Damian Mooyman
ed6561d9f5
BUG Fix incorrect merge of associative / non-associative summary fields
...
Fixes #7696
2017-12-14 14:17:19 +13:00
Damian Mooyman
8b1b9f022b
Fix linting issues
2017-12-14 13:50:52 +13:00
Saophalkun Ponlu
31e04c8491
ENHANCEMENT Allow html in security failure message
2017-12-13 17:10:16 +13:00
Damian Mooyman
a2fa9f0943
Merge pull request #7694 from creative-commoners/pulls/4.0/injection-session
...
FIX Use Injector to retrieve the current session
2017-12-12 16:47:36 +13:00
Robbie Averill
eb6c1fc6de
FIX Allow the current controller as well as injectable HTTPRequest objects
2017-12-12 16:35:53 +13:00
Robbie Averill
097d0697c5
FIX Use Injector to retrieve the current session
2017-12-12 16:03:16 +13:00
Damian Mooyman
2391af5ba7
Fix literal linting
2017-12-12 09:22:18 +13:00
Damian Mooyman
33b2d50d59
Cache warming in InheritedPermissions::getCachePermissions()
...
Simplify Group::Members() code
Remove cms-only config
2017-12-12 09:01:43 +13:00
Loz Calver
0e1753f33d
FIX: Only show table_name warning on dev/build
2017-12-11 17:33:39 +00:00
Aaron Carlino
2be902ef2f
Adapt to new MemberCacheFlusher interface
2017-12-11 17:50:11 +13:00
Aaron Carlino
45999e1133
Revisions per robbieaverill
2017-12-11 17:50:11 +13:00
Aaron Carlino
aefb0aeaa8
Make InheritedPermissions use cache and implement cache flushing
2017-12-11 17:50:11 +13:00
Damian Mooyman
ee27329728
Minor linting / style updates
2017-12-11 16:46:59 +13:00
Aaron Carlino
8b429bf47b
update docblock
2017-12-11 16:46:59 +13:00
Aaron Carlino
86458941be
Refactor to MemberCacheFlusher
2017-12-11 16:46:59 +13:00
Aaron Carlino
4857816c9e
Revisions per robbieaverill
2017-12-11 16:46:59 +13:00
Aaron Carlino
eecb9f64d3
Add new InheritedPermissionFlusher extension, CacheFlusher service
2017-12-11 16:46:59 +13:00
Damian Mooyman
71c80d3762
Merge remote-tracking branch 'origin/4.0' into 4
2017-12-11 14:09:41 +13:00
Damian Mooyman
eba6129c07
Merge pull request #7677 from open-sausages/pulls/4/textarea-maxlength
...
Enable max length for textarea field
2017-12-11 10:34:29 +13:00
Damian Mooyman
69decdf3a4
BUG Don't warn on table name for classes without tables
...
Fixes #7686
2017-12-11 09:55:57 +13:00
Damian Mooyman
627b496379
Fix linting issue
2017-12-11 09:00:04 +13:00
Saophalkun Ponlu
381ad756f2
Fix tests
2017-12-08 09:58:52 +13:00
Damian Mooyman
6b384f4b35
Merge branch '4.0' into 4
2017-12-07 13:52:00 +13:00
Saophalkun Ponlu
442f2bb762
Enable max length for textarea field
2017-12-07 12:52:28 +13:00
Damian Mooyman
286271a1e1
Merge pull request #56 from silverstripe-security/pulls/4.0/ss-2017-009
...
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (4.0 branch)
2017-12-06 18:22:47 +13:00
Damian Mooyman
b46b858847
Merge pull request #48 from silverstripe-security/pulls/4.0/fix-install-redacting
...
[SS-2017-010] Prevent install.php from disclosing system passwords
2017-12-06 18:22:36 +13:00
Damian Mooyman
e45921b293
Merge pull request #46 from silverstripe-security/pulls/4.0/escape-limit-args
...
[SS-2017-008] Fix SQL injection in full text search (4.0 branch)
2017-12-06 18:22:24 +13:00
Damian Mooyman
99e772b361
Merge pull request #51 from silverstripe-security/pulls/4.0/ss-2017-007
...
[ss-2017-007] Ensure xls formulae are safely sanitised on output (4.0)
2017-12-06 18:22:11 +13:00
Chris Joe
0e8d288240
Merge pull request #7667 from open-sausages/pulls/4.0/better-tinymce-locales
...
BUG Ensure that all tinymce_lang mappings are valid
2017-12-06 11:24:02 +13:00
Damian Mooyman
d290eee217
Merge pull request #7668 from kinglozzer/getviewertemplates
...
NEW: Add ViewableData::getViewerTemplates()
2017-12-06 11:22:53 +13:00
Damian Mooyman
01b48e2dd7
Merge pull request #7670 from kinglozzer/dataobject-schema-ancestry
...
FIX: Remove some unnecessary ClassInfo calls in DataObjectSchema
2017-12-06 11:02:49 +13:00
Loz Calver
91bd92df31
FIX: Remove some unnecessary ClassInfo calls in DataObjectSchema
2017-12-05 12:23:10 +00:00
Daniel Hensby
eb55c27124
Merge branch '4.0' into 4
2017-12-05 12:14:22 +00:00
Loz Calver
259ae3f78b
NEW: Add ViewableData::getViewerTemplates()
...
Forms part of the fix for silverstripe/silverstripe-cms#2039
2017-12-05 09:13:28 +00:00
Russell Maclean
3a4c6705c1
Fix db autodiscover comment on loading behavior.
2017-12-02 10:52:49 +10:30
Damian Mooyman
69295a6e22
BUG Ensure that all tinymce_lang mappings are valid
2017-12-01 15:00:39 +13:00
Damian Mooyman
cfe1d4f481
[ss-2017-007] Ensure xls formulae are safely sanitised on output
...
CSVParser now strips leading tabs on cells
2017-12-01 10:24:49 +13:00
Damian Mooyman
f1dd3d6f03
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt
2017-11-30 17:00:49 +13:00
Thomas Portelange
e729cd2c37
TinyMCE lang is fr_FR for all French languages
...
"fr" is not a valid tiny mce lang
https://www.tinymce.com/docs/configure/localization/
having "fr" as it is currently prevents loading the language file
2017-11-29 12:54:27 +01:00
Damian Mooyman
9666222637
BUG Fix _configure_database.php being ignored
...
Fixes #7590
2017-11-29 12:01:24 +13:00
Damian Mooyman
5bfc0c43eb
Merge pull request #7648 from creative-commoners/pulls/4.0/support-some-class-collection
...
FIX Support self::class text collection
2017-11-29 11:37:06 +13:00
Damian Mooyman
c23d1f3f99
Merge pull request #7649 from kinglozzer/logout-backurl
...
FIX: Restore BackURL preservation on log out (closes #7636 )
2017-11-29 11:31:57 +13:00
Damian Mooyman
62eb531164
Merge pull request #7641 from Sil3ntStorm/patch/display_errors
...
Reintroduce checking against original php.ini values.
2017-11-28 17:36:50 +13:00
Damian Mooyman
2fe59680e3
Merge pull request #7620 from open-sausages/pulls/4.0/its-too-big-to-fit
...
BUG Added warning for auto-generated table_name
2017-11-28 09:42:12 +13:00
Loz Calver
c4b366828e
FIX: Restore BackURL preservation on log out ( closes #7636 )
2017-11-27 16:15:28 +00:00
Daniel Hensby
8c4822edd3
Merge pull request #7643 from open-sausages/pulls/4.0/portugal
...
ENHANCEMENT Promote portugese (portugal) as primary locale
2017-11-27 13:29:38 +00:00
Robbie Averill
b7ea05900e
FIX Support self::class text collection
2017-11-27 23:20:29 +13:00
Christopher Joe
cc72b5c852
BUG Added warning for auto-generated table_name for non-test classes
2017-11-27 20:22:37 +13:00
Damian Mooyman
7a79cd039a
[SS-2017-010] Prevent install.php from disclosing system passwords
2017-11-27 18:15:53 +13:00
Damian Mooyman
6e7fb4747e
Restore legacy $ThemeDir support
2017-11-27 15:24:40 +13:00
Damian Mooyman
33a39666ba
ENHANCEMENT Promote portugese (portugal) as primary locale
...
Fixes #6561
2017-11-27 14:52:51 +13:00
Simon Erkelens
0987003053
Add the ability to redirect a user to a custom page with custom content after changing their password
2017-11-27 14:18:40 +13:00
Sil3ntStorm
0b879d690a
Reintroduce checking against original php.ini values.
...
Seems to have been accidentally removed in 806ffb934ehttps://github.com/silverstripe/silverstripe-installer/issues/211
2017-11-26 01:36:40 +01:00
Daniel Hensby
0ceb4cfa18
Merge branch '3' into 4
2017-11-25 17:34:24 +00:00
Daniel Hensby
6d5cbe0a0e
Merge branch '4.0' into 4
2017-11-25 17:19:31 +00:00
Daniel Hensby
07a0f75426
Merge branch '3.6' into 4.0
2017-11-25 16:56:50 +00:00
Daniel Hensby
333ecc201c
Merge pull request #7583 from open-sausages/pulls/4/relation-object-navigation
...
BUG Ensure relObject() safely bails on empty objects
2017-11-23 12:48:57 +00:00
Andrew Aitken-Fincham
3620e57b5b
check for apc.enable_cli when running from CLI
2017-11-22 08:50:20 +00:00
Christopher Joe
2b6b877327
Merge branch '4.0' of https://github.com/silverstripe/silverstripe-framework into 4
2017-11-21 15:08:30 +13:00
Damian Mooyman
099a5a3c2d
[SS-2017-008] Fix SQL injection in full text search
2017-11-20 16:53:44 +13:00
Chris Joe
d8ca223e15
Merge pull request #7605 from open-sausages/pulls/4.0/fix-enum-defaults
...
BUG Fix DBEnum ignoring empty defaults
2017-11-20 11:32:45 +13:00
Damian Mooyman
cbf9e40115
BUG Fix postgres / PDO support
2017-11-17 12:35:55 +13:00
Damian Mooyman
ef58799103
BUG Fix DBEnum ignoring empty defaults
...
FIxes #7582
2017-11-17 12:35:39 +13:00
Christopher Joe
2bc7edbf47
BUG Fix don't treat zero-date as invalid
2017-11-16 13:30:15 +13:00
Damian Mooyman
6a6cf2f9eb
ENHANCEMENT Raise warning if DBField::create_field() would behave unpredictably and improve PHPDoc
2017-11-16 12:55:31 +13:00
Damian Mooyman
c7ab5846df
ENHANCEMENT Don't infer trace if explicitly provided
...
