Commit Graph

4028 Commits

Author SHA1 Message Date
Robbie Averill
39b62e5fbb
Merge pull request #61 from silverstripe-security/pulls/4.0/ss-2018-008
[ss-2018-008] Validate against malformed urls
2018-05-14 17:07:09 +12:00
Damian Mooyman
9053014a7e [ss-2018-008] Validate against malformed urls 2018-05-14 17:06:47 +12:00
Robbie Averill
6f50728b18
Merge pull request #59 from silverstripe-security/pulls/4.0/ss-2018-006
[ss-2018-006] Prevent code execution in template value resolution
2018-05-14 17:06:04 +12:00
Damian Mooyman
2e13ae746f [ss-2018-006] Prevent code execution in template value resolution 2018-05-14 17:05:31 +12:00
Damian Mooyman
d935140a95 [ss-2018-005] Prevent unauthenticated isDev / isTest being allowed 2018-05-14 17:03:39 +12:00
Damian Mooyman
5771388821 [ss-2018-001] Restrict non-admins from being assigned to admin groups 2018-05-09 15:12:40 +12:00
Daniel Hensby
80bf0fc487
FIX bad syntax 2018-05-02 11:43:12 +01:00
Daniel Hensby
d5e2d3fa67
Merge branch '3.6' into 4.0 2018-05-01 21:47:17 +01:00
Robbie Averill
30e2d9c4df [SS-2018-009] Allow forced redirects to HTTPS for responses with basic authentication 2018-04-24 14:44:29 +12:00
Mojmir Fendek
07372d388e LookupField value handling corrected (atomic values are no longer thrown away). 2018-04-23 15:15:40 +12:00
UndefinedOffset
fe4b90edc0 FIX: Duplicating many_many relationships looses the extra fields in 4.0 2018-04-18 11:49:20 -03:00
Daniel Hensby
8359f3dc97
Merge branch '3.5' into 3.6 2018-04-18 13:14:07 +01:00
UndefinedOffset
af3a9f3ec8
FIX: Duplicating many_many relationships looses the extra fields (fixes #7973) 2018-04-18 12:16:02 +01:00
Damian Mooyman
9a12fac218
BUG Prevent password validator min score producing false negatives
Replaces #7995
2018-04-18 10:35:31 +12:00
Damian Mooyman
87c7a53511
Merge remote-tracking branch 'origin/4.1' into 4
# Conflicts:
#	.travis.yml
2018-04-13 09:56:58 +12:00
Damian Mooyman
5a8c5601a9
Merge remote-tracking branch 'origin/4.0' into 4.1
# Conflicts:
#	.travis.yml
#	composer.json
2018-04-13 09:55:23 +12:00
Damian Mooyman
c54b07a952
API Update to use new chromedriver + behat-extension + facebook/webdriver 2018-04-12 14:19:14 +12:00
Robbie Averill
af2c3886b9 Merge branch '4.1' into 4 2018-04-10 16:27:00 +12:00
Will Rossiter
09cc75a656 MINOR Add visiblity to SelectionGroup test functions 2018-04-05 10:33:27 +12:00
Will Rossiter
2512761587 Fix invalid markup in SelectionGroup selected values 2018-04-05 10:16:25 +12:00
Ingo Schommer
983a724ea5
Merge pull request #7399 from dhensby/pulls/4/reduce-dependence-on-session-for-reading-mode
Reduce dependence on session state for accessing draft stages
2018-03-23 16:19:26 +13:00
Damian Mooyman
df9e0e40d3 Deprecate useDraftStage 2018-03-22 17:23:50 +13:00
Damian Mooyman
257ff69e32 API Implement many_many through polymorphic (from only) (#7928)
* API Support many_many through polymorphic relations (from side only)
Fixes #7911
Fixes #3136

* Add extra docs and allow optional arguments

* ENHANCEMENT Enable quiet to be turned off

* BUG Fix issue with manymanythroughlist duplication
2018-03-22 10:26:25 +13:00
Damian Mooyman
8b9c292509
Merge remote-tracking branch 'origin/4.1' into 4 2018-03-13 14:26:39 +13:00
Damian Mooyman
625f7b4eee
Merge remote-tracking branch 'origin/4.0' into 4.1 2018-03-13 14:26:18 +13:00
Damian Mooyman
3a1c813b28
API Add getContentCSS() / setContentCSS() to allow per-config customisation of content_css
Fixes #7873
2018-03-05 16:10:44 +13:00
Roman Schmid
40c2e299a0 Fix "mb_stripos(): Empty delimiter" warning when no search-keywords are given for DBText::ContextSummary.
Add unit-test to cover that case.
2018-03-01 11:39:30 +01:00
Daniel Hensby
9006daf20b
Cleaning up PR and adding tests 2018-02-28 13:31:56 +00:00
Aaron Carlino
0863bac29a Update getVariables to return a copy of globals rather than including the reference in an array merge 2018-02-27 09:52:36 +13:00
Daniel Hensby
722f2d178a
Merge branch '4.1' into 4 2018-02-26 10:57:52 +00:00
Daniel Hensby
856e89998b
Merge branch '4.0' into 4.1 2018-02-26 10:56:45 +00:00
Damian Mooyman
b27102f810
BUG Fix incorrect assets created when ASSETS_PATH !== BASE_PATH . '/assets' 2018-02-26 13:12:08 +13:00
Aaron Carlino
d91648dd6e Update getVariables to return a copy of globals rather than including the reference in an array merge 2018-02-23 16:25:41 +13:00
Daniel Hensby
ced2ba1f64 API Move CSV writing/reading to league/csv library 2018-02-22 09:22:37 +13:00
Daniel Hensby
dace2f179d
Merge branch '4.1' into 4 2018-02-21 13:58:45 +00:00
Daniel Hensby
c04ff8c55a
Merge branch '4.0' into 4.1 2018-02-21 13:40:30 +00:00
Damian Mooyman
0e26c06644
BUG Fix behaviour towards versioned but unstagable records 2018-02-20 12:20:18 +13:00
Damian Mooyman
12e701c8ed
Merge remote-tracking branch 'origin/4.1' into 4 2018-02-15 09:28:14 +13:00
Damian Mooyman
34233c0470
Update reference to TestAssetStore 2018-02-14 16:24:12 +13:00
Daniel Hensby
9c50b03b86
Merge branch '3.5' into 3.6 2018-02-13 14:30:29 +00:00
Jonathon Menz
c767e472dc FIX DataObject singleton creation
Ensure DataObject instances are aware they are singletons so functions like populateDefaults() can be skipped. (fixes #4878)
2018-02-12 20:30:35 -08:00
Damian Mooyman
0b7cf80331
BUG Fix incorrect convert slashes argument 2018-02-13 16:33:35 +13:00
Daniel Hensby
16d3498a56
Merge branch '4.1' into 4 2018-02-12 10:26:07 +00:00
Daniel Hensby
7ec5fa2c8d
Merge branch '4.0' into 4.1 2018-02-09 15:19:15 +00:00
Daniel Hensby
e298fcc345
Merge branch '3.6' into 4.0 2018-02-09 14:32:58 +00:00
Daniel Hensby
48a8a82326
Merge branch '3.5' into 3.6 2018-02-09 13:20:38 +00:00
Chris Joe
95308e1af6
Merge pull request #7849 from open-sausages/pulls/4.0/fix-debug-string-class-cli
BUG Fix issue with CLIDebugView failing on class name of existing class
2018-02-09 15:41:18 +13:00
Daniel Hensby
d3278d5470 FIX Add Nested DB transaction support (#7848)
* TEST Prove nested transactions break

