Commit Graph

93 Commits

Author SHA1 Message Date
Ingo Schommer
426190bc9e API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271)
API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method.
ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install()
MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 21:16:26 +00:00
Ingo Schommer
a6362eb6e0 MINOR Fixed MemberAuthenticatorTest, was setting global state in r97357 (from r97369)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102444 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 05:01:48 +00:00
Ingo Schommer
f400c28099 BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly (from r97357)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102443 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 05:01:31 +00:00
Ingo Schommer
c604341a1d API CHANGE Removed "auto-merging" of member records from Member->onBeforeWrite() due to security reasons - please use DataObject->merge() explicitly if this is desired behaviour
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@100705 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-03-09 04:10:38 +00:00
Ingo Schommer
61e27830c6 MINOR Fixed unit tests after change Member->checkPassword() to return ValidationResult instead of boolean (see r98268) (merged from r98274)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99701 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-02-23 04:05:34 +00:00
Ingo Schommer
d552becce8 MINOR Added MemberCsvBulkLoaderTest->testCleartextPasswordsAreHashedWithDefaultAlgo()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98841 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-02-12 00:58:10 +00:00
Sean Harvey
c57ec36ea9 FEATURE: added several tests for PermissionCheckboxSetField, PermissionRole and Group (from r94887)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95629 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-16 05:43:59 +00:00
Sean Harvey
69cda024ab MINOR Added tests methods for Member::can*() methods to MemberTest
MINOR Added test Extension classes for testing decorated can*() methods (from r94359)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95602 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-16 05:39:57 +00:00
Sean Harvey
35628832d6 BUGFIX #4686 Fixed $member non-object error, and decorated checks from not working in Member::canView(), Member::canEdit() and Member::canDelete()
MINOR Added additional tests to MemberTest (from r94358)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95601 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-16 05:39:39 +00:00
Ingo Schommer
155e981158 ENHANCEMENT Added GroupCsvBulkLoader class to facilitate group imports with permission codes and hierarchy
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@94252 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-02 09:40:38 +00:00
Ingo Schommer
fd86a0ba0e ENHANCEMENT MemberCsvBulkLoader for easy member import with group associations
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@94251 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-02 09:40:33 +00:00
Ingo Schommer
38c71c56a3 MINOR Added flag to remaining SapphireTest subclasses
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@93977 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-30 01:56:05 +00:00
Ingo Schommer
d92bbbecfb API CHANGE Refactored hiding of Permissions added in r92428. Added PermissionCheckboxSetField->setHiddenPermissions()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92865 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 05:23:42 +00:00
Ingo Schommer
bf3b7e0e9e APICHANGE: add the ability to remove some permissions specified by their code in the rendered field html of PermissionChecksetBoxField and full-covered unit tests of this ability. (from r92428)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92463 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 01:44:52 +00:00
Ingo Schommer
e4ca24c7e2 BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-06 02:23:30 +00:00
Ingo Schommer
e675381cd4 ENHANCEMENT Pluggable password encryption through PasswordEncryptor class (#3665)
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004)
API CHANGE Deprecated Security::encrypt_passwords()
API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation
API CHANGE Removed Security::get_encryption_algorithms()
API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword
API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others.

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90949 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-06 02:23:21 +00:00
Sam Minnee
dd8120aed7 API CHANGE: Added PermissionRole and PermissionRoleCode, along with relevant tests for the permission system. (from r85173)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89187 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-15 22:27:56 +00:00
Ingo Schommer
5e3cffec1f BUGFIX More robust URL handling in SecurityTest to avoid failing on custom /admin redirects
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@85514 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-01 06:48:31 +00:00
Ingo Schommer
f3959b038d API CHANGE Deprecated use of SapphireTest->fixture to access YML fixtures, please use gateway methods on SapphireTest instead (e.g. $this->objFromFixture() instead of $this->fixture->objFromFixture())
ENHANCEMENT Allowing multiple fixtures to be defined in SapphireTest::$fixture_file through array notation. 
BUGFIX Disabling DataObject validation in YamlFixture->saveIntoDatabase() instead of SapphireTest->setUp()
MINOR Adapted sapphire unit tests to deprecated $this->fixture usage

