Robbie Averill
e7e32d13a3
FIX Add namespace and encryptor to tests that expect blowfish to be available
2018-05-24 11:24:56 +12:00
Damian Mooyman
865ebb3398
ENHANCEMENT Improve upgrading experience. ( #8025 )
...
* ENHANCEMENT Improve upgrading experience.
Show errors and back button if errors encountered during install
BUG Fix hard-coded 'mysite' folder
Fixes #8024
* Patch behat tests to work with new buttons
2018-05-21 22:08:34 +12:00
Daniel Hensby
1a57c7c1d0
NEW Add getJoinTable to MMTL
2018-05-14 11:19:24 +01:00
Aaron Carlino
f847f186b1
[ss-2018-013] Remove password text from session data on failed submission
2018-05-14 17:14:38 +12:00
Robbie Averill
5887201dd5
Merge pull request #64 from silverstripe-security/pulls/4.0/ss-2018-010
...
[SS-2018-010] Fix regression of SS-2017-002
2018-05-14 17:12:45 +12:00
Robbie Averill
beec0c0d47
[SS-2018-010] Fix regression of SS-2017-002
2018-05-14 17:12:07 +12:00
Robbie Averill
1e6790bfb6
Merge pull request #62 from silverstripe-security/pulls/4.0/ss-2018-001
...
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-14 17:11:03 +12:00
Damian Mooyman
e409d6f673
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-14 17:10:22 +12:00
Robbie Averill
39b62e5fbb
Merge pull request #61 from silverstripe-security/pulls/4.0/ss-2018-008
...
[ss-2018-008] Validate against malformed urls
2018-05-14 17:07:09 +12:00
Damian Mooyman
9053014a7e
[ss-2018-008] Validate against malformed urls
2018-05-14 17:06:47 +12:00
Robbie Averill
6f50728b18
Merge pull request #59 from silverstripe-security/pulls/4.0/ss-2018-006
...
[ss-2018-006] Prevent code execution in template value resolution
2018-05-14 17:06:04 +12:00
Damian Mooyman
2e13ae746f
[ss-2018-006] Prevent code execution in template value resolution
2018-05-14 17:05:31 +12:00
Damian Mooyman
d935140a95
[ss-2018-005] Prevent unauthenticated isDev / isTest being allowed
2018-05-14 17:03:39 +12:00
Damian Mooyman
5771388821
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-09 15:12:40 +12:00
Daniel Hensby
80bf0fc487
FIX bad syntax
2018-05-02 11:43:12 +01:00
Daniel Hensby
d5e2d3fa67
Merge branch '3.6' into 4.0
2018-05-01 21:47:17 +01:00
Robbie Averill
30e2d9c4df
[SS-2018-009] Allow forced redirects to HTTPS for responses with basic authentication
2018-04-24 14:44:29 +12:00
Mojmir Fendek
07372d388e
LookupField value handling corrected (atomic values are no longer thrown away).
2018-04-23 15:15:40 +12:00
UndefinedOffset
fe4b90edc0
FIX: Duplicating many_many relationships looses the extra fields in 4.0
2018-04-18 11:49:20 -03:00
Daniel Hensby
8359f3dc97
Merge branch '3.5' into 3.6
2018-04-18 13:14:07 +01:00
UndefinedOffset
af3a9f3ec8
FIX: Duplicating many_many relationships looses the extra fields ( fixes #7973 )
2018-04-18 12:16:02 +01:00
Damian Mooyman
9a12fac218
BUG Prevent password validator min score producing false negatives
...
Replaces #7995
2018-04-18 10:35:31 +12:00
Damian Mooyman
87c7a53511
Merge remote-tracking branch 'origin/4.1' into 4
...
# Conflicts:
# .travis.yml
2018-04-13 09:56:58 +12:00
Damian Mooyman
5a8c5601a9
Merge remote-tracking branch 'origin/4.0' into 4.1
...
