Commit Graph

2422 Commits

Author SHA1 Message Date
Sam Minnee
4f7c6ebcff FIX: Fixed behat text selection rule, which broke some tests.
The behat rule for text selection wasn't working due to the JavaScript not executing properly. I have
also updated the code to traverse all childNodes, which is important if you have text like this:

<p>text1 <b>text2</b> text3</p>

And you are trying to select 'text3'
2014-02-13 17:36:46 +13:00
Ingo Schommer
5e38ef9e55 Merge pull request #2835 from kinglozzer/1891-csrf-friendly-error
NEW: Forms with invalid/expired SecurityIDs are repopulated (fixes #1891)
2014-02-12 09:44:03 +13:00
Sean Harvey
c322cb2d65 Fixing SQLQueryTest failures on PHPUnit 3.7.30 2014-02-10 13:32:39 +13:00
Loz Calver
058219c0ee NEW: Forms with invalid/expired SecurityIDs are repopulated (fixes #1891) 2014-02-09 10:19:24 +00:00
madmatt
267786a7d1 Add behat test for security permission checkboxes. 2014-02-07 15:41:33 +13:00
Mateusz Uzdowski
e91f10b0ab Add Behat step to click on a row in the first GridField table. 2014-02-07 15:40:06 +13:00
Ingo Schommer
bb9f84afd5 Merge pull request #2806 from tractorcow/pulls/bug-member-locale
BUG Default Member.Locale now chooses a better default value when i18n.locale is not a valid translation
2014-02-03 17:03:48 -08:00
Ingo Schommer
457ec9446b Merge pull request #2700 from ajshort/injector-factory
Injector Factory
2014-02-03 16:50:15 -08:00
Andrew Short
2f817ba177 NEW: Allow specifying a factory to use for creating services.
A service factory can be used for creating instances where a non-trivial
construction process is required. This is done by adding a `factory`
key to the service definition.
2014-02-03 11:30:22 +11:00
Ingo Schommer
91b363b141 Merge pull request #2756 from madmatt/pulls/behat-form-context
Update theHtmlFieldShouldContain step to include negation.
2014-01-30 18:09:55 -08:00
Kirk Mayo
44a8537f68 BUG: #2503 Fixes performReadonlyTransformation for OptionSetField
NEW: Adding unit test for performReadonlyTransformation #nd fixing OptionSetField #2503

BUG: Fixing undefined variables and function parameters for PerformReadonlyTransformation unit tests

NEW: Adding unit test to OptionsetField for read only fields
2014-01-30 16:09:55 +13:00
Damian Mooyman
293c672fa7 BUG Default Member.Locale now chooses a better default value when i18n.locale is not a valid translation
This will resolve issues in cases where the site locale may be assigned a value that does not have an explicit translation. E.g. if the locale is en_NZ (and it's appropriate for this to be the assigned locale), Afrikaans will no longer be the default selected locale when creating members. Now en_US is chosen as a better fallback default.

This is a minor ease of use fix that means fewer CMS users can be accidentally created in Afrikaans within NZ based sites.

Test cases included.
2014-01-30 15:55:14 +13:00
Simon Welsh
cf01ca818a Revert "MINOR: Added behat test to cover changes made in e69e65c."
This reverts commit e0b4e6125c.
2014-01-22 15:20:48 +13:00
Mateusz U
ce3a944903 Merge pull request #2780 from madmatt/pulls/securityadmin-js2
BUGFIX: Fix JS for PermissionCheckboxsetField in SecurityAdmin
2014-01-20 19:00:00 -08:00
madmatt
e0b4e6125c MINOR: Added behat test to cover changes made in e69e65c. 2014-01-15 16:20:19 +13:00
Ryan Wachtl
5f87d344f1 FIX Overriding of theme templates in project folder
Fixes issue of templates not being found when a Page's main/Layout templates are split between the project and theme folders. Adds more expansive testing for template loading.
2014-01-14 15:05:24 -06:00
Will Rossiter
a50996a010 NEW: Add support for push operator on ArrayList (Fixes #1539) 2014-01-12 18:55:40 +13:00
Will Rossiter
e7266535c5 FIX: Allow empty checkboxes through setValue(null) (#1392) 2014-01-12 17:28:09 +13:00
Will Rossiter
4ea62b44f9 FIX: Ensure GridFieldDetailForm has the current record validator.
Currently the validator is only set through
ModelAdmin and not through GridField
directly. This will set the validator based on the
record unless a custom validator has been
provided.

