Commit Graph

265 Commits

Author SHA1 Message Date
UndefinedOffset
bba0f2f72f
BUGFIX: Fixed issue where TimeField_Readonly would only show "(not set)" instead of the value 2020-02-24 09:59:00 -04:00
Maxime Rainville
acd7d94167 Merge branch '4.4' into 4.5 2020-02-17 13:07:26 +13:00
Serge Latyntcev
ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Serge Latyntcev
91e4aa90f1 Merge branch '4.4' into 4.5 2019-11-20 11:09:23 +13:00
Serge Latyntcev
8219491705 Merge branch '4.3' into 4.4 2019-11-20 11:08:35 +13:00
Garion Herman
ea2a2b4786 FIX Adjust HTMLEditorField tests to support alt attr changes in assets
The default behaviour of the alt attribute has changed from using the
filename to applying an empty value.
2019-11-14 12:04:37 +13:00
Damian Mooyman
e76601e5c8
BUG FormAction title property cannot be set if useButtonTag is false 2019-10-29 17:21:45 +13:00
Garion Herman
17f4cc6e30
Merge pull request #9281 from creative-commoners/pulls/4/textfield-tip-ui
NEW: Add support for Tip UI in TextField
2019-10-23 16:50:43 +13:00
Garion Herman
bed3f2b3c6 NEW Add type declarations to Tip API, add TippableFieldInterface 2019-10-23 10:46:22 +13:00
Garion Herman
195417b061 NEW Extract Tip from TextField, add test coverage 2019-10-22 17:04:58 +13:00
Maxime Rainville
e59625fe5a
NEW Add ability to define image size preset for the TinyMCE editor. (#9276)
* NEW Add ability to define image size preset for the TinyMCE editor.
* DOC Explain how to define image size pre-sets
2019-10-22 11:50:28 +13:00
Dylan Wagstaff
047ac060c4
Merge pull request #9265 from emteknetnz/feature/noopener
Add noopener attribute to links with a target
2019-10-03 14:42:50 +13:00
Steve Boyd
887f198b07 Add rel attribute to link elements with a target attribute 2019-10-03 14:03:12 +13:00
Aaron Carlino
b3093b7a1a BUGFIX: Allow state to be shared across nested GridFields 2019-08-07 23:09:51 +12:00
Saophalkun Ponlu
6a8c6703d1 Remove use_gzip from HTMLEditorField since it's been removed by TinyMCE codebase (#7261)
* Remove `use_gzip` from HTMLEditorField

* DOCS Mention remove use_gzip in changelog
2019-06-21 09:27:48 +12:00
Sam Minnée
654156d46d FIX: Fix bug when confirmed password is changed but not the password. (#9012)
In this case the confirmed password field is not reflected. It’s 
unclear how often this situation would arise outside of test scenarios,
but may come up if $form->loadDataFrom() is called more than once.

Fixes #2496 (it’s a minor issue but I think this is why Dan flagged it
as a regression). Originally introduced as part of Dan’s initial fix
at 2a6f1f1949.
2019-06-10 15:48:29 +12:00
Guy Marriott
f97ca26e76
Merge pull request #9014 from sminnee/fix-4142
FIX: List default items in the readonly view of ListboxField
2019-05-27 20:13:20 +12:00
Sam Minnee
7407096e99 FIX: List default items in the readonly view of ListboxField
Adds tests for non-readonly default items too.

Fixes #4142
2019-05-27 17:47:09 +12:00
Sam Minnee
2c71daacfe MINOR: Add tests for GroupedDropdownField empty strings
These bugs were never present in SS4 as the relevant code had a
substantial rewrite at the same time they were introduced in SS3.
In SS3, test C still fails.