# Conflicts:
# .travis.yml
# composer.json
2018-04-13 09:55:23 +12:00
Damian Mooyman
c54b07a952
API Update to use new chromedriver + behat-extension + facebook/webdriver
2018-04-12 14:19:14 +12:00
Robbie Averill
af2c3886b9
Merge branch '4.1' into 4
2018-04-10 16:27:00 +12:00
Will Rossiter
09cc75a656
MINOR Add visiblity to SelectionGroup test functions
2018-04-05 10:33:27 +12:00
Will Rossiter
2512761587
Fix invalid markup in SelectionGroup selected values
2018-04-05 10:16:25 +12:00
Ingo Schommer
983a724ea5
Merge pull request #7399 from dhensby/pulls/4/reduce-dependence-on-session-for-reading-mode
...
Reduce dependence on session state for accessing draft stages
2018-03-23 16:19:26 +13:00
Damian Mooyman
df9e0e40d3
Deprecate useDraftStage
2018-03-22 17:23:50 +13:00
Damian Mooyman
257ff69e32
API Implement many_many through polymorphic (from only) ( #7928 )
...
* API Support many_many through polymorphic relations (from side only)
Fixes #7911
Fixes #3136
* Add extra docs and allow optional arguments
* ENHANCEMENT Enable quiet to be turned off
* BUG Fix issue with manymanythroughlist duplication
2018-03-22 10:26:25 +13:00
Damian Mooyman
8b9c292509
Merge remote-tracking branch 'origin/4.1' into 4
2018-03-13 14:26:39 +13:00
Damian Mooyman
625f7b4eee
Merge remote-tracking branch 'origin/4.0' into 4.1
2018-03-13 14:26:18 +13:00
Damian Mooyman
3a1c813b28
API Add getContentCSS() / setContentCSS() to allow per-config customisation of content_css
...
Fixes #7873
2018-03-05 16:10:44 +13:00
Roman Schmid
40c2e299a0
Fix "mb_stripos(): Empty delimiter" warning when no search-keywords are given for DBText::ContextSummary
.
...
Add unit-test to cover that case.
2018-03-01 11:39:30 +01:00
Daniel Hensby
9006daf20b
Cleaning up PR and adding tests
2018-02-28 13:31:56 +00:00
Aaron Carlino
0863bac29a
Update getVariables to return a copy of globals rather than including the reference in an array merge
2018-02-27 09:52:36 +13:00
Daniel Hensby
722f2d178a
Merge branch '4.1' into 4
2018-02-26 10:57:52 +00:00
Daniel Hensby
856e89998b
Merge branch '4.0' into 4.1
2018-02-26 10:56:45 +00:00
Damian Mooyman
b27102f810
BUG Fix incorrect assets created when ASSETS_PATH !== BASE_PATH . '/assets'
2018-02-26 13:12:08 +13:00
Aaron Carlino
d91648dd6e
Update getVariables to return a copy of globals rather than including the reference in an array merge
2018-02-23 16:25:41 +13:00
Daniel Hensby
ced2ba1f64
API Move CSV writing/reading to league/csv library
2018-02-22 09:22:37 +13:00
Daniel Hensby
dace2f179d
Merge branch '4.1' into 4
2018-02-21 13:58:45 +00:00
Daniel Hensby
c04ff8c55a
Merge branch '4.0' into 4.1
2018-02-21 13:40:30 +00:00
Damian Mooyman
0e26c06644
BUG Fix behaviour towards versioned but unstagable records
2018-02-20 12:20:18 +13:00
Damian Mooyman
12e701c8ed
Merge remote-tracking branch 'origin/4.1' into 4
2018-02-15 09:28:14 +13:00
Damian Mooyman
34233c0470
Update reference to TestAssetStore
2018-02-14 16:24:12 +13:00
Daniel Hensby
9c50b03b86
Merge branch '3.5' into 3.6
2018-02-13 14:30:29 +00:00
Jonathon Menz
c767e472dc
FIX DataObject singleton creation
...