http://www.silverstripe.org/data-model-questions/show/34650?start=8#post331958
2014-01-12 16:08:31 +13:00
Will Rossiter
f433b5000f FIX: Resolve issue when selected value is zero. (#2530)
$this->value is stored as string internally. In
the special case that the option value is 0, the
type comparison fails to resolve 0 == '0',
see http://www.php.net/manual/en/types.comparisons.php.
2014-01-11 13:25:40 +13:00
Jeremy Shipman
62694b0a8b NEW: Made ValidationResult functions chain-able.
Added unit tests for CombiningResults
2014-01-09 16:32:27 +13:00
Jeremy Shipman
8d8f3abace FIX: ConfirmedPasswordField setName failed to set names of child fields.
FIX: ConfirmedPasswordField relied on POST variables. These should instead come from setValue().
Added all important tests for validating the field: valid if passwords match, invalid if passwords differ.
2014-01-07 17:17:55 +13:00
Matt Peel
0eaae90bdb Update theHtmlFieldShouldContain step to include negation.
This allows steps to be declared as either “should contain” or “should not
contain”.
2014-01-06 17:22:40 +13:00
madmatt
2b00036d9d Allow GridFields without titles to be found. 2014-01-06 10:20:44 +13:00
Stephen Shkardoon
40163edba7 Make CacheTest sleep properly
This way it will always sleep for the right amount of time (or longer)
2013-12-21 15:05:51 +13:00
Will Rossiter
3d2875a111 Merge pull request #2741 from simonwelsh/hhvm-test
Changes to error message detection to handle the differences in HHVM
2013-12-20 16:55:14 -08:00
Simon Welsh
8de403abd4 Changes to error message detection to handle the differences in HHVM 2013-12-21 13:17:47 +13:00
madmatt
7d271d5346 Fix profile.feature behat test 2013-12-20 12:32:44 +13:00
Ingo Schommer
d032fadfb5 Fixed spelling of class in test 2013-12-19 20:47:16 +01:00
Ingo Schommer
78a530524b Merge pull request #2684 from Firesphere/feature/force_write_js_to_bottom
NEW Forcefully write javascripts to the end of the HTML if wished
2013-12-19 09:21:06 -08:00
Daniel Pickering
94c19e349a FIX: Year.php getDefaultOptions now fixed, sets key as year. Also added YearTest unit test. 2013-12-16 03:29:29 +00:00
Firesphere
af7afbe918 IMPROVEMENT/FEATURE Forcefully write javascripts to the end of the HTML if wanted.
It's defaulted to false. But when set to true, the JS is written to the end of the HTML, even though there are earlier scripts.
This results in faster page-loading if the JS isn't needed earlier-on.
2013-12-14 14:04:03 +01:00
Ingo Schommer
ab91a5a80b Merge pull request #2622 from froog/patch-1
Created LessThanOrEqualFilter and GreaterThanEqualFilter
2013-12-13 03:34:45 -08:00
Ingo Schommer
c811556ea5 Removed debug code 2013-12-13 10:04:26 +01:00
Firesphere
41371fea72 NEW Force the javascripts to be put before the closing body tag 2013-12-07 15:47:31 +01:00
Ingo Schommer
a7ad85c2a8 Better "editable page" Behat assertion 2013-12-02 19:07:14 +01:00
micmania1
b89ab1eb16 Added SSViewer::get_templates_by_class() to make the functionality in LeftAndMain::getTemplatesWithSuffix() more open. 2013-12-01 07:42:37 +00:00
Ingo Schommer
df2d59df1c Use more solid getValue() in Behat assertions
getAttribute('value') behaves inconsistently with Selenium drivers
(fails on Travis and TeamCity, but works locally). Selenium2Driver
in Mink provides a JS wrapper for getting the value, which is more reliable.

This fixes "insert a link" failures, see https://travis-ci.org/silverstripe/silverstripe-cms/jobs/14281251
2013-11-30 13:27:20 +01:00
Ingo Schommer
73eae2990f Merge pull request #2683 from tractorcow/pulls/2682-fix-gridfieldsortableheader
BUG Fixes #2682 - Regression in #2595
2013-11-29 09:17:39 -08:00
Sean Harvey
3a8833ec28 Fixing broken manage-users behat test.
"ADMIN group" is created by default, but assertions are checking
for "Admin Group".
2013-11-29 14:51:46 +13:00
Sean Harvey
cfc009964c Fixing undefined step caused by change in behat-extensio module. 2013-11-29 14:17:04 +13:00
Sean Harvey
761cc63e19 Adding test for CheckboxSetField saving into a text DB field. 2013-11-29 11:38:07 +13:00
Damian Mooyman
7636699c9f BUG Fixes #2682 - Regression in #2595 causing gridfield headers to break on summary_fields containing field methods 2013-11-27 18:43:27 +13:00
froog
755857b22a NEW: Created LessThanOrEqualFilter and GreaterThanEqualFilter 2013-11-25 03:59:51 +00:00
Ingo Schommer
784c766ee6 Revert "Don't rely on Behat/Selenium returning 'value' for textarea"
This reverts commit 8245125349.
2013-11-22 20:38:56 +01:00
Ingo Schommer
7e291133a0 Merge pull request #2663 from ajshort/has-many-prepopulate
NEW: Pre-populate and disable foreign key field on has many lists.
2013-11-22 11:18:11 -08:00
Ingo Schommer
053258b984 Merge pull request #2595 from kinglozzer/gridfield-sort-relation
NEW: GridField can sort on relation columns
2013-11-22 11:14:12 -08:00
Ingo Schommer
8245125349 Don't rely on Behat/Selenium returning 'value' for textarea
Technically a textarea DOM node doesn't have a 'value' attribute,
but rather a HTML content. This used to work, but likely broke either
by updated browser handling or updated selenium logic.
Fixes "Scenario: I can edit title and content and see the changes on draft"
2013-11-22 20:05:17 +01:00
Ingo Schommer
70207b0c98 Merge pull request #2626 from Zauberfisch/filterByCallback
filterByCallback added to SS_Filterable interface and implemented in ArrayList
2013-11-21 05:34:36 -08:00
Zauberfisch
d9b74874fc added filterByCallback() to interface SS_Filterable and all implementing classes 2013-11-21 13:03:18 +00:00
Will Rossiter
0e89c4b6cd API: Implement SS_Map::push() to append values.
FIX: SS_Map::count() not taking into account additional firstItems
2013-11-18 20:38:57 +13:00
Ingo Schommer
bd5fdf1f19 Fixing coding conventions in Behat files 2013-11-15 12:03:43 +01:00
Loz Calver
a1a402224f NEW: GridField can sort on relation columns
Slightly improved logic

