Commit Graph

18570 Commits

Author SHA1 Message Date
Damian Mooyman
dd4eb6ce44 Merge pull request #6960 from open-sausages/pulls/4.0/security-process-docs
Internal security process docs
2017-06-16 13:50:58 +12:00
Chris Joe
fa203d8c99 Merge pull request #7034 from open-sausages/pulls/4.0/fix-i18n-countries
BUG Removed reserved / removed / invalid country codes
2017-06-16 13:26:42 +12:00
Damian Mooyman
64e802f795
API Move createTag to HTML class
ENHANCEMENT Better HTML generation behaviour for Requirements_Backend
2017-06-16 12:22:05 +12:00
Damian Mooyman
54879402ce
BUG Removed reserved / removed / invalid country codes
Fixes #6996
2017-06-16 11:38:00 +12:00
Lukas
a990c99d6e NEW: suffix subfolder in silverstripe-cache with php-version (#6810)
Note that this changes the default temp path value 

 * Was: /tmp/silverstripe-cache-Users-FOO-webroot-BAR-php7.1.5/USER
 * Now: /tmp/silverstripe-cache-Users-FOO-webroot-BAR/USER-php7.1.5
2017-06-16 11:25:02 +12:00
Damian Mooyman
957d238caa
FIX Remove reference to removed method parseIndexSpec
Fixes #6968
2017-06-16 11:20:52 +12:00
Chris Joe
65e2347342 Merge pull request #6989 from open-sausages/pulls/4.0/cms-reauth-style
ENHANCEMENT Update style of CMSLogin form
2017-06-15 20:20:27 +12:00
Damian Mooyman
619942f426
Remove trash file 2017-06-15 18:33:47 +12:00
Damian Mooyman
0f90c5b63f ENHANCEMENT Update style of CMSLogin form 2017-06-15 18:13:14 +12:00
Damian Mooyman
22e084f288 Merge pull request #7026 from Firesphere/move_default_admin
Move default admin
2017-06-15 18:12:51 +12:00
Damian Mooyman
024371c37e
API Change authentication ValidationResult handling to pass by-reference 2017-06-15 17:25:23 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services
API Improve validation of authentication process
2017-06-15 15:53:57 +12:00
Simon Erkelens
576eee72dc Remove DefaultAdmin things from Security and Member into the MemberAuthenticator, unifying and removing duplicate code. 2017-06-15 14:20:29 +12:00
Daniel Hensby
273a087f5a
Merge branch '3.6' into 3 2017-06-14 14:29:15 +01:00
Daniel Hensby
c66a5ebcd2 Merge pull request #7019 from robbieaverill/patch-6
FIX Update help link from 3.5 to 3.6
2017-06-14 14:15:56 +01:00
Daniel Hensby
c6b790ccb5 Merge pull request #7020 from marczhermo/3.6.1
Bug: Complex (curly) syntax
2017-06-14 14:00:23 +01:00
Marcz Hermo
1073eca2fa Bugfix: Complex (curly) syntax 2017-06-15 00:03:55 +12:00
Daniel Hensby
6f2b08b962
Merge branch '3.6' into 3 2017-06-14 12:02:27 +01:00
Daniel Hensby
ecc88b2cbe
Merge branch '3.5' into 3.6 2017-06-14 12:02:06 +01:00
Robbie Averill
fd57bd9100 FIX Update help link from 3.5 to 3.6 2017-06-14 15:29:28 +12:00
Loz Calver
4f4fb62dfa Merge pull request #7015 from bcairns/3.5
Fix changetracker checkbox bugs
2017-06-13 09:13:37 +01:00
Loz Calver
ae59c08703 Merge pull request #7014 from 3Dgoo/patch-1
Fixing language typo in docs
2017-06-13 09:05:21 +01:00
Brian Cairns
53c84d93da Fix changetracker checkbox bugs
1) Use quoted name attribute selector, to work with CheckboxsetField bracketed[] field names
2) Initialize unchecked boxes original values to 0 instead of undefined, as this is the value onchange() expects for unchecked boxes (see line 67)
2017-06-12 16:16:55 -06:00
Damian Mooyman
9c2f4e3c44 Merge pull request #7012 from dhensby/pulls/3.5/member-null
FIX Order of conditionals for getting default admin
2017-06-13 09:58:22 +12:00
3Dgoo
f0c00bfb78 Fixing language typo in docs 2017-06-13 05:37:07 +09:30
Daniel Hensby
a5c84b12ab
FIX Order of conditionals for getting default admin 2017-06-12 11:54:05 +01:00
Chris Joe
950b1dfec2 Merge pull request #7010 from flamerohr/pulls/4.0/no-path-to-follow
Enhancement show the path which threw the error
2017-06-12 10:36:46 +12:00
Damian Mooyman
0dcfa5fa9d FIX CMSSecurity doesn't have Authenticators assigned. 2017-06-12 10:10:34 +12:00
Christopher Joe
7178caf4a9 Enhancement show the path which threw the error 2017-06-12 10:08:12 +12:00
Simon Erkelens
3fe837dad7 Fix for CMS Authenticator. Should only apply to CMSSecurity 2017-06-10 14:47:53 +12:00
Damian Mooyman
413b4936a1 API Add extension hook to FormField::extraClass() 2017-06-10 14:26:22 +12:00
Damian Mooyman
4733abd79f Merge pull request #7006 from Firesphere/patch-1
FIX Not `CascadeLogInTo` anymore, but `CascadeInTo`
2017-06-10 13:43:48 +12:00
Simon Erkelens
5c4e55b60d It's not CascadeLogInTo anymore, it's CascadeInTo
I'm mildly surprised this didn't break. I changed it to CascadeInTo, as the logout action needs to cascade into the session as well.
2017-06-10 12:58:22 +12:00
Florian Thoma
7648428fdb add extension hoot to FormField::extraClass() 2017-06-10 09:52:22 +10:00
Damian Mooyman
c7f7233c4d Merge pull request #6829 from sminnee/authenticator-refactor
Refactor Authenticators
2017-06-09 16:46:56 +12:00
Damian Mooyman
d89bd15330
Move authentication hooks to SapphireTest 2017-06-09 16:25:40 +12:00
Damian Mooyman
62753b3cb1
Cleanup and RequestFilter refactor 2017-06-09 15:07:35 +12:00
Simon Erkelens
5fce3308b4 Move LostPasswordHandler in to it's own class.
- Moved the Authenticators from statics to normal
- Moved MemberLoginForm methods to the getFormFields as they make more sense there
- Did some spring-cleaning on the LostPasswordHandler
- Removed the BuildResponse from ChangePasswordHandler after spring cleaning
2017-06-08 20:09:57 +12:00
Simon Erkelens
082db89550 Feedback from Damian.
- Move the success and message to a validationresult
- Fix tests for validationresult return
- We need to clear the session in Test logOut method
- Rename to MemberAuthenticator and CMSMemberAuthenticator for consistency.
- Unify all to getCurrentUser on Security
- ChangePasswordHandler removed from Security
- Update SapphireTest for CMS login/logout
- Get the Member ID correctly, if it's an object.
- Only enable "remember me" when it's allowed.
- Add flag to disable password logging
- Remove Subsites coupling, give it an extension hook to disable itself
- Change cascadeLogInTo to cascadeInTo for the logout method logic naming
- Docblocks
- Basicauth config
2017-06-08 17:50:20 +12:00
Loz Calver
c5eeed84e8 Merge pull request #6993 from open-sausages/pulls/3/missing-changelog-notes
Add in missing changelog notes
2017-06-07 16:51:01 +01:00
Simon Erkelens
2b26cafcff Separate out the log-out handling.
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
2017-06-07 21:11:58 +12:00
Sam Minnee
f9ea752bae NEW: Add AuthenticationHandler interface
NEW: Add IdentityStore for registering log-in / log-out data
NEW: Add AuthenticationRequestFilter for managing login
NEW: Add Security:setCurrentUser() / Security::getCurrentUser()
NEW: Add FunctionalTest::logOut()
2017-06-07 21:11:55 +12:00
Simon Erkelens
c4194f0ed2 CMS Login Handling
Move to canLogin in the authentication check. Protected isLockedOut