Requires https://github.com/Seldaek/monolog/pull/1080
2017-11-16 11:03:01 +13:00
Damian Mooyman
eae3d0cfaa
Merge remote-tracking branch 'origin/4.0' into 4
2017-11-16 10:16:44 +13:00
Chris Joe
bbc95eacff
Merge pull request #7600 from open-sausages/pulls/4/dbclassname-base
...
API Add getShortName to DBClassName
2017-11-15 21:36:21 +13:00
Chris Joe
e78fe401e6
Merge pull request #7601 from open-sausages/pulls/4.0/ensure-assets-writable
...
ENHANCEMENT Ensure that non-writable assets files are notified during install
2017-11-15 16:37:03 +13:00
Chris Joe
bee3c404fa
Merge pull request #7545 from open-sausages/pulls/4.0/deprecated-each
...
BUG Remove usage of deprecated each() and use a helper method instead
2017-11-15 16:30:20 +13:00
Damian Mooyman
c9921447b3
Merge pull request #7539 from colintucker/fix-broken-paginated-list
...
Fixed array/object mismatch bug in PaginatedList
2017-11-15 15:17:15 +13:00
Damian Mooyman
ba86a1dce9
Merge pull request #7595 from andrewandante/pulls/sanitise_select_tag_4
...
sanitise select tag in DropdownField Docblock
2017-11-15 14:17:55 +13:00
Damian Mooyman
8b063026f0
ENHANCEMENT Ensure that non-writable assets files are notified during install
...
Fixes #7580
2017-11-15 13:30:19 +13:00
Damian Mooyman
f863573d1c
API Add getShortName to DBClassName
...
Fixes #7586
2017-11-15 11:27:58 +13:00
Daniel Hensby
cf321895ba
Merge branch '4.0' into 4
2017-11-14 13:24:15 +00:00
Andrew Aitken-Fincham
3274f29c00
sanitise more docblocks
2017-11-14 10:02:24 +00:00
Andrew Aitken-Fincham
25d8795c70
sanitise FormField docblock
2017-11-14 09:52:06 +00:00
Andrew Aitken-Fincham
6cfb0a3d86
sanitise ListboxField docblock
2017-11-14 09:47:39 +00:00
Andrew Aitken-Fincham
e5b3f82f8c
sanitise select tag in DropdownField Docblock
2017-11-14 08:17:39 +00:00
Damian Mooyman
ba2c5b48f7
BUG Ensure relObject() safely bails on empty objects
...
BUG Remove assignment of IDs to singletons
API relation methods can take an optional $id parameter to get relations from specific parents
API Added UnsavedRelationList::relation() method
2017-11-10 15:27:02 +13:00
Russell Michell
bf20d59cb8
FIX: Fixes SapphireTest masking userland coding errors.
2017-11-09 15:39:20 +13:00
Damian Mooyman
f1865cc798
Merge pull request #7557 from sminnee/fix-1396
...
FIX: Fix ContextSummary behaviour with UTF8 chars
2017-11-09 13:40:43 +13:00
Damian Mooyman
7f27840926
Merge pull request #7573 from dhensby/pulls/4.0/required-fields-docblock
...
DOCS Improve return tags for requiredfields class
2017-11-09 13:39:15 +13:00
Daniel Hensby
6139de8680
FIX Make sure plain parts are rendered when re-rendering emails
2017-11-08 15:32:51 +00:00
Daniel Hensby
2f9fae32c1
DOCS Improve return tags for requiredfields class
2017-11-08 15:29:15 +00:00
Damian Mooyman
1284ee86d8
Merge remote-tracking branch 'origin/4.0' into 4
2017-11-08 15:29:26 +13:00
Damian Mooyman
8497b9e1e6
BUG Disable directory index with missing slash
2017-11-08 12:12:10 +13:00
Reece Alexander
642cbdafc8
API Allow an array as a param to makeFieldReadOnly()
2017-11-07 15:51:13 +13:00
Colin Tucker
f952ef747b
Fixed array/object mismatch bug in PaginatedList
2017-11-06 11:23:41 +00:00
Sam Minnee
d8b4ca91d9
FIX: Fix ContextSummary behaviour with UTF8 chars
...
Fixes https://github.com/silverstripe/silverstripe-framework/issues/1396
Ensure that DBTextTest has UTF8 test cases
2017-11-06 12:09:08 +13:00
Damian Mooyman
420041f2b6
Merge remote-tracking branch 'origin/4.0' into 4
2017-11-03 17:04:44 +13:00
Damian Mooyman
1929ec46bb
BUG Prevent logOut() from clearing site stage during bootstrapping due to flushed session
2017-11-03 16:22:11 +13:00
Chris Joe
38f7f87661
Merge pull request #7552 from dhensby/pulls/4.0/session-destroy-on-logout
...
FIX Sessions must be destroyed on logout
2017-11-03 14:50:48 +13:00
Damian Mooyman
cf381ddf51
Merge pull request #7550 from zanderwar/patch-3
...
Added missing @deprecated tags
2017-11-03 12:13:33 +13:00
Damian Mooyman
6a73466b41
BUG Fix basicauth
2017-11-03 12:08:38 +13:00
Damian Mooyman
ad36b8f6a9
Use restart instead of destroy
2017-11-03 12:08:38 +13:00
Daniel Hensby
a61ce077c6
FIX Sessions must be destroyed on logout
2017-11-03 12:08:38 +13:00
Damian Mooyman
3298cf061b
Merge pull request #7543 from zanderwar/patch-1
...
Allow chain-ability on adding and removing fields
2017-11-03 11:15:51 +13:00
Jay Devlin
af9caa4e51
Warn if theme.yml isn't writeable
2017-11-02 11:34:36 +01:00
Reece Alexander
9c836c0d3d
Added missing @deprecated tags
...
This PR just adds a couple of @deprecated tags where they were missing, where IDE's like PHPStorm immediately alert the user that it's deprecated.
2017-11-02 20:28:01 +13:00
Damian Mooyman
0b3ed7ff15
Merge 4.0 -> 4
2017-11-02 16:52:05 +13:00
Chris Joe
49ca45f6d9
Merge pull request #7548 from open-sausages/pulls/4.0/guzzle-dep
...
BUG Use parse_str in place of guzzle library
2017-11-02 14:37:02 +13:00
Damian Mooyman
df50c8da03
BUG Use parse_str in place of guzzle library
...
Fixes #7540
2017-11-02 11:52:39 +13:00
Robbie Averill
897cba55cb
FIX Move Member log out extension points to non-deprecated methods
2017-11-02 11:39:02 +13:00
Chris Joe
cd55a039e7
Merge pull request #7520 from open-sausages/pulls/4.0/config-redirect-works
...
API / BUG - Introduce new request resolver middleware and fix broken forceWWW / forceSSL
2017-11-02 10:01:58 +13:00
Damian Mooyman
5bc4f3d1fc
BUG Remove usage of deprecated each() and use a helper method instead
2017-11-01 16:04:35 +13:00
zanderwar
91f1a58018
ENHANCEMENT: Allow chain-ability on adding and removing fields
2017-11-01 14:24:21 +13:00
Damian Mooyman
0c178f934d
ENHANCEMENT Adjust tinymce footer, remove branding and restore path
...
FIxes #294
2017-10-31 12:12:59 +13:00
Damian Mooyman
3c8848a090
Update code style and fix tests
2017-10-30 17:34:15 +13:00
Damian Mooyman
9d3277f3d3
BUG Fix forceWWW and forceSSL not working in _config.php
...
API Introduce CanonicalURLMiddleware
BUG Fix Director::makeRelative() failing on multi-domain sites
2017-10-30 14:42:36 +13:00
Christopher Joe
f6b7cf8889
Feature disable current user from removing their admin permission
2017-10-30 12:34:06 +13:00
Oly Su
4d85da179f
291 checks if ->value is iterable
2017-10-27 10:46:20 +13:00
Damian Mooyman
324bdad48c
ENHANCEMENT Ensure DBVarchar scaffolds text field with TextField with appropriate max length
...
Fixes #1413
2017-10-26 16:21:51 +13:00
Damian Mooyman
68c3279fd9
BUG Ensure readonly tree dropdown is safely encoded
...
Removed legacy entwine dead code
Added soft-deprecation to label field
2017-10-26 13:04:30 +13:00
Robbie Averill
da4989e8f6
FIX Do not escape the readonly values since they get escaped when rendered
2017-10-25 17:36:54 +13:00
Damian Mooyman
29af6dbafd
Merge remote-tracking branch 'origin/4.0' into 4
2017-10-25 16:59:19 +13:00
Damian Mooyman
97f9eddf90
Warn if env isn't writable
2017-10-25 15:07:35 +13:00
Damian Mooyman
2f82d08460
BUG Fix env loading in installer
2017-10-25 14:06:57 +13:00
Damian Mooyman
ff992de231
Merge pull request #7493 from kinglozzer/require-me-some-isolation
...
FIX: Use isolated scope when requiring files for module activation
2017-10-24 14:19:37 +13:00
Dylan Wagstaff
7c354525fb
Remove dead code from GridFieldDetailForm
...
There is no action for 'autocomplete', there is no method 'handleAutocomplete', and out of the box there is no extension that applies it.
Manually testing the URL that would take us through such a handler does not give an exception about missing details from the URI (such as a required query string), but instead gives us an exception on there not being a handler for such.
`[Emergency] Uncaught BadMethodCallException: Object->__call(): the method 'handleAutocomplete' does not exist on 'SilverStripe\Forms\GridField\GridFieldDetailForm'`
@ e.g. `http://localhost/admin/pages/edit/EditForm/1/field/ElementalArea/autocomplete `.
Auto complete should be (and is) handled in it's own component code, such as https://github.com/silverstripe/silverstripe-framework/blob/4.0/src/Forms/GridField/GridFieldAddExistingAutocompleter.php#L210
2017-10-24 12:57:08 +13:00
Damian Mooyman
13afd6f0d5
Merge pull request #7502 from open-sausages/pulls/4.0/i-converted-an-apple-to-an-orange
...
Fix switch to using the Convert class for decoding
2017-10-24 10:25:53 +13:00
Sam Minnee
4bec62ba51
Merge branch '4.0' into 4
2017-10-20 18:45:16 +13:00
Damian Mooyman
b9cb1e69e6
BUG Replace phpdotenv with thread-safe replacement
2017-10-20 18:43:11 +13:00
Christopher Joe
4caf34506a
Fix switch to using the Convert class for decoding
2017-10-20 14:43:19 +13:00
Loz Calver
bb9501797f
FIX: Use isolated scope when requiring files for module activation
2017-10-20 09:11:00 +13:00
Damian Mooyman
d0ca9bd17a
Merge pull request #7490 from open-sausages/pulls/4.0/my-email-children-deserve-the-best
...