Add support for relations more than one 'level' apart

Add unit tests

Fixing PostgreSQL support

Throw exception if attempting to sort on a has_many/many_many relation
2013-11-13 10:33:00 +00:00
Andrew Short
fc773c5c22 NEW: Pre-populate and disable foreign key field on has many lists.
This is a common use case, and by default a form field is added which
has no effect. While this coupling is undesirable, it makes the default
behaviour much more sensible.

See #2662, #2651, #2637 for more information.
2013-11-13 16:21:18 +11:00
Cam Spiers
14486902fb Allow users to extend the SSTemplateParser by defining open & closed blocks
Currently the only way the extend SSTemplateParser is to define a class
extension of it and then tell the injector component to use your new
custom class. This new change allows a user to define new "open blocks"
and "closed blocks" for SSTemplateParser to use without needing to
recompile the real SSTemplateParser class.

The following example shows how the functionality can be used
to add a new <% minify %>…<% end_minify %> syntax to the template parser

In a config.yml file, define the new minify closed block to call the
static function "Minifier::minify"

```
Injector:
	SSTemplateParser:
		properties:
			closedBlocks:
				minify: "Minifier::minify"
```

Define a new class with the minify static method that returns the new
template code when regenerating templates:

```
class Minifier {
    public static function minify(&$res) {
        return <<<PHP
{$res['Template']['php']}
\$val = zz\Html\HTMLMinify::minify(\$val, array('optimizationLevel' => zz\Html\HTMLMinify::OPTIMIZATION_ADVANCED));
PHP;
    }
}
```
2013-11-04 14:24:58 +13:00
Sean Harvey
70c23f37de Merge pull request #2608 from andrewvt/3.1
added removeFromGroupByCode() function to Member.php
2013-11-03 12:27:10 -08:00
andrewvt
389bdb4ddf Added a unit test for removeFromGroupByCode()
Added a unit test for removeFromGroupByCode()
2013-10-31 22:05:13 -04:00
Damian Mooyman
c74f7e7640 BUG Fixes issue where items could be deleted from a has_many relation by an entirely unrelated HasManyList calling delete on that item. 2013-11-01 11:39:13 +13:00
Will Rossiter
a0b7bfc7a5 Merge pull request #2604 from chillu/pulls/versioned-single-stage
Fixed support for single stage in Versioned
2013-10-29 01:40:40 -07:00
Ingo Schommer
dfabd54bdb Fixed support for single stage in Versioned
This used to work in 2.4, so is considered a regression.
To test, simply add a Versioned("Stage") extension to
some record in 2.4 vs. 3.1.
2013-10-24 17:09:17 +02:00
Ingo Schommer
7cf8e65309 Merge pull request #2598 from halkyon/test_execution_error
i18nSSLegacyAdapterTest setting wrong arguments for manifest.
2013-10-24 04:24:19 -07:00
Sean Harvey
e3542fead3 i18nSSLegacyAdapterTest setting wrong arguments for manifest.
Currently if you run i18nSSLegacyAdapterTest twice in a row you
get errors about classes not existing, because the class manifest
doesn't get set correctly during the test setUp() method.
2013-10-24 17:22:16 +13:00
Ingo Schommer
d7e10e620a Merge pull request #2537 from wilr/membervalidator
FIX: Use Injector API for managing Member_Validator instance.
2013-10-23 03:01:15 -07:00
Ingo Schommer
39efaca54f Disable "lost password" feature, breaks on "php -S"
PHP's built-in webserver doesn't reliably expose SCRIPT_NAME,
see https://github.com/silverstripe/silverstripe-framework/issues/2580.
This breaks URL routing on /Security/passwordsent/admin%40test.com
2013-10-22 15:26:20 +02:00
Ingo Schommer
f2d362b629 Merge pull request #2576 from halkyon/fulltextsearch_test
FulltextSearchableTest doesn't clean up after itself.
2013-10-22 01:56:29 -07:00
Sean Harvey
acaf0e40cc FulltextSearchableTest doesn't clean up after itself.
The extension doesn't get unloaded correctly at the end of the test,
resulting in tests afterwards sometimes failing because the table
type is reset back to InnoDB.

See silverstripe/silverstripe-cms ed8ee4e9b for a similar fix done
in the cms module.
2013-10-22 17:52:51 +13:00
mandrew
56d7c1fde2 Behat tests for lost password 2013-10-22 00:06:36 +02:00
Ingo Schommer
5c1a9d9da5 Using Behat EmailContext by default 2013-10-21 00:50:29 +02:00
Che Van Lawrence
2be25e70ba Merge pull request #2545 from hafriedlander/fix/protocol_and_oembed
FIX oembed to avoid mixed media issues
2013-10-17 19:09:35 -07:00
Hamish Friedlander
8801a50704 FIX oembed to avoid mixed media issues 2013-10-17 17:06:40 +13:00
Damian Mooyman
24950692cd BUG Fixes serious issue with FieldList::addFieldsToTab failing to accept multiple field groups.
Additional groups beyond the first are ignored.
Test cases included.
2013-10-17 15:38:22 +13:00
Will Rossiter
813d34b15e FIX: Use Injector API for managing Member_Validator instance.
Updates the CMS profile page and SecurityAdmin to give developers a few ways to customise the required fields.

