Commit Graph

190 Commits

Author SHA1 Message Date
Ingo Schommer
50995fbecb BUG Undefined $allowed_actions overrides parent definitions, stricter handling of $allowed_actions on Extension
Controller (and subclasses) failed to enforce $allowed_action restrictions
on parent classes if a child class didn't have it explicitly defined.

Controllers which are extended with $allowed_actions (through an Extension)
now deny access to methods defined on the controller, unless this class also has them in its own
$allowed_actions definition.
2013-02-17 23:16:22 +01:00
Ingo Schommer
ede381326b BUG Secure composer files from web access (fixes #8011)
Already applied to root .htaccess, but required for dynamically
generated file from installer as well. Also added upgrade instructions.
2013-02-17 22:33:04 +01:00
Ingo Schommer
d969e29d00 API Require ADMIN for ?showtemplate=1 2013-02-12 23:26:04 +01:00
Ingo Schommer
634c91c6ff Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	email/Mailer.php
2013-01-30 12:46:24 +01:00
Nicolaas
7f4541e9f0 Update docs/en/changelogs/3.0.0.md
minor typo
2013-01-29 17:11:47 +01:00
Ingo Schommer
f72a024af5 Updated changelog notes 2012-12-18 10:40:05 +01:00
Ingo Schommer
0d37cd3e69 Updated changelog 2012-12-17 16:40:33 +01:00
Ingo Schommer
407a19cdb6 Beta changelog links 2012-12-17 14:27:31 +01:00
Ingo Schommer
75b0c3ec8f Added 3.1.0-beta1 changelog 2012-12-17 00:47:36 +01:00
Ingo Schommer
1848d7e90a API Check model permissions in GridField 2012-12-17 00:46:51 +01:00
Ingo Schommer
d13c53fda6 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	tests/model/DataQueryTest.php
2012-12-14 10:57:28 +01:00
Ingo Schommer
6f9d01f621 API FormField->setDescription() visible in default template
Renders into <span class="description"> instead of "title" attribute
2012-12-14 01:58:04 +01:00
Ingo Schommer
b65180a7f6 Changelog update for grouped CMS buttons 2012-12-14 01:56:24 +01:00
Hamish Friedlander
27113f82c3 API Make DataList and ArrayList immutable
In 3.0 there was some confusion about whether DataLists and ArrayLists
were mutable or not. If DataLists were immutable, they'd return the result, and your code
would look like

  $list = $list->filter(....);

If DataLists were mutable, they'd operate on themselves, returning nothing, and your code
would look like

 $list->filter(....);

This makes all DataLists and ArrayList immutable for all _searching_ operations.
Operations on DataList that modify the underlying SQL data store remain mutating.

- These functions no longer mutate the existing object, and if you do not capture the value
returned by them will have no effect:

  ArrayList#reverse
  ArrayList#sort
  ArrayList#filter
  ArrayList#exclude

  DataList#dataQuery (use DataList#alterDataQuery to modify dataQuery in a safe manner)
  DataList#where
  DataList#limit
  DataList#sort
  DataList#addFilter
  DataList#applyFilterContext
  DataList#innerJoin
  DataList#leftJoin
  DataList#find
  DataList#byIDs
  DataList#reverse

- DataList#setDataQueryParam has been added as syntactic sugar around the most common
cause of accessing the dataQuery directly - setting query parameters

- RelationList#setForeignID has been removed. Always use RelationList#forForeignID
when querying, and overload RelationList#foreignIDList when subclassing.

- Relatedly,the protected variable RelationList->foreignID has been removed, as the ID is
now stored on a query parameter. Use RelationList#getForeignID to read it.
2012-12-14 13:30:35 +13:00
Ingo Schommer
644cc79ebb API Removed methods previously deprecated in 3.0 2012-12-14 01:16:47 +01:00
Ingo Schommer
c6b1d4aa6b API Storing alternative DB name in cookie rather than session
Session is not initialized by the time we need to use
the setting in DB::connect(). Cookie values get initialized
automatically for each request.

Tightened name format validation to ensure it can only
be used for temporary databases, rather than switching
the browser session to a different production database.

