tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity
11,977 Commits 31 Branches 527 Tags
Commit Graph

911 Commits

Author SHA1 Message Date
Will Rossiter
1eb9fe83c1 APICHANGE: Group::addByGroupName() now creates the group if one does not already exist (from r83010) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94430 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:57 +13:00
Andrew O'Neil
a783448266 BUGFIX: Make sure findAnAdministrator gets a global administrator when subsites is installed. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94369 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:57 +13:00
Sean Harvey
06b7dc5de3 BUGFIX #4686 Fixed $member non-object error, and decorated checks from not working in Member::canView(), Member::canEdit() and Member::canDelete() 
MINOR Added additional tests to MemberTest


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94358 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:57 +13:00
Will Rossiter
eb64eec534 API CHANGE: removed deprecated extend calls (r93632). API CHANGE: removed fieldExists(). Use hasField() (r93633). API CHANGE removed listOfFields() (r93647). API CHANGE: removed Tag() and URL() from Image. Use getTag() and getURL(). BUGFIX: updated Image.php to use getTag() (r93639, r93646). API CHANGE: removed val(). Use XML_val() (r93650). API CHANGE: removed $add_action. Use singlar_name or lang tables (r93658). API CHANGE: removed ConfirmedFormAction (r93674). API CHANGE: removed ajax_render on CTF (r93679). 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@93685 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:53 +13:00
Ingo Schommer
03c5caea72 MINOR Updated paths from jsparty to sapphire/thirdparty, cms/thirdparty and sapphire/javascript 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@93611 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:52 +13:00
Ingo Schommer
4452101790 API CHANGE Refactored hiding of Permissions added in r92428. Added PermissionCheckboxSetField?->setHiddenPermissions() (from r92865) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@92878 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:38 +13:00
Normann Lou
65b1bc4839 APICHANGE: add the ability to remove some permissions specified by their code in the rendered field html of PermissionChecksetBoxField and full-covered unit tests of this ability. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@92428 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:38 +13:00
Sean Harvey
c34ef6d562 BUGFIX More robust checks on the current member in Member::canEdit() and Member::canDelete() if there is no logged in member 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@92129 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:37 +13:00
Sean Harvey
797715ef78 BUGFIX Fixed Group::collateFamilyIDs() when working with MSSQL 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91775 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:37 +13:00
Sam Minnee
f9c0ce652d BUGFIX: Include salt in legacy password encryptor (from r91743) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91746 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:37 +13:00
Sam Minnee
45bbebe19f BUGFIX: Made use of new BasicAuth::protect_entire_site() consistent. (from r91658) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91659 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:37 +13:00
Sam Minnee
ac239d6a0b BUGFIX: Don't enable site-wide protection by default (from r91609) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91613 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:37 +13:00
Sam Minnee
723d075ffd API CHANGE: Replaced BasicAuth::enable() with BasicAuth::protect_entire_site() 
API CHANGE: BasicAuth::requireLogin() no longer has an option to automatically log you in.  You can call logIn() on the object returned, instead. (from r91603)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91612 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:36 +13:00
Ingo Schommer
65c1c6fd20 NOTFORMERGE Fixed merge error from r91576 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91592 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:36 +13:00
Ingo Schommer
07fc3650a3 ENHANCEMENT Pluggable password encryption through PasswordEncryptor class (#3665) (merged from r90949) 
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004) (merged from r90949)
API CHANGE Deprecated Security::encrypt_passwords() (merged from r90949)
API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation (merged from r90949)
API CHANGE Removed Security::get_encryption_algorithms() (merged from r90949)
API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword
API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others. (merged from r90949)