BUG Fix enable email subclasses to use their respective templates
2017-10-19 16:30:37 +13:00
Christopher Joe
dabdc905ce
BUG Fix enable email subclasses to use their respective templates
2017-10-19 14:44:04 +13:00
Nathan J. Brauer
bcc2cc6a0b
Adding 308 HTTP Response as an redirect code
...
https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
Often times, 308 are preferred over 301 redirects, as they tell the requester to, for example, re-POST a form submission on the final URL.
2017-10-18 12:27:00 -07:00
Christopher Joe
076d7d78c6
BUG cache the cacheKey in TreeDropdownField, so it doesn't need to query for it multiple times in the same request
2017-10-18 11:49:28 +13:00
Chris Joe
cafa3fc29a
BUG switch to trigger_error() when a resource is not found ( #7468 )
...
* BUG switch to `trigger_error()` when a resource is not found rather than throw an exception
* Add unit test for module url failing
2017-10-16 16:11:42 +13:00
Simon Erkelens
6506a5b958
Don't add a . when there's no extension
2017-10-16 11:56:35 +13:00
Damian Mooyman
7e97f04e47
ENHANCEMENT Allow extensions to intercept incorrect deletes on unpublish
2017-10-13 10:12:08 +13:00
UndefinedOffset
7ff707df73
BUGFIX: Fixed issue on windows where the BASE_URL constant would get set wrong if the site was in a sub-folder of the web root
2017-10-12 10:54:27 -03:00
Chris Joe
d876e36424
Merge pull request #7467 from open-sausages/pulls/4.0/adjust-field-onbeforerender
...
Adjust FormField::onBeforeRendor so that it can influence both context and passed properties
2017-10-12 12:11:32 +13:00
Damian Mooyman
c3f321459b
Merge pull request #7449 from creative-commoners/pulls/4.0-updatebreadcrumbs
...
Add updateBreadcrumbs hook to GridFieldDetailForm
2017-10-11 12:17:33 +13:00
Damian Mooyman
eff5c28f24
Adjust FormField::onBeforeRendor so that it can influence both context and passed properties
...
Fixes #7466
2017-10-11 11:43:57 +13:00
Daniel Hensby
c09dec5958
Merge pull request #7456 from open-sausages/pulls/4.0/decimal-scaffolding
...
BUG Fix decimal scaffolding
2017-10-10 15:46:38 +01:00
Loz Calver
7afab3043d
Merge pull request #7461 from open-sausages/pulls/4.0/fix-icon-urls
...
Fix references to resource paths / urls
2017-10-10 09:08:08 +01:00
Damian Mooyman
6a55dcfc16
Fix references to resource paths / urls
2017-10-10 16:51:47 +13:00
Will Rossiter
dc9307bd99
Add updateBreadcrumbs hook to GridFieldDetailForm
2017-10-10 16:03:20 +13:00
Damian Mooyman
11b2c74533
ENHANCEMENT Improve upgrade experience for beta3 -> beta4 upgrade
2017-10-10 15:27:41 +13:00
Damian Mooyman
fd630a99b0
BUG Fix decimal scaffolding
...
Fixes #7454
2017-10-10 10:13:26 +13:00
Damian Mooyman
3e6984d5a8
Shift REQUEST_URI mangling into HTTPRequestBuilder::createFromVariables()
2017-10-09 17:35:33 +13:00
Damian Mooyman
199d607a2c
Tiny revert
2017-10-09 17:21:43 +13:00
Ingo Schommer
1e913bb938
Remove rewrite-less routing through index.php
...
It's currently broken (doesn't rewrite subsequent links),
and is of questionable use. It was introduced during a time
when PHP didn't have a built-in webserver (I think).
Virtually ever webserver will have rewriting capabilities these days (even IIS!),
and if you struggle with the setup as a new user, you can just fall back to PHP's built-in webserver.
This doesn't affect installation capabilities, since these are triggered via install.php.
2017-10-09 17:21:43 +13:00
Ingo Schommer
1e051386c6
Simplified request building
2017-10-09 17:21:43 +13:00
Ingo Schommer
bd11bc16c7
Avoid double slash in Director mock URLs
...
They get faulty results when run through parse_url($url, PHP_URL_PATH)
which we started using in HTTPRequestBuilder
2017-10-09 17:21:43 +13:00
Ingo Schommer
4a94dfe55b
Remove "url" query param reliance, use index.php
...
See https://github.com/silverstripe/silverstripe-framework/issues/7430
2017-10-09 17:21:43 +13:00
Damian Mooyman
311811a261
Merge pull request #7451 from open-sausages/pulls/4.0/whats-temporary-could-turn-path
...
rename TEMP_FOLDER to TEMP_PATH
2017-10-09 14:16:06 +13:00
Damian Mooyman
994689ab54
Merge pull request #7450 from open-sausages/rename-assertDOS-to-assertList
...
API Rename assert dos to assert list
2017-10-09 13:47:18 +13:00
Christopher Joe
3560a0418d
rename TEMP_FOLDER to TEMP_PATH
2017-10-09 12:41:34 +13:00
Damian Mooyman
313f8c7ac3
Merge pull request #7439 from creative-commoners/pulls/4.0/trim-injector-names
...
FIX Trim whitespace off names in Injector
2017-10-09 12:31:11 +13:00
Werner M. Krauß
f686b50824
API Rename assert dos to assert list
2017-10-09 11:53:11 +13:00
Chris Joe
566d7baa48
Merge pull request #7437 from open-sausages/pulls/4.0/stateless-extensions
...
API Extensions are now stateless
2017-10-09 11:45:33 +13:00
Daniel Hensby
d8f49a1bda
Merge pull request #7426 from silverstripe/filefield-accept-attr
...
NEW: Implement accept attribute in FileField (closes #7279 )
2017-10-06 15:01:12 +01:00
Ingo Schommer
7406318f03
Merge pull request #7436 from creative-commoners/pulls/4.0/consistent-change-password-api
...
NEW Ensure changePassword is called by onBeforeWrite for a consistent API
2017-10-06 11:26:37 +01:00
Robbie Averill
3bdc8c7e65
FIX Trim whitespace off names in Injector
2017-10-06 15:52:44 +13:00
Chris Joe
58cd83e4f7
Merge pull request #7434 from open-sausages/pulls/4.0/the-tree-needs-cutting
...
Fix refactor TreeMultiselectField to be clearable if nothing is selected
2017-10-06 15:16:10 +13:00
Damian Mooyman
b996e2c22c
API Extensions are now stateless
...
ENHANCEMENT Injector now lazy-loads services more intelligently
2017-10-06 14:53:44 +13:00
Chris Joe
90ce2abecb
Merge pull request #7422 from open-sausages/pulls/4.0/flags-in-gridfield
...
Add gridfield versioned columns
2017-10-06 14:39:02 +13:00
Saophalkun Ponlu
1a324d9d77
Wrap content gridfield cell in another non-td element for styling
2017-10-06 11:47:38 +13:00
Daniel Hensby
16cac4e3bd
Merge branch '3' into 4
2017-10-05 16:40:31 +01:00
Daniel Hensby
96a314f076
Merge pull request #7401 from creative-commoners/pulls/4.0/i18n-collector-fix
...
FIX Class name in _t() call in installer and run text collector
2017-10-05 10:56:12 +01:00
Robbie Averill
413034f684
Remove psuedo-property SetPassword from Member
2017-10-05 16:55:24 +13:00
Robbie Averill
cdf6ae45a3
NEW Ensure changePassword is called by onBeforeWrite for a consistent API
2017-10-05 16:14:15 +13:00
Christopher Joe
e07658ef50
Fix linting issues and fix doc
2017-10-05 15:28:58 +13:00
Saophalkun Ponlu
6424f4dea0
Changes based on peer review feedbacks
2017-10-05 15:04:46 +13:00
Christopher Joe
a1a8341929
Fix refactor TreeMultiselectField to be clearable if nothing is selected
2017-10-05 14:58:27 +13:00
Robbie Averill
6044579a3f
MINOR Separate some areas of logic in LostPasswordHandler to make them more overridable
2017-10-05 14:17:38 +13:00
Damian Mooyman
168db412de
Merge pull request #7424 from creative-commoners/pulls/4.0/extensible-change-password
...
NEW Make Member::changePassword extensible
2017-10-05 13:18:53 +13:00
Damian Mooyman
4dbd727206
BUG Config updates are now applied after middleware not before
2017-10-05 12:30:21 +13:00
Robbie Averill
6b52412693
NEW Make Member::changePassword extensible
2017-10-05 11:18:34 +13:00
Damian Mooyman
1b6d0144c5
BUG Fix resource mapping for TinyMCE
...
API add ModuleResource::getRelativeResource()
2017-10-04 17:44:04 +13:00
Saophalkun Ponlu
ae930833ad
Add gridfield versioned columns
2017-10-04 17:33:15 +13:00
Loz Calver
43ec2f87ed
NEW: Implement accept attribute in FileField ( closes #7279 )
2017-10-03 16:48:49 +01:00
Damian Mooyman
f4a77649a4
Fix requirements tests
2017-10-03 14:21:24 +13:00
Damian Mooyman
5ffe64f024
Fix tinymce plugins
2017-10-03 14:08:24 +13:00
Damian Mooyman
cdefd19091
Ensure HTMLEditor can load vendor css
2017-10-03 13:08:22 +13:00
Damian Mooyman
f64c95b33c
Add new ModuleResourceLoader helper
2017-10-03 12:20:49 +13:00
Ingo Schommer
e1b98d154e
Fix tinymce operation for resource paths
...
It was referencing secondary TinyMCE assets in the vendor/* folder
from its generated files (e.g. skin.min.css).
2017-10-03 09:03:37 +13:00
Ingo Schommer
8e49b563a9
Fix installer paths for vendorised module
2017-10-03 09:03:37 +13:00
Ingo Schommer
85a951584e
Update main.php path to support framework in vendor
2017-10-03 09:03:37 +13:00
Ingo Schommer
31b213be7b
Allow autoloading from vendor path
2017-10-03 09:03:36 +13:00
Damian Mooyman
b4910e133c
Merge pull request #7412 from open-sausages/pulls/4.0/fun-times-in-thumbnails
...
Enhancement add notice for MigrateFileTask if FileMigrationHelper doesn't exist
2017-10-02 16:59:40 +13:00
Damian Mooyman
17718e3854
Merge pull request #7415 from open-sausages/pulls/4.0/no-cache-in-my-home
...