Encrypting token for secure cookie usage.
Added dev/generatesecuretoken to generate this token.
Not storing in YML config directly because of web access issues.
2012-12-13 23:21:48 +01:00
Ingo Schommer
5fed5b91c9 API Moved email bounce handling to new 'emailbouncehandler' module 2012-12-12 23:36:42 +01:00
Ingo Schommer
548ad503ed API Removed keyed arrays for title/value setting in SelectionGroup
Use SelectionGroup_Item class instead. Necessary because
of removal of array key support from ArrayList (see d12b49702).
2012-12-11 11:06:06 +01:00
Ingo Schommer
fb076c0396 API Deprecated global email methods, moved to Mailer class
Code reorganization to reduce global scope pollution.
Removed non-functional `$inlineImages` option for sending emails.
2012-12-09 22:09:35 +01:00
Ingo Schommer
3fad49e2c0 2.4.9 changelog 2012-12-04 22:47:47 +01:00
Sean Harvey
6ce6f9a2c1 Merge branch '3.0' 2012-11-26 17:17:41 +13:00
Hamish Friedlander
e934030bc1 Merge changes for 3.0.3 release into 3.0 2012-11-26 11:34:28 +13:00
Hamish Friedlander
77f7778b4a Add 3.0.3 changelog 2012-11-26 11:20:21 +13:00
Ingo Schommer
c55c7c33f8 Merge branch '3.0'
Conflicts:
	admin/code/CMSProfileController.php
	composer.json
	tests/model/DataObjectTest.php
2012-11-22 23:51:28 +01:00
Hamish Friedlander
5edf86fe7a Merge branch '3.0.3' into 3.0 2012-11-16 14:57:50 +13:00
Hamish Friedlander
fb7db6de6d Add 3.0.3-rc2 changelog 2012-11-16 14:45:20 +13:00
Sean Harvey
4ea5bc5679 adding notes about deprecated things in the core 2012-11-16 11:57:53 +13:00
Sean Harvey
078a8e9c2b Adding note about Object::add_extension() and has_extension() changes 2012-11-07 11:07:56 +13:00
Sean Harvey
169366a011 Merge branch '3.0' 2012-11-06 13:04:21 +13:00
Sean Harvey
34f9c8e866 adding 3.0.3-rc1 to changelog index 2012-11-06 10:58:55 +13:00
Sean Harvey
896ce60432 Adding changelog for 3.0.3-rc1 2012-11-06 10:41:24 +13:00
Sean Harvey
0f55a11a5a Merge pull request #872 from chillu/pulls/file-permission
API File->canEdit() returns TRUE by default (not checking CMS perms)
2012-11-04 19:33:18 -08:00
Sean Harvey
fbc6e3366b Merge branch '3.0' 2012-11-05 15:11:48 +13:00
Ingo Schommer
a7753dfa5b Moved GridField docs to reference 2012-10-30 18:59:26 +01:00
Ingo Schommer
efabde1416 Merge remote-tracking branch 'origin/3.0'
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	security/Member.php
2012-10-30 17:52:49 +01:00
Ingo Schommer
a502b222cc Merge remote-tracking branch 'origin/2.4' into 3.0 2012-10-30 17:24:52 +01:00
Ingo Schommer
9e595db7f3 Changelogs 2012-10-30 17:00:41 +01:00
Juan Molina
f6f96a630e Update docs/en/changelogs/3.0.0.md
Fixed broken links. Hash links were not working. I don’t know how to hide heading-anchor-link links. Tried to correct some layout errors (code quotes).
2012-10-25 17:21:31 +03:00
Ingo Schommer
f365134375 Added 2.4.8-rc1 changelog 2012-10-16 11:09:26 +02:00
Ingo Schommer
a3295e2a37 API File->canEdit() returns TRUE by default (not checking CMS perms)
This is a measure to support form fields and controllers
interacting with files in different contexts,
for example an UploadField used in a ModelAdmin,
or a website frontend. The check for 'CMS_ACCESS_AssetAdmin'
was too restricting. This wasn't a problem in 2.x simply because
the old FileField/Upload classes didn't respect File->can*()
permissions.
2012-10-12 15:42:06 +02:00
Ingo Schommer
38e7df2e91 NEW Enable SiteTree::$nested_urls by default 2012-10-08 17:05:05 +02:00
Saophalkun Ponlu
e3a27ea7da CMS member profile now is no longer in a popup (#7880) 2012-10-08 12:57:55 +02:00
Ingo Schommer