Added extension hook updateValidator for getValidator for things like modules to inject required fields to go along with Injector for replacing the entire class for project specific use.
2013-10-16 11:29:43 +13:00
Marcus Nyeholt
7bcb180f27 BUG Director::test now calls RequestProcessor
This fixes https://github.com/silverstripe/silverstripe-framework/issues/2517
and provides some testing around the use of RequestProcessor in general.
2013-10-15 07:53:34 +11:00
Devlin
1e5679f20f BUGFIX i18n module load order in i18n::include_by_locale()
The "project" module (normally mysite) is considered with the highest priority. Yet, the project's i18n is loaded first and cannot overwrite existing translations. I've added a array_reverse(), so the iteration keeps the translation of the module with the highest priority.

Old $sortedModules: mysite, (other_modules,) cms, admin, framework.
New $sortedModules: framework, admin, cms, (other_modules,) mysite.
2013-10-11 15:20:51 +02:00
Loz Calver
51be1e858a Unit tests for Email
It's not much, but it's a start
2013-10-09 11:51:29 +01:00
Andrew Short
a339687493 API: Pass extra context information to shortcode handlers.
This allows shortcodes to perform more complex actions on the element
which contains them. For example, the element reference can be used
to add extra classes or attributes to links which provide additional
metadata.
2013-10-09 15:05:17 +11:00
Ingo Schommer
e489384eea Moved manage-files.feature to cms module 2013-10-08 11:21:36 +02:00
Ingo Schommer
8d5209aef6 Migrated page-specific behat features to cms module 2013-10-08 00:24:05 +02:00
Ingo Schommer
6a665b4ca2 Behat jQuery reference 2013-10-07 23:44:13 +02:00
Ingo Schommer
795d3e4b3b Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	dev/install/install.php5
	docs/en/index.md
	tests/core/CoreTest.php
2013-10-07 16:18:20 +02:00
Ingo Schommer
7f0e589bf5 Behat test for language switching 2013-10-07 00:04:50 +02:00
Damian Mooyman
f67b549b77 BUG Fixed cross-platform issues with test cases and file utilities 2013-10-04 13:54:33 +13:00
Sean Harvey
38e4070ff7 Merge pull request #2477 from tractorcow/pulls/3.1-sqlquery-sort-order
BUG Sort column order maintained correctly when using expressions
2013-10-03 14:27:38 -07:00
Damian Mooyman
4b850fb41c BUG Fixed cross-platform issues with test cases and file utilities 2013-10-03 14:49:18 +13:00
Damian Mooyman
afaf7f6b4e BUG Sort column order maintained correctly when using expressions in SQLQuery and DataQuery 2013-10-03 14:20:31 +13:00
Ingo Schommer
a534b7c784 Merge remote-tracking branch 'origin/3.0' into 3.1 2013-10-02 12:21:35 +02:00
Ingo Schommer
06b5f142b6 Increased CacheTest time delay, avoid flickering tests
Setting a cache lifetime of half a second seems to be
unreliable on Travis when just waiting a second,
so let's wait a bit longer.
2013-10-02 12:13:22 +02:00
Andrew Short
c26c9e641a Fix test relying on specific member title format.
If a custom member title format was used, the test would fail as it
only expected the default member title format.
2013-10-02 15:16:33 +10:00
Ingo Schommer
21c226a5d2 Merge remote-tracking branch 'origin/3.0' into 3.1 2013-09-30 23:44:12 +02:00
Ingo Schommer
a68e0ba365 Check for jQuery in Behat tests
Identified as one potential cause for flickering tests
on our own Selenium box.
2013-09-30 23:36:46 +02:00
Daniel Hensby
6c943007a1 removeRequiredField() limits field (fixes #2165)
Added tests to RequiredFields and fixed bugs that were found

Now you:
1. Can't add the same field name many times
2. Can use append RequiredFields correctly without fear of duplicates

I've also added a Deprecation warning to $useLabels as it's not used
*anywhere* in framework
2013-09-27 19:58:59 +02:00
Ingo Schommer
48021e9fd3 Merge pull request #2166 from dhensby/patch-2
FormFields now allow setting of extra CSSClasses en masse
2013-09-24 11:50:01 -07:00
Ingo Schommer
5b3f8bc04d Merge pull request #2435 from hafriedlander/fix/join_links_query_params
FIX Use last of duplicate query params in join_links
2013-09-20 02:27:49 -07:00
Hamish Friedlander
b1f03db4ff FIX Improve recent RestfulService fix for proxies 2013-09-20 16:26:39 +12:00
Mateusz Uzdowski
7ddd5b57c3 BUG Do not rely on broken curl header size calculation.
Header parsing now takes into account situations like a proxy or
redirections. Works around the curl issue.