* Add nested transaction support
2018-02-09 10:28:32 +13:00
Damian Mooyman
0a486b8f57
BUG Fix issue with CLIDebugView failing on class name of existing class
Fixes #7827
2018-02-09 09:52:32 +13:00
JorisDebonnet
5df1ec7eee
Use fputcsv in GridFieldExportButton 2018-02-08 12:26:29 +00:00
Robbie Averill
dd82820242 NEW Allow GridFieldConfig::addComponents to accept an array (#7844) 2018-02-08 11:06:27 +13:00
Andrew Aitken-Fincham
860fa2a05a API Add excludeAny() and tests for complicated excludes/filters (#7838) 2018-02-08 09:20:17 +13:00
Damian Mooyman
2f1f5c0caa
Merge remote-tracking branch 'origin/4.0' into 4 2018-02-07 11:48:46 +13:00
Daniel Hensby
660dfd34a8
FIX Issue where default admin has no password encryption 2018-02-06 20:18:32 +00:00
Daniel Hensby
62057befdb
Merge branch '4.0' into 4 2018-02-06 10:08:17 +00:00
Daniel Hensby
28ca11dd7e
FIX Regex range identifier correctly escaped 2018-02-05 15:17:20 +00:00
Damian Mooyman
e359948eb3
Merge remote-tracking branch 'origin/4.0' into 4
# Conflicts:
#	src/Core/CoreKernel.php
2018-02-05 17:52:38 +13:00
Damian Mooyman
db9aa2c5c7
BUG Fix regression in has_one getters breaking DataDifferencer 2018-02-05 16:16:07 +13:00
Damian Mooyman
aa2c71424d
API Implement cascade_duplications
API Add DataObject::setComponent()
API Support unary components as getter and setter fields
API ManyManyList::add() now supports unsaved records
ENHANCEMENT Animal farm
2018-02-05 12:04:57 +13:00
Damian Mooyman
288aaf083c
BUG Fix issue with DebugView failing on class name of existing class
Fixes #7827
2018-02-05 10:45:49 +13:00
Damian Mooyman
740c3326e9
BUG Fix critical issue with incorrectly saved session data 2018-02-02 15:08:52 +13:00
Damian Mooyman
4da99efd5d
Merge remote-tracking branch 'origin/3.5' into 3.6 2018-01-31 16:03:42 +13:00
Christopher Joe
456871fd91 Enhancement Updated PasswordValidator to fallback to config options - still retains instance variables 2018-01-31 10:54:43 +13:00
Robbie Averill
3d7ecc5240 FIX Allow cleanup marker regex to handle self closing HTML5 tags 2018-01-30 11:16:21 +13:00
Damian Mooyman
76d2db12b0
Merge pull request #7794 from kinglozzer/id-like-to-place-an-ordinal
NEW: Add support for ordinals in DBDate::Format()
2018-01-26 09:27:46 +13:00
Loz Calver
fcf5022550 NEW: Add support for ordinals in DBDate::Format() 2018-01-25 09:41:06 +00:00
Damian Mooyman
bca47029c4
Merge remote-tracking branch 'origin/4.0' into 4
# Conflicts:
#	src/Control/SimpleResourceURLGenerator.php
#	tests/php/Control/SimpleResourceURLGeneratorTest.php
2018-01-25 12:53:15 +13:00
Damian Mooyman
72e2326731
Merge pull request #7798 from kinglozzer/member-groupset-delete
FIX: Fix Member_GroupSet::removeAll() (fixes #3948)
2018-01-25 09:20:30 +13:00
Loz Calver
c2cd6b3832 FIX: Fix Member_GroupSet::removeAll() (fixes #3948) 2018-01-24 17:17:20 +00:00
Roman Schmid
6fafce766e Fixed Rfc3339 implementation of Date and Datetime 2018-01-24 16:58:12 +01:00
Dylan Wagstaff
943821f984
Add a test for external resource support
`SimpleResourceURLGenerator` has been altered to allow absolute URLs to be loaded directly, as so is now also tested to ensure the added functionality is true to design.
2018-01-23 17:43:01 +13:00
Damian Mooyman
04050b2753 API Director::host() now formally includes port in host
API Add Director::hostName() and Director::port()
Fixes #7685
2018-01-23 12:19:09 +13:00
Damian Mooyman
c32b3dd5ba
BUG Prevent versioned from breaking gridfield tests 2018-01-23 09:29:42 +13:00
Damian Mooyman
a3c52f901a
Merge remote-tracking branch 'origin/4.0' into 4
# Conflicts:
#	src/Core/TempFolder.php
#	src/ORM/DataObject.php
#	src/View/ThemeResourceLoader.php
#	src/includes/constants.php
#	tests/php/Control/SimpleResourceURLGeneratorTest.php
#	tests/php/Forms/HTMLEditor/HTMLEditorFieldTest.php
#	tests/php/View/RequirementsTest.php
2018-01-22 14:57:05 +13:00
Daniel Hensby
db610aaf3b
Fixing string concat CS issues 2018-01-16 18:39:30 +00:00
Daniel Hensby
c959160375
FIX Misnamed test namespaces 2018-01-16 17:41:18 +00:00
Werner M. Krauß
422857f381
SapphireTestTest: use named data providers and more error messages
* use keys for naming each data set
* adding error messages
* clean up a bit
2018-01-16 15:25:40 +00:00
Daniel Hensby
ebeaf3e40d
Merge branch '3' into 4 2018-01-16 11:47:39 +00:00
Loz Calver
daac577e62
Merge pull request #7763 from creative-commoners/pulls/4.0/fix-remove-header
FIX HTTPResponse::removeHeader incorrectly converts header name to lowercase
2018-01-16 11:04:03 +00:00
Robbie Averill
cc90cb0125 FIX HTTPResponse::removeHeader incorrectly converts header name to lowercase 2018-01-16 23:20:52 +13:00
Daniel Hensby
e4b936c7c7
Merge branch '4.0' into 4 2018-01-12 14:40:33 +00:00
Damian Mooyman
8d077203d4 API Implement support for public/ webroot folder (#7741)
* API Implement support for public/ webroot folder

