tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
20,724 Commits 31 Branches 527 Tags 162 MiB
73df3166b7
Commit Graph

85 Commits

Author SHA1 Message Date
Robbie Averill
ee24413c30 Merge branch '4.2' into 4 2018-10-03 15:28:05 +02:00
Robbie Averill
231d6d9a9f FIX New members now receive the configured default locale, not the current locale 2018-09-28 16:25:10 +02:00
Robbie Averill
f842ee2eec Update deprecation PHPDocs to be PSR-5 compliant 
See: https://github.com/php-fig/fig-standards/blob/master/proposed/phpdoc-tags.md#55-deprecated
 2018-09-28 10:49:14 +02:00
Robbie Averill
dbab696690 FIX Message when changing password with invalid token now contains correct links to login 
The Security controller should be used to return these links rather than the
ChangePasswordHandler
 2018-08-20 22:30:12 +12:00
Ingo Schommer
c541283093 Test coverage for session data change 2018-07-20 15:13:26 +12:00
Daniel Hensby
560fe9820a FIX remove personal information from password reset confirmation screen 2018-07-05 14:19:15 +12:00
Damian Mooyman
6da72d686f Maybe fix it? 2018-06-20 14:46:50 +12:00
Robbie Averill
6d98a912c9 Merge branch 'heads/4.1.1' into 4.1 2018-05-28 18:26:20 +12:00
Robbie Averill
722202fef4 Merge remote-tracking branch 'origin/4.0.4' into 4.1.1 
# Conflicts:
  #	src/Control/Director.php
 2018-05-24 15:41:11 +12:00
Robbie Averill
e7e32d13a3
FIX Add namespace and encryptor to tests that expect blowfish to be available 2018-05-24 11:24:56 +12:00
Robbie Averill
5887201dd5
Merge pull request #64 from silverstripe-security/pulls/4.0/ss-2018-010 
[SS-2018-010] Fix regression of SS-2017-002
 2018-05-14 17:12:45 +12:00
Robbie Averill
beec0c0d47 [SS-2018-010] Fix regression of SS-2017-002 2018-05-14 17:12:07 +12:00
Damian Mooyman
e409d6f673 [ss-2018-001] Restrict non-admins from being assigned to admin groups 2018-05-14 17:10:22 +12:00
Damian Mooyman
9a12fac218
BUG Prevent password validator min score producing false negatives 
Replaces #7995
 2018-04-18 10:35:31 +12:00
Daniel Hensby
c04ff8c55a
Merge branch '4.0' into 4.1 2018-02-21 13:40:30 +00:00
Damian Mooyman
0e26c06644
BUG Fix behaviour towards versioned but unstagable records 2018-02-20 12:20:18 +13:00
Daniel Hensby
7ec5fa2c8d
Merge branch '4.0' into 4.1 2018-02-09 15:19:15 +00:00
Daniel Hensby
e298fcc345
Merge branch '3.6' into 4.0 2018-02-09 14:32:58 +00:00
Damian Mooyman
2f1f5c0caa
Merge remote-tracking branch 'origin/4.0' into 4 2018-02-07 11:48:46 +13:00
Daniel Hensby
660dfd34a8
FIX Issue where default admin has no password encryption 2018-02-06 20:18:32 +00:00
Christopher Joe
456871fd91 Enhancement Updated PasswordValidator to fallback to config options - still retains instance variables 2018-01-31 10:54:43 +13:00
Damian Mooyman
a3c52f901a
Merge remote-tracking branch 'origin/4.0' into 4 
# Conflicts:
#	src/Core/TempFolder.php
#	src/ORM/DataObject.php
#	src/View/ThemeResourceLoader.php
#	src/includes/constants.php
#	tests/php/Control/SimpleResourceURLGeneratorTest.php
#	tests/php/Forms/HTMLEditor/HTMLEditorFieldTest.php
#	tests/php/View/RequirementsTest.php
 2018-01-22 14:57:05 +13:00
Daniel Hensby
db610aaf3b
Fixing string concat CS issues 2018-01-16 18:39:30 +00:00
Daniel Hensby
c959160375
FIX Misnamed test namespaces 2018-01-16 17:41:18 +00:00