Fix typos in FilesystemCacheFactory
2017-10-02 16:53:52 +13:00
Chris Joe
b219e40ff7
Merge pull request #7414 from open-sausages/pulls/4.0/basic-auth-var
...
BUG Restore SS_USE_BASIC_AUTH env var
2017-10-02 15:11:19 +13:00
Christopher Joe
26f7f0482c
Fix typos in FilesystemCacheFactory
2017-10-02 15:10:44 +13:00
Christopher Joe
36397c787c
Enhancement add notice for MigrateFileTask if FileMigrationHelper doesn't exist
...
Enhancement add call to image thumbnail helper to generate thumbnails
2017-10-02 14:54:31 +13:00
Chris Joe
fe98555d0a
Merge pull request #7413 from open-sausages/pulls/4.0/member-i18n-speed
...
ENHANCEMENT Use less expensive i18n defaults in Member::populateDefaulateDefaults()
2017-10-02 13:03:44 +13:00
Chris Joe
ccc24764c4
Merge pull request #7411 from open-sausages/pulls/4.0/superfluous-date-props
...
Remove superfluous datefield props
2017-10-02 10:24:30 +13:00
Damian Mooyman
e2750c03fc
BUG Restore SS_USE_BASIC_AUTH env var
...
Fixes #7268
2017-09-29 16:56:56 +13:00
Damian Mooyman
f4b1417612
ENHANCEMENT Use less expensive i18n defaults in Member::populateDefaults()
...
Fixes #7381
2017-09-29 16:40:17 +13:00
Damian Mooyman
fa57deeba4
ENHANCEMENT Allow vendor modules with url rewriting
...
API Introduce ModuleResource feature
2017-09-29 10:28:38 +13:00
Damian Mooyman
3011650b5a
Remove superfluous datefield props
...
Fixes #7397
2017-09-29 10:25:22 +13:00
Damian Mooyman
f574f6d1b2
Reset test state for modified config options
2017-09-28 17:24:32 +13:00
Christopher Joe
90d0361a6c
Enhancement update set_themes to not update config
2017-09-28 16:47:13 +13:00
Christopher Joe
7e92b053f4
Enhancement Add setter and getter for certain classes, so that LeftAndMain no longer updates config during init
2017-09-28 16:47:13 +13:00
Damian Mooyman
da27948777
Merge pull request #7373 from dhensby/pulls/4/rate-limit-security
...
NEW RateLimiter for Security controller
2017-09-28 11:01:37 +13:00
Damian Mooyman
e4fd9b4ff7
Code style fixes
2017-09-28 09:54:29 +13:00
Daniel Hensby
5f739c111e
added ratelimiter tests
2017-09-27 16:42:04 +01:00
Daniel Hensby
51ac297c59
Fixes to ratelimiter and new features
2017-09-27 14:44:38 +01:00
Andrew O'Neil
c7cbbb29f4
Fix links on paginated lists when there are GET vars
...
Prior to this change, if there were already GET vars on a page
with a PaginatedList, the links would include a mix of '&' and '&'.
2017-09-27 15:41:08 +10:00
Daniel Hensby
28552155c3
NEW Add actWithPermission to SapphireTest for shortcut to perform actions with specific permissions
2017-09-26 13:39:31 +01:00
Robbie Averill
33ae463e5b
FIX Class name in _t() call in installer and run text collector
2017-09-26 14:57:16 +13:00
Mike Cochrane
b8e5a2ce32
FIX readonly PermissionCheckboxSetField
...
A readonly PermissionCheckboxSetField (eg in Security when viewing a member without permission to edit it) can result in calling "getRecord()" on null. Add is_object check, consistent with line 98.
2017-09-25 15:25:10 +13:00
Loz Calver
1dd0c04891
Tidy up + document SSViewer classes
2017-09-21 17:03:21 +01:00
Damian Mooyman
f1a12e15be
BUG Fix sub-template lookup for includes
2017-09-20 18:04:01 +12:00
Chris Joe
c939737e5c
Merge pull request #7386 from open-sausages/pulls/4.0/class-case-fixing
...
ENHANCEMENT Don't force all class names to lowercase
2017-09-20 16:46:49 +12:00
Damian Mooyman
261302a121
ENHANCEMENT Don't force all class names to lowercase
...
Speeds up autoloading because composer psr-4 works properly now
2017-09-20 15:14:55 +12:00
Christopher Joe
265f91060c
Fix phpcs error
2017-09-20 12:42:45 +12:00
Damian Mooyman
09b3a24f30
BUG Detect, warn, and fix invalid SS_BASE_URL
...
Fixes #7362
2017-09-20 10:42:13 +12:00
Loz Calver
7431122b58
Make auto login token expiry configurable ( closes #7278 )
2017-09-18 14:06:13 +01:00
Daniel Hensby
04b1bb816e
NEW RateLimiter for Security controller
2017-09-14 14:23:36 +01:00
Damian Mooyman
7b3286d512
Merge pull request #7374 from dhensby/pulls/4/ci-http-headers
...
FIX HTTP Headers are case insensitive
2017-09-14 09:52:26 +12:00
Daniel Hensby
9198313658
FIX HTTP Headers are case insensitive
2017-09-13 16:02:12 +01:00
Chris Joe
c3f7165023
Merge pull request #7371 from open-sausages/pulls/4.0/fix-gridfield-print
...
BUG Fix gridfield print styles
2017-09-13 15:58:05 +12:00
Damian Mooyman
d05d22abc2
Merge pull request #7343 from creative-commoners/pulls/4.0/add-extra-class
...
NEW Allow GridFieldEditButton to have configurable HTML classes. Change edit icon.
2017-09-13 15:39:38 +12:00
Sacha Judd
c707fccf69
NEW Allow GridFieldEditButton to have configurable HTML classes. Change edit icon.
2017-09-13 13:11:17 +12:00
Damian Mooyman
f8ef97c167
BUG Fix import modal
...
Fixes https://github.com/silverstripe/silverstripe-admin/issues/251
2017-09-13 12:52:20 +12:00
Damian Mooyman
1892a02076
BUG Fix gridfield print styles
2017-09-13 11:48:42 +12:00
Andrew Aitken-Fincham
6613826ed8
FIX SSViewer::add_themes() to properly prepend
2017-09-12 13:34:56 +01:00
Damian Mooyman
905c4e04d5
BUG Incorrect path for requirements file
2017-09-12 10:36:48 +01:00
Bernard Hamlin
fa86f42ab9
BEM class names for filter-buttons
2017-09-12 10:16:03 +12:00
Damian Mooyman
22e991ef90
Merge pull request #7344 from creative-commoners/pulls/4.0/email-assertion-return
...
DOCS Update doc block for TestMailer::findEmail to reflect the new key names
2017-09-08 13:08:03 +12:00
Chris Joe
d1df61a19b
Merge pull request #7332 from open-sausages/pulls/4.0/installer-env-cleanup
...
Ensure installer.php works nicely with .env files
2017-09-07 09:47:56 +12:00
Robbie Averill
a4aa59bfdc
DOCS Update doc block for TestMailer::findEmail to reflect the new key names
2017-09-06 16:10:55 +12:00
Damian Mooyman
806ffb934e
BUG Ensure installer.php works nicely with .env files
...
Unenjoyable cleanup of internal logic
2017-09-06 13:52:51 +12:00
Damian Mooyman
40678d5897
Merge pull request #7342 from open-sausages/pulls/4.0/disable-me-a-plus
...
Fix permission check for admin role
2017-09-06 11:38:01 +12:00
Christopher Joe
25380eb454
Fix permission check for admin role
2017-09-06 10:21:01 +12:00
Chris Joe
1f5644d143
Merge pull request #7340 from open-sausages/pulls/4.0/toolbar-button-margin
...
Fix toolbar button margin and spacing
2017-09-05 16:07:32 +12:00
Saophalkun Ponlu
2f7f4e73d9
Fix toolbar button margin and spacing
2017-09-05 15:08:05 +12:00
Damian Mooyman
8425533487
Merge pull request #7336 from open-sausages/pulls/4.0/the-uncontained-popover-was-powerful
...
Fix add schema to the "auto" parts request
2017-09-05 14:01:12 +12:00
Damian Mooyman
4c84f22b2e
Merge pull request #7325 from xini/patch-3
...
use html5 mark tag to highlight search parameter
2017-09-05 13:38:42 +12:00
Christopher Joe
afda58c515
Fix add schema to the "auto" parts request
2017-09-05 13:12:51 +12:00
Florian Thoma
d1f7e6959f
update tests and doc
2017-09-05 09:42:08 +10:00
Robbie Averill
f8372ef6dc
MINOR Add default value to ArrayData constructor
2017-09-05 09:42:52 +12:00
Daniel Hensby
16416fe15b
Merge pull request #7334 from open-sausages/pulls/4.0/destroyed-cleanup
...
Remove redundant gc_collect_cycles()
2017-09-04 15:03:09 +01:00
Christopher Joe
120c772966
Add TreeDropdownField from React to Entwine
2017-09-04 12:15:41 +12:00
Saophalkun Ponlu
08fa3d6e3d
Enable TinyMCE list buttons
2017-09-04 09:30:07 +12:00
Damian Mooyman
45998444d7
Remove redundant gc_collect_cycles()
...
Cleanup dead references to DataObject::$destroyed
Fixes #7326
2017-09-04 09:23:07 +12:00
Florian Thoma
0d15cb02cd
use html5 mark tag to highlight search parameter
2017-08-30 12:05:11 +10:00
Chris Joe
76f2358f3b
Merge pull request #7324 from open-sausages/pulls/4/env-type-docs
...
DOCS Corrected env type docs (fixes #7290 )
2017-08-30 11:44:55 +12:00
Ingo Schommer
64af679c35
DOCS Corrected env type docs ( fixes #7290 )
2017-08-30 08:35:41 +12:00
Damian Mooyman
98c10b089c
ENHANCEMENT Allow <% include %> to fallback outside of the Includes folder
...
Fixes #7108
2017-08-29 16:15:46 +12:00
Christopher Joe
e4b506cbe7
Fix add combinedFiles to clear logic
2017-08-29 13:52:14 +12:00
Sam Minnee
8c15e451c6
FIX: Removed unnecessary database_is_ready call.
...
This shaves about 45ms from every request (PHP 7.1 on a 2013 rMBP),
cutting down execution time of a “hello world” controller by about 33%.
database_is_ready is still used in dev/build and ?flush=1 to stop people
from people bypassing security by DOSing the database or otherwise
forcing a DatabaseException
2017-08-25 13:06:12 +12:00
Damian Mooyman
d52e972453
Merge pull request #7308 from creative-commoners/pulls/4.0/fix-alternative-db-name-when-session-not-started
...