Also fixes the issue when a redirected request would cause a double
amount of headers coming out of the parser - it would merrily process
anything that's in key:value format even if it was two distinct headers.
2013-09-20 15:02:40 +12:00
Hamish Friedlander
a8c1dd7f53 FIX Use last of duplicate query params in join_links
When using Controller::join_links to join two links with identical query
params, both query params would be used in the result, ending up with
links that look like `../edit/show/14?locale=en_NZ&locale=mi_NZ`

This patch eliminates duplicate query params, so only the last one
for any key is present in the output.
2013-09-20 11:33:03 +12:00
Ingo Schommer
ba5984e2bf Only compare array notations in SQLQuery->getOrderedJoins()
If more than two $from were added through SQLQuery->addFrom(),
the getOrderedJoins() comparison kicks in. It assumes all $from
parts are in array notation, which isn't always the case.
For legacy reasons, and because we don't have full API support,
you can still add literal joins through addFrom('INNER JOIN ...').
On PHP 5.3, the ordering comparison still works because it
allows array access in strings, with string rather than numeric indexes.
Thankfully that's no longer supported in PHP 5.4.
2013-09-17 22:08:48 +02:00
Ingo Schommer
a87000170a Behat: "apply formatting" steps 2013-09-15 01:50:10 +02:00
Ingo Schommer
849f2c1cb1 Behat: "insert external link" feature 2013-09-14 19:50:22 +02:00
Ingo Schommer
d68a016026 Behat: Friendler field reference 2013-09-14 19:50:21 +02:00
Ingo Schommer
2fbe0c39f2 Behat: Correctly quote selector in dropdown step 2013-09-14 19:50:21 +02:00
Ingo Schommer
c9047a386f Behat: "insert link" feature 2013-09-14 19:50:21 +02:00
Ingo Schommer
7a4a1bbadb Behat: More "insert image" steps
Still needs definitions
2013-09-14 19:50:21 +02:00
Ingo Schommer
e202d4b3b0 Behat: Avoid false positives in dropdown traversal
Was identifying fields like <input value="Select a page">
when querying for a drop down labelled "Page"
2013-09-14 19:50:21 +02:00
Ingo Schommer
8de227554e Behat: More verbose error message in HTML field assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
fde6b65769 Behat: Allow quoted HTML in assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
35a32d608d More specific behat tree assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
5a0b4b0f03 Shorter behat feature name
Looks better in relishapp ;)
2013-09-13 18:52:02 +02:00
Ingo Schommer
819eebb5dc Behat: Profile feature (steps only) 2013-09-13 18:44:17 +02:00
Ingo Schommer
aa80c4eed2 Behat feature indentation (no content changes) 2013-09-13 18:42:27 +02:00
lukepercy
e6f7f637f3 Added feature file for behat test
- Added content formatting behat feature file Updated Given statement for Insert link behat feature file
- Added Behat test feature file for alignment buttons Updated formatting buttons feature file to include strikethrough formatting
2013-09-13 17:00:43 +02:00
Sean Harvey
17fb7752db Skipping SQLQueryTest::testZeroLimitWithOffset() for MSSQLDatabase.
This test doesn't work on MSSQLDatabase.
2013-09-13 15:50:36 +12:00
Sean Harvey
bf1110d911 Adding a test for SQLQuery::setLimit() parsing OFFSET string clause. 2013-09-13 15:44:46 +12:00
Russell Michell
bbda63a16f MINOR: Corrected tests to use assertFalse|True() 2013-09-13 12:27:37 +12:00
Russell Michell
3aaa12f114 FIX: Fixes #2398
- hasAmount() failed to return true for values <= 0.99 and >= 0.01
- Added unit tests
2013-09-13 12:21:21 +12:00
Ingo Schommer
c2b312d76f Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-09-12 17:24:42 +02:00
Ingo Schommer
05757efceb FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:43 +02:00
Ingo Schommer
720c149aee FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:42 +02:00
Ingo Schommer
cfa88adf4b FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00
Ingo Schommer
68ca47b0dd FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:35 +02:00
Sean Harvey
95bb799e6f BUG Fixing SQLQuery::aggregate() adding ORDER BY when no limit.
DataQuery::initialiseQuery() will add a default sort to a query,
and when calling up an aggregate it will make a query like this
which doesn't make sense:

SELECT MAX("LastEdited") FROM "Member" ORDER BY "ID"

In this case there is no need to add the ORDER BY, and it will
break databases like MSSQL in cases such as
GenericTemplateGlobalProvider
which provides a default List() function for adding aggregates
into SSViewer template cacheblocks.

If we add a limit, however, then it does make sense:

SELECT MAX("LastEdited") FROM "Member" ORDER BY "ID" LIMIT 10

This fixes SQLQuery::aggregate() to NOT add an ORDER BY to an
aggregate call if there is no limit.
2013-09-06 18:11:11 +12:00
Ingo Schommer
1c31c098ee FIX Correct Zend_Locale fallbacks in i18n/DateField/DateTimeField
Due to the recent change of translations to transifex, some
locales changed their names, which prompted a fix to
i18n::get_available_translations() (see 00ffe7294).
This caused a regression where short locales are determined
from the YAML file names (e.g. "en"), but weren't matched up
with fully qualified locales from get_available_translations() (e.g. "en_US").
Since this list is used in the admin/myprofile dropdown for the Member.Locale value,
it didn't match up with any entries and defaulted to the first one ("Africaans").

Note that the behaviour of admin/myprofile is still a bit weird:
It defaults the locale on new members to the one set for the current administrator.
So if a site defaults to en_US in _config.php, but the admin happens to view
his backend in de_DE, all members he creates default to de_DE as well.