* Bugfixes and refactor based on feedback
2018-01-12 16:25:02 +13:00
Daniel Hensby
de6afd4405
TEST Cant reliably use Injector to replace Extensions 2018-01-11 14:08:29 +00:00
Damian Mooyman
f885101a1b
BUG Fix basic auth in PHP-CGI
Fixes #7717
2017-12-21 14:58:19 +13:00
Damian Mooyman
c4ff8443bb
API Shift basic auth checking into middleware
Fixes #7554
2017-12-20 11:39:04 +13:00
Damian Mooyman
3bd4aae521
Merge remote-tracking branch 'origin/4.0' into 4 2017-12-19 10:02:41 +13:00
Chris Joe
4ad9ceca6b
Merge pull request #7702 from open-sausages/pulls/4/fix-message-casting-permissions
BUG Fix message casting for html security messages
2017-12-18 15:43:35 +13:00
Damian Mooyman
623daed5ab
Merge pull request #6472 from silbinarywolf/feat-fieldlist-nestedfields
feat(FieldList): Add nestedFields() function to return a flat array of all deeply nested fields in a FieldList.
2017-12-18 13:43:36 +13:00
Robbie Averill
aa7ab0c494 Update test assertions to be more readable 2017-12-17 16:22:26 +13:00
Robbie Averill
ea8ed5067d FIX Allow Requirements::block to handle module resource paths 2017-12-17 16:09:22 +13:00
Damian Mooyman
c5bd9bb424
BUG Fix incorrect BASE_DIR inferred in CLI
BUG Fix Director::mockRequest() mocking incorrect $url
Fixes #7689
2017-12-15 17:20:48 +13:00
Daniel Hensby
e4bf9a31ed
Merge branch '4.0' into 4 2017-12-14 21:20:11 +00:00
Daniel Hensby
1c72d6946d
Merge branch '3.6' into 4.0 2017-12-14 21:01:35 +00:00
Daniel Hensby
7897b3bb25
Merge branch '3.6' into 3 2017-12-14 15:31:51 +00:00
Daniel Hensby
7b0500982e
Merge branch '3.5' into 3.6 2017-12-14 15:25:36 +00:00
Daniel Hensby
81150c5922
FIX Use PHP 5.3 array syntax 2017-12-14 15:24:53 +00:00
Jake Bentvelzen
da9c133c1b
ENHANCEMENT Add flattenFields() function to iterate over all deeply nested fields in a form 2017-12-14 14:23:00 +00:00
Damian Mooyman
140ed72e2a
BUG Fix message casting for html security messages 2017-12-14 14:49:58 +13:00
Damian Mooyman
529e341dbc
Merge pull request #7699 from open-sausages/pulls/4/html-in-security-msg
ENHANCEMENT Allow html in security failure message
2017-12-14 14:30:09 +13:00
Damian Mooyman
1c8576cee7
Linting cleanup 2017-12-14 14:18:41 +13:00
Damian Mooyman
ed6561d9f5
BUG Fix incorrect merge of associative / non-associative summary fields
Fixes #7696
2017-12-14 14:17:19 +13:00
Damian Mooyman
8b1b9f022b
Fix linting issues 2017-12-14 13:50:52 +13:00
Damian Mooyman
33b2d50d59
Cache warming in InheritedPermissions::getCachePermissions()
Simplify Group::Members() code
Remove cms-only config
2017-12-12 09:01:43 +13:00
Aaron Carlino
2be902ef2f Adapt to new MemberCacheFlusher interface 2017-12-11 17:50:11 +13:00
Aaron Carlino
aefb0aeaa8 Make InheritedPermissions use cache and implement cache flushing 2017-12-11 17:50:11 +13:00
Damian Mooyman
ee27329728 Minor linting / style updates 2017-12-11 16:46:59 +13:00
Aaron Carlino
86458941be Refactor to MemberCacheFlusher 2017-12-11 16:46:59 +13:00
Aaron Carlino
4857816c9e Revisions per robbieaverill 2017-12-11 16:46:59 +13:00
Aaron Carlino
eecb9f64d3 Add new InheritedPermissionFlusher extension, CacheFlusher service 2017-12-11 16:46:59 +13:00
Damian Mooyman
eba6129c07
Merge pull request #7677 from open-sausages/pulls/4/textarea-maxlength
Enable max length for textarea field
2017-12-11 10:34:29 +13:00
Saophalkun Ponlu
381ad756f2 Fix tests 2017-12-08 09:58:52 +13:00
Damian Mooyman
6b384f4b35
Merge branch '4.0' into 4 2017-12-07 13:52:00 +13:00
Damian Mooyman
50aa1f22a6
Merge branch '3.6' into 3 2017-12-07 13:20:58 +13:00
Saophalkun Ponlu
442f2bb762 Enable max length for textarea field 2017-12-07 12:52:28 +13:00
Daniel Hensby
89166a2ff2
Try using parseSortColumn from ArrayList 2017-12-06 13:38:58 +00:00
Daniel Hensby
2e43780a8a
NEW Add sort columns to DB index automatically 2017-12-06 13:38:25 +00:00
Damian Mooyman
286271a1e1
Merge pull request #56 from silverstripe-security/pulls/4.0/ss-2017-009
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (4.0 branch)
2017-12-06 18:22:47 +13:00
Damian Mooyman
99e772b361
Merge pull request #51 from silverstripe-security/pulls/4.0/ss-2017-007
[ss-2017-007] Ensure xls formulae are safely sanitised on output (4.0)
2017-12-06 18:22:11 +13:00
Damian Mooyman
d6a93f5215
Merge remote-tracking branch 'silverstripe-security/3.5' into 3.6
# Conflicts:
#	security/Member.php
2017-12-06 17:26:45 +13:00
Damian Mooyman
91cf85087b
Merge remote-tracking branch 'origin/3.5' into 3.6 2017-12-06 17:21:09 +13:00
Damian Mooyman
dd4c5417e7
Merge pull request #49 from silverstripe-security/pulls/3.5/ss-2017-007
[ss-2017-007] Ensure xls formulae are safely sanitised on output (3.5)
2017-12-06 16:25:58 +13:00
Damian Mooyman
44de03da01
Merge pull request #53 from silverstripe-security/pulls/3.5/ss-2017-006
[ss-2017-006] Fix user agent invalidation on session startup (3.5 branch)
2017-12-06 16:25:39 +13:00
Damian Mooyman
3e2bcaa0b4
Merge pull request #54 from silverstripe-security/pulls/3.5/ss-2017-009
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (3.5 branch)
2017-12-06 16:25:19 +13:00
Chris Joe
0e8d288240
Merge pull request #7667 from open-sausages/pulls/4.0/better-tinymce-locales
BUG Ensure that all tinymce_lang mappings are valid
2017-12-06 11:24:02 +13:00
Daniel Hensby
2aa1d8f2c4
remove create_function usage 2017-12-05 14:20:13 +00:00
Loz Calver
91bd92df31 FIX: Remove some unnecessary ClassInfo calls in DataObjectSchema 2017-12-05 12:23:10 +00:00
Daniel Hensby
eb55c27124
Merge branch '4.0' into 4 2017-12-05 12:14:22 +00:00
Damian Mooyman
69295a6e22
BUG Ensure that all tinymce_lang mappings are valid 2017-12-01 15:00:39 +13:00
Damian Mooyman
25e276cf37 [ss-2017-006] Fix user agent invalidation on session startup 2017-12-01 10:55:00 +13:00
Damian Mooyman
cfe1d4f481
[ss-2017-007] Ensure xls formulae are safely sanitised on output
CSVParser now strips leading tabs on cells
2017-12-01 10:24:49 +13:00
Damian Mooyman
22ccf3e2f9
[ss-2017-007] Ensure xls formulae are safely sanitised on output
CSVParser now strips leading tabs on cells
2017-12-01 10:19:48 +13:00
Damian Mooyman
f1dd3d6f03
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt 2017-11-30 17:00:49 +13:00
Damian Mooyman
6ba00e829a
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt 2017-11-30 15:53:50 +13:00
Damian Mooyman
5bfc0c43eb
Merge pull request #7648 from creative-commoners/pulls/4.0/support-some-class-collection
FIX Support self::class text collection
2017-11-29 11:37:06 +13:00
Damian Mooyman
2fe59680e3
Merge pull request #7620 from open-sausages/pulls/4.0/its-too-big-to-fit
BUG Added warning for auto-generated table_name
2017-11-28 09:42:12 +13:00
Robbie Averill
b7ea05900e FIX Support self::class text collection 2017-11-27 23:20:29 +13:00
Christopher Joe
cc72b5c852 BUG Added warning for auto-generated table_name for non-test classes 2017-11-27 20:22:37 +13:00
Damian Mooyman
6e7fb4747e
Restore legacy $ThemeDir support 2017-11-27 15:24:40 +13:00
Damian Mooyman
bac5f4c8aa
Merge branch '3.5' into pulls/3.5/update-pwd-encryption-on-change 2017-11-27 14:42:32 +13:00
Daniel Hensby
6d5cbe0a0e
Merge branch '4.0' into 4 2017-11-25 17:19:31 +00:00
Daniel Hensby
07a0f75426
Merge branch '3.6' into 4.0 2017-11-25 16:56:50 +00:00
Daniel Hensby
fd201bc71b
Merge branch '3.6' into 3 2017-11-25 16:18:46 +00:00
Daniel Hensby
badeb0cc8c
Merge branch '3.5' into 3.6 2017-11-25 16:17:36 +00:00
Daniel Hensby
09a003bc13
Fix deprecated usage of getMock in unit tests 2017-11-24 14:48:30 +00:00
Daniel Hensby
2ad3cc07d5
FIX Update meber passwordencryption to default on password change 2017-11-23 21:17:31 +00:00
Daniel Hensby
333ecc201c
Merge pull request #7583 from open-sausages/pulls/4/relation-object-navigation
BUG Ensure relObject() safely bails on empty objects
2017-11-23 12:48:57 +00:00
Damian Mooyman
d9e7a92b3c
BUG Fix regressions in asset resize behaviour change 2017-11-22 14:36:24 +13:00
Christopher Joe
2b6b877327 Merge branch '4.0' of https://github.com/silverstripe/silverstripe-framework into 4 2017-11-21 15:08:30 +13:00
Chris Joe
d8ca223e15
Merge pull request #7605 from open-sausages/pulls/4.0/fix-enum-defaults
BUG Fix DBEnum ignoring empty defaults
2017-11-20 11:32:45 +13:00
Damian Mooyman
cbf9e40115
BUG Fix postgres / PDO support 2017-11-17 12:35:55 +13:00
Damian Mooyman
ef58799103
BUG Fix DBEnum ignoring empty defaults
FIxes #7582
2017-11-17 12:35:39 +13:00
Loz Calver
13b02feed7
Merge pull request #7602 from dhensby/pulls/3.5/fix-filter-any-inner-join
FIX ManyMany link table joined with LEFT JOIN
2017-11-16 13:48:07 +00:00
Daniel Hensby
4f3deb13e0
TEST filterAny on many_many relations return correct items 2017-11-16 11:10:12 +00:00
Daniel Hensby
3d3096485b
TEST Uppercase file extensions return correct mime type 2017-11-16 11:01:25 +00:00
Christopher Joe
2bc7edbf47 BUG Fix don't treat zero-date as invalid 2017-11-16 13:30:15 +13:00
Damian Mooyman
eae3d0cfaa
Merge remote-tracking branch 'origin/4.0' into 4 2017-11-16 10:16:44 +13:00
Chris Joe
bee3c404fa
Merge pull request #7545 from open-sausages/pulls/4.0/deprecated-each
BUG Remove usage of deprecated each() and use a helper method instead
2017-11-15 16:30:20 +13:00
Damian Mooyman
c9921447b3
Merge pull request #7539 from colintucker/fix-broken-paginated-list
Fixed array/object mismatch bug in PaginatedList
2017-11-15 15:17:15 +13:00
Damian Mooyman
f863573d1c
API Add getShortName to DBClassName
Fixes #7586
2017-11-15 11:27:58 +13:00
Daniel Hensby
cf321895ba
Merge branch '4.0' into 4 2017-11-14 13:24:15 +00:00
Daniel Hensby
0baa996cc0
Merge branch '3.6' into 3 2017-11-14 12:13:08 +00:00
Daniel Hensby
4731d3c671
Merge branch '3.5' into 3.6 2017-11-14 12:00:53 +00:00
Damian Mooyman
ba2c5b48f7
BUG Ensure relObject() safely bails on empty objects
BUG Remove assignment of IDs to singletons
API relation methods can take an optional $id parameter to get relations from specific parents
API Added UnsavedRelationList::relation() method
2017-11-10 15:27:02 +13:00
Colin Tucker
f952ef747b
Fixed array/object mismatch bug in PaginatedList 2017-11-06 11:23:41 +00:00
Sam Minnee
d8b4ca91d9 FIX: Fix ContextSummary behaviour with UTF8 chars
Fixes https://github.com/silverstripe/silverstripe-framework/issues/1396

