tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
4,726 Commits 31 Branches 527 Tags 162 MiB
50995fbecb
Commit Graph

14 Commits

Author SHA1 Message Date
Ingo Schommer
50995fbecb BUG Undefined $allowed_actions overrides parent definitions, stricter handling of $allowed_actions on Extension 
Controller (and subclasses) failed to enforce $allowed_action restrictions
on parent classes if a child class didn't have it explicitly defined.

Controllers which are extended with $allowed_actions (through an Extension)
now deny access to methods defined on the controller, unless this class also has them in its own
$allowed_actions definition.
 2013-02-17 23:16:22 +01:00
Ingo Schommer
2962fb8d13 BUGFIX Checking for existence of FormAction in Form->httpSubmission() to avoid bypassing $allowed_actions definitions in controllers containing this form 
BUGFIX Checking for $allowed_actions in Form class, through Form->httpSubmission() (from r115182)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@115188 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:20:06 +13:00
Carlos Barberis
3bbcb31364 ENHANCEMENT: Added method for $this->request->latestParam() backwards compatibility with Director::urlParam() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@105890 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:19:29 +13:00
Ingo Schommer
4c74f45361 API CHANGE Disallow methods/actions in RequestHandler->checkAccessAction() which are implemented on parent classes (e.g. ViewableData and Object), unless access is controlled through $allowed_actions. This limits information exposure from getters used in template contexts. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@102003 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:19:10 +13:00
Andrew Short
79773042be API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog. 
MINOR: Replaced usage of renamed classes with the new namespaced name.

From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-26 03:06:31 +00:00
Andrew Short
53450e1221 MINOR: Updated Controller to return a 404 on actions that don't exist, rather than a 403. 
From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88506 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-11 00:07:24 +00:00
Sam Minnee
e2dcc48d48 ENHANCEMENT ajshort: Allow a HTTPResponse to be encapsulated in a HTTPResponse_Exception, which can be later caught by the request handler. 
MINOR ajshort: Updated RequestHandler->httpError() to interrupt the execution flow by throwing an exception.

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@80226 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-06-27 08:48:44 +00:00
Sam Minnee
50ea85d47a MINOR: Tests for r64981 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64982 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-10-31 02:16:51 +00:00
Sam Minnee
132957b5c2 API CHANGE #2922: RequestHandler:: now inherit 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64958 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-10-30 22:28:01 +00:00
Sam Minnee
cd699e3d89 API CHANGE #2857 - Renamed RequestHandlingData to RequestHandler 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64953 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-10-30 22:03:21 +00:00
Ingo Schommer
eff1f50041 ENHANCEMENT Added RequestHandlingTest->testNestedBase() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@63650 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-10-05 19:21:35 +00:00
Ingo Schommer
65e9165905 BUGFIX Allowing HTTPRequest::match() to match rules with extensions (e.g. /sitemap.xml used for GoogleSitemap) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@62471 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-09-16 20:37:46 +00:00
Sam Minnee
f7806129f5 Made allowed_actions case insensitive 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@62213 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-09-11 00:15:31 +00:00
Ingo Schommer
03fcc80e19 (merged from branches/roa. use "svn log -c <changeset> -g <module-svn-path>" for detailed commit message) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60205 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-08-09 03:19:54 +00:00