Commit Graph

2787 Commits

Author SHA1 Message Date
Damian Mooyman
6f548a0ed0 Add unit tests for oembed autodiscover and thumbnail detection 2016-04-15 14:00:10 +12:00
Damian Mooyman
e1865151c5 Merge pull request #5098 from bummzack/5086-fix-member-validator
Fix for issue #5086
2016-02-26 14:39:53 +13:00
Roman Schmid
f691a5da32 Improve Member_Validator to:
- properly check for existing members.
- allow extensions.
- remove old code and replace with new syntax and add config API.

Fix issue in Group code where Member_Validator was instantiated via "new" which didn't allow injector overrides.
Added unit-tests.

Establish a link between the member and the validator for said member.
2016-02-25 16:10:52 +01:00
Damian Mooyman
9fed5561f4 Merge remote-tracking branch 'origin/3.3' into 3
# Conflicts:
#	core/Constants.php
#	dev/DevelopmentAdmin.php
2016-02-24 17:39:04 +13:00
Damian Mooyman
5f2d3f31d7 Merge remote-tracking branch 'origin/3.2' into 3.3
# Conflicts:
#	dev/DevelopmentAdmin.php
#	docs/en/02_Developer_Guides/08_Performance/02_HTTP_Cache_Headers.md
#	lang/cs.yml
#	lang/lt.yml
2016-02-24 17:29:06 +13:00
Damian Mooyman
ff5ed6efeb Merge remote-tracking branch 'origin/3.2.2' into 3.2 2016-02-24 17:03:43 +13:00
Damian Mooyman
e2c77c5a8f [ss-2016-002] Ensure Gridfield actions respect CSRF 2016-02-24 11:33:53 +13:00
Tyler Kidd
375bbf954e Enhancement and fix for issue #3186 2016-02-23 14:53:52 -06:00
Damian Mooyman
65a0981c08 BUG Correct behaviour of publish with $createNewVersion = true
Fixes #5040
Cleanup code to make behaviour more apparent
2016-02-23 10:15:49 +13:00
Damian Mooyman
56e92f5a32 [ss-2016-002] Ensure Gridfield actions respect CSRF 2016-02-18 17:28:54 +13:00
Mark Stephens
3fcf1e2c98 BUG edge case on many many extra fields (fixes 4991)
Fixes an edge case where extraFields are not returned if
one side of a many many is added via extension (although this
may not be the only failure case). Fixes a
downstream issue with dms breaking the CMS on framework 3.2.

The bug is where a many many relationship exists on a class,
and a sub-class attempts to get the extra fields of the
relationship. The change fixes the test for exact matching of
the relationship class to the instance class, to checking if
the instance is the class or a subclass of the relationship.

The unit tests check the dms failure case, which is a more
complex failure case.
2016-02-04 12:47:07 +13:00
Damian Mooyman
e091bb8474 Merge remote-tracking branch 'origin/3.3' into 3
# Conflicts:
#	admin/scss/_forms.scss
#	admin/scss/_style.scss
#	tests/model/VersionedTest.yml
2016-01-25 15:57:37 +13:00
Damian Mooyman
7c448bb4a2 Merge remote-tracking branch 'origin/3.2' into 3.3
# Conflicts:
#	tests/model/DataObjectLazyLoadingTest.php
#	tests/model/VersionedTest.yml
2016-01-25 14:11:37 +13:00
Damian Mooyman
f8ce2d7631 Merge pull request #4973 from dhensby/pulls/multibyte-char-fix
Remove question marks, equal signs and hashes
2016-01-25 10:00:07 +13:00
Daniel Hensby
119bd2f873 Merge pull request #4845 from tractorcow/pulls/3/extension-hook-byref
API before/afterExtend now support parameters passed by reference
2016-01-22 16:08:20 +00:00
Damian Mooyman
bf8bf5e4d5 BUG Prevent Versioned::doRollbackTo from creating incorrect versions on subclasses of Versioned DataObjects
Document correct configuration of Versioned DataObjects
Fixes #4936
2016-01-22 15:35:58 +13:00
Jarkko Linnanvirta
cf8e9f2427 Test removing some bad characters when multibyte is allowed 2016-01-21 12:57:50 +02:00
Damian Mooyman
df76d783fe BUG Fix VersionedTest sometimes failing given certain querystring arguments 2016-01-20 14:49:46 +13:00
Damian Mooyman
8e4db95f72 Fix merge regressions 2016-01-19 17:08:40 +13:00
Damian Mooyman
8c1cafd1a0 Merge remote-tracking branch 'origin/3.3' into 3
# Conflicts:
#	admin/scss/_forms.scss
#	admin/scss/_style.scss
#	admin/scss/_tree.scss
#	javascript/TreeDropdownField.js
2016-01-19 17:08:26 +13:00
Damian Mooyman
5d240feaec Merge remote-tracking branch 'origin/3.2' into 3.3 2016-01-19 15:08:24 +13:00
Damian Mooyman
46cbe809ac Merge remote-tracking branch 'origin/3.1' into 3.2
# Conflicts:
#	docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
#	docs/en/02_Developer_Guides/14_Files/01_Image.md
#	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Menu.md
#	docs/en/03_Upgrading/index.md
#	docs/en/05_Contributing/01_Code.md
#	forms/TreeMultiselectField.php
#	security/Permission.php
2016-01-19 14:00:19 +13:00
Daniel Hensby
2dd8d5e518 Fixing anchor selection 2016-01-12 17:35:06 +00:00
Sam Minnee
4aa50534d5 FIX: Fixes needed to adapt to whitespace changes.
API: Whitespace trimmed from custom form field templates

The introduction of trailing newlines on all template files introduced
some changes that needed to be made.