FIX Do not try and access sessions when they are not ready
2017-08-24 16:07:52 +12:00
Robbie Averill
5a9131a116
FIX Do not try and access sessions when they are not ready
2017-08-24 14:43:27 +12:00
Robbie Averill
c4ff9df1b0
FIX Use correct bootstrap class or GridFieldDetailForm delete button
2017-08-24 14:34:06 +12:00
Chris Joe
deec9b411b
Merge pull request #7300 from open-sausages/pulls/4.0/flush-live-backurl
...
BUG Capture errors after a reload token redirect to login url
2017-08-24 14:00:33 +12:00
Damian Mooyman
d5b3280498
Merge pull request #7302 from robbieaverill/pulls/4.0/has-class-returns-bool
...
API Make FormField::hasClass return a boolean instead of an int
2017-08-24 13:19:30 +12:00
Damian Mooyman
80cf096a6e
BUG Prioritise SS_BASE_URL over flakey SCRIPT_FILENAME check
2017-08-24 12:58:04 +12:00
Damian Mooyman
47fced8880
BUG Capture errors after a reload token redirect to login url
...
Fixes #7289
2017-08-24 12:55:04 +12:00
Chris Joe
8edf070a13
Merge pull request #7303 from open-sausages/pulls/4.0/constant-logging
...
BUG Fix BASE_URL for CLI
2017-08-24 11:56:10 +12:00
Loz Calver
ecc619248b
Merge pull request #7298 from robbieaverill/pulls/4.0/replace-stat-usage
...
Replace use of Configurable stat() with config()->get(), will be deprecated in future
2017-08-23 10:12:40 +01:00
Robbie Averill
595ba75a50
API Make FormField::hasClass return a boolean instead of an int
2017-08-23 16:23:28 +12:00
Damian Mooyman
1b087221d2
BUG Fix BASE_URL on CLI
...
Fixes #7256
2017-08-23 14:48:46 +12:00
Damian Mooyman
2c34af72e1
ENHANCEMENT Log user constants during CI for debugging improvements
2017-08-23 14:23:33 +12:00
Damian Mooyman
14761a9246
Remove mcrypt
...
Use session for alternativeDatabaseName instead
Fixes #7280
2017-08-23 12:13:32 +12:00
Robbie Averill
8ebc13ae4e
Replace use of Configurable stat() with config()->get(), will be deprecated in future
2017-08-23 09:42:10 +12:00
Damian Mooyman
9b4d689bb2
Lazy-load custom methods and extensions on CustomMethods and Extensible traits
...
No longer need constructExtensions()
2017-08-22 15:47:24 +12:00
Damian Mooyman
fc2a603915
BUG Don’t construct extension_instances on objects that never use them
2017-08-22 15:47:24 +12:00
Damian Mooyman
90ba24733d
Reduce unnecessary calls to Extension and DataExtension configs
2017-08-22 15:47:24 +12:00
Damian Mooyman
598a2c91e3
Reduce calls to i18n.default_config
2017-08-22 15:47:24 +12:00
Damian Mooyman
179a9fca28
Merge pull request #7292 from sminnee/injector-dependency-speedup
...
FIX: Prevent repeated lookup of obj.dependencies by Injector
2017-08-22 14:30:35 +12:00
Sam Minnee
c50cd34df6
FIX: Prevent repeated lookup of obj.dependencies by Injector
...
This unnecessary repeated call to Injector slows down the construction
of frequently instantiated classes.
On admin/pages, this reduced execution from 1.67s to 1.56s, and it
reduced the impact of having an extension added to DBField by 33%
(from 100ms to 67ms)
2017-08-22 12:12:32 +12:00
Christopher Joe
249c7048d9
Fix trim accept header parts
2017-08-21 15:31:13 +12:00
Chris Joe
c8d8adfefe
Merge pull request #7287 from open-sausages/pulls/4.0/fix-multi-configs
...
BUG Fix issue with multiple editors breaking plugins
2017-08-21 10:58:27 +12:00
Daniel Hensby
304889ff2f
Merge pull request #7281 from sminnee/test-php72
...
NEW: Test on php 7.2
2017-08-18 21:22:10 +01:00
Damian Mooyman
ce5e15df6e
BUG Fix issue with multiple editors breaking plugins
2017-08-18 16:33:16 +12:00
Daniel Hensby
33c2c7bfe7
Merge branch '3' into 4
2017-08-17 15:06:00 +01:00
Christopher Joe
9dc11eff43
Enhancement Add a path option for the schema data, so a full tree is not required for this data
2017-08-17 16:08:27 +12:00
Damian Mooyman
bbded44056
Upgrade bootstrap class names
2017-08-16 10:50:09 +12:00
Sam Minnee
0926b04512
FIX: Fix latent bug in DataObject
...
This didn’t show up until we ran tests on PHP 7.3-dev
2017-08-15 11:13:57 +12:00
Daniel Hensby
c0211927aa
Merge branch '3' into 4
2017-08-14 21:18:03 +01:00
Damian Mooyman
323644c7bb
API Implement cascade_deletes
2017-08-09 15:14:00 +12:00
Robbie Averill
5d5fac7450
FIX Throw exception when "value" is used to define indexes. Update docs.
2017-08-09 09:17:28 +12:00
Damian Mooyman
0681567102
BUG Fix flushing on live mode ( #7241 )
...
* BUG Fix flushing on live mode
Fixes #7217
* Clarify injector service documentation
2017-08-07 13:53:23 +12:00
Damian Mooyman
f7bebdd8f8
BUG Fix install issue with IIS
...
Fixes #7218
2017-08-07 10:15:40 +12:00
Chris Joe
6ebc333e00
Merge pull request #7238 from open-sausages/pulls/4.0/flush-tinymce-cache
...
ENHANCEMENT Ensure flush destroys temp tinymce files
2017-08-03 19:13:54 +12:00
Damian Mooyman
b6a8e45888
BUG Ensure mocked controller has request assigned
...
Fixes #7237
2017-08-03 15:52:31 +12:00
Damian Mooyman
06efd2ac12
ENHANCEMENT Ensure flush destroys temp tinymce files
2017-08-03 13:21:48 +12:00
Chris Joe
34ca944bd6
Merge pull request #7235 from open-sausages/pulls/4.0/update-installer
...
Update installer path to match recipe
2017-08-03 10:58:58 +12:00
Damian Mooyman
e64acef53a
BUG Fix invalid i18n yaml
2017-08-03 10:13:09 +12:00
Damian Mooyman
24ab3abbea
Update installer path to match recipe
2017-08-03 10:02:55 +12:00
Damian Mooyman
8418011456
Fix linting issues
2017-08-02 14:08:59 +12:00
Robbie Averill
e307f067ed
FIX Replace deprecated %s placeholders in translations with named placeholders
...
* Remove the use of sprintf and %s placeholders in the i18n tests
2017-08-02 13:03:55 +12:00
Damian Mooyman
ae97c15e42
ENHANCEMENT Soft-code CSS explicit height and compute against rows
2017-08-01 15:46:49 +12:00
Damian Mooyman
078a508d71
API Replace legacy tiny_mce_gzip compressor with asset generator
...
Fixes https://github.com/silverstripe/silverstripe-admin/issues/74
2017-08-01 13:43:30 +12:00
vagrant
f02949fc09
Initially set a default height for the html editor to 350px
2017-07-31 16:49:48 +12:00
Damian Mooyman
9392380dd1
Merge pull request #7225 from silverstripe/pulls/4.0/injector-extension-setters
...
Use ClassInfo::hasMethod instead of method_exists()
2017-07-31 10:23:10 +12:00
Damian Mooyman
90f6710020
Merge pull request #7219 from silverstripe/pulls/4.0/dbcomposite-properties
...
BUGFIX: DBComposite doesn't allow arbitrary property assignment
2017-07-31 10:11:58 +12:00
Aaron Carlino
c9cf7b1d75
Use ClassInfo::hasMethod instead of method_exists()
...
This allows for setters to exist in extension instances.
2017-07-30 22:43:28 +12:00
Aaron Carlino
9903104fb8
Use parent::setField()
2017-07-30 22:39:42 +12:00
Daniel Hensby
1a4211f089
Merge pull request #7222 from kinglozzer/showqueries-pdo
...
FIX: ?showqueries=inline failed on PDO databases (fixes #7199 )
2017-07-28 10:23:57 +01:00
Loz Calver
980d6b7ef7
FIX: ?showqueries=inline failed on PDO databases ( fixes #7199 )
2017-07-28 09:33:26 +01:00
Aaron Carlino
3ef9ca69d1
BUGFIX: DBComposite doesn't allow arbitrary property assignment
...
To be more consistent with `ViewableData`, whose `setField()` method will fallback on [assigning properties arbitrarily](https://github.com/silverstripe/silverstripe-framework/blob/4/src/View/ViewableData.php#L213 ), `DBComposite` shouldn't bail out of `setField` when the field specified isn't in the record.
Arbitrary property assignment is particularly important in injection.
```yaml
SilverStripe\ORM\FieldType\DBComposite:
dependencies:
myService: %$Service
```
Right now, that fails, because `$obj->myService = Service` invokes `__set()` which calls `setField()` which refuses the assignment when `myService`is not in the record.
2017-07-27 17:25:29 +12:00
Damian Mooyman
697798b464
Merge pull request #7206 from open-sausages/pulls/4.0/select-them-all-again
...
Enhancement add support for TreeMultiselectField in react
2017-07-27 13:41:18 +12:00
Damian Mooyman
7f6974e309
Update PHPDoc
2017-07-27 12:08:42 +12:00
Aaron Carlino
74873096bd
New getSummary() API for SearchContext
2017-07-27 11:56:37 +12:00
martimiz
b726d64d1d
Fix SearchEngine to use quoted table names
...
If quotes are omitted, SQLExpression::sql() cannot replace table names
with the proper table for the current Stage.
2017-07-26 13:42:41 +01:00
Damian Mooyman
9bff74bd61
Clean up all fluent property accessors
2017-07-26 18:14:27 +12:00
Christopher Joe
78d4d0d5dd
Enhancement add support for TreeMultiselectField in react
2017-07-26 18:14:08 +12:00
Daniel Hensby
884f53e0f2
Merge branch '3' into 4
2017-07-25 16:17:44 +01:00
Damian Mooyman
2c500c79c3
Merge pull request #7201 from kinglozzer/build-perf
...
Ensure ClassManifest isn't flushed twice on build
2017-07-25 09:51:00 +12:00
Daniel Hensby
6aeab571db
Merge pull request #7195 from open-sausages/pulls/4.0/missing-unnested-from
...