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91576 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:36 +13:00
Ingo Schommer
2a1abcae2a BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in (from r90950) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91572 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:36 +13:00
Ingo Schommer
710f701645 MINOR Moved Security::encryptallpasswords() to EncryptAllPasswordsTask (merged from r90948) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91564 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:36 +13:00
Sean Harvey
f238823b27 BUGFIX #6287 open_basedir restriction breaks RandomGenerator when trying to read dev/urandom (from r115314) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@115315 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-22 21:01:27 +00:00
Will Rossiter
bda08c6988 ENHANCEMENT: abstract generateURLSegments functionality out to Convert::raw2url() to allow non site tree objects to safely make use of the logic. BUGFIX: #5586 Group::setCode() now calls Convert::raw2url() rather than requiring a SiteTree instance 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@115205 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-20 03:18:51 +00:00
Ingo Schommer
1c34d8f1b4 API CHANGE Deprecated TreeTitle(), use getTreeTitle() (in SiteTree, File, Group) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@115119 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-16 05:16:06 +00:00
Will Rossiter
9f6e3c9162 ENHANCEMENT: added requireDefaultRecords. PATCH via fragarach (#6133) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114810 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-11 00:45:05 +00:00
Ingo Schommer
4b2c64c843 BUGFIX Avoid potential referer leaking in Security->changepassword() form by storing Member->AutoLoginHash in session instead of 'h' GET parameter 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114758 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-09 21:18:49 +00:00
Ingo Schommer
f61a307486 MINOR Reverting Member "AutoLoginHash", "RememberLoginToken" and "Salt" to their original VARCHAR length to avoid problems with invalidated hashes due to shorter field length 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114748 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-09 08:17:35 +00:00
Ingo Schommer
674d8e0f4a MINOR Reduced VARCHAR length from 1024 to 40 bytes, which fits the sha1 hashes created by RandomGenerator. 1024 bytes caused problems with index lengths on MySQL 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114743 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-09 05:48:33 +00:00
Sam Minnee
51ee52c7ab BUGFIX Using RandomGenerator class in SecurityToken->generate() for more random tokens (from r114500) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114549 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 08:45:42 +00:00
Sam Minnee
b34286caab MINOR Reverted r108515 (from r114079) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114544 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 08:43:10 +00:00
Sam Minnee
3f8a0ede40 BUGFIX Using current controller for MemberTableField constructor in Group->getCMSFields() instead of passing in a wrong instance (Group) (from r113273) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114526 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 08:24:12 +00:00
Sam Minnee
9ec31acacb ENHANCEMENT Added SecurityToken to wrap CSRF protection via "SecurityID" request parameter (from r113272) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114525 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 08:22:57 +00:00
Ingo Schommer
531fa04d7d BUGFIX Limiting usage of mcrypt_create_iv() in RandomGenerator->generateEntropy() to *nix platforms to avoid fatal errors (specically in IIS) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114510 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 04:41:49 +00:00
Ingo Schommer
50f823697c MINOR Fixed regression from r114504 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114505 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 00:43:10 +00:00
Ingo Schommer
a0a88af255 BUGFIX Using RandomGenerator class in Member->logIn(), Member->autoLogin() and Member->generateAutologinHash() for better randomization of tokens. Increased VARCHAR length of 'RememberLoginToken' and 'AutoLoginHash' fields to 1024 characters to support longer token strings. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114504 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 00:39:25 +00:00
Ingo Schommer
1dddd5252d BUGFIX Using RandomGenerator class in PasswordEncryptor->salt() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114503 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 00:37:35 +00:00
Ingo Schommer
c378448f19 ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114497 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-12-05 00:18:19 +00:00
Ingo Schommer
07b6d1870a MINOR Checking for class_exists() before SapphireTest::is_running_tests() to avoid including the whole testing framework, and triggering PHPUnit to run a performance-intensive directory traversal for coverage file blacklists 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114332 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-11-30 05:13:09 +00:00
Sam Minnee
ef8419f11d ENHANCEMENT #4903 MemberLoginForm field for "You are logged in as %s" message customisation (thanks walec51!) (from r111891) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112941 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 05:05:23 +00:00
Sam Minnee
d8a8635374 API CHANGE Member->canEdit() returns false if the editing member has lower permissions than the edited member, for example if a member with CMS_ACCESS_SecurityAdmin permissions tries to edit an ADMIN (fixes #5651) (from r110856) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112861 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 02:46:26 +00:00
Sam Minnee
102375954a MINOR Remove whitespace if Surname field set on Member, but not FirstName (from r109334) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112824 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 01:24:43 +00:00
Sam Minnee
00ddc0ff83 MINOR: trim space off end of firstname if surname is not set. #5925 (from r109330) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112822 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 01:23:44 +00:00
Sam Minnee
496e9bcef6 API CHANGE #5873 DataObjectSet::shift() now performs a proper shift instead of unshift (wrong). Please use DataObjectSet::unshift($item) if unshifting was intended! 
API CHANGE Added DataObjectSet::pop()
MINOR Unit tests for DataObjectSet::shift(), DataObjectSet::unshift() and DataObjectSet::pop() (from r109156)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112817 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 01:20:56 +00:00
Sam Minnee
cf6907931b API CHANGE Member::set_session_regenerate_id() can now be used to disable Member::session_regenerate_id() which can break setting session cookies across all subdomains of a site (from r109103) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112781 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 00:55:33 +00:00
Sam Minnee
f8ec13a1ab BUGFIX: Themed permissionFailure messages (from r109102) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112780 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 00:55:20 +00:00
Sam Minnee
829d532b6a BUGFIX Group::getCMSFields() should use Tab instances with a fixed name instead of translated one, leaving the translation for the tab title instead (from r109083) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112776 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 00:54:16 +00:00
Sam Minnee
58d6cbf81a MINOR: remove SQL table alias keyword AS (from r108961) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112769 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 00:51:53 +00:00
Sam Minnee
f23921b815 BUGFIX #5627 Clear session on logout (from r108515) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112758 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 00:47:05 +00:00
Sam Minnee
60c78eb54d ENHANCEMENT New Member records are populated with the currently set default through i18n::set_locale() (from r108499) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112753 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-19 00:37:43 +00:00
Sam Minnee
066bf90f02 BUGFIX Member_ProfileForm should fallback to english text for save button if no translation defined for current language (from r108408) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112727 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-18 22:54:17 +00:00
Sam Minnee
2ec9234da6 BUGFIX Bypass BasicAuth when in CLI mode so unit tests can run (regression from r104962) (from r108193) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112715 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-18 22:42:45 +00:00
Sam Minnee
bd96d249f0 MINOR Fixed incorrect word "colon" with "dot" (from r108002) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112704 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-18 22:37:11 +00:00
Sam Minnee
7254c00aef BUGFIX #5833 Duplicate IDs when two similar date formats in Member_DatetimeOptionsetField containing different delimiters (e.g / and .) replaced to an empty string (from r108001) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112703 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-18 22:34:09 +00:00
Sam Minnee
93eb6214b7 ENHANCEMENT Allowing custom messages and permission codes in BasicAuth::protect_entire_site() 
ENHANCEMENT Making $permissionCode argument optional for BasicAuth::requireLogin(). If not set the logic only checks for a valid account (but no group memberships)
ENHANCEMENT Using SS_HTTPResponse_Exception instead of header()/die() in BasicAuth::requireLogin() to make it more testable (from r107867)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112701 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-10-18 22:29:35 +00:00