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@81286 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-07-08 00:06:16 +00:00
Sean Harvey
a5e82ddff1 Merged from branches/2.3
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75590 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 01:20:24 +00:00
Sean Harvey
13b358a8dd Merged from branches/2.3
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75582 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 00:07:39 +00:00
Sam Minnee
41fb93b344 ENHANCEMENT #3032 ajshort: Use static methods for accessing static data
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73036 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-14 00:16:32 +00:00
Ingo Schommer
6d708765fe BUGFIX Fixed redirection to external URLs through Security/login with BackURL parameter
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@71708 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-02-11 21:08:28 +00:00
Sam Minnee
96c5be8252 Updating queries to be more DB agnostic
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66507 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-24 09:31:14 +00:00
Sam Minnee
12e62c6329 ENHANCEMENT: Change MySQLDatabase connection to operate in ANSI SQL mode, to ease the transition to DB abstraction
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66399 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-22 03:51:04 +00:00
Ingo Schommer
e57b7651ef ENHANCEMENT Unit tests for Member->inGroup() and Member->inGroups()
ENHANCEMENT Added a "strict-mode" for Member->inGroup() and Member->inGroups() to determine true membership to a group (without inheritance)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65125 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-03 01:57:16 +00:00
Ingo Schommer
2b15a2d5b5 BUGFIX Using _t() to check content strings in unit tests and avoid tests failing when i18n is enabled
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64042 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-10 02:20:33 +00:00
Hayden Smith
634ed7b70c Merged from branches/nzct-trunk. Use 'svn log -c <changeset> -g' for full commit message. Merge includes stability fixes and minor refactor of TableListField and ComplexTableField.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@63806 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-08 02:00:12 +00:00
Sam Minnee
12a62b9f62 Updated SecurityTest to use new FunctionalTest system consistently
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60427 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-11 23:04:25 +00:00
Sam Minnee
8536a47b7c Update SecurityTest to use the FunctionalTest base-class
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60394 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-11 05:27:18 +00:00
Sam Minnee
c812ca5f91 Improved robustness of MemberTest
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60391 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-11 05:17:37 +00:00
Ingo Schommer
93b3d41701 BUGFIX Re-added additional GroupTest tests (merge error from branches/roa)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60382 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-11 04:59:14 +00:00
Ingo Schommer
2d8434a43f (merged from branches/roa. use "svn log -c <changeset> -g <module-svn-path>" for detailed commit message)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60327 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-11 02:57:59 +00:00
Ingo Schommer
ad4d506f82 (merged from branches/roa. use "svn log -c <changeset> -g <module-svn-path>" for detailed commit message)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60287 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-11 00:14:48 +00:00
Ingo Schommer
03fcc80e19 (merged from branches/roa. use "svn log -c <changeset> -g <module-svn-path>" for detailed commit message)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60205 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-09 03:19:54 +00:00
Sam Minnee
7b278290b4 BUGFIX: SecurityTest fails when running tests at 12am
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@58559 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-07-21 12:21:53 +00:00
Ingo Schommer
60860cc1b9 MINOR Unified @package PHPdoc (added where missing, removed duplicates)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@56212 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-06-15 13:33:53 +00:00
Sam Minnee
9a2675aa4f MINOR: Cleaning up tests
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@54638 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-05-15 08:46:12 +00:00
Sam Minnee
88d79d1b62 Merged revisions 52224 via svnmerge from
http://svn.silverstripe.com/open/modules/sapphire/branches/2.2.2

........
  r52224 | sminnee | 2008-04-07 11:45:23 +1200 (Mon, 07 Apr 2008) | 1 line
  
  #2314 - Fixed SQLMap implementation so that Group::map() returns appropriate data, and the group dropdown on the access tab works.
........


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@53508 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-26 06:44:06 +00:00
Sam Minnee
834da4640d Merged revisions 52618 via svnmerge from
http://svn.silverstripe.com/open/modules/sapphire/branches/govtsecurity

........
  r52618 | sminnee | 2008-04-13 16:58:15 +1200 (Sun, 13 Apr 2008) | 1 line
  
  Updated tests to make better use of TestViewer
........


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@53470 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-26 06:32:52 +00:00
Sam Minnee
efd1cf63e2 Merged revisions 52617 via svnmerge from
http://svn.silverstripe.com/open/modules/sapphire/branches/govtsecurity

........
  r52617 | sminnee | 2008-04-13 16:57:53 +1200 (Sun, 13 Apr 2008) | 1 line
  
  Updated changed password test to check for a sent email
........


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@53469 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-26 06:32:42 +00:00
Sam Minnee
a1f8892c52 Merged revisions 52151 via svnmerge from
http://svn.silverstripe.com/open/modules/sapphire/branches/govtsecurity

........
  r52151 | sminnee | 2008-04-05 11:14:26 +1300 (Sat, 05 Apr 2008) | 1 line
  
  Lock users out after 5 failed log-ins
........


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@53466 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-26 06:32:05 +00:00
Sam Minnee
eb60b67732 Merged revisions 52121 via svnmerge from
http://svn.silverstripe.com/open/modules/sapphire/branches/govtsecurity

........
  r52121 | sminnee | 2008-04-03 22:04:33 +1300 (Thu, 03 Apr 2008) | 4 lines
  
  Added DataObject::validate() for specifying DataObject-level validators.
  Added DataObject::onAfterWrite(), a complement of DataObject::onBeforeWrite()
  Added password strength testing to security system
  Added password expiry to security system
........


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@53465 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-26 06:31:52 +00:00