Ingo Schommer
4c74f45361
API CHANGE Disallow methods/actions in RequestHandler->checkAccessAction() which are implemented on parent classes (e.g. ViewableData and Object), unless access is controlled through $allowed_actions. This limits information exposure from getters used in template contexts.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@102003 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:10 +13:00
Sean Harvey
2a583d9320
BUGFIX RequestHandler::handleRequest is now compatible with Controller::handleRequest in that SS_HTTPRequest is the type hint for the $request parameter
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100919 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:57 +13:00
Andrew Short
79773042be
API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog.
...
MINOR: Replaced usage of renamed classes with the new namespaced name.
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 03:06:31 +00:00
Ingo Schommer
b930149c3a
BUGFIX Fixed RequestHandler->allowedActions() lowercasing of actions - was applying the logic, but not writing it back to the $actions array.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89163 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-15 21:50:02 +00:00
Sam Minnee
68279be998
BUGFIX: Fix regression in r88521 that prevented the index action from being explictly disabled by setting the * key in allowed_actions
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88523 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-11 09:15:51 +00:00
Sam Minnee
1fce2e614b
BUGFIX: Ensure that the index action works even if allowed_actions is set.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88521 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-11 05:16:18 +00:00
Andrew Short
72592d8c14
FEATURE: Added RequestHandler->allowedActions() to return a unified representation (including extensions) of all allowed actions on a controller.
...
BUGFIX: Updated Controller->hasAction() to use RequestHandler->allowedActions() so that extension actions are recognised.
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88508 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-11 00:07:26 +00:00
Andrew Short
da4b65c749
FEATURE: Added RequestHandler->hasAction() and Controller->hasAction() to check if a specific action is defined on a controller.
...
ENHANCEMENT: Updated ContentController->handleRequest() to use Controller->hasAction() to check whether to fall over to a child page, rather than relying on an error response from Controller->handleRequest().
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88505 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-11 00:07:23 +00:00
Ingo Schommer
3f751a2cb8
BUGFIX Don't lowercase permission codes contained in $allowed_actions in RequestHandler->checkAccessAction(). Permission checks are case sensitive.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86085 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 07:02:54 +00:00
Ingo Schommer
fc03a8608a
API CHANGE Don't exempt 'index' controller actions from $allowed_actions check - they might still contain sensitive information (for example ImageEditor). This action has to explicitly allowed on controllers with $allowed_actions defined now.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86002 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 01:37:44 +00:00
Ingo Schommer
e9d25ca2ce
MINOR Moved documentation about Controller and RequestHandler to the right places
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@85775 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-07 00:14:11 +00:00
Sam Minnee
2b7572e21a
BUGFIX: Removed some code that needed Extension to extend from Object.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84162 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-08-11 08:50:32 +00:00
Sean Harvey
82a68dd3bd
MINOR Merged from branches/2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@81997 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-07-16 03:44:15 +00:00
Sam Minnee
e2dcc48d48
ENHANCEMENT ajshort: Allow a HTTPResponse to be encapsulated in a HTTPResponse_Exception, which can be later caught by the request handler.
...
MINOR ajshort: Updated RequestHandler->httpError() to interrupt the execution flow by throwing an exception.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@80226 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-06-27 08:48:44 +00:00
Sean Harvey
1168bf07c6
MINOR Removed comment that no longer applies in RequestHandler
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@79423 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-06-17 06:20:58 +00:00
Sean Harvey
a39822712b
Merged from branches/2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75659 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 07:28:53 +00:00
Sean Harvey
a5e82ddff1
Merged from branches/2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75590 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 01:20:24 +00:00
Normann Lou
eb0b76840c
BUGFIX: RequestHandler::checkAccessAction() breaks when $this->class is null, this happens when you delete a DataObject from ResultForm (list view) in DataAdmin. We use safer call get_class($this) instead.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@74633 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-16 22:41:14 +00:00
Ingo Schommer
e0ec30dcc8
ENHANCEMENT Allowing usage of global settings via asterisk (*) in RequestHandler->$allowed_actions
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@74009 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-02 16:34:27 +00:00
Ingo Schommer
b12a00c391
MINOR phpdoc documentation
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73509 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-22 22:59:14 +00:00
Sam Minnee
a28ea0a69e
ENHANCEMENT: Added Object::combined_static(), which gets all values of a static property from each class in the hierarchy
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73473 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-21 05:10:05 +00:00
Sam Minnee
020a92eda8
BUGFIX #2992 : Fixed T_PAAMAYIM_NEKUDOTAYIM error in RequestHandler
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65250 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-05 01:59:27 +00:00
Sam Minnee
ba4a1acc68
BUGFIX: Don't allow calling of magically added methods via URL unless explicitly listed in allowed_actions
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64981 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-31 02:16:25 +00:00
Sam Minnee
132957b5c2
API CHANGE #2922 : RequestHandler:: now inherit
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64958 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-30 22:28:01 +00:00
Sam Minnee
cd699e3d89
API CHANGE #2857 - Renamed RequestHandlingData to RequestHandler
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64953 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-30 22:03:21 +00:00