Ensure that DBTextTest has UTF8 test cases
2017-11-06 12:09:08 +13:00
Damian Mooyman
420041f2b6
Merge remote-tracking branch 'origin/4.0' into 4 2017-11-03 17:04:44 +13:00
Damian Mooyman
6a73466b41 BUG Fix basicauth 2017-11-03 12:08:38 +13:00
Damian Mooyman
0b3ed7ff15
Merge 4.0 -> 4 2017-11-02 16:52:05 +13:00
Chris Joe
cd55a039e7
Merge pull request #7520 from open-sausages/pulls/4.0/config-redirect-works
API / BUG - Introduce new request resolver middleware and fix broken forceWWW / forceSSL
2017-11-02 10:01:58 +13:00
Damian Mooyman
5bc4f3d1fc
BUG Remove usage of deprecated each() and use a helper method instead 2017-11-01 16:04:35 +13:00
Damian Mooyman
3c8848a090
Update code style and fix tests 2017-10-30 17:34:15 +13:00
Damian Mooyman
9d3277f3d3
BUG Fix forceWWW and forceSSL not working in _config.php
API Introduce CanonicalURLMiddleware
BUG Fix Director::makeRelative() failing on multi-domain sites
2017-10-30 14:42:36 +13:00
Christopher Joe
f6b7cf8889 Feature disable current user from removing their admin permission 2017-10-30 12:34:06 +13:00
Damian Mooyman
324bdad48c
ENHANCEMENT Ensure DBVarchar scaffolds text field with TextField with appropriate max length
Fixes #1413
2017-10-26 16:21:51 +13:00
Damian Mooyman
68c3279fd9
BUG Ensure readonly tree dropdown is safely encoded
Removed legacy entwine dead code
Added soft-deprecation to label field
2017-10-26 13:04:30 +13:00
Andrew Aitken-Fincham
c4a50a3d10 Spelling in DataQueryTest 2017-10-20 12:00:35 +01:00
Sam Minnee
4bec62ba51 Merge branch '4.0' into 4 2017-10-20 18:45:16 +13:00
Damian Mooyman
b9cb1e69e6 BUG Replace phpdotenv with thread-safe replacement 2017-10-20 18:43:11 +13:00
Christopher Joe
dabdc905ce
BUG Fix enable email subclasses to use their respective templates 2017-10-19 14:44:04 +13:00
Robbie Averill
2f579b64cb FIX Files without extensions (folders) do not have a trailing period added 2017-10-18 09:25:27 +13:00
Chris Joe
cafa3fc29a BUG switch to trigger_error() when a resource is not found (#7468)
* BUG switch to `trigger_error()` when a resource is not found rather than throw an exception

