63 Commits

Author SHA1 Message Date
Ingo Schommer
46556b609e FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-09-12 15:42:35 +02:00
Ingo Schommer
bfff11eb9c API New CMSForm class to allow validation responses in CMS (fixes #1777)
Thanks to @willmorgan for getting this discussion started
(see https://github.com/silverstripe/sapphire/pull/1814).
2013-06-13 07:51:05 +02:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
89176e8f5d Unescaped breadcrumbs for inline groups display (fixes #7936) 2013-01-21 08:51:16 +01:00
Jeremy Bridson
a93f8841d7 BUGFIX:fixed broken styling of iframe in IE for member and group import 2013-01-15 00:57:47 +01:00
Ingo Schommer
ff39f9ad38 Upgrade jQuery UI to 1.9
- Fixed jQuery.tabs remote tabs loading behaviour (see http://forum.jquery.com/topic/tabs-api-redesign)
2012-11-06 19:45:56 +01:00
Ingo Schommer
bcbf4636fc BUG Remove .ss-tabset class from CMS tabs to prevent rogue ajax load (#7980)
The existence of .ss-tabset triggers JS which applies $.tabs(),
and in turn interprets the first available link as the tab navigation.
jQuery UI subsequently tries to ajax-load this link, which is not
desired. Instead, $.tabs() should *only* be applied to a container
DOM element with .cms-tabset applied.
2012-11-01 00:25:13 +01:00
Sam Minnee
1f7fc1f76a FIX Remove instances of lines longer than 120c
The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit.  This is in preparation for the enforcement of this rule with PHP_CodeSniffer.
2012-09-30 17:18:13 +13:00
Ingo Schommer
e2f073f38a Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
Ingo Schommer
c7fd9a6605 CMS Localization 2012-08-10 00:17:34 +02:00
Ingo Schommer
5178954311 UNFINISHED Processing multiple PJAX responses on CMS JavaScript, introducing data-pjax-fragment attribute to identify reloadable template parts 2012-05-30 15:07:13 +02:00
Sean Harvey
c3eabffcb9 MINOR Use shorthand {class}::get() syntax instead of DataList::create()
in core code.
2012-05-28 21:13:42 +12:00
Sean Harvey
79680137b1 BUGFIX SecurityAdmin shows incorrect breadcrumbs for viewing Roles GridField. Partially reverts 16982ba17c. 2012-05-28 11:46:25 +12:00
Sean Harvey
74d444cf2f BUGFIX Ensure "Add [modelClass]" is shown instead of using the field name of the GridField, partially reverts 16982ba17c which broke breadcrumbs in SecurityAdmin 2012-05-28 11:43:47 +12:00
Naomi Guyer
16982ba17c ENHANCEMENT: Make GridFieldAddNewButton Content more specific
* Alter Grid Field "Add New" Button to take the name of the table (i.e.
"Add Member")
* Alter table names in security section to be singular so the button
text makes sense
2012-05-21 17:47:14 +12:00
Ingo Schommer
9052cdc1da ENHANCEMENT Making "Users", "Groups" and "Roles" tabs in SecurityAdmin bookmarkable.
ENHANCEMENT Fixed SecurityAdmin->Breadcrumbs() to include link to individual tab, and disable backlink (signed off by Paul)
2012-05-08 11:25:47 +02:00
Ingo Schommer
f2d2f5bb0e MINOR Changed CMS section name from "Users" back to its 2.4 label, "Security". Mainly to avoid breadcrumb weirdnesses when having a "Users/Users/My User" path. Signed off by Paul. 2012-05-08 11:25:47 +02:00
Ingo Schommer
7b18d9d0da MINOR Switching _t() calls from sprintf() to using injection parameters (#7170) 2012-05-01 22:17:00 +02:00
Robert Curry
842784c8aa ENHANCEMENT: Fixes #7010. Move DisplayFields, FieldCasting and FieldFormatting functions from GridField to GridFieldDataColumns. 2012-04-19 12:44:59 +12:00
Ingo Schommer
57ee9bf5e8 MINOR Removed unnecessary jquery.livequery include from CMS, its still processing in the background = performance overhead 2012-04-18 17:37:36 +02:00
Simon Welsh
3a6341a251 API-CHANGE sapphire folder can now be renamed. 2012-04-15 10:50:19 +12:00
Ingo Schommer
0f8a6999a1 MINOR Passing rendered form to renderWith() call, underlying logic changed (see #7136) 2012-04-13 15:35:46 +02:00
Ingo Schommer
40d73127ae MINOR Using late static binding instead of Object::create() calls 2012-04-04 17:10:31 +02:00
Sean Harvey
fd7f2eb469 ENHANCEMENT Use of Object::create('GridField') for Roles grid in
SecurityAdmin, to be consistent with Members and Groups grid
instantiation.
MINOR Removing comments referring to CTF
2012-03-26 14:51:40 +13:00
Sean Harvey
ffdf548575 ENHANCEMENT Adding missing MemberImportForm to SecurityAdmin, putting each importer into
Users and Groups tab for context instead of Import tab, and fixing
styling to be close to how it was in SS 2.4.
