tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity
23,736 Commits 31 Branches 527 Tags
Commit Graph

357 Commits

Author SHA1 Message Date
Guy Sartorelli
b3b1d07616
ENH Deprecate old password encryptors (#10948) 2023-09-19 18:22:08 +12:00
Sunny Side Up
6c2b5bdbe1
Update src/Security/Member.php 
Co-authored-by: Guy Sartorelli <36352093+GuySartorelli@users.noreply.github.com>
 2023-08-15 17:06:46 +12:00
Sunny Side Up
93d03f71ef
MINOR: set a default password encryption for a member, if no password encryption is set. 2023-08-15 16:29:52 +12:00
github-actions
613dc1620c Merge branch '5.0' into 5 2023-08-09 23:47:19 +00:00
Guy Sartorelli
15e4cbeb7a
Merge branch '4' into 5.0 2023-08-10 11:46:33 +12:00
Steve Boyd
358cbc9ee5 ENH Do not use placeholders by default for foreignIDFilter() 2023-08-09 10:46:08 +12:00
Guy Sartorelli
b90d606427
Merge pull request #10834 from lekoala/patch-36 
SessionAuthenticationHandler doesn't cache member query
 2023-08-03 11:54:50 +12:00
Steve Boyd
d9f40a2e3c Merge branch '4' into 5.0 2023-07-31 11:56:28 +12:00
Steve Boyd
ae1c3bf0a0 Merge branch '4.13' into 5 2023-07-31 11:44:21 +12:00
Steve Boyd
7b21b38ac4 [CVE-2023-32302] Require password field to be non-empty 2023-07-31 11:14:22 +12:00
Andrew Paxley
4b22ab4dfe API deprecate InheritedPermissions::getJoinTable 2023-07-05 16:22:17 +12:00
Andrew Paxley
34019426dd NEW add OnlyTheseMembers Inherited Permission type 2023-07-05 16:22:17 +12:00
Thomas Portelange
6fa71bbf51
ENH avoid multiple calls to records->count() In PermissionCheckboxSetField (#10839) 
these calls are not cached and lead to duplicate queries

Co-authored-by: Michal Kleiner <mk@011.nz>
 2023-07-04 13:34:12 +12:00
Thomas Portelange
9391e696bb
use Member::class 2023-06-23 09:35:34 +02:00
Thomas Portelange
2e73b5eeca
Use cached query 
Fixes https://github.com/silverstripe/silverstripe-framework/issues/10833
 2023-06-22 11:04:26 +02:00
Steve Boyd
8cee451d41 Merge branch '5.0' into 5 2023-06-12 14:08:03 +12:00
Sabina Talipova
f88b7c3c2b
FIX Duplicate page keeps original pages canView and canEdit permission (#10806) 2023-06-12 13:29:06 +12:00
Nicolaas / Sunny Side Up
675ba90280
FIX fix issue where member without valid email can not be saved 
It is possible to have a member record without a valid email address. In this case, you can not save Member as it throws an error (email is tried being sent without a valid email address).
 2023-06-09 15:29:54 +12:00
Guy Sartorelli
37937b7123
Merge pull request #10751 from xini/patch-7 
make Group use tri-state can* extension hooks, fixes #9580
 2023-05-08 11:22:35 +12:00
Guy Sartorelli
1c2e1f86a5
Merge pull request #10763 from sunnysideup/patch-25 
MINOR: faster checking if record exists
 2023-05-05 13:12:06 +12:00
Nicolaas / Sunny Side Up
9660652fbc
MINOR: faster checking if record exists 
Rather than using a loop through each object, we just filter for it in the SQL query.  This is likely to speed up the code and also make it more legible.
 2023-04-28 09:40:12 +12:00
Guy Sartorelli
7efde6bf37
Merge branch '4' into 5.0 2023-04-27 14:43:38 +12:00
Florian Thoma
41c4b4ee02 make Group use tri-state can* extension hooks, fixes #9580 2023-04-11 10:18:21 +10:00
Florian Thoma
cd946b6c80
Group visibility for SITETREE_GRANT_ACCESS permissions 
Make groups visible if member has SITETREE_GRANT_ACCESS permissions, otherwise the dropdown for selecting the group is empty
 2023-04-05 16:33:41 +10:00
Sabina Talipova
5236b0a9df
Merge pull request #10666 from creative-commoners/pulls/5/security-extensions 
NEW migrate functionality from security-extensions module
 2023-02-07 13:50:56 +13:00
Guy Sartorelli
fecb7ba4d8
NEW Add sudo mode service 2023-02-07 13:36:42 +13:00
Guy Sartorelli
8ddedb038e
NEW Allow admins to require password reset for members 
This came from silverstripe/silverstripe-security-extensions
 2023-02-07 13:36:21 +13:00
Steve Boyd
a74e9d3ecd Merge branch '4' into 5 2023-02-03 10:14:36 +13:00
Steve Boyd
23efed1802 Merge branch '4.12' into 4 2023-02-02 16:20:00 +13:00
Guy Sartorelli
826028082b
FIX Sort without specifying a table name (#10675) 
Using a table name in sort() is not allowed in CMS 5. We could use
orderBy() here but member is the table it will sort on by default anyway
so there's no need.