Enable login to be called with a different login service (CMSLogin), enabling CMS Log in. Seems the styling and/or output is still broken.

logOut could be managed from the Authenticator instead of the member
2017-06-07 21:11:54 +12:00
Sam Minnee
7af7e6719e API: Security.authenticators is now a map, not an array
Authenticators is now a map of keys -> service names. The key is used
in things such as URL segments. The “default_authenticator” value has
been replaced with the key “default” in this map, although in time a
default authenticator may not be needed.
IX: Refactor login() to avoid code duplication on single/multiple handlers
IX: Refactor LoginHandler to be more amenable to extension
IX: Fixed permissionFailure hack
his LoginHandler is expected to be the starting point for other
custom authenticators so it should be easier to repurpose components
`of it.
IX: Fix database-is-ready checks in tests.
IX: Fixed MemberAuthenticatorTest to match the new API
IX: Update security URLs in MemberTest
2017-06-07 21:11:53 +12:00
Sam Minnee
e226b67d06 Refactoring of authenticators
Further down the line, I'm only returning the `Member` on the doLogin, so it's possible for the Handler or Extending Handler to move to a second step.
Also cleaned up some minor typos I ran in to. Nothing major.

This solution works and is manually tested for now. Supports multiple login forms that end up in the correct handler. I haven't gotten past the handler yet, as I've yet to refactor my Yubiauth implementation.

FIX: Corrections to the multi-login-form support.

Importantly, the system provide a URL-space for each handler, e.g.
“Security/login/default” and “Security/login/other”. This is much
cleaner than identifying the active authenticator by a get parameter,
and means that the tabbed interface is only needed on the very first view.

Note that you can test this without a module simply by loading the
default authenticator twice:

SilverStripe\Security\Security:
  authenticators:
    default: SilverStripe\Security\MemberAuthenticator\Authenticator
    other: SilverStripe\Security\MemberAuthenticator\Authenticator

FIX: Refactor delegateToHandler / delegateToHandlers to have less
duplicated code.
2017-06-07 21:11:52 +12:00
Damian Mooyman
7cf7a7094c Merge pull request #7000 from kinglozzer/uploadfield-size-ini
FIX: Upload_Validator failed to fetch max size from PHP ini values (fixes #6999)
2017-06-07 15:48:27 +12:00
Daniel Hensby
856aa79892 Merge pull request #6987 from open-sausages/pull/4.0/3239-consisten-fist-last-returns
Consistent return values for first and last methods
2017-06-06 16:59:04 +01:00
Loz Calver
4ad2cae864
FIX: Upload_Validator failed to fetch max size from PHP ini values (fixes #6999) 2017-06-06 14:28:03 +01:00
Damian Mooyman
8c0ced311f Merge pull request #6998 from AntonyThorpe/StrictFormMethodCheck
Updated Form.php & 04_Form_Security.md  - strictFormMethodCheck to true
2017-06-06 23:06:11 +12:00
Damian Mooyman
057bfdae79 Merge pull request #6991 from jacobbuck/feature/3.6/extend-file-get-url
NEW Add 'updateURL' extension hook to File::getURL()
2017-06-06 21:28:16 +12:00