5df519c6b5 Removed SiteTree.MetaTitle and MetaKeywords usage 2012-09-21 11:31:24 +02:00
Sean Harvey
9c2be0f025 Merge branch '3.0' 2012-09-17 15:16:52 +12:00
Sean Harvey
ea35b08634 Added 3.0.2 changelog (and added missing 3.0.1 changelog to the list) 2012-09-17 13:25:31 +12:00
Sean Harvey
b6c1a64b7d Fixed link to RC3 changelog 2012-09-17 12:31:24 +12:00
Ingo Schommer
db1bffb054 Added 3.0.2-rc2 changelog 2012-09-12 11:17:40 +02:00
Ingo Schommer
1088d044c5 Merge remote-tracking branch 'origin/3.0'
Conflicts:
	.travis.yml
2012-09-07 17:21:41 +02:00
Sam Minnee
f49439c1a4 Added 3.0.2-rc1 docs 2012-09-05 11:05:21 +12:00
Hamish Friedlander
3efdb5c981 Merge in changes from 3.0.1 final 2012-07-31 16:51:10 +12:00
Hamish Friedlander
4583e83164 Add changelog for 3.0.1 2012-07-31 16:42:40 +12:00
Hamish Friedlander
3483d10369 Add 3.0.1-rc3 changelog 2012-07-30 11:43:07 +12:00
Hamish Friedlander
c070771fd7 Add changelog for 3.0.1-rc2 2012-07-27 15:31:14 +12:00
Hamish Friedlander
39c6606e13 Add changelog for 3.0.1-rc1 2012-07-25 14:23:33 +12:00
Ingo Schommer
e00c87541e Merge pull request #618 from chillu/pull/deprecate-profiler
API Deprecated Profiler class, removed related debug GET params
2012-07-05 13:43:37 -07:00
Ingo Schommer
64357a4522 Merge branch '3.0'
Conflicts:
	admin/css/screen.css
	admin/scss/_forms.scss
	docs/en/changelogs/3.0.0.md
2012-07-05 18:01:09 +02:00
Ingo Schommer
0fe515e182 API Deprecated Profiler class, removed related debug GET params
Use third party tools like XHProf instead.
Removed defunct or unnecessary debug GET parameters:
debug_profile, debug_memory, profile_trace, debug_javascript, debug_behaviour
2012-07-05 12:02:06 +02:00
Ingo Schommer
de73db9ef7 Restructured 3.0 changelog
Moved some more important stuff up the page,
rewritten upgrading overview to be more task focused,
reduced excessive use of paragraphs to make the text more scannable.
2012-07-04 18:42:38 +02:00
jakr
2b5214b55a Summarized 3.0 changes in changelog 2012-07-04 18:18:27 +02:00
Sam Minnee
5271504feb Fixed changelog links 2012-06-29 11:17:12 +12:00
Sam Minnee
4424ec679a Updated change logs for 3.0.0 stable 2012-06-29 11:05:42 +12:00
Ingo Schommer
19e087d226 Fixed references to deprecated APIs in docs 2012-06-28 14:49:55 +02:00
Ingo Schommer
868d3697fd Fixed usage of DataList etc in docs (fixes #7518) 2012-06-27 16:09:31 +02:00
Sam Minnée
993fc90ef8 Merge pull request #579 from silverstripe-rebelalliance/open/7523
Open/7523
2012-06-26 21:07:22 -07:00
Sam Minnee
05861437bd Added RC3 changelog 2012-06-27 14:42:23 +12:00
Kirk Mayo
2a976066eb MINOR: open/7523 added a note relating to versions and added a missing quote to the changelog for 3.0 2012-06-27 10:50:17 +12:00
Ingo Schommer
8c5c9228cf MINOR Changelog 2012-06-25 01:12:37 +02:00
Sam Minnee
0352a9191e MINOR: Fixed filename glitch in changelog 2012-06-22 11:46:35 +12:00
Sam Minnee
da7935e01c MINOR: Fixed filename glitch in changelog 2012-06-18 18:26:01 +12:00
Ingo Schommer
5f9b54c64a MINOR Added 3.0.0-rc1 changelog 2012-06-18 00:21:46 +02:00
Ingo Schommer
9e21fb8a4a API CHANGE Moved SapphireSoapServer and SOAPModelAccess into its own module at https://github.com/silverstripe/silverstripe-soapserver (fixes #7282) 2012-06-04 10:22:48 +02:00
Ingo Schommer
cb8b11812c API CHANGE Moved RestfulServer into its own module at https://github.com/silverstripe/silverstripe-restfulserver (fixes #7282) 2012-06-04 10:21:29 +02:00
Sean Harvey
792c89e103 ENHANCEMENT Adding List() in the GenericTemplateGlobalProvider so
templates can use <% cached List(Member).max(LastEdited) %> instead
of deprecated "Aggregate" syntax.
2012-05-29 20:04:51 +12:00