Fixes #4705
Fixes #4987
Fixes #4793
2019-05-27 17:46:03 +12:00
Guy Marriott
cc1fdf603b
Resolve incorrect empty string assertion in tests 2019-04-17 13:29:54 +12:00
Robbie Averill
d00c59c383 Fix tests not loading fixtures and loading themes in CWP recipe kitchen sink 2019-01-28 13:34:52 +02:00
Robbie Averill
d8cd085190 Merge branch '4.3' into 4 2019-01-24 17:14:09 +02:00
Robbie Averill
e087e564e1 Fix tests not loading fixtures and loading themes in CWP recipe kitchen sink 2019-01-24 16:45:38 +02:00
Robbie Averill
7c96feef37 Merge branch '4.3' into 4 2019-01-08 12:27:48 +01:00
Robbie Averill
394dd4765c NEW Scaffolded field labels now only have an uppercased first word 2019-01-07 17:52:28 +01:00
Maxime Rainville
7d1aa44786
Merge pull request #8654 from creative-commoners/pulls/4.3/password-complexity-test-fixes
Update tests to pass in CWP kitchen sink context
2018-12-13 16:50:25 +13:00
Robbie Averill
5d7c5ffb07 Merge branch '4.3' into 4 2018-12-06 09:40:40 +00:00
Robbie Averill
08866f89d9 Merge branch '4.2' into 4.3 2018-12-06 09:40:05 +00:00
Robbie Averill
96bd17d469 Merge branch '4.1' into 4.2 2018-12-06 09:38:45 +00:00
Robbie Averill
3f532466d1 Merge branch '4.0' into 4.1 2018-12-06 09:37:52 +00:00
Robbie Averill
1ac36611a6 Update tests to pass in CWP kitchen sink context 2018-12-02 23:04:34 +00:00
Serge Latyntcev
4ee63eb4e7 TreeMultiselectFieldTest / make scrutinizer happy 2018-11-29 12:13:56 +13:00
Serge Latyntcev
38f8217f01 TreeMultiselectFieldTest / setUp is protected in PHPUnit5 2018-11-29 09:55:28 +13:00
Robbie Averill
1f1c344272 Merge branch '4.3' into 4
# Conflicts:
 #	tests/php/Forms/ConfirmedPasswordFieldTest.php
2018-11-26 12:15:17 +01:00
Serge Latyntcev
f526c794fc Minor / Refactor php tests for TreeMultiselectField 2018-11-23 16:03:44 +13:00
Serge Latyntcev
9ce6d91b76 FIX / TreeMultiselectField::objectForKey handles list of IDs correctly 2018-11-22 12:11:18 +13:00
Maxime Rainville
d74af1c17e FIX Explicity mark nodes when searching nodes in TreeDropdownField #8621 2018-11-21 11:43:21 +13:00
Serge Latyntcev
80885fc231 ADD php test TreeMultiselectField::testEmptyChoiceReadonly 2018-11-20 16:45:23 +13:00
Robbie Averill
7d1d6d0f7b FIX Ensure that tests setting passwords have stubbed configuration 2018-11-14 11:54:17 +02:00
Guy Marriott
b2dd22fb50
Merge pull request #8506 from creative-commoners/pulls/4.3/all-the-unit-tests
NEW Adding a stack more unit tests for logging and some form fields
2018-11-11 10:31:24 +13:00
Robbie Averill
bab84f31dc Remove underscores from variable test class names 2018-11-10 14:55:11 +02:00
Robbie Averill
eba92d77df Rename CheckboxFieldReadonlyTest for future PSR-2 compatibility 2018-11-10 10:04:17 +02:00
Loz Calver
bbb208e1dd
Merge pull request #8499 from sminnee/fix-1489
FIX: CheckboxSetField can now save into DBMultiEnum
2018-11-09 10:40:55 +01:00
Robbie Averill
64c2938c96 Merge branch '4.3' into 4 2018-11-06 11:05:22 +01:00
Sam Minnee
76255c9fb5 FIX: CheckboxSetField can now save into DBMultiEnum
Fixes https://github.com/silverstripe/silverstripe-framework/issues/1489
2018-11-05 17:40:28 +13:00
Luke Edwards
8866e7674a BUG: Fix duplicate plugins on HTML editor fields (#8559)
* BUG: Fix duplicate plugins on HTML editor fields