Ensure DataObject instances are aware they are singletons so functions like populateDefaults() can be skipped. (fixes #4878 )
2018-02-12 20:30:35 -08:00
Damian Mooyman
0b7cf80331
BUG Fix incorrect convert slashes argument
2018-02-13 16:33:35 +13:00
Daniel Hensby
16d3498a56
Merge branch '4.1' into 4
2018-02-12 10:26:07 +00:00
Daniel Hensby
7ec5fa2c8d
Merge branch '4.0' into 4.1
2018-02-09 15:19:15 +00:00
Daniel Hensby
e298fcc345
Merge branch '3.6' into 4.0
2018-02-09 14:32:58 +00:00
Daniel Hensby
48a8a82326
Merge branch '3.5' into 3.6
2018-02-09 13:20:38 +00:00
Chris Joe
95308e1af6
Merge pull request #7849 from open-sausages/pulls/4.0/fix-debug-string-class-cli
...
BUG Fix issue with CLIDebugView failing on class name of existing class
2018-02-09 15:41:18 +13:00
Daniel Hensby
d3278d5470
FIX Add Nested DB transaction support ( #7848 )
...
* TEST Prove nested transactions break
* Add nested transaction support
2018-02-09 10:28:32 +13:00
Damian Mooyman
0a486b8f57
BUG Fix issue with CLIDebugView failing on class name of existing class
...
Fixes #7827
2018-02-09 09:52:32 +13:00
JorisDebonnet
5df1ec7eee
Use fputcsv in GridFieldExportButton
2018-02-08 12:26:29 +00:00
Robbie Averill
dd82820242
NEW Allow GridFieldConfig::addComponents to accept an array ( #7844 )
2018-02-08 11:06:27 +13:00
Andrew Aitken-Fincham
860fa2a05a
API Add excludeAny() and tests for complicated excludes/filters ( #7838 )
2018-02-08 09:20:17 +13:00
Damian Mooyman
2f1f5c0caa
Merge remote-tracking branch 'origin/4.0' into 4
2018-02-07 11:48:46 +13:00
Daniel Hensby
660dfd34a8
FIX Issue where default admin has no password encryption
2018-02-06 20:18:32 +00:00
Daniel Hensby
62057befdb
Merge branch '4.0' into 4
2018-02-06 10:08:17 +00:00
Daniel Hensby
28ca11dd7e
FIX Regex range identifier correctly escaped
2018-02-05 15:17:20 +00:00
Damian Mooyman
e359948eb3
Merge remote-tracking branch 'origin/4.0' into 4
...
# Conflicts:
# src/Core/CoreKernel.php
2018-02-05 17:52:38 +13:00
Damian Mooyman
db9aa2c5c7
BUG Fix regression in has_one getters breaking DataDifferencer
2018-02-05 16:16:07 +13:00
Damian Mooyman
aa2c71424d
API Implement cascade_duplications
...
API Add DataObject::setComponent()
API Support unary components as getter and setter fields
API ManyManyList::add() now supports unsaved records
ENHANCEMENT Animal farm
2018-02-05 12:04:57 +13:00
Damian Mooyman
288aaf083c
BUG Fix issue with DebugView failing on class name of existing class
...
Fixes #7827
2018-02-05 10:45:49 +13:00
Damian Mooyman
740c3326e9
BUG Fix critical issue with incorrectly saved session data
2018-02-02 15:08:52 +13:00
Damian Mooyman
4da99efd5d
Merge remote-tracking branch 'origin/3.5' into 3.6
2018-01-31 16:03:42 +13:00
Christopher Joe
456871fd91
Enhancement Updated PasswordValidator to fallback to config options - still retains instance variables
2018-01-31 10:54:43 +13:00
Robbie Averill
3d7ecc5240
FIX Allow cleanup marker regex to handle self closing HTML5 tags
2018-01-30 11:16:21 +13:00
Damian Mooyman
76d2db12b0
Merge pull request #7794 from kinglozzer/id-like-to-place-an-ordinal
...
NEW: Add support for ordinals in DBDate::Format()
2018-01-26 09:27:46 +13:00
Loz Calver
fcf5022550
NEW: Add support for ordinals in DBDate::Format()
2018-01-25 09:41:06 +00:00
Damian Mooyman
bca47029c4
Merge remote-tracking branch 'origin/4.0' into 4
...
# Conflicts:
# src/Control/SimpleResourceURLGenerator.php
# tests/php/Control/SimpleResourceURLGeneratorTest.php
2018-01-25 12:53:15 +13:00
Damian Mooyman
72e2326731
Merge pull request #7798 from kinglozzer/member-groupset-delete
...