Sean Harvey
ed1373d22b MINOR Use better syntax for querying DataList in 3.0 upgrading guide 2012-05-28 18:45:59 +12:00
Sam Minnee
1709a1dd6b MINOR: Updated beta3 changelog 2012-05-28 13:33:15 +12:00
Sean Harvey
48212aa840 MINOR Adding upgrade docs on deprecated Director::redirect() and
Director::redirectBack()
2012-05-25 10:08:59 +12:00
Ingo Schommer
bc4bf9d43c MINOR Added 3.0.0-beta3 changelog 2012-05-21 23:10:30 +02:00
Sean Harvey
d8b5b97e28 MINOR Upgrade notes on TinyMCE upgrade and how to resolve a common issue 2012-05-18 10:56:34 +12:00
Ingo Schommer
6655830231 MINOR Upgrading notes around tab rewrites 2012-05-09 17:47:19 +02:00
Sean Harvey
051d9de482 API CHANGE Deprecated internal access to SQLQuery properties, update core code to reflect these changes.
Using set/add instead in accessor methods, and use Database::sql*ToString() to allow easier per-database adapter SQL overloading.
2012-05-07 14:21:44 +12:00
Ingo Schommer
e949b6f2b0 ENHANCEMENT Backwards compatible $priority parameter for i18n::_t(): Allow numeric arrays as parameters, as well as %s style replacements with a named parameter map (easier transition to new system with existing translation strings) 2012-05-01 22:17:00 +02:00
Ingo Schommer
2784891bd4 MINOR Fixed anchor markdown in upgrading guide, better formatting for config upgrade instructions 2012-04-30 18:00:27 +02:00
Sean Harvey
6d38798970 MINOR Documentation changes 2012-04-23 16:04:08 +12:00
Sean Harvey
e12a82e28f MINOR Documentation on EmailField type attribute change 2012-04-21 11:09:34 +12:00
Sam Minnée
45197b1205 Merge pull request #358 from silverstripe-big-o/ss-reports-documentation
MINOR: updating release notes with documentation describing changes to SS_Report
2012-04-19 21:48:40 -07:00
Sam Minnee
f7ce7e1878 MINOR: More documentation fixes. 2012-04-20 16:45:52 +12:00
Sam Minnee
ebf3e0c40e MINOR: Fixed changelogs to format in older PHP versions 2012-04-20 16:40:52 +12:00
Julian Seidenberg
91df7ac341 MINOR: updating release notes with documentation describing changes to ReportAdmin and SS_Report classes 2012-04-20 16:31:24 +12:00
Sam Minnee
58599dc9d1 Added 3.0.0-beta2 changelog 2012-04-20 15:18:32 +12:00
Sean Harvey
3616fb01de MINOR Documentation for new Config system and DataExtension/extraStatics when upgrading 2012-04-19 11:13:40 +12:00
Ingo Schommer
2b5a9060e9 MINOR Doc anchors so we can link to sections from other release notes 2012-04-19 00:21:19 +02:00
Julian Seidenberg
7710cf59c7 MINOR: updating the documentation 2012-04-18 18:14:03 +12:00
Sean Harvey
51b5120480 MINOR Documentation about renaming sapphire to framework 2012-04-16 13:43:48 +12:00
Ingo Schommer
03de6e5e5f MINOR Removed i18nSSLegacyTranslator from default setup for performance reasons, document how to re-apply it 2012-04-15 17:17:16 +02:00
Sean Harvey
b2d602f275 MINOR Formatting code text properly in changelog 2012-04-15 10:50:20 +12:00
Sean Harvey
8949dfa691 ENHANCEMENT Replaced locations of sapphire with $ModulePath(framework) in templates, based off Controller which implements TemplateGlobalProvider 2012-04-15 10:50:20 +12:00
Sean Harvey
b755ab62e5 MINOR Update docs about sapphire rename, ModulePath template variable 2012-04-15 10:50:20 +12:00
Simon Welsh
656369008c API-CHANGE Update docs to match renaming of sapphire to framework 2012-04-15 10:50:19 +12:00
Ingo Schommer
8ba9c3ca6b API CHANGE Removed $params argument to DataObject->getCMSFields(), please use FormScaffolder directly (fixes #7135) 2012-04-13 15:46:47 +02:00
Sean Harvey
33d58c5c5c MINOR Notes about removal of AdvancedSearchForm 2012-04-10 22:39:44 +12:00