default, making it more likely
that actual errors do get noticed.
2012-11-23 15:16:39 +01:00
Ingo Schommer
c55c7c33f8 Merge branch '3.0'
Conflicts:
	admin/code/CMSProfileController.php
	composer.json
	tests/model/DataObjectTest.php
2012-11-22 23:51:28 +01:00
Sam Minnée
541e42f922 Merge pull request #887 from tractorcow/3.0-sqlquery-lastrow-fix
BUG Fixed isue with SQLQuery->lastRow()
2012-11-15 20:47:33 -08:00
Ingo Schommer
e9d999d648 Support for chosen.js drop downs in behat steps 2012-11-16 15:32:17 +13:00
Ingo Schommer
d86ad20e72 More flexible tabs selection in behat steps 2012-11-16 15:32:17 +13:00
Ingo Schommer
32f829d094 NEW Support for Behat tests, and initial set of tests 2012-11-16 15:31:55 +13:00
Hamish Friedlander
5edf86fe7a Merge branch '3.0.3' into 3.0 2012-11-16 14:57:50 +13:00