silverstripe-framework

mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00

Author	SHA1	Message	Date
Robbie Averill	4a9e991edb	Merge branch '3.6' into 3	2018-05-28 17:44:48 +12:00
Robbie Averill	dae8fefb1e	Merge remote-tracking branch 'origin/3.5' into 3.6	2018-05-28 17:43:55 +12:00
Damian Mooyman	5771388821	[ss-2018-001] Restrict non-admins from being assigned to admin groups	2018-05-09 15:12:40 +12:00
Damian Mooyman	f4b13fb2c4	Merge remote-tracking branch 'origin/3.6' into 3 # Conflicts: # model/DataQuery.php	2018-02-05 16:53:15 +13:00
Damian Mooyman	4da99efd5d	Merge remote-tracking branch 'origin/3.5' into 3.6	2018-01-31 16:03:42 +13:00
Daniel Hensby	9103816333	NEW Add php 7.2 support	2018-01-30 16:50:32 +00:00
Damian Mooyman	72e2326731	Merge pull request #7798 from kinglozzer/member-groupset-delete FIX: Fix Member_GroupSet::removeAll() (fixes #3948)	2018-01-25 09:20:30 +13:00
Loz Calver	c2cd6b3832	FIX: Fix Member_GroupSet::removeAll() (fixes #3948 )	2018-01-24 17:17:20 +00:00
Damian Mooyman	50aa1f22a6	Merge branch '3.6' into 3	2017-12-07 13:20:58 +13:00
Damian Mooyman	d6a93f5215	Merge remote-tracking branch 'silverstripe-security/3.5' into 3.6 # Conflicts: # security/Member.php	2017-12-06 17:26:45 +13:00
Damian Mooyman	91cf85087b	Merge remote-tracking branch 'origin/3.5' into 3.6	2017-12-06 17:21:09 +13:00
Damian Mooyman	6ba00e829a	[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt	2017-11-30 15:53:50 +13:00
Daniel Hensby	2ad3cc07d5	FIX Update meber passwordencryption to default on password change	2017-11-23 21:17:31 +00:00
Daniel Hensby	b49d1d7fbd	Merge branch '3.6' into 3	2017-09-28 17:17:19 +01:00
Daniel Hensby	bd7abc73de	Merge branch '3.5.5' into 3.6.2	2017-09-20 16:26:30 +01:00
Daniel Hensby	091d99f599	FIX Authenticators are more resilient to incomplete configuration	2017-09-12 15:57:03 +01:00
Garion Herman	6ad19495a2	Add test coverage for auth failure after TempID expires.	2017-07-27 12:45:35 +01:00
Daniel Hensby	cda7e8dc39	Merge remote-tracking branch 'security/3.5.4' into 3.6.0	2017-05-29 01:29:05 +01:00
Daniel Hensby	f71efb5063	Merge pull request #40 from silverstripe-security/patch/3.4/ss-2017-002 [SS-2017-002] FIX Lock out users who dont exist in the DB	2017-05-28 22:18:56 +01:00
Daniel Hensby	447ce0f84f	[SS-2017-002] FIX Lock out users who dont exist in the DB	2017-05-25 16:14:52 +01:00
Daniel Hensby	85f0650796	Remove unnecessary nesting of config/injector in tests	2017-05-24 16:05:39 +01:00
Robbie Averill	2f6f5b5eff	Do not send the header if it is not defined	2017-01-11 08:26:04 +13:00
Robbie Averill	cb2dcc75f1	Add X-Robots-Tag noindex,nofollow header from Security controller to prevent indexing	2017-01-09 16:13:39 +13:00
Loz Calver	6bf36fbd30	FIX: Correct return type for Member::currentUser()	2016-11-09 14:20:44 +00:00
Daniel Hensby	c35dc508cb	Merge branch '3.3' into 3.4	2016-07-04 23:53:55 +01:00
Damian Mooyman	f1a0aef0d7	BUG fix CMS_ACCESS permission being ignored if in incorrect order in array	2016-06-28 17:45:15 +12:00
