Commit Graph

36 Commits

Author SHA1 Message Date
Ingo Schommer
e4c586f78e BUGFIX Checking for existence of FormAction in Form->httpSubmission() to avoid bypassing $allowed_actions definitions in controllers containing this form
BUGFIX Checking for $allowed_actions in Form class, through Form->httpSubmission()

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@115182 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-20 00:00:38 +00:00
Ingo Schommer
f056abc818 ENHANCEMENT Added NullHTTPRequest as a placeholder for new RequestHandler/Controller instances that haven't handled a URL yet. This means RequestHandler->request can be safely called from singleton controllers
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@115116 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-16 04:06:13 +00:00
Ingo Schommer
9681134e8e ENHANCEMENT Added RequestHandler->setRequest() for easier testing of controllers (usually handled through handleRequest()). Moved $request definition from Controller into parent class (RequestHandler)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@115108 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-16 02:36:31 +00:00
Sean Harvey
bc62ca473a MINOR Removed redundant code from RequestHandler::handleRequest() referencing since removed Image_Uploader
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@115057 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-15 04:44:57 +00:00
Ingo Schommer
640b504ebe BUGFIX Don't allow HTML formatting in RequestHandler->httpError() by sending "Content-Type: text/plain" response headers.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114444 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-02 08:03:17 +00:00
Ingo Schommer
716b5cd6c5 BUGFIX: reverted revision 105890 to fix build (from r105903)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112509 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 02:53:31 +00:00
Ingo Schommer
3b4d0a7422 ENHANCEMENT: Added method for $this->request->latestParam() backwards compatibility with Director::urlParam() (from r105890)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112508 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 02:53:11 +00:00
Sam Minnee
eef3ff8021 BUGFIX: disallow numeric actions - numeric array indexes are incorrectly picked up as allowed actions (#5331) (from r103092)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112118 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 03:30:54 +00:00
Sam Minnee
64a561f96c BUGFIX Fixing RquestHandler->checkAccessAction() on PHP 5.2 - ReflectionMethod->class returns inconsisent results in older PHP versions. (see r102003) (from r102730)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112069 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 01:46:02 +00:00
Sam Minnee
e8e7065ff4 MINOR Fixed indentation (from r102009)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112055 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 01:26:16 +00:00
Sam Minnee
1d61bf7100 BUGFIX Prevent handling of controller actions which return $this avoid infinite loops in RequestHandler->handleRequest (thanks Hamish!) (from r102004)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112054 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 01:24:53 +00:00
Sam Minnee
740e49061f API CHANGE Disallow methods/actions in RequestHandler->checkAccessAction() which are implemented on parent classes (e.g. ViewableData and Object), unless access is controlled through $allowed_actions. This limits information exposure from getters used in template contexts. (from r102003)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112053 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 01:24:15 +00:00
Sam Minnee
ddce6c2210 BUGFIX RequestHandler::handleRequest is now compatible with Controller::handleRequest in that SS_HTTPRequest is the type hint for the $request parameter (from r100919)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@111540 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-04 04:20:49 +00:00
Andrew Short
79773042be API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog.
MINOR: Replaced usage of renamed classes with the new namespaced name.

From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 03:06:31 +00:00
Ingo Schommer
b930149c3a BUGFIX Fixed RequestHandler->allowedActions() lowercasing of actions - was applying the logic, but not writing it back to the $actions array.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89163 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-15 21:50:02 +00:00
Sam Minnee
68279be998 BUGFIX: Fix regression in r88521 that prevented the index action from being explictly disabled by setting the * key in allowed_actions
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88523 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-11 09:15:51 +00:00
Sam Minnee
1fce2e614b BUGFIX: Ensure that the index action works even if allowed_actions is set.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88521 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-11 05:16:18 +00:00
Andrew Short
72592d8c14 FEATURE: Added RequestHandler->allowedActions() to return a unified representation (including extensions) of all allowed actions on a controller.
BUGFIX: Updated Controller->hasAction() to use RequestHandler->allowedActions() so that extension actions are recognised.

From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88508 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-11 00:07:26 +00:00
Andrew Short
da4b65c749 FEATURE: Added RequestHandler->hasAction() and Controller->hasAction() to check if a specific action is defined on a controller.
ENHANCEMENT: Updated ContentController->handleRequest() to use Controller->hasAction() to check whether to fall over to a child page, rather than relying on an error response from Controller->handleRequest().

From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88505 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-11 00:07:23 +00:00
Ingo Schommer
3f751a2cb8 BUGFIX Don't lowercase permission codes contained in $allowed_actions in RequestHandler->checkAccessAction(). Permission checks are case sensitive.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86085 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 07:02:54 +00:00
Ingo Schommer
fc03a8608a API CHANGE Don't exempt 'index' controller actions from $allowed_actions check - they might still contain sensitive information (for example ImageEditor). This action has to explicitly allowed on controllers with $allowed_actions defined now.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86002 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 01:37:44 +00:00
Ingo Schommer
e9d25ca2ce MINOR Moved documentation about Controller and RequestHandler to the right places
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@85775 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-07 00:14:11 +00:00
Sam Minnee
2b7572e21a BUGFIX: Removed some code that needed Extension to extend from Object.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84162 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-08-11 08:50:32 +00:00
Sean Harvey
82a68dd3bd MINOR Merged from branches/2.3
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@81997 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-07-16 03:44:15 +00:00
Sam Minnee
e2dcc48d48 ENHANCEMENT ajshort: Allow a HTTPResponse to be encapsulated in a HTTPResponse_Exception, which can be later caught by the request handler.
MINOR ajshort: Updated RequestHandler->httpError() to interrupt the execution flow by throwing an exception.

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@80226 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-06-27 08:48:44 +00:00
Sean Harvey
1168bf07c6 MINOR Removed comment that no longer applies in RequestHandler
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@79423 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-06-17 06:20:58 +00:00
Sean Harvey
a39822712b Merged from branches/2.3
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75659 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 07:28:53 +00:00
Sean Harvey
a5e82ddff1 Merged from branches/2.3
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75590 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 01:20:24 +00:00
Normann Lou
eb0b76840c BUGFIX: RequestHandler::checkAccessAction() breaks when $this->class is null, this happens when you delete a DataObject from ResultForm (list view) in DataAdmin. We use safer call get_class($this) instead.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@74633 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-16 22:41:14 +00:00
Ingo Schommer
e0ec30dcc8 ENHANCEMENT Allowing usage of global settings via asterisk (*) in RequestHandler->$allowed_actions
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@74009 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-02 16:34:27 +00:00
Ingo Schommer
b12a00c391 MINOR phpdoc documentation
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73509 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-22 22:59:14 +00:00
Sam Minnee
a28ea0a69e ENHANCEMENT: Added Object::combined_static(), which gets all values of a static property from each class in the hierarchy
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73473 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-21 05:10:05 +00:00
Sam Minnee
020a92eda8 BUGFIX #2992: Fixed T_PAAMAYIM_NEKUDOTAYIM error in RequestHandler
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65250 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-05 01:59:27 +00:00
Sam Minnee
ba4a1acc68 BUGFIX: Don't allow calling of magically added methods via URL unless explicitly listed in allowed_actions
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64981 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-31 02:16:25 +00:00
Sam Minnee
132957b5c2 API CHANGE #2922: RequestHandler:: now inherit
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64958 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-30 22:28:01 +00:00
Sam Minnee
cd699e3d89 API CHANGE #2857 - Renamed RequestHandlingData to RequestHandler
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64953 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-30 22:03:21 +00:00