tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
18,412 Commits 31 Branches 527 Tags 162 MiB
5c90d53a84
Commit Graph

2219 Commits

Author SHA1 Message Date
Damian Mooyman
e2c4a18f63
More documentation 
Fix up remaining tests
Refactor temp DB into TempDatabase class so it’s available outside of unit tests.
 2017-06-21 16:29:03 +12:00
Damian Mooyman
d88d4ed4e4 API Refactor AppKernel into CoreKernel 2017-06-20 17:05:46 +12:00
Damian Mooyman
f7946aec33 Docs and minor cleanup 2017-06-20 17:05:46 +12:00
Damian Mooyman
12bd31f936 API Remove OutputMiddleware 
API Move environment / global / ini management into Environment class
API Move getTempFolder into TempFolder class
API Implement HTTPRequestBuilder / CLIRequestBuilder
BUG Restore SS_ALLOWED_HOSTS check in original location
API CoreKernel now requires $basePath to be passed in
API Refactor installer.php to use application to bootstrap
API move memstring conversion globals to Convert
BUG Fix error in CoreKernel nesting not un-nesting itself properly.
 2017-06-20 17:05:46 +12:00
Damian Mooyman
c66d433977 API Refactor SapphireTest state management into SapphireTestState 
API Remove Injector::unregisterAllObjects()
API Remove FakeController
 2017-06-20 16:53:39 +12:00
Damian Mooyman
de079c041d API Implement APP object 
API Refactor of Session
 2017-06-20 16:43:49 +12:00
Chris Joe
102eaed36c Merge pull request #6722 from open-sausages/pulls/4.0/requirements-html-cleanup 
Better HTML generation behaviour for Requirements_Backend
 2017-06-16 13:52:06 +12:00
Damian Mooyman
dd4eb6ce44 Merge pull request #6960 from open-sausages/pulls/4.0/security-process-docs 
Internal security process docs
 2017-06-16 13:50:58 +12:00
Damian Mooyman
64e802f795
API Move createTag to HTML class 
ENHANCEMENT Better HTML generation behaviour for Requirements_Backend
 2017-06-16 12:22:05 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services 
API Improve validation of authentication process
 2017-06-15 15:53:57 +12:00
Simon Erkelens
2b26cafcff Separate out the log-out handling. 
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
 2017-06-07 21:11:58 +12:00
Antony Thorpe
6348f2e3e8 Updated Form.php & 04_Form_Security.md 
Changed the `strictFormMethodCheck` protected property from false to true to step out on the front foot with this security setting.  In the documentation under the title [Cross-Site Request Forgery](https://github.com/silverstripe/silverstripe-framework/blob/master/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md#cross-site-request-forgery-csrf) it states, "it is also recommended to limit form submissions to the intended HTTP verb (mostly GET or POST) through [api:Form::setStrictFormMethodCheck()]."  The same advice is noted in [Form Security](c2292a4cc1/docs/en/02_Developer_Guides/03_Forms/04_Form_Security.md (strict-form-submission)).

Why not make this the default behaviour?  Is there a scenario where this would cause a problem?  Have manually tested in the CMS (alpha7) and is working fine.

Note: Original commit that establised the API Form::setStrictFormMethodCheck is 14c59be8.
 2017-06-06 21:10:49 +12:00
Ingo Schommer
b137e91998 Internal security process docs 2017-06-02 11:30:12 +12:00
Ed Linklater
f007fca51f Docs: Correct Stevie's name on committers page 2017-05-31 12:27:06 +12:00
Damian Mooyman
e7d87add9f API Remove legacy HTMLEditor classes 2017-05-30 11:01:28 +12:00
Nick
318b0248b7 Update 05_Dataobject_Relationship_Management.md 
Correct a naffed up code block and a typo
 2017-05-29 20:54:50 +12:00
Aaron Carlino
06615e3d76 Resample doc images for react di 2017-05-26 11:08:07 +12:00
Chris Joe
5ec8d40c19 Merge pull request #6957 from open-sausages/pulls/4/react-di-documentation 
Docs for React DI
 2017-05-26 10:59:42 +12:00
Daniel Hensby
893f19a5ea
DOCS Updating index definition examples 2017-05-25 23:29:12 +01:00
Aaron Carlino
bfc373cf0f update docs with new api 2017-05-25 16:34:32 +12:00
Aaron Carlino
75981989b0 Docs for React DI 2017-05-25 14:58:55 +12:00
Christopher Joe
e327bf3c70 Enhancement add contribution notes about releasing to NPM 2017-05-24 17:07:05 +12:00
Damian Mooyman
fba8e2c245 API Remove Object class 
API DataObjectSchema::manyManyComponent() return array is now associative array
 2017-05-23 13:50:35 +12:00
Damian Mooyman
2aa3b5d5fa Merge pull request #6934 from robbieaverill/pulls/4.0/consistent-instance-method 
API Consistent use of inst() naming across framework
 2017-05-22 11:57:20 +12:00
Damian Mooyman
4197090e11 Merge pull request #6940 from kinglozzer/randomgenerator 
Only use random_bytes() for RandomGenerator (closes #6397)
 2017-05-22 10:29:55 +12:00
Loz Calver
e653e90997 Only use random_bytes() for RandomGenerator (closes #6397) 2017-05-19 11:18:56 +01:00
Robbie Averill
f2cbe86f03 Remove CustomMethods::createMethod and create_function implementations, replace with closures 2017-05-19 15:56:44 +12:00
Robbie Averill
ad43a82923 API Consistent use of inst() naming across framework 2017-05-19 14:38:06 +12:00
Ingo Schommer
100048da33 API PSR-11 compliance (fixes #6594) (#6931) 
Note that our usage of `$asSingleton` in `get()` is fine. Quote from the PSR:

> Two successive calls to get with the same identifier SHOULD return the same value. However, depending on the implementor design and/or user configuration, different values might be returned, so user SHOULD NOT rely on getting the same value on 2 successive calls.
 2017-05-19 13:45:07 +12:00
Loz Calver
471166c15e Merge pull request #6169 from open-sausages/pulls/4.0/duplicate-manymany-option 
API Duplication of many_many relationships now defaults to many_many only
 2017-05-17 09:31:09 +01:00
Damian Mooyman
f5f6fdce12
API Duplication of many_many relationships now defaults to many_many only 
Fixes https://github.com/silverstripe/silverstripe-cms/issues/1453
 2017-05-16 23:26:39 +12:00
Colm McBarron
8666d4abb2 Update YAML format to use namespace 2017-05-16 11:49:39 +01:00
Damian Mooyman
259f957ce8 API Rename services to match FQN of interface / classes 2017-05-16 14:15:49 +12:00
Damian Mooyman
0b70b008b3 API Implement InheritedPermission calculator (#6877) 
* API Implement InheritedPermission calculator

* API Rename RootPermissions to DefaultPermissionChecker
API Refactor inherited permission fields into InheritedPermissionExtension
API Introduce PermissionChecker interface
 2017-05-11 21:07:27 +12:00
Aaron Carlino
7fa47e234f New API for minified files using injectable service 2017-05-11 10:14:16 +12:00
Ingo Schommer
da3236b0e7 Merge pull request #6887 from open-sausages/pulls/4.0/docs-calendar-year-format 
Doc dateformats with calendar year
 2017-05-09 23:07:25 +12:00
Sam Minnée
33119a1f36 Merge branch 'master' into pulls/4.0/remove-deprecated-methods 2017-05-09 15:31:53 +12:00
Ingo Schommer
7c2f49d443 API Removed RootURLController:set_default_homepage_link() 2017-05-09 11:38:35 +12:00
Ingo Schommer
cec983b628 API Removed deprecated ModelAsController::find_old_page() 2017-05-09 11:38:35 +12:00
Ingo Schommer
5784a7d2d7 API Removed deprecated Security::set_login_recording() 2017-05-09 11:38:35 +12:00
Ingo Schommer
2a7c76e9e9 API Removed deprecated DatabaseAdmin#clearAllData() 2017-05-09 11:38:35 +12:00
Ingo Schommer
81e5c7ac40 API Removed deprecated Session::set_config() 2017-05-09 11:38:35 +12:00
Ingo Schommer
1d438d3fb5 API Remove deprecated FormAction::createTag() 2017-05-09 11:38:35 +12:00
Ingo Schommer
0d9b383631 API Removed legacy form fields (fixes #6099) 2017-05-09 11:16:41 +12:00
Ingo Schommer
20e57e9dec Doc dateformats with calendar year 
https://github.com/silverstripe/silverstripe-framework/issues/3749
http://stackoverflow.com/questions/1978051/zend-datetostring-outputs-the-wrong-year-bug-in-my-code-or-zend-date
https://en.wikipedia.org/wiki/ISO_week_date#Disadvantages
 2017-05-08 22:08:14 +12:00
Damian Mooyman
942c0257b7 API Upgrade to behat 3 2017-05-05 14:32:07 +12:00
Damian Mooyman
edcb46bd3a Merge pull request #6836 from sminnee/cli-error-fix 
FIX: Show detailed errors on CLI for live environments
 2017-05-03 15:49:09 +12:00
Aaron Carlino
dd7777321f Added 4.0.0-alpha7 changelog 2017-05-02 13:16:17 +12:00
Sam Minnee
4c772c80c3 FIX: Show detailed errors on CLI for live environments 
API: Add HTTPOutputHandler::setCLIFormatter

Fixes https://github.com/silverstripe/silverstripe-framework/issues/6835

This provides detailed errors (but not warnings or notices) in CLI calls
on live environments.

It does this by adding a 2nd argument to our output handler,
CliFormatter. This formatter will be used when Director::is_cli() is
true.
 2017-05-01 15:28:48 +12:00
Damian Mooyman
61388b153f API Rewrite Date and Time fields to support HTML5 2017-04-28 10:06:37 +12:00