* Add unit test for module url failing
2017-10-16 16:11:42 +13:00
Daniel Hensby
c09dec5958 Merge pull request #7456 from open-sausages/pulls/4.0/decimal-scaffolding
BUG Fix decimal scaffolding
2017-10-10 15:46:38 +01:00
Damian Mooyman
6a55dcfc16
Fix references to resource paths / urls 2017-10-10 16:51:47 +13:00
Damian Mooyman
fd630a99b0
BUG Fix decimal scaffolding
Fixes #7454
2017-10-10 10:13:26 +13:00
Christopher Joe
f34f7cb668 Fix surname behat test 2017-10-09 16:00:21 +13:00
Damian Mooyman
311811a261 Merge pull request #7451 from open-sausages/pulls/4.0/whats-temporary-could-turn-path
rename TEMP_FOLDER to TEMP_PATH
2017-10-09 14:16:06 +13:00
Damian Mooyman
994689ab54 Merge pull request #7450 from open-sausages/rename-assertDOS-to-assertList
API Rename assert dos to assert list
2017-10-09 13:47:18 +13:00
Christopher Joe
3560a0418d rename TEMP_FOLDER to TEMP_PATH 2017-10-09 12:41:34 +13:00
Damian Mooyman
313f8c7ac3 Merge pull request #7439 from creative-commoners/pulls/4.0/trim-injector-names
FIX Trim whitespace off names in Injector
2017-10-09 12:31:11 +13:00
Werner M. Krauß
f686b50824 API Rename assert dos to assert list 2017-10-09 11:53:11 +13:00
Chris Joe
566d7baa48 Merge pull request #7437 from open-sausages/pulls/4.0/stateless-extensions
API Extensions are now stateless
2017-10-09 11:45:33 +13:00
Daniel Hensby
d8f49a1bda Merge pull request #7426 from silverstripe/filefield-accept-attr
NEW: Implement accept attribute in FileField (closes #7279)
2017-10-06 15:01:12 +01:00
Robbie Averill
3bdc8c7e65 FIX Trim whitespace off names in Injector 2017-10-06 15:52:44 +13:00
Damian Mooyman
b996e2c22c
API Extensions are now stateless
ENHANCEMENT Injector now lazy-loads services more intelligently
2017-10-06 14:53:44 +13:00
Chris Joe
90ce2abecb Merge pull request #7422 from open-sausages/pulls/4.0/flags-in-gridfield
Add gridfield versioned columns
2017-10-06 14:39:02 +13:00
Christopher Joe
578f3f208c Fix behat test 2017-10-06 13:40:11 +13:00
Damian Mooyman
168db412de Merge pull request #7424 from creative-commoners/pulls/4.0/extensible-change-password
NEW Make Member::changePassword extensible
2017-10-05 13:18:53 +13:00
Damian Mooyman
4dbd727206
BUG Config updates are now applied after middleware not before 2017-10-05 12:30:21 +13:00
Robbie Averill
6b52412693 NEW Make Member::changePassword extensible 2017-10-05 11:18:34 +13:00
Damian Mooyman
1b6d0144c5
BUG Fix resource mapping for TinyMCE
API add ModuleResource::getRelativeResource()
2017-10-04 17:44:04 +13:00
Loz Calver
43ec2f87ed NEW: Implement accept attribute in FileField (closes #7279) 2017-10-03 16:48:49 +01:00
Damian Mooyman
16f4345124
Remove unnecessary FRAMEWORK_DIR constants 2017-10-03 14:52:23 +13:00
Damian Mooyman
f4a77649a4
Fix requirements tests 2017-10-03 14:21:24 +13:00
Damian Mooyman
5ffe64f024
Fix tinymce plugins 2017-10-03 14:08:24 +13:00
Damian Mooyman
fa57deeba4
ENHANCEMENT Allow vendor modules with url rewriting
API Introduce ModuleResource feature
2017-09-29 10:28:38 +13:00
Daniel Hensby
b49d1d7fbd
Merge branch '3.6' into 3 2017-09-28 17:17:19 +01:00
Christopher Joe
53b2fcd1ea Fix amend TinyMCE combined generator's unit test to be more lenient with encoding 2017-09-28 16:47:13 +13:00
Christopher Joe
7e92b053f4 Enhancement Add setter and getter for certain classes, so that LeftAndMain no longer updates config during init 2017-09-28 16:47:13 +13:00
Damian Mooyman
da27948777 Merge pull request #7373 from dhensby/pulls/4/rate-limit-security
NEW RateLimiter for Security controller
2017-09-28 11:01:37 +13:00
Damian Mooyman
e4fd9b4ff7
Code style fixes 2017-09-28 09:54:29 +13:00
Daniel Hensby
5f739c111e
added ratelimiter tests 2017-09-27 16:42:04 +01:00
Daniel Hensby
060c2d62d3
Merge pull request #7408 from ajoneil/fix-paginated-list-get-vars
Prior to this change, if there were already GET vars on a page
with a PaginatedList, the links would include a mix of '&' and '&'.
2017-09-27 09:41:32 +01:00
Andrew O'Neil
c7cbbb29f4 Fix links on paginated lists when there are GET vars
Prior to this change, if there were already GET vars on a page
with a PaginatedList, the links would include a mix of '&' and '&'.
2017-09-27 15:41:08 +10:00
Daniel Hensby
28552155c3
NEW Add actWithPermission to SapphireTest for shortcut to perform actions with specific permissions 2017-09-26 13:39:31 +01:00
Daniel Hensby
bd7abc73de
Merge branch '3.5.5' into 3.6.2 2017-09-20 16:26:30 +01:00
Damian Mooyman
261302a121
ENHANCEMENT Don't force all class names to lowercase
Speeds up autoloading because composer psr-4 works properly now
2017-09-20 15:14:55 +12:00
Mike Cochrane
41d1b2a882 Test fix: Don't hard code the security page_class controller 2017-09-16 11:27:16 +12:00
Sacha Judd
c707fccf69 NEW Allow GridFieldEditButton to have configurable HTML classes. Change edit icon. 2017-09-13 13:11:17 +12:00
Daniel Hensby
091d99f599
FIX Authenticators are more resilient to incomplete configuration 2017-09-12 15:57:03 +01:00
Andrew Aitken-Fincham
6613826ed8 FIX SSViewer::add_themes() to properly prepend 2017-09-12 13:34:56 +01:00
Damian Mooyman
4c84f22b2e Merge pull request #7325 from xini/patch-3
use html5 mark tag to highlight search parameter
2017-09-05 13:38:42 +12:00
Florian Thoma
d1f7e6959f update tests and doc 2017-09-05 09:42:08 +10:00
Saophalkun Ponlu
08fa3d6e3d
Enable TinyMCE list buttons 2017-09-04 09:30:07 +12:00
Damian Mooyman
98c10b089c
ENHANCEMENT Allow <% include %> to fallback outside of the Includes folder
Fixes #7108
2017-08-29 16:15:46 +12:00
Andrew Aitken-Fincham
4d098fc2ad add test for backslash on Convert::raw2htmlid 2017-08-24 11:15:44 +01:00
Chris Joe
deec9b411b Merge pull request #7300 from open-sausages/pulls/4.0/flush-live-backurl
BUG Capture errors after a reload token redirect to login url
2017-08-24 14:00:33 +12:00
Damian Mooyman
d5b3280498 Merge pull request #7302 from robbieaverill/pulls/4.0/has-class-returns-bool
API Make FormField::hasClass return a boolean instead of an int
2017-08-24 13:19:30 +12:00
Damian Mooyman
47fced8880
BUG Capture errors after a reload token redirect to login url
Fixes #7289
2017-08-24 12:55:04 +12:00
Robbie Averill
595ba75a50 API Make FormField::hasClass return a boolean instead of an int 2017-08-23 16:23:28 +12:00
Damian Mooyman
2c34af72e1
ENHANCEMENT Log user constants during CI for debugging improvements 2017-08-23 14:23:33 +12:00
Damian Mooyman
9b4d689bb2 Lazy-load custom methods and extensions on CustomMethods and Extensible traits
No longer need constructExtensions()
2017-08-22 15:47:24 +12:00
Damian Mooyman
ce5e15df6e BUG Fix issue with multiple editors breaking plugins 2017-08-18 16:33:16 +12:00
Daniel Hensby
33c2c7bfe7
Merge branch '3' into 4 2017-08-17 15:06:00 +01:00
Daniel Hensby
c09305be9e
Merge branch '3.6' into 3 2017-08-17 14:31:57 +01:00
Daniel Hensby
921f615e19
Merge branch '3.5' into 3.6 2017-08-17 14:14:31 +01:00
Christopher Joe
9dc11eff43 Enhancement Add a path option for the schema data, so a full tree is not required for this data 2017-08-17 16:08:27 +12:00
Daniel Hensby
1ae07ac2a3
TEST Prove LastEdited is updated when no changes are made 2017-08-16 22:26:47 +01:00
Damian Mooyman
c14233f743
API Enable config files to be loaded for behat tests 2017-08-15 10:30:29 +12:00
Daniel Hensby
c0211927aa
Merge branch '3' into 4 2017-08-14 21:18:03 +01:00
Damian Mooyman
323644c7bb
API Implement cascade_deletes 2017-08-09 15:14:00 +12:00
Damian Mooyman
0681567102 BUG Fix flushing on live mode (#7241)
* BUG Fix flushing on live mode
Fixes #7217