Thanks to @tractorcow for contributing and peer reviewing!
2013-08-30 10:18:00 +02:00
Johannes Hammersen, x75
b8495da5d9 BUG Cached images stored in wrong folder
If multiple image manipulations are performend the resulting cached image is stored in assets/_resampled because the cached version of the image has no ParentID, which cacheFilename needs to set the correct path.
2013-08-26 10:16:42 +02:00
Ingo Schommer
eb311691be Fixed 3.1-specific switchToWindow() behat feature 2013-08-22 14:10:54 +02:00
Ingo Schommer
4a3a88710f Merge remote-tracking branch 'origin/3.1.0' into 3.1
Conflicts:
	dev/BehatFixtureFactory.php
	model/Hierarchy.php
	tests/behat/features/bootstrap/FeatureContext.php
	tests/core/CoreTest.php
2013-08-22 13:00:25 +02:00
Ingo Schommer
40c239076b Merge remote-tracking branch 'origin/3.0' into 3.1.0
Conflicts:
	model/Hierarchy.php
2013-08-22 12:55:47 +02:00
Ingo Schommer
54edc0ddac Fix Behat window switching in chrome
Workaround only, see https://groups.google.com/forum/#!topic/behat/QNhOuGHKEWI
2013-08-22 12:49:38 +02:00
Simon Welsh
c66cc952d2 Correct line length and indentation 2013-08-21 21:27:16 +12:00
Simon Welsh
4cb98f1afd Only have Scrutinizer check PHP files 2013-08-21 21:02:12 +12:00
Simon Welsh
151baeede1 Correct line length and indentation 2013-08-21 18:54:05 +12:00
Simon Welsh
4db6520357 Only have Scrutinizer check PHP files 2013-08-21 17:57:31 +12:00
Ingo Schommer
a6da1f5570 Merge pull request #2294 from wilr/fixgridexport
FIX: Remove limit on GridField export
2013-08-20 14:08:18 -07:00
Ingo Schommer
46362175f0 Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-08-20 20:59:31 +02:00
Ingo Schommer
a592c36adf Merge remote-tracking branch 'origin/3.0' into 3.1.0
Conflicts:
	docs/en/changelogs/index.md
2013-08-20 20:49:01 +02:00
Ingo Schommer
699cbfe851 Merge branch '3.1.0' into 3.1
Conflicts:
	thirdparty/jquery-entwine/dist/jquery.concrete-dist.js
	thirdparty/jquery-entwine/spec/SpecRunner.html
	thirdparty/jquery-entwine/spec/spec.entwine.eventcapture.js
	thirdparty/jquery-entwine/spec/spec.entwine.namespaces.js
	thirdparty/jquery-entwine/src/domevents/jquery.entwine.domevents.addrem.js
	thirdparty/jquery-entwine/src/jquery.entwine.eventcapture.js
	thirdparty/jquery-entwine/src/jquery.entwine.js
	thirdparty/jquery-entwine/src/jquery.focusinout.js
2013-08-20 16:58:40 +02:00
Ingo Schommer
2fd5558a70 Fixed "insert image" behat feature
Was using wrong button label, and ignoring the
"unsaved changes" warning dialog
2013-08-20 16:19:30 +02:00
Hamish Friedlander
4a7aef0e25 FIX Double slashes in ParameterConfirmationToken 2013-08-19 11:35:34 +12:00
Will Rossiter
c7bdfcd76a Merge pull request #2293 from robert-h-curry/empty-arraylist
Preempt fatal errors when making some function calls on an empty ArrayList
2013-08-17 16:53:48 -07:00
Ingo Schommer
de3b1b22d3 Fixed behat tests for confirming grid field dialogs 2013-08-16 13:34:23 +02:00
Ingo Schommer
362d35742f Fixed behat tests to confirm file deletion dialog 2013-08-16 13:34:23 +02:00
Ingo Schommer
afe06661ef Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/templates/Includes/LeftAndMain_Menu.ss
	admin/templates/Includes/ModelAdmin_ImportSpec.ss
	admin/templates/Includes/ModelAdmin_Tools.ss
	admin/templates/LeftAndMain.ss
	admin/templates/ModelSidebar.ss
	i18n/i18n.php
	templates/ComplexTableField.ss
	templates/ComplexTableField_popup.ss
	templates/FileIFrameField_iframe.ss
	templates/Includes/GridFieldItemEditView.ss
	templates/Includes/TableListField_PageControls.ss
	templates/RelationComplexTableField.ss
	templates/TableField.ss
	templates/TableListField.ss
2013-08-07 17:14:47 +02:00
Ingo Schommer
00ffe72944 Translations: Switch to Transifex format
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
  which SilverStripe's i18n system can't handle
  (needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
- Only allow selection of locales registered through i18n::$all_locales to avoid
  issues with unknown locales in Zend's CLDR database
2013-08-07 00:25:16 +02:00
Hamish Friedlander
2110493466 Merge branch '3.0' into 3.1 2013-08-07 09:43:52 +12:00
Will Rossiter
65d96e8d7c FIX: Remove limit on GridField export
Allow DataList::limit() to take a null value to remove the limit.

