Commit Graph

23292 Commits

Author SHA1 Message Date
Guy Sartorelli
908b6f2006
Merge branch '4.12' into 4.13 2023-04-26 11:44:54 +12:00
Sabina Talipova
c2733a3108
Merge pull request #10760 from creative-commoners/pulls/4.12/absoluteurl-parsing
Escaped double slash is absolute URL
2023-04-26 11:30:41 +12:00
Sabina Talipova
961499f640
Merge pull request #10759 from creative-commoners/pulls/4.12/gridfieldprint-canview
Check canView before printing from GridField
2023-04-26 11:24:46 +12:00
Guy Sartorelli
1a5bb4cbec
[CVE-2023-22729] Escaped double slash is absolute URL 2023-04-26 09:49:59 +12:00
Guy Sartorelli
fd5d8217e8
[CVE-2023-22728] Check canView before printing from GridField 2023-04-26 09:45:34 +12:00
Steve Boyd
3d03a93b8f Merge branch '4.12' into 4.13 2023-04-11 10:55:17 +12:00
Dylan Wagstaff
92061a3ba6
FIX stabilise typed APIs (#10740)
Since 4.12 the use of typehints and return types has caused issues with
values fetched directly from config without validation. This has lead to
upgrade woes in a minor version (#10721) with no immediate recourse
other than manual system intervention.

To use types, we should ensure types, leaving a stable API that won't
error on a bad value - or should give a thoughtful and directive error
message if so.

Issue #10721 summary:
SessionMiddleware runs before FlushMiddleware
SessionMiddleware causes a PHP fatal error passing `null` to a `string`
parameter.
`null` comes from config, because default string value doesn't exist. We
need flush for this - but system execution never makes it that far.
2023-04-11 10:52:41 +12:00
Guy Sartorelli
a42bb856c3
Merge pull request #10750 from xini/patch-6
FIX: Group visibility for SITETREE_GRANT_ACCESS permissions
2023-04-11 09:58:43 +12:00
Florian Thoma
cd946b6c80
Group visibility for SITETREE_GRANT_ACCESS permissions
Make groups visible if member has SITETREE_GRANT_ACCESS permissions, otherwise the dropdown for selecting the group is empty
2023-04-05 16:33:41 +10:00
Guy Sartorelli
600f188287
MNT Revert erroneous dependency changes (#10739) 2023-03-28 16:46:46 +13:00
Guy Sartorelli
a62e554409
Merge pull request #10733 from creative-commoners/pulls/4.13/searchable
FIX Respect searchable_fields
2023-03-23 11:51:02 +13:00
Steve Boyd
0f40cc38ec FIX Respect searchable_fields 2023-03-23 10:57:03 +13:00
Guy Sartorelli
0d041e7d7d
Merge pull request #10730 from creative-commoners/pulls/4.13/fix-depr
FIX Reduce array method calls
2023-03-22 11:34:10 +13:00
Steve Boyd
41bb35f3f3 FIX Reduce array method calls 2023-03-22 11:06:23 +13:00
Guy Sartorelli
e47eedff7d
Merge pull request #10725 from zemiacsik/patch-ArrayList-fix
FIX property_exists() parameters mixup
2023-03-20 18:52:02 +13:00
zemiacsik
d60af9d16e
FIX property_exists() parameters mixup
ensure that property parameter is a string
2023-03-14 08:42:22 +01:00
zemiacsik
5b8d61b55b
FIX property_exists() parameters mixup
property_exists() has first parameter "object_or_class" and second is a property to check
2023-03-13 13:51:48 +01:00
Guy Sartorelli
77cbe20ba9
MNT Update development dependencies 2023-03-10 16:29:44 +13:00
Guy Sartorelli
75b7622a21
MNT Update release dependencies 2023-03-10 16:29:40 +13:00
Guy Sartorelli
a387c9b9e4
MNT Update development dependencies 2023-03-10 12:21:27 +13:00
Guy Sartorelli
a4929a171e
Merge pull request #10697 from creative-commoners/pulls/4/nicer-deprecations
ENH Improve deprecation logging
2023-03-09 14:39:51 +13:00
Guy Sartorelli
f29577853a
Merge pull request #10720 from creative-commoners/pulls/4/tx-1678079865
ENH Update translations
2023-03-08 10:25:02 +13:00
Steve Boyd
a37be27bd7 ENH Update translations 2023-03-06 18:17:45 +13:00
Guy Sartorelli
046befc4ba
ENH Improve deprecation logging 2023-03-06 13:25:44 +13:00
Guy Sartorelli
128b327c6d
API Add method to check if env var is set 2023-03-06 11:49:22 +13:00
Steve Boyd
8b148bf293 Merge branch '4.12' into 4 2023-03-02 15:37:03 +13:00
Guy Sartorelli
66561ccb49
FIX Correctly deprecation Sources.module_priority (#10711)
This config was deprecated back in #7154 and hasn't been used since
2023-03-02 11:05:35 +13:00
Maxime Rainville
403f924d22
BUG Update RelatedDataService to properly escape ClassName in Polymorphic relations (#10713) 2023-03-02 09:56:40 +13:00
Michal Kleiner
94b24b2390
Merge pull request #10687 from xini/fix-classinfo-paths-windows 2023-03-01 20:56:49 +13:00
Florian Thoma
6585d499f5 FIX Convert slashes in paths when getting list of classes for file/folder
This is to support the mechanism working on all operating systems where Windows may produce a mix of forward and backward slashes in some paths.
For working with the files it may not be a problem, but for exact string comparison the path delimiters need to be unified.
2023-03-01 20:32:19 +13:00
Guy Sartorelli
277e97a84f
Merge pull request #10709 from creative-commoners/pulls/4/deprecated-args
ENH Updated deprecation warning message
2023-03-01 14:19:18 +13:00
Guy Sartorelli
58ca426f11
Merge branch '4.12' into 4 2023-03-01 12:54:30 +13:00
Sabina Talipova
05674adf51 ENH Updated deprecation warning message 2023-03-01 12:39:42 +13:00
Guy Sartorelli
5295ba6c16
API Throw deprecation warnings for bad configuration (#10702) 2023-03-01 11:36:08 +13:00
Guy Sartorelli
6669d54f59
FIX Wrap deprecated config with no replacement (#10704) 2023-02-27 18:13:31 +13:00
Guy Sartorelli
652281507f
FIX Correctly identify deprecated API in withNoReplacement (#10706) 2023-02-27 15:25:27 +13:00
Guy Sartorelli
ab566b0a15
API Add new deprecation notices. (#10691)
These are removed in CMS 5.
2023-02-15 13:26:36 +13:00
Florian Thoma
54fc4ee9d2
fix directory separator in i18nTextCollector on Windows (#10681)
* fix directory separator in i18nTextCollector for Windows