* Clarify injector service documentation
2017-08-07 13:53:23 +12:00
Damian Mooyman
f7bebdd8f8
BUG Fix install issue with IIS
Fixes #7218
2017-08-07 10:15:40 +12:00
Chris Joe
6ebc333e00 Merge pull request #7238 from open-sausages/pulls/4.0/flush-tinymce-cache
ENHANCEMENT Ensure flush destroys temp tinymce files
2017-08-03 19:13:54 +12:00
Damian Mooyman
b6a8e45888
BUG Ensure mocked controller has request assigned
Fixes #7237
2017-08-03 15:52:31 +12:00
Damian Mooyman
06efd2ac12
ENHANCEMENT Ensure flush destroys temp tinymce files 2017-08-03 13:21:48 +12:00
Robbie Averill
e307f067ed FIX Replace deprecated %s placeholders in translations with named placeholders
* Remove the use of sprintf and %s placeholders in the i18n tests
2017-08-02 13:03:55 +12:00
Damian Mooyman
6853204504
BUG Fix ajax loading wait for behat tests
Requires https://github.com/silverstripe/silverstripe-behat-extension/pull/169
2017-08-02 10:53:57 +12:00
Damian Mooyman
ae97c15e42
ENHANCEMENT Soft-code CSS explicit height and compute against rows 2017-08-01 15:46:49 +12:00
Damian Mooyman
078a508d71 API Replace legacy tiny_mce_gzip compressor with asset generator
Fixes https://github.com/silverstripe/silverstripe-admin/issues/74
2017-08-01 13:43:30 +12:00
Damian Mooyman
a85bc86fd3
Fix behat tree dropdown trigger 2017-07-28 13:52:02 +12:00
Christopher Joe
4e222fc189 Fix add function for selecting a value in the new tree dropdown in behat using react 2017-07-28 11:59:53 +12:00
Garion Herman
6ad19495a2
Add test coverage for auth failure after TempID expires. 2017-07-27 12:45:35 +01:00
Damian Mooyman
47f24ce05b
Fixup test linting 2017-07-27 12:05:27 +12:00
Aaron Carlino
74873096bd New getSummary() API for SearchContext 2017-07-27 11:56:37 +12:00
Damian Mooyman
a8187a3203 Merge pull request #7196 from open-sausages/pulls/4.0/search-default-listview
Add step definition for cms list
2017-07-25 12:08:06 +12:00
Damian Mooyman
f6a5133c2f
Consolidate behat context code 2017-07-25 11:46:40 +12:00
Daniel Hensby
6aeab571db Merge pull request #7195 from open-sausages/pulls/4.0/missing-unnested-from
BUG Fix unassigned nestedFrom
2017-07-24 17:07:07 +01:00
Daniel Hensby
4a1fb37d0f
Rename badly named test helper 2017-07-21 15:59:14 +01:00
Damian Mooyman
2385b73855
BUG fix config rules to match updated Except 2017-07-21 15:02:27 +12:00
Saophalkun Ponlu
98e77ec1c4 Add step definition for cms list 2017-07-21 12:20:54 +12:00
Damian Mooyman
6fd6a38949
BUG Fix unassigned nestedFrom
Fixes #7194
2017-07-21 08:58:19 +12:00
Daniel Hensby
7a43bf182e
Remove EnvironmentType Env var setting for test bootstrap 2017-07-20 15:06:07 +01:00
Daniel Hensby
90be7e806d
Merge branch '3.5' into 3.6 2017-07-19 15:40:01 +01:00
Daniel Hensby
7b6aad8a65 Revert "TreeDropDown performance boost." 2017-07-19 12:44:43 +01:00
Daniel Hensby
d7095c2213
Merge branch '3' into 4 2017-07-18 14:19:16 +01:00
Daniel Hensby
297755d323
Merge branch '3.6' into 3 2017-07-18 12:00:33 +01:00
Daniel Hensby
7e732da709
Merge branch '3.5' into 3.6 2017-07-18 12:00:04 +01:00
Robbie Averill
a5ca4ecb59 FIX Log in as someone else returns user back to login screen 2017-07-18 17:15:58 +12:00
Damian Mooyman
ed0ed89865 Merge pull request #7055 from robbieaverill/pulls/4.0/polymorphic-has-one-indexes
NEW Ensure polymorphic has_one fields are indexed
2017-07-18 16:39:45 +12:00
Saophalkun Ponlu
c2841b6d64 Enhancement Remove "Remove link" button from the editor's main toolbar
Fix behat for selecting link should focus on field
2017-07-18 13:11:27 +12:00
Damian Mooyman
de7b746094 Merge pull request #7180 from robbieaverill/pulls/4.0/remove-config-update-use
Use merge and set instead of update for config calls
2017-07-18 09:16:20 +12:00
Daniel Hensby
be7b2d4970 Merge pull request #7179 from robbieaverill/pulls/4.0/is-cli-for-phpdbg
FIX Ensure phpdbg calls are registered by SilverStripe core as a CLI call
2017-07-17 14:26:39 +01:00
Daniel Hensby
4f095ea61d Merge pull request #7175 from robbieaverill/pulls/4.0/version-provider
FIX Version provider uses non LSB config getters, move LeftAndMain config to admin module
2017-07-17 14:01:22 +01:00
Robbie Averill
da4e46e4de FIX Use merge and set instead of update for config calls 2017-07-17 17:59:40 +12:00
Robbie Averill
ea4181166f FIX Ensure phpdbg calls are registered by SilverStripe core as a CLI call 2017-07-17 16:56:01 +12:00
Robbie Averill
bd5782adca NEW Allow index type to be configured per DBField instance 2017-07-17 14:36:47 +12:00
Robbie Averill
c9c4390619 NEW Ensure polymorphic has_one fields are indexed
* Add tests for config based indexing on composite DBFields
* Allow fields to have "indexed" option passed via field spec
2017-07-17 14:36:29 +12:00
Robbie Averill
a8b3da6958 Check for null values when getting CMS tab elements 2017-07-17 10:11:59 +12:00
Robbie Averill
2dd5bb4d19 NEW Add Behat CMS header tab context methods 2017-07-16 23:48:02 +12:00
Robbie Averill
1a38feff22 FIX Version provider uses early bound config getter, move LeftAndMain config to admin module 2017-07-16 16:49:10 +12:00
Daniel Hensby
7fd316d405
Merge branch 3 into 4 2017-07-15 13:20:37 +01:00
Daniel Hensby
36666eb348
Merge branch '3.6' into 3 2017-07-14 14:53:06 +01:00
Loz Calver
aafd2a573d Update Convert::memstring2bytes() logic 2017-07-14 09:16:05 +01:00
Christopher Joe
ccda816f90 API added flatList argument for generating the json tree list with a context string property 2017-07-13 17:04:35 +12:00
Aaron Carlino
2b266276c2 API Implement new module sorting pattern 2017-07-13 10:27:27 +12:00
Robbie Averill
48d9088ab4 Separate composer.lock load method and add test mocking it 2017-07-11 12:22:25 +12:00
Loz Calver
960a0f8343
Fix: Make File::ini2bytes() compliant with binary prefixes (fixes #7145) 2017-07-10 09:41:36 +01:00
Roman Schmid
a6db16b229 Fix OS X issue with Convert::html2raw, HTMLText::FirstSentence, HTMLText::Summary and Text::FirstSentence.
Use unicode modifier for regular expressions that deal with whitespace.
Added unit-tests to ensure no invalud utf-8 gets generated by these methods.
2017-07-10 09:49:55 +02:00
Damian Mooyman
85359ad59e
BUG Ensure that installer can create an initial admin account
Fixes #7124
2017-07-06 13:30:04 +12:00
Daniel Hensby
2c5e237a93
Merge pull request #7103 from dnadesign/fix-numericfield-null 2017-07-05 11:45:45 +01:00
Daniel Hensby
2f551c91d7 Merge pull request #6922 from kinglozzer/debugview-styles
Update DebugView styles
2017-07-05 11:35:04 +01:00
Daniel Hensby
24a7a64c39
Merge pull request #6440 from open-sausages/pulls/4.0/requirements-module-resource-port 2017-07-05 11:31:43 +01:00
Loz Calver
713b01ebc7 Update DebugView styles 2017-07-05 09:14:26 +01:00
Aaron Carlino
c836a2e2d2 BUGFIX: Module resource regex does not allow ports 2017-07-05 13:26:30 +12:00
John Milmine
f14e6bae2c fix numeric field for null values 2017-07-05 07:35:13 +12:00
Robbie Averill
ee4d8b4d4e NEW Add new SilverStripeVersionProvider to provider module versions 2017-07-04 23:29:29 +12:00
Damian Mooyman
ed26b251c8
ENHANCEMENT: Better output type detection for debugging 2017-07-04 17:33:49 +12:00
Damian Mooyman
085cdb3671
Remove non-existant classes from .upgrade.yml 2017-07-03 14:14:56 +12:00
Damian Mooyman
f65e3627dc
BUG Implement or exclude all pending upgrader deltas 2017-07-03 12:21:47 +12:00
Daniel Hensby
c69a565b08 Merge pull request #7046 from andrewandante/FEAT/add_inGroup_to_Group
add inGroup(s) methods to Group
2017-06-30 16:38:55 +01:00
Andrew Aitken-Fincham
ab60a167e6 add inGroup(s) methods to Group 2017-06-30 12:47:37 +01:00
Damian Mooyman
ee05c586b6 Merge pull request #7083 from sminnee/get-one-miss-null
FIX: DataObject::get_one() misses return null, not false
2017-06-30 13:08:20 +12:00
Aaron Carlino
ad9d4e6820 Pulls/4.0/shortcode namespacing (#7085)
* New shortcode providers, update config, docs