Added tests for limit(). Note the one failure, currently the ORM doesn't support unlimited values with an offset.
2013-08-05 19:59:12 +12:00
Robert Curry
d69520bd70 Preempt fatal errors when making some function calls on an empty ArrayList
The function "first" on ArrayList uses the PHP function "reset", which
returns false if there aren't any elements in the array. Two functions
inside ArrayList use this function, "canFilterBy" and "byID". I've
changed these functions to catch the possibility of a false return from
first().
2013-08-05 15:47:58 +12:00
Hamish Friedlander
342058742c FIX Flush on memory exhaustion and headers sent 2013-08-02 09:41:16 +12:00
Hamish Friedlander
541436feb0 Merge branch 'origin/3.0' into 3.1 2013-07-24 12:09:44 +12:00
Hamish Friedlander
a1ea905ca8 FIX Nice errors and allows flush on module removal 2013-07-24 09:57:01 +12:00
Hamish Friedlander
d38bd7d5cb Merge branch 'origin/3.0' into 3.1 2013-07-19 14:18:49 +12:00
Hamish Friedlander
1298d4a5bd FIX Prevent DOS by checking for env and admin on ?flush=1 (#1692) 2013-07-19 12:24:32 +12:00
Ingo Schommer
920edf88e7 Test allowedExtensions in UploadField, return correct HTTP status 2013-07-12 13:16:34 +02:00
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Daniel Hensby
378d829e8f Adding test to prove issue with HTTP Header parsing in RestfulService
I have a header like:
X-BB-Auth: xxxx

and it is being given back to me as X-Bb-Auth - i want to prove the issue and the fix
2013-07-10 12:47:13 +01:00
Cam Spiers
b44641336b FIX ConfigManifest regenerating every request if variantKeySpec is an empty array() 2013-07-10 11:53:44 +12:00
Cam Spiers
2d30592f72 Improve memory performance when generating config static and class caches 2013-07-08 21:24:14 +12:00
Jeremy Thomerson
f6ff39369f FEATURE: <% include %> inherits iterator scope of parent template 2013-07-07 12:39:42 +00:00
Sam Minnée
0173707cd1 Merge pull request #2164 from tractorcow/3.1-datetimefield-fixes
BUG Fixed DateTimeField where time value was being parsed incorrectly.
2013-07-06 19:03:33 -07:00
Sam Minnée
ecf8f273c0 Merge pull request #2201 from hafriedlander/fix/session
Fixes to session, primarily around cookie_secure
2013-07-06 18:59:07 -07:00
Hamish Friedlander
2886f6ee14 FIX Session was started every time, even if no data set
Session tracks the user agent in the session, to add some detection of
stolen session IDs. However this was causing a session to always be
created, even if this request didnt store any data in the session.
2013-07-07 09:12:10 +12:00
Cam Spiers
0aeb2293bb Allow module directories to be named with more valid characters ensuring that module names in fragment meta-data are correct.
Unit tests for ConfigManifest reference path parsing
2013-07-06 14:16:59 +12:00
Simon Welsh
ff45f7ce4d DataListTest should not rely on order of values when not explictly sorting 2013-07-05 11:45:34 +12:00
Ingo Schommer
c3e9e44204 Merge pull request #2197 from hafriedlander/fix/dbapichange
FIX Recent patch to DataObject#db changed API which broke core
2013-07-04 15:20:52 -07:00
Simon Welsh
d844c74e3c Merge branch '3.0' into 3.1
Conflicts:
	.travis.yml
	control/HTTP.php
	email/Mailer.php
	tests/control/HTTPTest.php
2013-07-05 10:17:14 +12:00
Hamish Friedlander
ca63e33c19 FIX Recent patch to DataObject#db changed API which broke core 2013-07-05 10:11:35 +12:00
Damian Mooyman
11f4b2c620 API HTTP::urlRewriter with (string)$code deprecated in 3.1. Fixed regressions and CSS urls.
urlRewriter will expect a callable as a second parameter,
but will work with the current api and simply raise a deprecation error.

HTTP::absoluteURLs now correctly rewrites urls into absolute urls. Resolves introduced in c56a80d6ce

HTTP::absoluteURLs now handles additional cases where urls were not translated.

Test cases for HTTP::absoluteURLs added for both css and attribute links.

Cleaned up replacement expression and improved documentation.
2013-07-05 09:08:58 +12:00
Ingo Schommer
067a94bd93 Postgres compat in MemberCsvBulkLoaderTest and GroupTest 2013-07-04 22:46:23 +02:00
Ingo Schommer
cf20923fd6 Postgres compat in SQLQueryTest 2013-07-04 22:28:13 +02:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Jeremy Thomerson
50e9eee2e9 FIX #2174: SearchFilter needs casting helper for DataObject base fields
Commit 964b3f2 fixed an issue where dbObject was returning casting helpers for
fields that were not actually DB objects, but had something in $casting config.

However, because dbObject was no longer calling DataObject->castingHelper, this
exposed a bug that the underlying function db($fieldName) was not returning
field specs for the base fields that are created by SS automatically on all
DataObjects (i.e. Created, LastEdited, etc).

