tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
12,158 Commits 31 Branches 527 Tags 162 MiB
702b6c94c4
Commit Graph

14 Commits

Author SHA1 Message Date
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction() 
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
 2013-06-24 14:50:40 +02:00
Ingo Schommer
d42cbdd613 Removed "Last visited" from admin/myprofile (fixes #648) 
It doesn't make any sense in this context
 2013-06-13 15:01:23 +02:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317) 
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
 2013-03-24 17:20:53 +01:00
Ingo Schommer
b3657147bf BUG Remove "delete" button from "My Profile" (fixes #8121) 2012-12-15 20:02:17 +01:00
Simon Welsh
b0121b541c Add codesniffer that ensures indentation is with tabs. 2012-12-12 17:33:31 +13:00
Ingo Schommer
c55c7c33f8 Merge branch '3.0' 
Conflicts:
	admin/code/CMSProfileController.php
	composer.json
	tests/model/DataObjectTest.php
 2012-11-22 23:51:28 +01:00
Sean Harvey
aec59de955 Adding title to CMSProfileController so translations get default 2012-11-07 11:41:48 +13:00
Ingo Schommer
08832261c1 Fixed merge errors in CMSProfileController 2012-10-30 18:03:49 +01:00
Ingo Schommer
efabde1416 Merge remote-tracking branch 'origin/3.0' 
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	security/Member.php
 2012-10-30 17:52:49 +01:00
Saophalkun Ponlu
e3a27ea7da CMS member profile now is no longer in a popup (#7880) 2012-10-08 12:57:55 +02:00
Ingo Schommer
e2f073f38a Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
Simon Welsh
f8082e4814 MINOR Add newline to end of files without one 2012-04-15 10:50:19 +12:00
Ingo Schommer
2abb021efb BUGFIX Restored old permission code model, broken due to new controller structure. Introduced LeftAndMain::$required_permission_codes as a way to control permissions independently of subclasses, and "cluster" multiple classes under a single code. 2012-03-05 17:41:49 +01:00
Ingo Schommer
02e728fa08 BUGFIX Fixed visibility of admin/myprofile for non-admins by moving it to a new CMSProfileController class and overloaded canView() 2012-03-02 20:46:22 +01:00