Also added unit tests, which should have caught this ages ago.
 2023-02-01 13:52:13 +13:00
Guy Sartorelli
dca4e0bcb8
FIX Remove unused action from allowed_actions (#10672) 
This action was used in CMS 3, but has since been replaced with
/Security/lostpassword/passwordsent which is a separate set of actions.
 2023-01-31 13:59:12 +13:00
Thomas Portelange
3e5d99dedc
Prevent backslash in class name 
since the default code is using get_called_class, you can end up with \ in the class name which is an escape character for css selectors
this update convert for example

even valCMS_ACCESS_SilverStripe\VersionedAdmin\ArchiveAdmin
to
even valCMS_ACCESS_SilverStripe-VersionedAdmin-ArchiveAdmin

ArchiveAdmin class should probably implement     private static $required_permission_codes = 'CMS_ACCESS_ArchiveAdmin '; also
 2023-01-30 10:26:22 +01:00
Steve Boyd
77301408d8 MNT Remove legacy upgrader config 2023-01-20 17:05:41 +13:00
Steve Boyd
700288d5ca FIX Cast absoluteUrl() argument to string 2022-12-14 11:24:42 +13:00
Steve Boyd
55f8fce12b MNT Linting 2022-12-08 17:12:32 +13:00
Sabina Talipova
53c0147f11
API Remove deprecated code (#10594) 2022-12-08 10:44:47 +13:00
Steve Boyd
ae4d7fa090 API Create orderBy() method to handle raw SQL 2022-12-07 12:25:58 +13:00
Steve Boyd
b5533e4680 API Stop using deprecated API 2022-11-28 19:16:31 +13:00
Sabina Talipova
a52c7795c7 Merge branch '4' into 5 2022-11-22 11:41:53 +13:00
Guy Sartorelli
8e16b57646
Merge branch '4' into 5 2022-11-21 18:13:01 +13:00
Sabina Talipova
ad116c63e6
Merge pull request #10565 from creative-commoners/pulls/4/stop-depr 
API Stop using deprecated API
 2022-11-16 14:26:18 +13:00
Steve Boyd
137ebcebec API Stop using deprecated API 2022-11-15 18:20:54 +13:00
Guy Sartorelli
ed63beeeee
Merge branch '4.11' into 4 2022-11-09 10:53:09 +13:00
Steve Boyd
9091d64652 API Deprecate Member::create_new_password() 2022-11-02 10:08:27 +13:00
Steve Boyd
a3c1cb0ddf
ENH Set PasswordEncryption on default admin 2022-10-27 13:57:27 +13:00
Steve Boyd
6e9d3ab632 Merge branch '4' into 5 2022-10-21 12:00:39 +13:00
Guy Sartorelli
919cfcf435
Merge pull request #10494 from creative-commoners/pulls/5/symfony-mailer 
NEW Migrate from swiftmailer/swiftmailer to symfony/mailer
 2022-10-19 15:52:31 +13:00
Steve Boyd
2e85674ccc NEW Migrate from swiftmailer/swiftmailer to symfony/mailer 2022-10-19 15:16:14 +13:00
Steve Boyd
a57c7315a2 API Strongly-type action method signatures 2022-10-17 17:58:20 +13:00
Steve Boyd
9c453abf89 API Update deprecations 2022-10-13 14:49:15 +13:00