* Add new test
2018-11-02 12:26:53 +13:00
Robbie Averill
b02a6fa02d FIX Replace usage of Convert JSON methods with json_encode 2018-10-28 21:15:29 +00:00
Robbie Averill
bea4101e21 Add tests for DisabledTransformation, PrintableTransformation and PrintableTransformation_TabSet 2018-10-20 20:06:02 +02:00
Robbie Averill
449b2cf291 Add tests for DefaultFormFactory 2018-10-20 19:47:11 +02:00
Robbie Averill
fd50ce6295 Add more edge case tests for disabled DateFields and DatetimeField 2018-10-20 18:29:07 +02:00
Robbie Averill
97209bc919 Add edge case unit tests for DateField 2018-10-20 18:15:42 +02:00
Robbie Averill
0e2847e289 Add tests for DatalessField 2018-10-20 17:59:55 +02:00
Robbie Averill
c06cf4820e BUG Readonly and disabled CurrencyFields no longer always returns dollar currency sign, now respect config 2018-10-20 17:47:16 +02:00
Robbie Averill
d56bad7568 Add tests for edge cases in CurrencyField 2018-10-20 17:33:59 +02:00
Robbie Averill
8929b8204f More validation tests for ConfirmedPasswordField 2018-10-20 17:21:25 +02:00
Robbie Averill
c418ee2915 NEW Add getters and setters for public properties in ConfirmPasswordField, add tests
Some of the validation parts of ConfirmPasswordField are previously untested, this adds tests
2018-10-20 16:43:49 +02:00
Robbie Averill
60b375d995 Add more tests for CheckboxField_Readonly and CompositeField, improve PHPDocs 2018-10-20 15:44:23 +02:00
Robbie Averill
46c50577a4 Expect BEM class names in tests, fix PSR-2 line lengths, add ArrayList import 2018-10-11 12:04:23 +02:00
Maxime Rainville
250d925810 MINOR Update CompositeField::__construct to call setChildren #8460 2018-10-11 15:25:34 +13:00
Maxime Rainville
2e2ca5a4a7 Make sure LazyLoader still woks after a readonly transofrmation (#8460) 2018-10-11 11:56:39 +13:00
Maxime Rainville
fdb53311ba Fix linting issue. 2018-10-09 17:32:42 +13:00
Maxime Rainville
a13a2cdd40 Add unit test for FieldList::getContainerField() 2018-10-09 17:32:42 +13:00
Maxime Rainville
51ba787ffb Finish writting unit test for GridFieldLazyLoader. 2018-10-09 17:32:42 +13:00
Sam Minnee
8c7459a708 FIX: Fix CompositeField test that relied on a DropdownField bug
A DropdownField without a source no longer returns a validation
error.
2018-10-06 19:14:34 +13:00
Sam Minnee
e5d3b28a4d FIX: Don’t break validation on selects without a source.
Fixes cases where there are no valid values or an empty-string
value is manually added rather than using setEmptyString()

Fixes #4849
Fixes #7159
2018-10-06 11:53:17 +13:00
Robbie Averill
ee24413c30 Merge branch '4.2' into 4 2018-10-03 15:28:05 +02:00
Robbie Averill
d74fed554a
Merge pull request #8427 from sminnee/fix-1397
FIX: Append any fields that don’t match name in insertBefore/insertAfter
2018-10-03 13:22:23 +02:00
Sam Minnee
71dad5f685 FIX: Append any fields that don’t match name in insertBefore/insertAfter
Previous behaviour was to return false, which has been described as
a confusing bug on https://github.com/silverstripe/silverstripe-framework/issues/1397
where the issue was identified.
2018-10-02 10:39:48 +13:00
Robbie Averill
bfe2a7b7e6 Update testSearchFieldSchema to expect namespaced search fields 2018-10-01 12:44:19 +02:00
Luke Edwards
3fc49dd4ce Lint fixes and allow a few other components by default 2018-09-20 13:32:52 +12:00
Maxime Rainville
cc22024e9a ADD New search component for GridFields (#1777) 2018-09-04 11:35:17 +12:00
Simon Gow
4c3a068859 Issue 3357 - Add GridField Readonly Transformation
GridField doesn't have a valid readonly state if it's value is set to an Object
without `forTemplate()`. The default behaviour is to render a ReadonlyField,
but given GridField is a complex type this isn't suitable.

This bugfix provides a transformation method to render only components that are
whitelisted to provide a readonly state.

@see #3357 - https://github.com/silverstripe/silverstripe-framework/issues/3357
2018-08-29 14:47:06 +12:00
Luke Edwards
6164d01d65 FIX GridField delete button to offer archive action if possible (#8325)
* FIX GridField delete button to offer archive action if possible