FIX: Fix Member_GroupSet::removeAll() (fixes #3948 )
2018-01-25 09:20:30 +13:00
Loz Calver
c2cd6b3832
FIX: Fix Member_GroupSet::removeAll() ( fixes #3948 )
2018-01-24 17:17:20 +00:00
Roman Schmid
6fafce766e
Fixed Rfc3339 implementation of Date and Datetime
2018-01-24 16:58:12 +01:00
Dylan Wagstaff
943821f984
Add a test for external resource support
...
`SimpleResourceURLGenerator` has been altered to allow absolute URLs to be loaded directly, as so is now also tested to ensure the added functionality is true to design.
2018-01-23 17:43:01 +13:00
Damian Mooyman
04050b2753
API Director::host() now formally includes port in host
...
API Add Director::hostName() and Director::port()
Fixes #7685
2018-01-23 12:19:09 +13:00
Damian Mooyman
c32b3dd5ba
BUG Prevent versioned from breaking gridfield tests
2018-01-23 09:29:42 +13:00
Damian Mooyman
a3c52f901a
Merge remote-tracking branch 'origin/4.0' into 4
...
# Conflicts:
# src/Core/TempFolder.php
# src/ORM/DataObject.php
# src/View/ThemeResourceLoader.php
# src/includes/constants.php
# tests/php/Control/SimpleResourceURLGeneratorTest.php
# tests/php/Forms/HTMLEditor/HTMLEditorFieldTest.php
# tests/php/View/RequirementsTest.php
2018-01-22 14:57:05 +13:00
Daniel Hensby
db610aaf3b
Fixing string concat CS issues
2018-01-16 18:39:30 +00:00
Daniel Hensby
c959160375
FIX Misnamed test namespaces
2018-01-16 17:41:18 +00:00
Werner M. Krauß
422857f381
SapphireTestTest: use named data providers and more error messages
...
* use keys for naming each data set
* adding error messages
* clean up a bit
2018-01-16 15:25:40 +00:00
Daniel Hensby
ebeaf3e40d
Merge branch '3' into 4
2018-01-16 11:47:39 +00:00
Loz Calver
daac577e62
Merge pull request #7763 from creative-commoners/pulls/4.0/fix-remove-header
...
FIX HTTPResponse::removeHeader incorrectly converts header name to lowercase
2018-01-16 11:04:03 +00:00
Robbie Averill
cc90cb0125
FIX HTTPResponse::removeHeader incorrectly converts header name to lowercase
2018-01-16 23:20:52 +13:00
Daniel Hensby
e4b936c7c7
Merge branch '4.0' into 4
2018-01-12 14:40:33 +00:00
Damian Mooyman
8d077203d4
API Implement support for public/ webroot folder ( #7741 )
...
* API Implement support for public/ webroot folder
* Bugfixes and refactor based on feedback
2018-01-12 16:25:02 +13:00
Daniel Hensby
de6afd4405
TEST Cant reliably use Injector to replace Extensions
2018-01-11 14:08:29 +00:00
Damian Mooyman
f885101a1b
BUG Fix basic auth in PHP-CGI
...
Fixes #7717
2017-12-21 14:58:19 +13:00
Damian Mooyman
c4ff8443bb
API Shift basic auth checking into middleware
...
Fixes #7554
2017-12-20 11:39:04 +13:00
Damian Mooyman
3bd4aae521
Merge remote-tracking branch 'origin/4.0' into 4
2017-12-19 10:02:41 +13:00
Chris Joe
4ad9ceca6b
Merge pull request #7702 from open-sausages/pulls/4/fix-message-casting-permissions
...
BUG Fix message casting for html security messages
2017-12-18 15:43:35 +13:00
Damian Mooyman
623daed5ab
Merge pull request #6472 from silbinarywolf/feat-fieldlist-nestedfields
...
feat(FieldList): Add nestedFields() function to return a flat array of all deeply nested fields in a FieldList.