* fix typo
2023-02-09 19:09:48 +13:00
Sabina Talipova
1f7adab62e
Merge pull request #10677 from creative-commoners/pulls/4/deprecate-diff
API Deprecate Diff in favour of CMS5's HtmlDiff
2023-02-08 16:36:58 +13:00
Guy Sartorelli
3a14aafc7f
API Deprecate Diff in favour of CMS5's HtmlDiff 2023-02-08 11:15:28 +13:00
Guy Sartorelli
ce9fa05dc7
Merge pull request #10678 from creative-commoners/pulls/4/depr
API Deprecate code
2023-02-08 10:44:44 +13:00
Steve Boyd
4e9c74243d API Deprecate code 2023-02-07 11:56:04 +13:00
Steve Boyd
23efed1802 Merge branch '4.12' into 4 2023-02-02 16:20:00 +13:00
Michal Kleiner
20e4aae25b
Merge pull request #10663 from lekoala/patch-33
FIX Prevent backslash in CSS class name
2023-01-30 22:51:09 +13:00
Thomas Portelange
3e5d99dedc
Prevent backslash in class name
since the default code is using get_called_class, you can end up with \ in the class name which is an escape character for css selectors
this update convert for example

even valCMS_ACCESS_SilverStripe\VersionedAdmin\ArchiveAdmin
to
even valCMS_ACCESS_SilverStripe-VersionedAdmin-ArchiveAdmin

ArchiveAdmin class should probably implement     private static $required_permission_codes = 'CMS_ACCESS_ArchiveAdmin '; also
2023-01-30 10:26:22 +01:00
Maxime Rainville
c430011f19
Merge pull request #10648 from creative-commoners/pulls/4/deprecate-html5
API Deprecate HTML4Value
2023-01-17 22:20:07 +13:00
Steve Boyd
b973c88648 API Deprecate HTML4Value 2023-01-16 15:28:23 +13:00
Mojmir Fendek
2c105cffc9
ENH: saveInto() new extension points. (#10636)
* ENH: saveInto() new extension points.
2023-01-13 09:43:22 +13:00
Guy Sartorelli
62f71a321d
Merge pull request #10631 from xini/patch-5
fix: optional return value for paginator state
2023-01-09 10:47:17 +13:00
Florian Thoma
bb8e3b8386
fix: optional return value for paginator state
`$state->getData()->getData('GridFieldPaginator')' (line 598) returns null by default.
2023-01-02 15:32:16 +11:00