* Refactor archive action to versioned module

* Fix GridFieldDeleteAction test
2018-08-24 13:13:32 +12:00
Daniel Hensby
cc0320b2a7
Merge branch '4.2' into 4 2018-07-23 17:42:43 +01:00
Daniel Hensby
921b98112e
Merge pull request #8262 from open-sausages/pulls/4/falsifying-tab-evidence
MINOR removeField(s)FromTab no longer creates a tab if it doesn't exist
2018-07-16 17:26:41 +01:00
Robbie Averill
b93e94c0c3
FIX FormField::Link now throws a LogicException if no form is set yet 2018-07-16 13:02:58 +01:00
Daniel Hensby
1a634f5ba6
Merge pull request #8244 from altwohill/column-not-distinct
Make column query not distinct
2018-07-16 13:01:32 +01:00
Al Twohill
3292a8b773
NEW Add columnUnique API SS_List classes. 2018-07-16 12:16:17 +01:00
Luke Edwards
c8b338b0a3 Add findTab test 2018-07-16 11:59:08 +12:00
Robbie Averill
12cc2c68a5
Merge pull request #8023 from silverstripe-terraformers/feature/lookup_field_set_value_fix
LookupField value handling corrected
2018-06-19 21:37:36 +12:00
Damian Mooyman
cfc3b851e7
Merge remote-tracking branch 'origin/4.1' into 4.2
# Conflicts:
#	lang/sv.yml
2018-06-19 17:20:25 +12:00
Maxime Rainville
3f80e2dc67 FIX Don't reload form session data using FormField::setSubmittedValue… (#8184) 2018-06-19 11:27:09 +12:00
Robbie Averill
5fa5abf295 Merge branch '4.1' into 4
# Conflicts:
  #	src/Forms/DateField.php
2018-06-15 11:52:07 +12:00
Damian Mooyman
c414388220
FIX DatetimeFieldTest 2018-06-14 18:14:12 +12:00
Damian Mooyman
6c985c4e5f
Merge remote-tracking branch 'origin/4.1' into 4 2018-06-13 11:25:20 +12:00
Daniel Hensby
ce58890baf
Merge branch '4.0' into 4.1 2018-06-11 09:27:42 +01:00
Damian Mooyman
77a45c0dbc
Merge remote-tracking branch 'origin/4.1' into 4
# Conflicts:
#	src/Forms/HTMLEditor/HTMLEditorSanitiser.php
#	src/ORM/DataObjectSchema.php
#	src/ORM/Queries/SQLSelect.php
#	src/View/Parsers/ShortcodeParser.php
2018-06-11 10:19:04 +12:00
Maxime Rainville
582c69d32f
BUG Fix issue with Disabled DateField always display (not set). 2018-06-08 13:51:22 +01:00
Aaron Carlino
31ad3cdaab
BUGFIX: Allow buttons to opt out of display (#8113)
* Allow buttons to opt out of display

* Linting

* Remove redundant function call

* Add test for group delete action

* Add menu group check and test for delete action

* Fix linting
2018-06-06 21:14:29 +12:00
Robbie Averill
8064ed8220 FIX Minor updates to unit tests to pass with HTML5 parser and various themes 2018-06-01 17:47:03 +12:00
Luke Edwards
385e9e105c Create GridField Actions Menu component (#8083)
* WIP GridField action menu work, the gist of the idea is using a new gridfield component

* Add delete action to actions menu

* Actions are added automatically to action menu (allows for extension)

* Add test and minor changes

* Add docs and minor changes

* Refactor ActionMenuItem into distinct types, general ActionMenu cleanup

* Add icons and fix title

* Pass columnName, so it can be used by components

* Update test to open and find action menu buttons

* Add section in changelog upgrade section for GridField_ActionMenu
2018-05-29 16:10:52 +12:00
Robbie Averill
ea16e28aa7 Merge branch '4.1' into 4 2018-05-28 18:33:56 +12:00
Robbie Averill
6d98a912c9 Merge branch 'heads/4.1.1' into 4.1 2018-05-28 18:26:20 +12:00
Robbie Averill
3a537bc745 Merge branch 'heads/4.0.4' into 4.0 2018-05-28 17:50:07 +12:00
Robbie Averill
722202fef4 Merge remote-tracking branch 'origin/4.0.4' into 4.1.1
# Conflicts:
  #	src/Control/Director.php
2018-05-24 15:41:11 +12:00
Aaron Carlino
f847f186b1 [ss-2018-013] Remove password text from session data on failed submission 2018-05-14 17:14:38 +12:00
Mojmir Fendek
07372d388e LookupField value handling corrected (atomic values are no longer thrown away). 2018-04-23 15:15:40 +12:00
Robbie Averill
af2c3886b9 Merge branch '4.1' into 4 2018-04-10 16:27:00 +12:00
Will Rossiter
09cc75a656 MINOR Add visiblity to SelectionGroup test functions 2018-04-05 10:33:27 +12:00
Will Rossiter
2512761587 Fix invalid markup in SelectionGroup selected values 2018-04-05 10:16:25 +12:00