Stig Lindqvist
0d031a5045
API CHANGE Use Config for registering default password encryptors
...
Using the config system for registering password encryptors
Remove the eval on password encryptor construction by using reflection
Throws deprecation messages when using static register / unregister
2012-04-07 19:14:00 +12:00
Ingo Schommer
d0d23dc591
Merge pull request #271 from halkyon/group_changes
...
BUGFIX Nested Group records should be removed, along with the parent.
2012-03-28 02:52:52 -07:00
Sean Harvey
bd95bcaf61
BUGFIX Nested Group records should be removed, along with the parent.
2012-03-28 22:49:58 +13:00
Sean Harvey
e097f6e1a8
MINOR Fixes to method arguments in core classes for E_STRICT support.
...
API CHANGE Remove abstract static function and just use static functions
in Authenticator (PHP 5.3+ doesn't support abstract static functions)
2012-03-28 22:41:42 +13:00
Sean Harvey
d28da56e19
BUGFIX Fixed regression where Member::PasswordEncryption field wouldn't be set to the default
2012-03-09 17:29:57 +13:00
Ingo Schommer
424da6abe1
API CHANGE Moved NZGovtPasswordValidator to new 'securityextras' module
2012-03-02 00:28:22 +01:00
Fred Condo
d370423825
Clean up trailing ?> per coding standard
...
All sapphire but the lang directory
2012-02-12 12:40:16 -08:00
Sam Minnee
ec73555db4
MINOR: Text fix.
2011-10-29 17:36:38 +13:00
Sam Minnee
22e5617ee2
MINOR: Moved from use of deprecated SQLMap to SS_Map.
2011-10-29 17:36:37 +13:00
Sam Minnee
3e3188f81a
MINOR: Update tests for deprecated functions to explicitly disable deprecation errors.
2011-10-29 17:34:32 +13:00
Sam Minnee
a49b56a348
MINOR: Removed usage of deprecated FormField::Name()
2011-10-29 17:34:32 +13:00
Simon Welsh
2c0257e9b9
Cast the header value to string as PHPUnit can't handle it being NULL.
2011-10-29 15:24:06 +13:00
Will Rossiter
1732a17114
Merged new-orm into datagrid
2011-09-26 16:47:54 +13:00
Ingo Schommer
e1931c107f
MINOR Updated MemberTest to accept new default date formats caused by Zend/CLDR upgrade (from 'MM/dd/yyyy' to a less ambiguous 'MMM d, y')
2011-05-31 07:55:12 +12:00
ajshort
1f6f7f0862
API CHANGE: Deprecated CompositeField->FieldSet() in favour of CompositeField->FieldList().
...
MINOR: Replaced usage of FieldSet with FieldList.
MINOR: Renamed FieldSetTest to FieldListTest.
2011-05-11 17:51:54 +10:00
ajshort
c025ce7a4a
MINOR: Replaced usage of deprecated toDropdownMap() with map().
2011-05-03 13:05:27 +10:00
ajshort
04e30243d0
MINOR: Updated MemberTest to work with a standard array iterator.
2011-05-03 12:16:40 +10:00
Sam Minnee
0de6dbc848
BUGFIX: Fixed Permission::add_to_hidden_permissions() and Permission::remove_from_hidden_permissions()
2011-05-01 15:26:28 +12:00
Sam Minnee
de1494e3a8
ENHANCEMENT: Implemented DataList as the successor of DataObjectSet. DataList doesn't execute the query until it's actually needed, allowing for a more flexible ORM.
...
API CHANGE: augmentSQL is now passed a DataQuery object from which query parameters can be extracted.
API CHANGE: DataObjectDecorators that manipulate the query can now define augmentDataQueryCreation().
API CHANGE: The container class argument for DataObject::get() is deprecated.
API CHANGE: DataObject::buildSQL() and DataObject::extendedSQL() are deprecated; just use DataObject::get() now.
API CHANGE: DataObject::instance_get() and DataObject::instance_get_one() are deprecated, and can no longer be overloaded.
API CHANGE: DataObject::buildDataObjectSet() is deprecated.
API CHANGE: Cant't call manual manipulation methods on DataList such as insertFirst()
2011-05-01 15:25:45 +12:00
Sam Minnee
3619eae9eb
MINOR: Don't couple GroupTest to the Member_GroupSet object.
2011-05-01 15:25:14 +12:00
ajshort
3a1c2df4e7
API CHANGE: Renamed DataObjectDecorator to DataExtension.
...
API CHANGE: Renamed LeftAndMainDecorator to LeftAndMainExtension.
MINOR: Replaced all references to decorators with extension.
2011-04-26 11:01:38 +10:00
Ingo Schommer
d5efacbf56
BUGFIX Less fragile 'newness' check on Group->Code in Group->onBeforeWrite() ( fixes #6595 )
2011-04-14 21:38:07 +12:00
Ingo Schommer
2870eb9212
MINOR Changed $fixture_path to relative filenames in all sapphire test cases in order to allow easier file moving and less verbosity in tests
2011-03-30 23:04:48 +13:00
Ingo Schommer
95dcc74c10
MINOR Removed reliance of sapphire/admin unit tests on SiteTree and CMSMain
2011-03-29 18:20:10 +13:00
Ingo Schommer
65e7b83421
MINOR Made login form redirection test in SecurityTest explicit, rather than implicit through testLogInAsSomeoneElse()
2011-03-29 18:08:33 +13:00
Paul Meyrick
dc36725869
MINOR Using BlankPage template in SecurityTest, BasicAuthTest to remove ContentController dependency
...