2017-12-18 13:43:36 +13:00
Robbie Averill
aa7ab0c494
Update test assertions to be more readable
2017-12-17 16:22:26 +13:00
Robbie Averill
ea8ed5067d
FIX Allow Requirements::block to handle module resource paths
2017-12-17 16:09:22 +13:00
Damian Mooyman
c5bd9bb424
BUG Fix incorrect BASE_DIR inferred in CLI
...
BUG Fix Director::mockRequest() mocking incorrect $url
Fixes #7689
2017-12-15 17:20:48 +13:00
Daniel Hensby
e4bf9a31ed
Merge branch '4.0' into 4
2017-12-14 21:20:11 +00:00
Daniel Hensby
1c72d6946d
Merge branch '3.6' into 4.0
2017-12-14 21:01:35 +00:00
Daniel Hensby
7897b3bb25
Merge branch '3.6' into 3
2017-12-14 15:31:51 +00:00
Daniel Hensby
7b0500982e
Merge branch '3.5' into 3.6
2017-12-14 15:25:36 +00:00
Daniel Hensby
81150c5922
FIX Use PHP 5.3 array syntax
2017-12-14 15:24:53 +00:00
Jake Bentvelzen
da9c133c1b
ENHANCEMENT Add flattenFields() function to iterate over all deeply nested fields in a form
2017-12-14 14:23:00 +00:00
Damian Mooyman
140ed72e2a
BUG Fix message casting for html security messages
2017-12-14 14:49:58 +13:00
Damian Mooyman
529e341dbc
Merge pull request #7699 from open-sausages/pulls/4/html-in-security-msg
...
ENHANCEMENT Allow html in security failure message
2017-12-14 14:30:09 +13:00
Damian Mooyman
1c8576cee7
Linting cleanup
2017-12-14 14:18:41 +13:00
Damian Mooyman
ed6561d9f5
BUG Fix incorrect merge of associative / non-associative summary fields
...
Fixes #7696
2017-12-14 14:17:19 +13:00
Damian Mooyman
8b1b9f022b
Fix linting issues
2017-12-14 13:50:52 +13:00
Damian Mooyman
33b2d50d59
Cache warming in InheritedPermissions::getCachePermissions()
...
Simplify Group::Members() code
Remove cms-only config
2017-12-12 09:01:43 +13:00
Aaron Carlino
2be902ef2f
Adapt to new MemberCacheFlusher interface
2017-12-11 17:50:11 +13:00
Aaron Carlino
aefb0aeaa8
Make InheritedPermissions use cache and implement cache flushing
2017-12-11 17:50:11 +13:00
Damian Mooyman
ee27329728
Minor linting / style updates
2017-12-11 16:46:59 +13:00
Aaron Carlino
86458941be
Refactor to MemberCacheFlusher
2017-12-11 16:46:59 +13:00
Aaron Carlino
4857816c9e
Revisions per robbieaverill
2017-12-11 16:46:59 +13:00
Aaron Carlino
eecb9f64d3
Add new InheritedPermissionFlusher extension, CacheFlusher service
2017-12-11 16:46:59 +13:00
Damian Mooyman
eba6129c07
Merge pull request #7677 from open-sausages/pulls/4/textarea-maxlength
...
Enable max length for textarea field
2017-12-11 10:34:29 +13:00
Saophalkun Ponlu
381ad756f2
Fix tests
2017-12-08 09:58:52 +13:00
Damian Mooyman
6b384f4b35
Merge branch '4.0' into 4
2017-12-07 13:52:00 +13:00
Damian Mooyman
50aa1f22a6
Merge branch '3.6' into 3
2017-12-07 13:20:58 +13:00
Saophalkun Ponlu
442f2bb762
Enable max length for textarea field
2017-12-07 12:52:28 +13:00
Daniel Hensby
89166a2ff2
Try using parseSortColumn from ArrayList
2017-12-06 13:38:58 +00:00
Daniel Hensby
2e43780a8a
NEW Add sort columns to DB index automatically
2017-12-06 13:38:25 +00:00
Damian Mooyman
286271a1e1
Merge pull request #56 from silverstripe-security/pulls/4.0/ss-2017-009
...
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (4.0 branch)
2017-12-06 18:22:47 +13:00
Damian Mooyman
99e772b361
Merge pull request #51 from silverstripe-security/pulls/4.0/ss-2017-007
...