Damian Mooyman	4f06a43986	Merge 3.3 into 3 # Conflicts: # admin/javascript/lang/src/cs.js # admin/javascript/lang/src/de.js # admin/javascript/lang/src/en.js # admin/javascript/lang/src/eo.js # admin/javascript/lang/src/es.js # admin/javascript/lang/src/fi.js # admin/javascript/lang/src/fr.js # admin/javascript/lang/src/id.js # admin/javascript/lang/src/id_ID.js # admin/javascript/lang/src/it.js # admin/javascript/lang/src/ja.js # admin/javascript/lang/src/lt.js # admin/javascript/lang/src/mi.js # admin/javascript/lang/src/nb.js # admin/javascript/lang/src/nl.js # admin/javascript/lang/src/pl.js # admin/javascript/lang/src/ro.js # admin/javascript/lang/src/ru.js # admin/javascript/lang/src/sk.js # admin/javascript/lang/src/sl.js # admin/javascript/lang/src/sr.js # admin/javascript/lang/src/sr@latin.js # admin/javascript/lang/src/sr_RS.js # admin/javascript/lang/src/sr_RS@latin.js # admin/javascript/lang/src/sv.js # admin/javascript/lang/src/zh.js # javascript/lang/fr.js # javascript/lang/src/ar.js # javascript/lang/src/cs.js # javascript/lang/src/de.js # javascript/lang/src/en.js # javascript/lang/src/eo.js # javascript/lang/src/es.js # javascript/lang/src/fi.js # javascript/lang/src/fr.js # javascript/lang/src/id.js # javascript/lang/src/id_ID.js # javascript/lang/src/it.js # javascript/lang/src/ja.js # javascript/lang/src/lt.js # javascript/lang/src/mi.js # javascript/lang/src/nb.js # javascript/lang/src/nl.js # javascript/lang/src/pl.js # javascript/lang/src/ru.js # javascript/lang/src/sk.js # javascript/lang/src/sl.js # javascript/lang/src/sr.js # javascript/lang/src/sr@latin.js # javascript/lang/src/sr_RS.js # javascript/lang/src/sr_RS@latin.js # javascript/lang/src/sv.js # javascript/lang/src/zh.js # lang/it.yml	2016-05-11 14:06:23 +12:00
Daniel Hensby	d1751e3310	Merge remote-tracking branch '3.2.4' into 3.3.2	2016-05-05 12:33:21 +01:00
Daniel Hensby	cf29b2c146	Merge remote-tracking branch '3.1.19' into 3.2.4	2016-05-05 11:17:45 +01:00
Daniel Hensby	679185514d	Merge 3.3 into 3 Conflicts: admin/css/screen.css.map	2016-04-26 00:24:59 +01:00
Daniel Hensby	745faebd81	Merge 3.2 into 3.3 Conflicts: .travis.yml	2016-04-26 00:17:09 +01:00
Daniel Hensby	f32c893546	[SS-2016-005] FIX Apply brute force protection to default admin	2016-04-19 23:20:29 +01:00
Roman Schmid	9146450c49	Fix Email test issue discovered in #5271 . Updated/added tests for changed- and forgot-password Emails. Updated fixture and tests to no longer use a real Email address.	2016-04-11 13:46:41 +02:00
Damian Mooyman	e1865151c5	Merge pull request #5098 from bummzack/5086-fix-member-validator Fix for issue #5086	2016-02-26 14:39:53 +13:00
Roman Schmid	f691a5da32	Improve `Member_Validator` to: - properly check for existing members. - allow extensions. - remove old code and replace with new syntax and add config API. Fix issue in Group code where Member_Validator was instantiated via "new" which didn't allow injector overrides. Added unit-tests. Establish a link between the member and the validator for said member.	2016-02-25 16:10:52 +01:00
Damian Mooyman	8c1cafd1a0	Merge remote-tracking branch 'origin/3.3' into 3 # Conflicts: # admin/scss/_forms.scss # admin/scss/_style.scss # admin/scss/_tree.scss # javascript/TreeDropdownField.js	2016-01-19 17:08:26 +13:00