2012-03-24 13:20:19 +13:00
Stig Lindqvist
8b82dae06c API CHANGE: Renaming of gridfield components #6921 2012-03-09 12:54:02 +13:00
Ingo Schommer
c117ef58cf API CHANGE Removed LeftAndMain->RootForm(), concept no longer applies in 3.0 UI. Use EmptyForm() or EditForm() 2012-03-08 18:22:30 +01:00
Ingo Schommer
9bbac335c4 MINOR Merging SecurityAdmin->getEditForm() with RootForm(), in order to have the form fields consistently available (there's no longer a distinction between edit/root) 2012-03-06 01:23:34 +01:00
Ingo Schommer
6f71186e2c ENHANCEMENT Replaced SecurityAdmin tree view for groups with three top-level tabs: "Users", "Groups" and "Roles" 2012-03-05 18:31:52 +01:00
Ingo Schommer
0117b32fee API CHANGE Removed MemberTableField, use GridField with GridFieldConfig_RelationEditor instead 2012-03-05 17:41:51 +01:00
Ingo Schommer
f9f659672a MINOR Re-instating Member_Validator in SecurityAdmin->RootForm() and Groups->getCMSFields() with new GridField implementation 2012-03-05 17:41:50 +01:00
Ingo Schommer
2abb021efb BUGFIX Restored old permission code model, broken due to new controller structure. Introduced LeftAndMain::$required_permission_codes as a way to control permissions independently of subclasses, and "cluster" multiple classes under a single code. 2012-03-05 17:41:49 +01:00
Ingo Schommer
e9a2de35c2 ENHANCEMENT Using GridField to edit roles in SecurityAdmin 2012-03-05 17:41:49 +01:00
Ingo Schommer
ad5cf1ebf1 ENHANCEMENT Using ListboxField/chosen.js to assign roles in Group->getCMSFields(). Improved explanation of groups in the user interface. 2012-03-05 17:41:47 +01:00
Normann Lou
45927b98c4 ENHANCEMENT SSF-53: add customised class to Member's GridField in SecurityAdmin 2012-03-02 16:28:47 +13:00
Ingo Schommer
3ded12e599 MINOR Removed obsolete "add member" button in SecurityAdmin, now handled through GridField (SSF-53) 2012-03-01 21:36:01 +01:00
Ingo Schommer
4bd5333b56 MINOR Editing and relation adding on SecurityAdmin groups (both root and group instances) (SSF-53) 2012-03-01 21:35:48 +01:00
Ingo Schommer
bcc73de85e Merge branch '106-add-edit-records-rc'
Conflicts:
	admin/code/LeftAndMain.php
	admin/css/screen.css
	admin/scss/_style.scss
	admin/templates/Includes/LeftAndMain_EditForm.ss
	css/GridField.css
	filesystem/Folder.php
	forms/gridfield/GridField.php
	forms/gridfield/GridFieldDefaultColumns.php
	forms/gridfield/GridFieldPopupForms.php
2012-02-27 23:58:10 +01:00
Ingo Schommer
ba0d1c60cb MINOR Don't require controller on instanciation of GridFieldPopupForms, as it can't be reliably determined e.g. during a getCMSFields() call. Should use existing FormField/Form API to retrieve controller when its required.
MINOR Renamed GridFieldPopupForms->popupFormName to $name to make it clearer that its the component name (which is optional now).
2012-02-27 23:52:48 +01:00
Ingo Schommer
5911abc0f6 API CHANGE Removed prototype.js style $() alias usage for document.getElementById() to avoid confusion with the more common jQuery() alias.
API CHANGE Removed several unsed JavaScript globals: sprintf(), Number.prototype.CURRENCIES, Number.prototype.toCurrency(), String.prototype.ucfirst(), jQuery.fn.clearFields(), jQuery.fn.clearInputs()
MINOR Removed prototype_improvements.js and jquery_improvements.js files, now contained in individual component code (or removed altogether)
2012-02-16 12:27:47 +01:00
Fred Condo
d370423825 Clean up trailing ?> per coding standard
All sapphire but the lang directory
2012-02-12 12:40:16 -08:00
Sam Minnee
2d898cab63 API CHANGE: Added GridFieldExporter, a GridField component that adds export functionality, and added it to the security admin. 2012-01-30 19:49:10 +13:00
Sam Minnee
24850954c1 BUGFIX: Fixed bug in sprintf syntax with GroupImportForm iframe 2012-01-30 19:25:27 +13:00
Stig Lindqvist
dc85fa09b9 MINOR SecurityAdmin::getEditForm should have same signature as LeftAndMain::getEditForm 2012-01-24 02:46:12 +01:00
Stig Lindqvist
ed889529b4 API CHANGE Added two predefined GridFieldConfigs and removal of unsused accessors
- GridFieldConfig_ManyManyEditor for default relationship list managment
- GridFieldConfig_Base for basic list managment
2012-01-24 02:46:12 +01:00
Stig Lindqvist
c396c2d2ae API CHANGE Security admin supports adding, removing and searching for members by relations via gridfield
This contains some experimental API's when using GridFieldPopupForms on GridFieldPopupForms.

- GridFieldRelationAdd
- GridFieldRelationDelete
2012-01-24 02:46:07 +01:00
Ingo Schommer
ef514b924e MINOR Fixed SecurityAdmin styling 2012-01-09 10:09:40 +01:00
Ingo Schommer
0bfc0bc645 MINOR Cleaning $Content property explicitly for SecurityAdmin->groupimport() iframe 2011-12-18 18:18:44 +01:00
Will Rossiter
01bfdbeb90 MINOR tweaks to SecurityAdmin layout 2011-10-29 15:47:08 +13:00
Hamish Friedlander
0a3e0f15de MINOR: Replace references to FieldSet (now deprecated) with references to FieldList 2011-10-28 15:58:55 +13:00