BUG Fix unassigned nestedFrom
2017-07-24 17:07:07 +01:00
Loz Calver
ad2e1cf552
Ensure ClassManifest isn't flushed twice on build
2017-07-24 09:36:03 +01:00
Robbie Averill
392cda15f6
NEW Add updateRules extension point to Director::handleRequest
2017-07-23 22:10:46 +12:00
Chris Joe
6a3c51e072
Merge pull request #7036 from fullscreeninteractive/wilr-patch-1
...
Fix ImportButton not opening the modal
2017-07-21 14:10:31 +12:00
Damian Mooyman
6fd6a38949
BUG Fix unassigned nestedFrom
...
Fixes #7194
2017-07-21 08:58:19 +12:00
Damian Mooyman
e77c7fe04c
Merge pull request #7188 from dhensby/pulls/4/fix-full-text-search-table-option
...
FIX FulltextSearchable DB engine not set correctly
2017-07-20 12:27:30 +12:00
Loz Calver
c41c0a957b
Merge pull request #7163 from sachajudd/pulls/4.0/debugview-info-color
...
NEW add web accessible colours to web view dev/build
2017-07-19 15:01:36 +01:00
Daniel Hensby
8aeec92087
FIX FulltextSearchable DB engine not set correctly
2017-07-19 12:28:15 +01:00
Daniel Hensby
d7095c2213
Merge branch '3' into 4
2017-07-18 14:19:16 +01:00
Daniel Hensby
d59e2dbe5b
Merge pull request #7183 from robbieaverill/pulls/4.0/fix-log-in-as-someone-else
...
FIX Log in as someone else returns user back to login screen
2017-07-18 11:54:33 +01:00
Sacha Judd
f367a0aa62
NEW add web accessible colours to web view dev/build
2017-07-18 22:00:35 +12:00
Robbie Averill
ba9ad55274
FIX Base URL defaults to a slash in currentURL if not defined already
2017-07-18 21:56:21 +12:00
Robbie Averill
a5ca4ecb59
FIX Log in as someone else returns user back to login screen
2017-07-18 17:15:58 +12:00
Damian Mooyman
ed0ed89865
Merge pull request #7055 from robbieaverill/pulls/4.0/polymorphic-has-one-indexes
...
NEW Ensure polymorphic has_one fields are indexed
2017-07-18 16:39:45 +12:00
Robbie Averill
fb18e441a7
DBIndexable::getIndexSpecs is responsible for returning a DBFields full indexable spec
2017-07-18 15:03:56 +12:00
Saophalkun Ponlu
c2841b6d64
Enhancement Remove "Remove link" button from the editor's main toolbar
...
Fix behat for selecting link should focus on field
2017-07-18 13:11:27 +12:00
Damian Mooyman
de7b746094
Merge pull request #7180 from robbieaverill/pulls/4.0/remove-config-update-use
...
Use merge and set instead of update for config calls
2017-07-18 09:16:20 +12:00
Daniel Hensby
be7b2d4970
Merge pull request #7179 from robbieaverill/pulls/4.0/is-cli-for-phpdbg
...
FIX Ensure phpdbg calls are registered by SilverStripe core as a CLI call
2017-07-17 14:26:39 +01:00
Robbie Averill
da4e46e4de
FIX Use merge and set instead of update for config calls
2017-07-17 17:59:40 +12:00
Robbie Averill
ea4181166f
FIX Ensure phpdbg calls are registered by SilverStripe core as a CLI call
2017-07-17 16:56:01 +12:00
Robbie Averill
bd5782adca
NEW Allow index type to be configured per DBField instance
2017-07-17 14:36:47 +12:00
Robbie Averill
c9c4390619
NEW Ensure polymorphic has_one fields are indexed
...
* Add tests for config based indexing on composite DBFields
* Allow fields to have "indexed" option passed via field spec
2017-07-17 14:36:29 +12:00
Robbie Averill
1a38feff22
FIX Version provider uses early bound config getter, move LeftAndMain config to admin module
2017-07-16 16:49:10 +12:00
Daniel Hensby
7fd316d405
Merge branch 3 into 4
2017-07-15 13:20:37 +01:00
Daniel Hensby
be0e16d648
Merge pull request #7170 from robbieaverill/pulls/4.0/ignore-exceptions-on-killing-testdb
...
FIX Ignore exceptions thrown when deleting test databases
2017-07-14 14:53:51 +01:00
Loz Calver
aafd2a573d
Update Convert::memstring2bytes() logic
2017-07-14 09:16:05 +01:00
Damian Mooyman
3a7f9e8eb5
Merge pull request #7167 from open-sausages/pulls/4.0/tree-search-in-forest
...
API TreeDropdown tree parameter
2017-07-14 16:23:30 +12:00
Simon Erkelens
3e97b99e22
[BUG] Fix issues with multiple authenticators for a single task ( #7149 )
...
Using multiple 2FA authenticators, logging out, resetting password etc. proved to be handled wrong.
Example scenario:
The result is an error, because the `renderWrappedController` was called, despite the responses being a set of either array with Content or Form, or a redirect action.
The default action should be followed and not try to render if there is nothing to render
Because the logout (or changepassword, or resetpassword, etc.) has already been handled, the first response is the default authenticator's response. This _could_ be a form (in case of logout without valid token), a content set (reset password) or a form (change password).
This edge case only happens when there are multiple authenticators supporting the requested method that is _not_ login.
2017-07-14 09:20:58 +12:00
Robbie Averill
b16896f22b
FIX Ignore exceptions thrown when deleting test databases
...
This will prevent long runnings builds (e.g. code coverage) from failing when the test database connection is gone (MySQL server has gone away) by the time the shutdown handler runs.
2017-07-13 23:33:51 +12:00
Robbie Averill
823e49526f
NEW Allow SSViewer and SSViewer_FromString to be injectable
2017-07-13 20:48:58 +12:00
Christopher Joe
ccda816f90
API added flatList argument for generating the json tree list with a context string property
2017-07-13 17:04:35 +12:00
Damian Mooyman
5fcd7d084f
BUG Fix registered shutdown function not handling responsibility for outputting redirection response
2017-07-13 15:32:39 +12:00
Aaron Carlino
2b266276c2
API Implement new module sorting pattern
2017-07-13 10:27:27 +12:00
Daniel Hensby
b2831b809c
Merge pull request #7133 from kinglozzer/cache-classname
...
Cache ClassInfo::class_name() calls
2017-07-10 13:23:45 +01:00
Damian Mooyman
85359ad59e
BUG Ensure that installer can create an initial admin account
...
Fixes #7124
2017-07-06 13:30:04 +12:00
Loz Calver
e3e16fe835
Cache ClassInfo::class_name() calls
2017-07-05 15:15:08 +01:00
Daniel Hensby
aafa054cf7
Merge pull request #7129 from mfendeksilverstripe/master
...
Limited nodes with too many children are no longer accessible
2017-07-05 12:37:26 +01:00
Daniel Hensby
2c5e237a93
Merge pull request #7103 from dnadesign/fix-numericfield-null
2017-07-05 11:45:45 +01:00
Daniel Hensby
2f551c91d7
Merge pull request #6922 from kinglozzer/debugview-styles
...
Update DebugView styles
2017-07-05 11:35:04 +01:00
Loz Calver
713b01ebc7
Update DebugView styles
2017-07-05 09:14:26 +01:00
Aaron Carlino
c836a2e2d2
BUGFIX: Module resource regex does not allow ports
2017-07-05 13:26:30 +12:00
Mojmir Fendek
3f2d217a45
Limited nodes that have more children than allowed limit are no longer accessible to the user.
2017-07-05 11:34:24 +12:00
John Milmine
f14e6bae2c
fix numeric field for null values
2017-07-05 07:35:13 +12:00
Daniel Hensby
64005bff91
Merge pull request #6440 from open-sausages/pulls/4.0/json-detection
...
ENHANCEMENT: Debug class emits plain text for application/json requests
2017-07-04 13:42:42 +01:00
Damian Mooyman
ed26b251c8
ENHANCEMENT: Better output type detection for debugging
2017-07-04 17:33:49 +12:00
Damian Mooyman
4b23205838
Fix unnamespaced i18n keys
...
Fixes https://github.com/silverstripe/silverstripe-framework/issues/6862
2017-07-04 14:18:47 +12:00
Damian Mooyman
f65e3627dc
BUG Implement or exclude all pending upgrader deltas
2017-07-03 12:21:47 +12:00
Damian Mooyman
92903d883e
Allow editor themes to fall back safely
2017-07-03 10:38:50 +12:00
Aaron Carlino
cddaaf1444
Update TinyMCEConfig to use theme CSS
2017-07-03 10:38:50 +12:00
Daniel Hensby
c69a565b08
Merge pull request #7046 from andrewandante/FEAT/add_inGroup_to_Group
...
add inGroup(s) methods to Group
2017-06-30 16:38:55 +01:00
Andrew Aitken-Fincham
ab60a167e6
add inGroup(s) methods to Group
2017-06-30 12:47:37 +01:00
Damian Mooyman
3633947699
BUG Fix broken installer assets and session crash
2017-06-30 14:50:58 +12:00
Damian Mooyman
ee05c586b6
Merge pull request #7083 from sminnee/get-one-miss-null
...
FIX: DataObject::get_one() misses return null, not false
2017-06-30 13:08:20 +12:00
Aaron Carlino
ad9d4e6820
Pulls/4.0/shortcode namespacing ( #7085 )
...
* New shortcode providers, update config, docs
* Use new ImageShortcodeProvider
* Move tests
* New shortcodes namespace
* Move file and image shortcode registrations from framework to assets
2017-06-29 18:45:17 +12:00
Christopher Joe
061393a098
Fix enable ?flush rather than just ?flush=1
2017-06-29 16:13:38 +12:00
Daniel Hensby
30986b4ea3
[SS-2017-002] FIX Lock out users who dont exist in the DB
2017-06-29 13:58:55 +12:00
Sam Minnee
2c8790ca7d
FIX: DataObject::get_one() misses return null, not false
...
Fixes https://github.com/silverstripe/silverstripe-framework/issues/5441
2017-06-29 13:51:52 +12:00
Daniel Hensby
e7df10dc52
Merge branch '3'
2017-06-28 18:59:08 +01:00
Damian Mooyman
b2f3b218a3
BUG Fix incorrect $database autoinit
...
BUG Fix missing $request in Installer bootstrapping
2017-06-28 17:59:16 +12:00
Damian Mooyman
8078ee08f2
BUG Fix folder urls getting mtime querystring appended
2017-06-28 16:59:41 +12:00
Sam Minnee
741166e369
API: ModulePath template global now takes any composer package name.
...