MINOR Checking for SiteTree class existence in Security, Translatable
MINOR Checking for ContentController existence in FulltextSearchable
MINOR Removed unnecessary ContentController tests from ObjectTest
MINOR Replaced CMS specific examples in PermissionCheckboxSetFieldTest, DataObjectTest
MINOR Changed SecurityTest to make assertions against Security/login rather than relying on redirection from admin/cms
2011-03-29 18:07:55 +13:00
Ingo Schommer
d099c7e5ba
BUGFIX Unregistering custom Authenticators in SecurityTest->setUp()
2011-03-21 18:13:01 +13:00
Ingo Schommer
a7e9be3bc4
BUGFIX Fixing SecurityTest to clear any custom settings in Security::$force_database_is_ready before making assertions
2011-03-21 18:12:59 +13:00
Ingo Schommer
2184acf17d
Revert "MINOR Replaced assertType() calls with assertInstanceOf(), deprecated in PHPUnit 3.6 (throws warnings as of 3.5.10)" - cased too many problems with mixed build environments that require PHP 3.4
...
This reverts commit 65f6104cd6
.
2011-03-11 15:06:09 +13:00
Ingo Schommer
498e5758bf
BUGFIX Avoid privilege escalation from EDIT_PERMISSIONS to ADMIN through TreeMultiselectField (in Member->getCMSFields()) by checking for admin groups in Member->onChangeGroups()
2011-03-09 15:49:41 +13:00
Ingo Schommer
662c5259e5
BUGFIX Fixed Group->collateAncestorIDs() handling of orphans ( fixes #6413 )
2011-02-22 00:19:23 +13:00
Ingo Schommer
65f6104cd6
MINOR Replaced assertType() calls with assertInstanceOf(), deprecated in PHPUnit 3.6 (throws warnings as of 3.5.10)
2011-02-21 18:49:09 +13:00
Ingo Schommer
4b2c64c843
BUGFIX Avoid potential referer leaking in Security->changepassword() form by storing Member->AutoLoginHash in session instead of 'h' GET parameter
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114758 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-09 21:18:49 +00:00
Sam Minnee
05d6df2193
MINOR Fixed php tag in SecurityTokenTest, should be "<?php" not "<?" (from r114016)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114543 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 08:41:38 +00:00
Sam Minnee
9ec31acacb
ENHANCEMENT Added SecurityToken to wrap CSRF protection via "SecurityID" request parameter (from r113272)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114525 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 08:22:57 +00:00
Ingo Schommer
c378448f19
ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114497 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 00:18:19 +00:00
Ingo Schommer
ab563c1418
MINOR Using built-in ORM methods for GroupTest
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114135 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-11-24 06:23:49 +00:00
Sam Minnee
1fc540c16b
MINOR Fixed regression from r111843 (i18nText, MemberDatetimeFieldTest, MemberTest) (from r111844)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112929 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 05:01:35 +00:00
Sam Minnee
ef36436f75
BUGFIX Protect MemberTest from side effects caused by auth_openid and forum modules (from r110894)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112865 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 03:01:29 +00:00
Sam Minnee
d8a8635374
API CHANGE Member->canEdit() returns false if the editing member has lower permissions than the edited member, for example if a member with CMS_ACCESS_SecurityAdmin permissions tries to edit an ADMIN ( fixes #5651 ) (from r110856)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112861 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 02:46:26 +00:00
Sam Minnee
274387f0f4
BUGFIX: BasicAuthTests fail when Member's unique_identifier_field is anything except the default of Email (from r109834)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112831 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 01:26:49 +00:00
Sam Minnee
38f9e74fba
MINOR Tests for Member::getName() and Member::setName() (from r109333)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112823 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 01:24:04 +00:00
Sam Minnee
b7f21302bc
MINOR Fixed failing test as session being set before logging out and losing BackURL (from r108518)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112759 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 00:47:19 +00:00
Sam Minnee
0e3693f99e
BUGFIX: tests now pass when the locale is set to something other than 'en_US' in the mysite's _config.php file (from r107940)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112702 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-18 22:33:41 +00:00
Sam Minnee
93eb6214b7
ENHANCEMENT Allowing custom messages and permission codes in BasicAuth::protect_entire_site()
...
ENHANCEMENT Making $permissionCode argument optional for BasicAuth::requireLogin(). If not set the logic only checks for a valid account (but no group memberships)
ENHANCEMENT Using SS_HTTPResponse_Exception instead of header()/die() in BasicAuth::requireLogin() to make it more testable (from r107867)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112701 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-18 22:29:35 +00:00
Ingo Schommer
577e82a123
BUGFIX Fixed Member->PasswordEncryption defaults when writing new Member without setting a password. Fixes critical issue with MemberTableField saving in admin/security, where new members are stored with a cleartext password by default instead of using the default SHA1 (see #5772 ) (from r107532)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112602 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:52:38 +00:00
Ingo Schommer
47762cdf5b
ENHANCEMENT #5352 Decouple date display from i18n locales, users now have access to change their date and time formats in Member::getCMSFields() using Member_DatetimeOptionsetField field (from r107326)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112568 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:23:02 +00:00
Ingo Schommer
d51627a342
MINOR Fixed hardcoded error message in PasswordValidator ( fixes #5734 )
...
MINOR Added PasswordValidatorTest (from r106687)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112534 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:03:19 +00:00
Ingo Schommer
39b056024f
APICHANGE: moved Group::addToGroupByName to $member->addToGroupByCode. (from r106217)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112528 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:00:48 +00:00
Ingo Schommer
caa2a292bb
BUGFIX: SecurityTest tests would fail on sites which had set a non-default unique identifier field for Members (from r104016)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112329 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-14 23:53:44 +00:00