Damian Mooyman
c4ff8443bb
API Shift basic auth checking into middleware 
Fixes #7554
 2017-12-20 11:39:04 +13:00
Chris Joe
4ad9ceca6b
Merge pull request #7702 from open-sausages/pulls/4/fix-message-casting-permissions 
BUG Fix message casting for html security messages
 2017-12-18 15:43:35 +13:00
Daniel Hensby
e4bf9a31ed
Merge branch '4.0' into 4 2017-12-14 21:20:11 +00:00
Daniel Hensby
1c72d6946d
Merge branch '3.6' into 4.0 2017-12-14 21:01:35 +00:00
Damian Mooyman
140ed72e2a
BUG Fix message casting for html security messages 2017-12-14 14:49:58 +13:00
Damian Mooyman
33b2d50d59
Cache warming in InheritedPermissions::getCachePermissions() 
Simplify Group::Members() code
Remove cms-only config
 2017-12-12 09:01:43 +13:00
Aaron Carlino
2be902ef2f Adapt to new MemberCacheFlusher interface 2017-12-11 17:50:11 +13:00
Aaron Carlino
aefb0aeaa8 Make InheritedPermissions use cache and implement cache flushing 2017-12-11 17:50:11 +13:00
Damian Mooyman
ee27329728 Minor linting / style updates 2017-12-11 16:46:59 +13:00
Aaron Carlino
86458941be Refactor to MemberCacheFlusher 2017-12-11 16:46:59 +13:00
Aaron Carlino
4857816c9e Revisions per robbieaverill 2017-12-11 16:46:59 +13:00
Aaron Carlino
eecb9f64d3 Add new InheritedPermissionFlusher extension, CacheFlusher service 2017-12-11 16:46:59 +13:00
Damian Mooyman
f1dd3d6f03
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt 2017-11-30 17:00:49 +13:00
Damian Mooyman
6a73466b41 BUG Fix basicauth 2017-11-03 12:08:38 +13:00
Robbie Averill
6b52412693 NEW Make Member::changePassword extensible 2017-10-05 11:18:34 +13:00
Mike Cochrane
41d1b2a882 Test fix: Don't hard code the security page_class controller 2017-09-16 11:27:16 +12:00
Daniel Hensby
c0211927aa
Merge branch '3' into 4 2017-08-14 21:18:03 +01:00
Damian Mooyman
b6a8e45888
BUG Ensure mocked controller has request assigned 
Fixes #7237
 2017-08-03 15:52:31 +12:00
Robbie Averill
da4e46e4de FIX Use merge and set instead of update for config calls 2017-07-17 17:59:40 +12:00
Damian Mooyman
85359ad59e
BUG Ensure that installer can create an initial admin account 
Fixes #7124
 2017-07-06 13:30:04 +12:00
Damian Mooyman
f65e3627dc
BUG Implement or exclude all pending upgrader deltas 2017-07-03 12:21:47 +12:00
Daniel Hensby
c69a565b08 Merge pull request #7046 from andrewandante/FEAT/add_inGroup_to_Group 
add inGroup(s) methods to Group
 2017-06-30 16:38:55 +01:00
Andrew Aitken-Fincham
ab60a167e6 add inGroup(s) methods to Group 2017-06-30 12:47:37 +01:00
Daniel Hensby
30986b4ea3
[SS-2017-002] FIX Lock out users who dont exist in the DB 2017-06-29 13:58:55 +12:00
Ingo Schommer
60a3c8754a Simplify SecurityTest redirect assertion 
It causes inexplicable failures in the installer test,
while it's passing running in framework standalone.
This might be related to the cms module being present (with framework tests executed).

Either way, testing that FunctionalTest can follow a redirect
and correctly display the "/" homepage isn't really the point of this test. It should limit its assertion to the presence of a redirect.

See https://travis-ci.org/silverstripe/silverstripe-installer/jobs/246703789
 2017-06-27 09:23:37 +12:00
Ingo Schommer
e592bed3e5 Fixed merge error 2017-06-22 23:07:58 +12:00