Notably, whitespace has been trimmed from rendered form field templates.
This is the minimal impact to SilverStripe developers, as it preserves
the behaviour of the default field types, but I’ve still noted as a
change.
2016-01-07 14:17:57 +13:00
Sam Minnee
3ee8f505b7 MINORE: Remove training whitespace.
The main benefit of this is so that authors who make use of
.editorconfig don't end up with whitespace changes in their PRs.

Spaces vs. tabs has been left alone, although that could do with a
tidy-up in SS4 after the switch to PSR-1/2.

The command used was this:

for match in '*.ss' '*.css' '*.scss' '*.html' '*.yml' '*.php' '*.js' '*.csv' '*.inc' '*.php5'; do
	find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" -exec sed -E -i '' 's/[[:space:]]+$//' {} \+
	find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" | xargs perl -pi -e 's/ +$//'
done
2016-01-07 10:15:54 +13:00
Loz Calver
c9ba0e48fc NEW: Add ViewableData::setFailover() to refresh detected methods when changing failover 2016-01-06 15:19:33 +00:00
Daniel Hensby
4335d8ed22 FIX Members with no ID inherit logged in user permission 2016-01-05 08:16:18 +00:00
Damian Mooyman
bb09340605 Merge pull request #4876 from SilbinaryWolf/remove-validation-from-lookupfield
Added unit test to ensure LookupField can't save into a DataObject
2016-01-05 10:18:36 +13:00
Jake Ben
c07dcaa3af Added unit test to ensure LookupField can't save into a DataObject 2015-12-24 14:30:50 +11:00
Damian Mooyman
fce82519bd BUG Workaround for issues in testing version 2015-12-22 17:47:53 +13:00
Damian Mooyman
19b10044ec Merge remote-tracking branch 'origin/3.2' into 3 2015-12-22 17:05:07 +13:00
Damian Mooyman
66b3a6a2c5 Merge pull request #4840 from mateusz/guard
BUG Guard against users being added to all groups on unsaved Group.
2015-12-22 16:29:09 +13:00
Damian Mooyman
48a30909f3 Merge remote-tracking branch 'origin/3.2' into 3
# Conflicts:
#	admin/javascript/LeftAndMain.BatchActions.js
#	css/UploadField.css
#	forms/HtmlEditorField.php
2015-12-22 14:07:52 +13:00
Loz Calver
d265c9b733 FIX: Allow omitting a value for OptionsetField submissions (fixes #4824) 2015-12-14 16:50:22 +00:00
Loz Calver
9467ab9a7e NEW: Implement unshift() in field list classes (closes #4834) 2015-12-14 16:18:57 +00:00
Damian Mooyman
62f183d037 API before/afterExtend now support parameters passed by reference
Closes #4810
2015-12-14 10:10:45 +13:00
Mateusz Uzdowski
5a21b2fb15 BUG Guard against users being added to all groups on unsaved Group.
If ->Members()->add() is called on an unsaved group (with ID 0), the
collateFamilyIDs() will errorneously return all root Groups thinking
it's looking for Groups with ParentID=0. As a result, the Member will be
added to all root groups, instead of just the selected group and all its
children.
2015-12-11 14:51:51 +13:00
Ingo Schommer
0175167761 Merge pull request #4830 from open-sausages/pulls/3/fix-querystring-stage
API Disable unauthenticated get parameter access to site stage mode
2015-12-10 10:44:43 +13:00
Damian Mooyman
fa0160a874 BUG Fix regression in canViewStage 2015-12-09 14:53:21 +13:00
Hamish Friedlander
1eda9151a4 Merge pull request #4831 from open-sausages/pulls/3/fix-versioned-canview
API Create default security permission model for versioned data objects
2015-12-09 14:17:27 +13:00
Damian Mooyman
6089a7c5bd API Create default security permission model for versioned data objects 2015-12-09 11:33:53 +13:00
Marcus Nyeholt
fc5e584201 Format for SS3 using tabs instead of spaces 2015-12-08 15:19:24 +11:00
Damian Mooyman
38e154af0a API Disable get parameter access to site stage mode
BUG Fix missing and undocumented response from Security::permissionFailure()
2015-12-07 17:39:18 +13:00
Marcus Nyeholt
f7c270a3ba NEW Use Config for determining Vary header
Existing implementation hardcodes the Vary header; swap to using Config layer
instead

Added test for changing the variable from config
2015-12-02 10:28:24 +11:00
Christopher Darling
e9b833f5f0 FIX: ConfirmedPassword field correctly reports mismatching passwords
added testFormValidation to prove #4780
2015-11-20 15:56:27 +00:00
Loz Calver
68d99be24b FIX: Hidden errors for composite fields nested inside FieldGroups (fixes #4773) 2015-11-17 16:34:17 +00:00
Damian Mooyman
fd6ae72e1d Merge remote-tracking branch 'origin/3.2.1' into 3.2 2015-11-16 16:39:15 +13:00
Hamish Friedlander
b61d6dcd57 [ss-2015-027]: FIX HtmlEditorField_Toolbar#viewfile not whitelisting URLs 2015-11-13 15:20:09 +13:00
Damian Mooyman
fea1158d19 BUG Fix print button only displaying first page 2015-11-12 14:59:08 +13:00
Damian Mooyman
245e0aae2f [ss-2015-026]: BUG Fix FormField error messages not being encoded safely 2015-11-11 17:50:02 +13:00