NEW: URL generation now handled by pluggable ResourceURLGenerator service.
NEW: Requirements::javascript() and Requirements::css() now support “vendor/package:resource” syntax.
These changes will make it easier to us to fully abstract:
- file access from module location
- file location from URL generation
API: ModulePath template global now takes any composer package name.
NEW: URL generation now handled by pluggable ResourceURLGenerator service.
NEW: Requirements::javascript() and Requirements::css() now support “vendor/package:resource” syntax.
These changes will make it easier to us to fully abstract:
- file access from module location
- file location from URL generation
2017-06-28 16:59:28 +12:00
Saophalkun Ponlu
288de2eb14
BUG Add flag on form whether to notify user when there's unsaved changes
2017-06-28 11:14:12 +12:00
Will Rossiter
ecb5d85de0
Support empty SS_DATABASE_PREFIX
2017-06-28 08:18:21 +12:00
Damian Mooyman
f699650b5f
Update based on feedback
2017-06-27 13:32:39 +12:00
Damian Mooyman
d20ab50f9d
API Stronger Injector service unregistration
...
BUG Fix up test regressions
FIX director references to request object
API Move all middlewares to common namespace
API Implement RequestHandlerMiddlewareAdapter
ENHANCEMENT Improve IP address parsing
Fix up PHPDoc / psr2 linting
BUG Fix property parsing in TrustedProxyMiddleware
BUG Fix Director::is_https()
2017-06-27 13:32:39 +12:00
Damian Mooyman
7aa67f856b
Move files to middleware folder
2017-06-27 13:32:39 +12:00
Sam Minnee
67887febc5
fix - session now uses request
2017-06-27 13:32:39 +12:00
Sam Minnee
69fe166897
API: Director::handleRequest() is no longer static - use a Director service
...
NEW: Add HTMLMiddlewareAware trait to HTTPApplication, Director, and RequestHandler
NEW: Allow service specs to be passed to Director rules.
This refactor of the controller middlewares takes a service definition
approach rather than a static-method-and-config approach that Director
historically had.
The use of a trait for middleware means that the Middlewares array
property can be defined on RequestHandler, Director, and HTTPApplication
objects in the same way.
2017-06-27 13:32:39 +12:00
Sam Minnee
e92c63c545
API: Remove $sid argument of Session::start()
...
NEW: Pass HTTPRequest to session
NEW: Pass HTTPReuqest optionally to Director statics
The session handler now expects to operate on a specific
HTTPRequest object.
2017-06-27 13:32:39 +12:00
Sam Minnee
ccc86306b6
NEW: Add TrustedProxyMiddleware
...
API: SS_TRUSTED_PROXY_HOST_HEADER replace with middleware config
API: SS_TRUSTED_PROXY_PROTOCOL_HEADER replace with middleware config
API: SS_TRUSTED_PROXY_IP_HEADER replace with middleware config
API: Front-End-Https = “on” header no longer supported
This middleware replaces the TRUSTED_PROXY setting and shifts its
configuration out of the env vars and bootstrap and into the Director
flow.
2017-06-27 13:32:39 +12:00
Sam Minnee
c4d038f20d
NEW: Add HTTPRequest::getScheme()/setScheme()
...
NEW: Add HTTPRequest::setIP()
API: Rely on HTTPRequestBuilder to set scheme and IP
These changes tidy up HTTPRequest making it a container for information
and removing special logic from it.
This makes it less feature-rich: it doesn’t contain trusted-proxy logic.
This will be able to provided by a middleware.
The new getScheme() method is designed to be closish to PSR-7’s
getUri()->getScheme() equivalent.
There are no more direct $_SERVER references in HTTPRequest.
2017-06-27 13:32:39 +12:00
Sam Minnee
4d89daac78
NEW: Register Injector::inst()->get(HTTPRequest)
...
HTTPRequest is provided as a service so that global references for
session, hostname, etc can be facilitated. It’s a bit of a hack and
should be avoided but we’re unlikely to scrub it completely from the
Silverstripe 4 code.
2017-06-27 13:32:39 +12:00
Sam Minnee
10866c0809
API: Replace Director::direct() with Director::handleRequest().
...
There was no longer any code in direct() and so I opted to expose the
handleRequest() method instead.
2017-06-27 13:32:39 +12:00
Sam Minnee
72a7655e95
NEW: Moved allowed-hosts checking to a middleware.
2017-06-27 13:32:39 +12:00
Sam Minnee
db080c0603
NEW: Move session activation to SessionMiddleware.
2017-06-27 13:32:39 +12:00
Sam Minnee
254204a3a6
NEW: Replace AuthenticationRequestFilter with AuthenticationMiddleware
2017-06-27 13:32:39 +12:00
Sam Minnee
e855622890
NEW: Replace FlushRequestFilter with FlushMiddleware
2017-06-27 13:32:39 +12:00
Sam Minnee
b30f410ea0
API: Deprecate RequestFilter.
...
NEW: Allow application of HTTPMiddleware to Director.
Director can now use the same HTTPMiddleware objects as the app object.
They can be applied either globally or pre-rule.
2017-06-27 13:32:39 +12:00
Sam Minnee
26b9bf11ed
NEW: Allow “%$” prefix in Injector::get()
...
Injector::get() looks up services by name. In yaml config it can make
things clearer to prefix service names by %$, which is how they must
be prefixed when referencing nested services within service definitions.
This change means that any other system referencing services will
support an optional prefix without needing to specifically code support
in themselves.
2017-06-27 13:32:39 +12:00
Damian Mooyman
17c8e913bc
Merge pull request #7053 from creative-commoners/pulls/4.0/restore-extension-constructor
...
NEW restored Extension::__construct()
2017-06-26 21:39:55 +12:00
Franco Springveldt
d3d426bdfc
NEW restored Extension::__construct()
2017-06-26 17:34:43 +12:00
Sam Minnee
3c35d25a64
FIX: Allow DB::setConfig() in _config.php
...
This wasn’t working because the database was being validated before
_config.php was loaed.
This is how the installer sets config so this is an important fix.
2017-06-26 14:04:20 +12:00
Ingo Schommer
fa568e333e
Fixed linting errors
2017-06-23 11:19:16 +12:00
Will Rossiter
ad54e7eb30
Fix ImportButton not opening the modal
2017-06-23 10:10:01 +12:00
Damian Mooyman
3873e4ba00
API Refactor bootstrap, request handling
...
See https://github.com/silverstripe/silverstripe-framework/pull/7037
and https://github.com/silverstripe/silverstripe-framework/issues/6681
Squashed commit of the following:
commit 8f65e5653276f95944fa9379834cb4188ce35d827ed4660e7a738f50c4976279d28e5e5c90d53a84f9b2ba47555b59a912b6e2c4a18f635d235e64f3d88d4ed4e4f7946aec3312bd31f936bba97911462a10c2397bd75a8d1d9306364af3c32a278e2953b65c21241bd1d4375c95b220534f06603704165c2f6336a15bfc7188da7da0ae723514ca03395251c66d433977f26ae75c6e001d559662de079c041d
2017-06-22 22:50:45 +12:00
Loz Calver
5d27dccd60
NEW: Add CSRF token to logout action
2017-06-21 15:42:13 +01:00
Damian Mooyman
306d801258
Merge pull request #6984 from dhensby/pulls/4/default-pdo
...
NEW DB Driver defaults to PDO
2017-06-18 21:27:32 +12:00
Chris Joe
8c91d48d3a
Merge pull request #7033 from open-sausages/pulls/4.0/remove-parse-indexspec
...
FIX Remove reference to removed method parseIndexSpec
2017-06-16 16:40:51 +12:00
Chris Joe
102eaed36c
Merge pull request #6722 from open-sausages/pulls/4.0/requirements-html-cleanup
...
Better HTML generation behaviour for Requirements_Backend
2017-06-16 13:52:06 +12:00
Damian Mooyman
64e802f795
API Move createTag to HTML class
...
ENHANCEMENT Better HTML generation behaviour for Requirements_Backend
2017-06-16 12:22:05 +12:00
Damian Mooyman
54879402ce
BUG Removed reserved / removed / invalid country codes
...
Fixes #6996
2017-06-16 11:38:00 +12:00
Damian Mooyman
957d238caa
FIX Remove reference to removed method parseIndexSpec
...
Fixes #6968
2017-06-16 11:20:52 +12:00
Damian Mooyman
0f90c5b63f
ENHANCEMENT Update style of CMSLogin form
2017-06-15 18:13:14 +12:00
Damian Mooyman
024371c37e
API Change authentication ValidationResult handling to pass by-reference
2017-06-15 17:25:23 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services
...
API Improve validation of authentication process
2017-06-15 15:53:57 +12:00
Simon Erkelens
576eee72dc
Remove DefaultAdmin things from Security and Member into the MemberAuthenticator, unifying and removing duplicate code.
2017-06-15 14:20:29 +12:00
Chris Joe
950b1dfec2
Merge pull request #7010 from flamerohr/pulls/4.0/no-path-to-follow
...
Enhancement show the path which threw the error
2017-06-12 10:36:46 +12:00
Damian Mooyman
0dcfa5fa9d
FIX CMSSecurity doesn't have Authenticators assigned.
2017-06-12 10:10:34 +12:00
Christopher Joe
7178caf4a9
Enhancement show the path which threw the error
2017-06-12 10:08:12 +12:00
Simon Erkelens
3fe837dad7
Fix for CMS Authenticator. Should only apply to CMSSecurity
2017-06-10 14:47:53 +12:00
Simon Erkelens
5c4e55b60d
It's not CascadeLogInTo anymore, it's CascadeInTo
...
I'm mildly surprised this didn't break. I changed it to CascadeInTo, as the logout action needs to cascade into the session as well.
2017-06-10 12:58:22 +12:00
Damian Mooyman
d89bd15330
Move authentication hooks to SapphireTest
2017-06-09 16:25:40 +12:00
Damian Mooyman
62753b3cb1
Cleanup and RequestFilter refactor
2017-06-09 15:07:35 +12:00
Simon Erkelens
5fce3308b4
Move LostPasswordHandler in to it's own class.
...
- Moved the Authenticators from statics to normal
- Moved MemberLoginForm methods to the getFormFields as they make more sense there
- Did some spring-cleaning on the LostPasswordHandler
- Removed the BuildResponse from ChangePasswordHandler after spring cleaning
2017-06-08 20:09:57 +12:00
Simon Erkelens
082db89550
Feedback from Damian.
...
- Move the success and message to a validationresult
- Fix tests for validationresult return
- We need to clear the session in Test logOut method
- Rename to MemberAuthenticator and CMSMemberAuthenticator for consistency.