* Use new ImageShortcodeProvider

* Move tests

* New shortcodes namespace

* Move file and image shortcode registrations from framework to assets
2017-06-29 18:45:17 +12:00
Daniel Hensby
30986b4ea3
[SS-2017-002] FIX Lock out users who dont exist in the DB 2017-06-29 13:58:55 +12:00
Sam Minnee
2c8790ca7d FIX: DataObject::get_one() misses return null, not false
Fixes https://github.com/silverstripe/silverstripe-framework/issues/5441
2017-06-29 13:51:52 +12:00
Daniel Hensby
e7df10dc52
Merge branch '3' 2017-06-28 18:59:08 +01:00
Sam Minnee
741166e369 API: ModulePath template global now takes any composer package name.
NEW: URL generation now handled by pluggable ResourceURLGenerator service.
NEW: Requirements::javascript() and Requirements::css() now support “vendor/package:resource” syntax.

These changes will make it easier to us to fully abstract:
 - file access from module location
 - file location from URL generation

API: ModulePath template global now takes any composer package name.
NEW: URL generation now handled by pluggable ResourceURLGenerator service.
NEW: Requirements::javascript() and Requirements::css() now support “vendor/package:resource” syntax.

These changes will make it easier to us to fully abstract:
 - file access from module location
 - file location from URL generation
2017-06-28 16:59:28 +12:00
Saophalkun Ponlu
288de2eb14 BUG Add flag on form whether to notify user when there's unsaved changes 2017-06-28 11:14:12 +12:00
Daniel Hensby
399c46579a
Merge branch '3.6' into 3 2017-06-27 13:15:14 +01:00
Daniel Hensby
1e5592a3d9
Merge branch '3.5' into 3.6 2017-06-27 13:14:39 +01:00
Damian Mooyman
cf758ddd4f Merge pull request #7052 from sminnee/director-middleware
Allow application of HTTPMiddleware to Director.
2017-06-27 14:21:23 +12:00
Ingo Schommer
daed8cb056 Merge pull request #7061 from jonom/errorpage-separation
Removed ErrorPage
2017-06-27 14:00:43 +12:00
Damian Mooyman
f699650b5f Update based on feedback 2017-06-27 13:32:39 +12:00
Damian Mooyman
d20ab50f9d API Stronger Injector service unregistration
BUG Fix up test regressions
FIX director references to request object
API Move all middlewares to common namespace
API Implement RequestHandlerMiddlewareAdapter
ENHANCEMENT Improve IP address parsing
Fix up PHPDoc / psr2 linting
BUG Fix property parsing in TrustedProxyMiddleware
BUG Fix Director::is_https()
2017-06-27 13:32:39 +12:00
Sam Minnee
67887febc5 fix - session now uses request 2017-06-27 13:32:39 +12:00
Sam Minnee
e855622890 NEW: Replace FlushRequestFilter with FlushMiddleware 2017-06-27 13:32:39 +12:00
Sam Minnee
95a266c6b9 FIX: Add tests for middleware 2017-06-27 13:32:39 +12:00
Ingo Schommer
60a3c8754a Simplify SecurityTest redirect assertion
It causes inexplicable failures in the installer test,
while it's passing running in framework standalone.
This might be related to the cms module being present (with framework tests executed).

Either way, testing that FunctionalTest can follow a redirect
and correctly display the "/" homepage isn't really the point of this test. It should limit its assertion to the presence of a redirect.

See https://travis-ci.org/silverstripe/silverstripe-installer/jobs/246703789
2017-06-27 09:23:37 +12:00
Jonathon Menz
d0da319004 Removed ErrorPage
Removed references to ErrorPage so it can be split off in to a separate module. (#4149)
2017-06-26 10:03:03 -07:00
Franco Springveldt
d3d426bdfc NEW restored Extension::__construct() 2017-06-26 17:34:43 +12:00
Ingo Schommer
12c2edc1d5 Fix DeprecationTest
The $project use has changed in 3873e4ba00.
The test isn't really reliant on $project anyway,
it just tests that any other module identifier
doesn't interfere with core notification settings.
2017-06-23 10:22:26 +12:00
Ingo Schommer
fb09e0b65f Fix merge error 2017-06-23 09:27:46 +12:00
Ingo Schommer
e592bed3e5 Fixed merge error 2017-06-22 23:07:58 +12:00
Damian Mooyman
3873e4ba00 API Refactor bootstrap, request handling
See https://github.com/silverstripe/silverstripe-framework/pull/7037
and https://github.com/silverstripe/silverstripe-framework/issues/6681

Squashed commit of the following:

commit 8f65e56532
Author: Ingo Schommer <me@chillu.com>
Date:   Thu Jun 22 22:25:50 2017 +1200

    Fixed upgrade guide spelling

commit 76f95944fa
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 22 16:38:34 2017 +1200

    BUG Fix non-test class manifest including sapphiretest / functionaltest

commit 9379834cb4
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 22 15:50:47 2017 +1200

    BUG Fix nesting bug in Kernel

commit 188ce35d82
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 22 15:14:51 2017 +1200

    BUG fix db bootstrapping issues

commit 7ed4660e7a
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 22 14:49:07 2017 +1200

    BUG Fix issue in DetailedErrorFormatter

commit 738f50c497
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 22 11:49:19 2017 +1200

    Upgrading notes on mysite/_config.php

commit 6279d28e5e
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 22 11:43:28 2017 +1200

    Update developer documentation

commit 5c90d53a84
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 22 10:48:44 2017 +1200

    Update installer to not use global databaseConfig

commit f9b2ba4755
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Wed Jun 21 21:04:39 2017 +1200

    Fix behat issues

commit 5b59a912b6
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Wed Jun 21 17:07:11 2017 +1200

    Move HTTPApplication to SilverStripe\Control namespace

commit e2c4a18f63
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Wed Jun 21 16:29:03 2017 +1200

    More documentation
    Fix up remaining tests
    Refactor temp DB into TempDatabase class so it’s available outside of unit tests.

commit 5d235e64f3
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Wed Jun 21 12:13:15 2017 +1200

    API HTTPRequestBuilder::createFromEnvironment() now cleans up live globals
    BUG Fix issue with SSViewer
    Fix Security / View tests

commit d88d4ed4e4
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 20 16:39:43 2017 +1200

    API Refactor AppKernel into CoreKernel

commit f7946aec33
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 20 16:00:40 2017 +1200

    Docs and minor cleanup

commit 12bd31f936
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 20 15:34:34 2017 +1200

    API Remove OutputMiddleware
    API Move environment / global / ini management into Environment class
    API Move getTempFolder into TempFolder class
    API Implement HTTPRequestBuilder / CLIRequestBuilder
    BUG Restore SS_ALLOWED_HOSTS check in original location
    API CoreKernel now requires $basePath to be passed in
    API Refactor installer.php to use application to bootstrap
    API move memstring conversion globals to Convert
    BUG Fix error in CoreKernel nesting not un-nesting itself properly.

commit bba9791146
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Mon Jun 19 18:07:53 2017 +1200

    API Create HTTPMiddleware and standardise middleware for request handling

commit 2a10c2397b
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Mon Jun 19 17:42:42 2017 +1200

    Fixed ORM tests

commit d75a8d1d93
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Mon Jun 19 17:15:07 2017 +1200

    FIx i18n tests

commit 06364af3c3
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Mon Jun 19 16:59:34 2017 +1200

    Fix controller namespace
    Move states to sub namespace

commit 2a278e2953
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Mon Jun 19 12:49:45 2017 +1200