[ss-2017-007] Ensure xls formulae are safely sanitised on output (4.0)
2017-12-06 18:22:11 +13:00
Damian Mooyman
d6a93f5215
Merge remote-tracking branch 'silverstripe-security/3.5' into 3.6
...
# Conflicts:
# security/Member.php
2017-12-06 17:26:45 +13:00
Damian Mooyman
91cf85087b
Merge remote-tracking branch 'origin/3.5' into 3.6
2017-12-06 17:21:09 +13:00
Damian Mooyman
dd4c5417e7
Merge pull request #49 from silverstripe-security/pulls/3.5/ss-2017-007
...
[ss-2017-007] Ensure xls formulae are safely sanitised on output (3.5)
2017-12-06 16:25:58 +13:00
Damian Mooyman
44de03da01
Merge pull request #53 from silverstripe-security/pulls/3.5/ss-2017-006
...
[ss-2017-006] Fix user agent invalidation on session startup (3.5 branch)
2017-12-06 16:25:39 +13:00
Damian Mooyman
3e2bcaa0b4
Merge pull request #54 from silverstripe-security/pulls/3.5/ss-2017-009
...
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (3.5 branch)
2017-12-06 16:25:19 +13:00
Chris Joe
0e8d288240
Merge pull request #7667 from open-sausages/pulls/4.0/better-tinymce-locales
...
BUG Ensure that all tinymce_lang mappings are valid
2017-12-06 11:24:02 +13:00
Daniel Hensby
2aa1d8f2c4
remove create_function usage
2017-12-05 14:20:13 +00:00
Loz Calver
91bd92df31
FIX: Remove some unnecessary ClassInfo calls in DataObjectSchema
2017-12-05 12:23:10 +00:00
Daniel Hensby
eb55c27124
Merge branch '4.0' into 4
2017-12-05 12:14:22 +00:00
Damian Mooyman
69295a6e22
BUG Ensure that all tinymce_lang mappings are valid
2017-12-01 15:00:39 +13:00
Damian Mooyman
25e276cf37
[ss-2017-006] Fix user agent invalidation on session startup
2017-12-01 10:55:00 +13:00
Damian Mooyman
cfe1d4f481
[ss-2017-007] Ensure xls formulae are safely sanitised on output
...
CSVParser now strips leading tabs on cells
2017-12-01 10:24:49 +13:00
Damian Mooyman
22ccf3e2f9
[ss-2017-007] Ensure xls formulae are safely sanitised on output
...
CSVParser now strips leading tabs on cells
2017-12-01 10:19:48 +13:00
Damian Mooyman
f1dd3d6f03
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt
2017-11-30 17:00:49 +13:00
Damian Mooyman
6ba00e829a
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt
2017-11-30 15:53:50 +13:00
Damian Mooyman
5bfc0c43eb
Merge pull request #7648 from creative-commoners/pulls/4.0/support-some-class-collection
...
FIX Support self::class text collection
2017-11-29 11:37:06 +13:00
Damian Mooyman
2fe59680e3
Merge pull request #7620 from open-sausages/pulls/4.0/its-too-big-to-fit
...
BUG Added warning for auto-generated table_name
2017-11-28 09:42:12 +13:00
Robbie Averill
b7ea05900e
FIX Support self::class text collection
2017-11-27 23:20:29 +13:00
Christopher Joe
cc72b5c852
BUG Added warning for auto-generated table_name for non-test classes
2017-11-27 20:22:37 +13:00
Damian Mooyman
6e7fb4747e
Restore legacy $ThemeDir support
2017-11-27 15:24:40 +13:00
Damian Mooyman
bac5f4c8aa
Merge branch '3.5' into pulls/3.5/update-pwd-encryption-on-change
2017-11-27 14:42:32 +13:00
Daniel Hensby
6d5cbe0a0e
Merge branch '4.0' into 4
2017-11-25 17:19:31 +00:00
Daniel Hensby
07a0f75426
Merge branch '3.6' into 4.0
2017-11-25 16:56:50 +00:00
Daniel Hensby
fd201bc71b
Merge branch '3.6' into 3
2017-11-25 16:18:46 +00:00