This commit fixes the underlying issue that DataObject->db($fieldName) should
return the field specs for *all* DB fields like its documentation says it will,
including those base fields that are automatically created and do not appear in
$db.
2013-07-03 03:03:40 +00:00
Ingo Schommer
429bbc5223 Merge pull request #2137 from jthomerson/pulls/fix_viewable_data_wrapped_value
FIX: ViewableData wasn't setting values when using default cast
2013-07-02 00:40:56 -07:00
Mateusz Uzdowski
21844a8a07 Merge branch 'pr/2173' into 3.1 2013-07-02 15:52:31 +12:00
Mateusz Uzdowski
f9ede95e5b Add configuration system tests for Only and Except combinations. 2013-07-02 15:51:53 +12:00
Hamish Friedlander
5484283a25 FIX changing environment in config.php changes matched yaml rules 2013-07-02 13:21:27 +12:00
Hamish Friedlander
e74c002647 FIX Only and Except rules in Configs not working 2013-07-01 15:47:37 +12:00
Daniel Hensby
9a40b16496 Adding tests to FormField and Form for extra classes
Added tests that were missing from `Form` and ones for my new logic
2013-06-29 13:35:34 +01:00
Ingo Schommer
a6c3d1e269 Flag "insert image" behat test as @assets
Required in order to run them remotely, which currently
doesn't support file upload through Selenium
2013-06-28 12:21:00 +02:00
Damian Mooyman
feb03f5443 BUG Fixed issue where time value was being parsed incorrectly in some locales 2013-06-28 16:45:33 +12:00
Simon Welsh
aecda4882b Merge pull request #2150 from hafriedlander/fix/templatevars-v2
FIX Arguments to method calls reseting scope
2013-06-25 21:59:14 -07:00
Simon Welsh
e55be50783 FIX: ConfigStaticManifest not handling multipart namespaces
Fixes #2126
2013-06-26 16:01:55 +12:00
Hamish Friedlander
ae3e3f3b44 FIX Arguments to method calls reseting scope 2013-06-25 17:35:16 +12:00
Simon Welsh
1edf45fbed Merge pull request #2130 from chillu/pulls/allowed_actions-deny
API Enforce $allowed_actions in RequestHandler->checkAccessAction()
2013-06-24 12:41:15 -07:00
Ingo Schommer
2f9eaeea41 Merge pull request #2021 from jthomerson/fix_if_link_not_working
FIX: <% if Link %> wasn't working
2013-06-24 06:16:21 -07:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Jeremy Thomerson
e6bfabfd6c TEST: additional test for ViewableData not wrapping cached strings 2013-06-21 16:20:00 +00:00
CheeseSucker
761eec7736 Unit test for bugfix in ViewableData::obj(). 2013-06-21 16:17:22 +00:00
Hamish Friedlander
328467f1b5 FIX: ConfirmedPasswordField used to expose existing hash 2013-06-20 14:09:30 +12:00
Ingo Schommer
2160fb8000 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.js
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/control/ControllerTest.php
2013-06-19 14:03:43 +02:00
Sam Minnee
526b40414a FIX: Ensure that actions inferred from templates with the "_action" suffix also respect allowed_actions.
FIX: Ensure SSViewer::hasTemplate() is aware of themes.

To do this, RequestHandler::definingClassForAction() has been created, splitting out the code that looks up the class that defines a given action into its own method.  This is then overridden in Controller to look at templates.
2013-06-19 20:11:50 +12:00
Ingo Schommer
1d402dd513 Unset test state in DirectorTest
This broke RSSFeedTest when running through 'sake'
2013-06-18 23:24:22 +02:00
Jeremy Thomerson
964b3f2d48 FIX: <% if Link %> wasn't working
Since ViewableData was returning a casting helper for Link, but DataObject was
only using $this->$fieldname to set values on that casting helper, you could
not use <% if Link %> (or <% if $Link %>) in your templates because Link is not
a field, and thus had no value to be set on the casting helper, causing
hasValue to think that there was no value.  Since DataObject->dbObject says that
"it only matches fields and not methods", it seems safe to have it call db(..)
to get the field spec, and not call ViewableData->castingHelper at all.
2013-06-15 13:44:03 +00:00
Will Rossiter
9775204436 FIX Allow filtering on joined columns 2013-06-15 12:06:24 +12:00
Will Rossiter
0129e185b8 Coding conventions, PHPDoc cleanup 2013-06-15 12:06:24 +12:00
Damian Mooyman
be986c6524 API Allow $summary_fields to support methods on DBFields 2013-06-13 09:41:24 +12:00
Ingo Schommer
71a5615213 Test $allowed_actions on controllers with template name=action conventions 2013-06-10 12:33:30 +02:00
Stig Lindqvist
dbc2b62c69 Merge pull request #2054 from chillu/pulls/dataobject-duplicate-hasone
BUG Correct relation saving in DataObject->duplicateRelations()
2013-06-07 22:54:36 -07:00
Mike Parkhill
574c11a834 Behat: "Insert image from web" feature
Partially fixes https://github.com/silverstripe/silverstripe-cms/issues/628
Modified a bit by Ingo :)
2013-06-07 16:10:21 +02:00
Ingo Schommer
fd6060e7be Behat: More robust "field should contain" logic 2013-06-07 16:02:29 +02:00
Ingo Schommer
924664527b Less assumptions in "HTML field contains" step
Not using the loose idea of a "field name" in the NamedSelector
sense of the word as "field with id exists".
2013-06-07 15:46:05 +02:00
Ingo Schommer
7dfe5ccbd2 Limit "should see a button" to actually visible elements 2013-06-07 15:45:15 +02:00
Stig Lindqvist
17bca1db86 Behat: Adding context for 'Given I should not see a "xxx" button' 2013-06-07 12:06:01 +02:00