    Fix forms namespace

commit b65c21241b
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 15 18:56:48 2017 +1200

    Update API usages

commit d1d4375c95
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Thu Jun 15 18:41:44 2017 +1200

    API Refactor $flush into HTPPApplication
    API Enforce health check in Controller::pushCurrent()
    API Better global backup / restore
    Updated Director::test() to use new API

commit b220534f06
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 13 22:05:57 2017 +1200

    Move app nesting to a test state helper

commit 603704165c
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 13 21:46:04 2017 +1200

    Restore kernel stack to fix multi-level nesting

commit 2f6336a15b
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 13 17:23:21 2017 +1200

    API Implement kernel nesting

commit fc7188da7d
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 13 15:43:13 2017 +1200

    Fix core tests

commit a0ae723514
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 13 15:23:52 2017 +1200

    Fix manifest tests

commit ca03395251
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 13 15:00:00 2017 +1200

    API Move extension management into test state

commit c66d433977
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Tue Jun 13 14:10:59 2017 +1200

    API Refactor SapphireTest state management into SapphireTestState
    API Remove Injector::unregisterAllObjects()
    API Remove FakeController

commit f26ae75c6e
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Mon Jun 12 18:04:34 2017 +1200

    Implement basic CLI application object

commit 001d559662
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Mon Jun 12 17:39:38 2017 +1200

    Remove references to SapphireTest::is_running_test()
    Upgrade various code

commit de079c041d
Author: Damian Mooyman <damian@silverstripe.com>
Date:   Wed Jun 7 18:07:33 2017 +1200

    API Implement APP object
    API Refactor of Session
2017-06-22 22:50:45 +12:00
Loz Calver
5d27dccd60 NEW: Add CSRF token to logout action 2017-06-21 15:42:13 +01:00
Mojmir Fendek
5b6a39e71a TreeDropDown performance boost. 2017-06-19 15:10:23 +12:00
Damian Mooyman
64e802f795
API Move createTag to HTML class
ENHANCEMENT Better HTML generation behaviour for Requirements_Backend
2017-06-16 12:22:05 +12:00
Lukas
a990c99d6e NEW: suffix subfolder in silverstripe-cache with php-version (#6810)
Note that this changes the default temp path value 

 * Was: /tmp/silverstripe-cache-Users-FOO-webroot-BAR-php7.1.5/USER
 * Now: /tmp/silverstripe-cache-Users-FOO-webroot-BAR/USER-php7.1.5
2017-06-16 11:25:02 +12:00
Loz Calver
2afe018dc7
FIX: Ensure HasManyList foreign ID filter includes table name (fixes #7023) 2017-06-15 12:06:30 +01:00
Damian Mooyman
0f90c5b63f ENHANCEMENT Update style of CMSLogin form 2017-06-15 18:13:14 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services
API Improve validation of authentication process
2017-06-15 15:53:57 +12:00
Simon Erkelens
576eee72dc Remove DefaultAdmin things from Security and Member into the MemberAuthenticator, unifying and removing duplicate code. 2017-06-15 14:20:29 +12:00
Daniel Hensby
6f2b08b962
Merge branch '3.6' into 3 2017-06-14 12:02:27 +01:00
Daniel Hensby
ecc88b2cbe
Merge branch '3.5' into 3.6 2017-06-14 12:02:06 +01:00
Damian Mooyman
d89bd15330
Move authentication hooks to SapphireTest 2017-06-09 16:25:40 +12:00
Simon Erkelens
082db89550 Feedback from Damian.
- Move the success and message to a validationresult
- Fix tests for validationresult return
- We need to clear the session in Test logOut method
- Rename to MemberAuthenticator and CMSMemberAuthenticator for consistency.
- Unify all to getCurrentUser on Security
- ChangePasswordHandler removed from Security
- Update SapphireTest for CMS login/logout
- Get the Member ID correctly, if it's an object.
- Only enable "remember me" when it's allowed.
- Add flag to disable password logging
- Remove Subsites coupling, give it an extension hook to disable itself
- Change cascadeLogInTo to cascadeInTo for the logout method logic naming
- Docblocks
- Basicauth config
2017-06-08 17:50:20 +12:00
Simon Erkelens
2b26cafcff Separate out the log-out handling.
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
2017-06-07 21:11:58 +12:00
Sam Minnee
f9ea752bae NEW: Add AuthenticationHandler interface
NEW: Add IdentityStore for registering log-in / log-out data
NEW: Add AuthenticationRequestFilter for managing login
NEW: Add Security:setCurrentUser() / Security::getCurrentUser()
NEW: Add FunctionalTest::logOut()
2017-06-07 21:11:55 +12:00
Simon Erkelens
c4194f0ed2 CMS Login Handling
Move to canLogin in the authentication check. Protected isLockedOut

Enable login to be called with a different login service (CMSLogin), enabling CMS Log in. Seems the styling and/or output is still broken.

logOut could be managed from the Authenticator instead of the member
2017-06-07 21:11:54 +12:00
Sam Minnee
7af7e6719e API: Security.authenticators is now a map, not an array
Authenticators is now a map of keys -> service names. The key is used
in things such as URL segments. The “default_authenticator” value has
been replaced with the key “default” in this map, although in time a
default authenticator may not be needed.
IX: Refactor login() to avoid code duplication on single/multiple handlers
IX: Refactor LoginHandler to be more amenable to extension
IX: Fixed permissionFailure hack
his LoginHandler is expected to be the starting point for other
custom authenticators so it should be easier to repurpose components
`of it.
IX: Fix database-is-ready checks in tests.
IX: Fixed MemberAuthenticatorTest to match the new API
IX: Update security URLs in MemberTest
2017-06-07 21:11:53 +12:00
Sam Minnee
e226b67d06 Refactoring of authenticators
Further down the line, I'm only returning the `Member` on the doLogin, so it's possible for the Handler or Extending Handler to move to a second step.
Also cleaned up some minor typos I ran in to. Nothing major.

This solution works and is manually tested for now. Supports multiple login forms that end up in the correct handler. I haven't gotten past the handler yet, as I've yet to refactor my Yubiauth implementation.

FIX: Corrections to the multi-login-form support.

Importantly, the system provide a URL-space for each handler, e.g.
“Security/login/default” and “Security/login/other”. This is much
cleaner than identifying the active authenticator by a get parameter,
and means that the tabbed interface is only needed on the very first view.

Note that you can test this without a module simply by loading the
default authenticator twice:

SilverStripe\Security\Security:
  authenticators:
    default: SilverStripe\Security\MemberAuthenticator\Authenticator
    other: SilverStripe\Security\MemberAuthenticator\Authenticator

FIX: Refactor delegateToHandler / delegateToHandlers to have less
duplicated code.
2017-06-07 21:11:52 +12:00
Loz Calver
4ad2cae864
FIX: Upload_Validator failed to fetch max size from PHP ini values (fixes #6999) 2017-06-06 14:28:03 +01:00
Daniel Hensby
21d2e5cad1
Merge branch '3.6' into 3 2017-05-31 00:12:14 +01:00
Daniel Hensby
13ee3148d9
FIX Bracket should implement TestOnly 2017-05-30 22:44:24 +01:00
Damian Mooyman
e7d87add9f API Remove legacy HTMLEditor classes 2017-05-30 11:01:28 +12:00
Daniel Hensby
cda7e8dc39
Merge remote-tracking branch 'security/3.5.4' into 3.6.0 2017-05-29 01:29:05 +01:00
Daniel Hensby
24166700e8
Merge remote-tracking branch 'security/3.4.6' into 3.5.4 2017-05-29 01:02:35 +01:00
Daniel Hensby
f71efb5063 Merge pull request #40 from silverstripe-security/patch/3.4/ss-2017-002
[SS-2017-002] FIX Lock out users who dont exist in the DB
2017-05-28 22:18:56 +01:00
Daniel Hensby
66456138e7
Merge branch '3.6' into 3 2017-05-26 14:58:16 +01:00
Daniel Hensby
02bb308ad5
Merge branch '3.5' into 3.6 2017-05-26 14:57:33 +01:00