Damian Mooyman	5d240feaec	Merge remote-tracking branch 'origin/3.2' into 3.3	2016-01-19 15:08:24 +13:00
Damian Mooyman	46cbe809ac	Merge remote-tracking branch 'origin/3.1' into 3.2 # Conflicts: # docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md # docs/en/02_Developer_Guides/14_Files/01_Image.md # docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Menu.md # docs/en/03_Upgrading/index.md # docs/en/05_Contributing/01_Code.md # forms/TreeMultiselectField.php # security/Permission.php	2016-01-19 14:00:19 +13:00
Sam Minnee	3ee8f505b7	MINORE: Remove training whitespace. The main benefit of this is so that authors who make use of .editorconfig don't end up with whitespace changes in their PRs. Spaces vs. tabs has been left alone, although that could do with a tidy-up in SS4 after the switch to PSR-1/2. The command used was this: for match in '.ss' '.css' '.scss' '.html' '.yml' '.php' '.js' '.csv' '.inc' '.php5'; do find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" -exec sed -E -i '' 's/[[:space:]]+$//' {} \+ find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" \| xargs perl -pi -e 's/ +$//' done	2016-01-07 10:15:54 +13:00
Daniel Hensby	4335d8ed22	FIX Members with no ID inherit logged in user permission	2016-01-05 08:16:18 +00:00
Damian Mooyman	19b10044ec	Merge remote-tracking branch 'origin/3.2' into 3	2015-12-22 17:05:07 +13:00
Mateusz Uzdowski	5a21b2fb15	BUG Guard against users being added to all groups on unsaved Group. If ->Members()->add() is called on an unsaved group (with ID 0), the collateFamilyIDs() will errorneously return all root Groups thinking it's looking for Groups with ParentID=0. As a result, the Member will be added to all root groups, instead of just the selected group and all its children.	2015-12-11 14:51:51 +13:00
Damian Mooyman	71b8aec306	Merge remote-tracking branch 'origin/3.2' into 3	2015-09-15 13:35:51 +12:00
Damian Mooyman	c4710b2272	Merge remote-tracking branch 'origin/3.1' into 3.2 Conflicts: admin/code/GroupImportForm.php admin/code/MemberImportForm.php tests/model/DataListTest.php	2015-09-15 13:18:47 +12:00
Damian Mooyman	7367cf54c4	[ss-2015-020]: Prevent possible Privilege escalation	2015-09-10 13:01:24 +12:00
Damian Mooyman	f10785350e	Merge remote-tracking branch 'origin/3.2' into 3 Conflicts: docs/en/02_Developer_Guides/02_Controllers/01_Introduction.md	2015-09-09 14:50:47 +12:00
Damian Mooyman	309ac0d196	Merge remote-tracking branch 'origin/3.1' into 3.2 Conflicts: .travis.yml admin/code/CMSProfileController.php admin/tests/LeftAndMainTest.php control/HTTP.php security/Permission.php tests/forms/FormTest.php tests/model/ArrayListTest.php tests/security/PermissionTest.php	2015-09-09 14:35:29 +12:00
Stevie Mayhew	1b57e0ca5b	FEATURE: implement getter and setter usage for response	2015-08-29 10:24:06 +12:00
Daniel Hensby	2d4b743090	FIX Members can access their own profiles in CMS	2015-08-26 15:47:51 +01:00
Daniel Hensby	6eede57ff2	Fix issue where Access All CMS Sections doesnt work	2015-08-20 22:30:43 +01:00

1 2 3 4 5

238 Commits