- Unify all to getCurrentUser on Security
- ChangePasswordHandler removed from Security
- Update SapphireTest for CMS login/logout
- Get the Member ID correctly, if it's an object.
- Only enable "remember me" when it's allowed.
- Add flag to disable password logging
- Remove Subsites coupling, give it an extension hook to disable itself
- Change cascadeLogInTo to cascadeInTo for the logout method logic naming
- Docblocks
- Basicauth config
2017-06-08 17:50:20 +12:00
Simon Erkelens
2b26cafcff
Separate out the log-out handling.
...
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
2017-06-07 21:11:58 +12:00
Sam Minnee
f9ea752bae
NEW: Add AuthenticationHandler interface
...
NEW: Add IdentityStore for registering log-in / log-out data
NEW: Add AuthenticationRequestFilter for managing login
NEW: Add Security:setCurrentUser() / Security::getCurrentUser()
NEW: Add FunctionalTest::logOut()
2017-06-07 21:11:55 +12:00
Simon Erkelens
c4194f0ed2
CMS Login Handling
...
Move to canLogin in the authentication check. Protected isLockedOut
Enable login to be called with a different login service (CMSLogin), enabling CMS Log in. Seems the styling and/or output is still broken.
logOut could be managed from the Authenticator instead of the member
2017-06-07 21:11:54 +12:00
Sam Minnee
7af7e6719e
API: Security.authenticators is now a map, not an array
...
Authenticators is now a map of keys -> service names. The key is used
in things such as URL segments. The “default_authenticator” value has
been replaced with the key “default” in this map, although in time a
default authenticator may not be needed.
IX: Refactor login() to avoid code duplication on single/multiple handlers
IX: Refactor LoginHandler to be more amenable to extension
IX: Fixed permissionFailure hack
his LoginHandler is expected to be the starting point for other
custom authenticators so it should be easier to repurpose components
`of it.
IX: Fix database-is-ready checks in tests.
IX: Fixed MemberAuthenticatorTest to match the new API
IX: Update security URLs in MemberTest
2017-06-07 21:11:53 +12:00
Sam Minnee
e226b67d06
Refactoring of authenticators
...
Further down the line, I'm only returning the `Member` on the doLogin, so it's possible for the Handler or Extending Handler to move to a second step.
Also cleaned up some minor typos I ran in to. Nothing major.
This solution works and is manually tested for now. Supports multiple login forms that end up in the correct handler. I haven't gotten past the handler yet, as I've yet to refactor my Yubiauth implementation.
FIX: Corrections to the multi-login-form support.
Importantly, the system provide a URL-space for each handler, e.g.
“Security/login/default” and “Security/login/other”. This is much
cleaner than identifying the active authenticator by a get parameter,
and means that the tabbed interface is only needed on the very first view.
Note that you can test this without a module simply by loading the
default authenticator twice:
SilverStripe\Security\Security:
authenticators:
default: SilverStripe\Security\MemberAuthenticator\Authenticator
other: SilverStripe\Security\MemberAuthenticator\Authenticator
FIX: Refactor delegateToHandler / delegateToHandlers to have less
duplicated code.
2017-06-07 21:11:52 +12:00
Daniel Hensby
856aa79892
Merge pull request #6987 from open-sausages/pull/4.0/3239-consisten-fist-last-returns
...
Consistent return values for first and last methods
2017-06-06 16:59:04 +01:00
Damian Mooyman
8c0ced311f
Merge pull request #6998 from AntonyThorpe/StrictFormMethodCheck
...
Updated Form.php & 04_Form_Security.md - strictFormMethodCheck to true
2017-06-06 23:06:11 +12:00
Antony Thorpe
6348f2e3e8
Updated Form.php & 04_Form_Security.md
...
Changed the `strictFormMethodCheck` protected property from false to true to step out on the front foot with this security setting. In the documentation under the title [Cross-Site Request Forgery](https://github.com/silverstripe/silverstripe-framework/blob/master/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md#cross-site-request-forgery-csrf ) it states, "it is also recommended to limit form submissions to the intended HTTP verb (mostly GET or POST) through [api:Form::setStrictFormMethodCheck()]." The same advice is noted in [Form Security](c2292a4cc1/docs/en/02_Developer_Guides/03_Forms/04_Form_Security.md (strict-form-submission)14c59be8
2017-06-06 21:10:49 +12:00
Saophalkun Ponlu
e267d29b9a
BUG Consistent return values for first and last methods
2017-06-06 17:22:55 +12:00
Christopher Joe
d12c986dd5
Fixes printing from crashing
2017-06-06 13:31:37 +12:00
Daniel Hensby
9a0e01d4a0
NEW DB Driver defaults to PDO
2017-06-01 11:00:35 +01:00
Daniel Hensby
11de4abe0a
Merge pull request #6977 from andrewandante/FIX/move_dotenv_higher
...
move TRUSTED_PROXY below .env loader
2017-05-30 12:41:09 +01:00
Andrew Aitken-Fincham
8f44b8f0ba
move trusted_proxy_ips below .env loader
2017-05-30 12:18:47 +01:00
Damian Mooyman
b27ef810d4
Merge pull request #6974 from colintucker/fix-csv-bulk-loader
...
Fixes a bug with split file names during CSV import
2017-05-30 16:18:06 +12:00
Damian Mooyman
e7d87add9f
API Remove legacy HTMLEditor classes
2017-05-30 11:01:28 +12:00
Nick
acb74a8577
Fix $class variable from being clobbered
...
The $class variable gets overwritten in the function.
This causes error messages to be less helpful. For example if you setup a has_many but forget the has_one on the other side the error will look something like
`[Emergency] Uncaught Exception: No has_one found on class 'SomeObject', the has_many relation from 'SilverStripe\View\ViewableData' to 'SomeObject' requires a has_one on 'SomeObject'`
fixing this gives a more useful error, like
`[Emergency] Uncaught Exception: No has_one found on class 'SomeObject', the has_many relation from 'Page' to 'SomeObject' requires a has_one on 'SomeObject'`
2017-05-29 20:31:09 +12:00
Colin Tucker
db59e51c4a
Fixes a bug with split file names during CSV import
2017-05-29 16:08:23 +10:00
Damian Mooyman
963d9197d3
API Ensure that all DataQuery joins are aliased based on relationship name
2017-05-26 13:38:58 +12:00
Daniel Hensby
893f19a5ea
DOCS Updating index definition examples
2017-05-25 23:29:12 +01:00
Daniel Hensby
3e556b5966
NEW Move index generation to DataObjectSchema and solidify index spec
2017-05-25 23:29:12 +01:00
Damian Mooyman
0cd40ca6e5
BUG Fix minor accessors of legacy ->class property
2017-05-25 11:55:12 +12:00
Damian Mooyman
29f450b1e1
Revert injector type hint to Injector
2017-05-25 11:06:48 +12:00
Damian Mooyman
906a4c444b
API Add streamable response object
2017-05-23 16:32:29 +12:00
Damian Mooyman
d15b9ee0b0
Response to feedback
2017-05-23 13:50:35 +12:00
Damian Mooyman
fba8e2c245
API Remove Object class
...
API DataObjectSchema::manyManyComponent() return array is now associative array
2017-05-23 13:50:35 +12:00
Damian Mooyman
7e2f8d1f2d
Merge pull request #6951 from sminnee/fix-2494
...
FIX: Don’t assume posix_getpwuid is available.
2017-05-23 13:10:56 +12:00
Sam Minnee
09164e7e2a
FIX: Better error checking for non-writable temp paths
...
Fixes https://github.com/silverstripe/silverstripe-framework/issues/1666
2017-05-23 10:06:48 +12:00
Sam Minnee
40d9bbfd69
FIX: Don’t assume posix_getpwuid is available.
...
Fixes https://github.com/silverstripe/silverstripe-framework/issues/2494
In Silverstripe 3.1, on some shared hosts the following bug can occur:
Warning: posix_getpwuid() has been disabled for security reasons
2017-05-23 10:00:36 +12:00
Damian Mooyman
7bc8172bc1
Merge pull request #6937 from caffeineinc/2930-checkboxfield-invalid-html
...
CheckboxField creates invalid HTML when required #2939
2017-05-22 13:44:58 +12:00
Ingo Schommer
a433e5f4a8
Find root modules with _config.php
...
When modules are installed as the webroot,
manifest generation should behave the same way as when they're in a subfolder.
Which means accepting the module folder both with a _config/ folder
and a _config.php file present.
2017-05-22 12:16:57 +12:00
Simon Gow
cdc03602ed
CheckboxField creates invalid HTML when required #2939
...
- Updated CheckboxField, CheckboxSetField, DropdownField, OptionsetField
to validate with HTML5 attributes & aria-required.
https://www.w3.org/TR/wai-aria/states_and_properties#aria-required
2017-05-22 12:15:28 +12:00
Damian Mooyman
2aa3b5d5fa
Merge pull request #6934 from robbieaverill/pulls/4.0/consistent-instance-method
...
API Consistent use of inst() naming across framework
2017-05-22 11:57:20 +12:00
Damian Mooyman
80bff0d099
Merge pull request #6932 from mikenz/pulls/4.0/treedropdownfield-orphaned
...
Bugfix: Parent treedropdownfield for an orphaned page is broken
2017-05-22 10:53:33 +12:00
Damian Mooyman
4197090e11
Merge pull request #6940 from kinglozzer/randomgenerator
...
Only use random_bytes() for RandomGenerator (closes #6397 )
2017-05-22 10:29:55 +12:00
Damian Mooyman
f35017479b
Merge pull request #6933 from robbieaverill/pulls/4.0/table-name-on-dev-build
...
Change to show created table names instead of model names in dev/build
2017-05-20 23:10:19 +12:00
Robbie Averill
4408726b6b
Change to show created table names instead of model names in dev/build
2017-05-20 16:09:49 +12:00
Loz Calver
e653e90997
Only use random_bytes() for RandomGenerator ( closes #6397 )
2017-05-19 11:18:56 +01:00
Robbie Averill
f2cbe86f03
Remove CustomMethods::createMethod and create_function implementations, replace with closures
2017-05-19 15:56:44 +12:00
Robbie Averill
ad43a82923
API Consistent use of inst() naming across framework
2017-05-19 14:38:06 +12:00
Ingo Schommer
100048da33
API PSR-11 compliance ( fixes #6594 ) ( #6931 )
...
Note that our usage of `$asSingleton` in `get()` is fine. Quote from the PSR:
> Two successive calls to get with the same identifier SHOULD return the same value. However, depending on the implementor design and/or user configuration, different values might be returned, so user SHOULD NOT rely on getting the same value on 2 successive calls.
2017-05-19 13:45:07 +12:00
