Commit Graph

1170 Commits

Author SHA1 Message Date
Ingo Schommer
74b655d3fc
Fix tests on unset session data
Thanks Robbie!
2018-07-23 14:09:42 +01:00
Ingo Schommer
76ac8465de
BUG Lazy session state (fixes #8267)
Fixes regression from 3.x, where sessions where lazy started as required:
Either because an existing session identifier was sent through with the request,
or because new session data needed to be persisted as part of the request execution.

Without this lazy starting, *every* request will get a session,
which makes all those responses uncacheable by HTTP layers.

Note that 4.x also changed the $data vs. $changedData payloads:
In 3.x, they both contained key/value pairs.
In 4.x, $data contains key/value, while $changedData contains key/boolean to declare isChanged.
While this reduces duplication in the class, it also surfaced a bug which was latent in 3.x:
When an existing session is lazily resumed via start(), $data is set back to an empty array.
In 3.x, any changed data before this point was *also* retained in $changedData,
ensuring it gets merged into existing $_SESSION data.
In 4.x, this clears out data - hence the need for a more complex merge logic.

Since isset($this->data) is no longer an accurate indicator of a started session,
we introduce a separate $this->started flag.

Note that I've chosen not to make lazy an opt-in (e.g. via start($request, $lazy=false)).
We already have a distinction between lazy starting via init(), and force starting via start().
2018-07-23 14:09:42 +01:00
Daniel Hensby
e37b3b95f4
FIX updateValidatePassword calls need to be masked from backtraces 2018-07-23 14:08:26 +01:00
Daniel Hensby
a3687147fe
State default should be state enabled (no-cache is an enabled state) 2018-07-23 14:07:10 +01:00
Daniel Hensby
9f1471332d
Make augmentState method more efficient 2018-07-23 14:07:10 +01:00
Daniel Hensby
cebed776ab
FIX If theres a max-age set remove no-cache and no-store 2018-07-23 14:07:09 +01:00
Daniel Hensby
2b1c55bc4e
FIX Allow setNoCache(false) to remove no-cache directive 2018-07-23 14:07:09 +01:00
Daniel Hensby
842b39e988
FIX Add must-revalidate to default state so its common on all our core states 2018-07-23 14:07:09 +01:00
Daniel Hensby
997730aa7f
FIX Allow cache control changes to affect default state 2018-07-23 14:07:08 +01:00
Daniel Hensby
c52be7fe09
Consolidate disabling cache logic 2018-07-23 14:05:12 +01:00
Daniel Hensby
f7f567a12e
Make config private (notation isnt working) 2018-07-23 14:05:12 +01:00
Daniel Hensby
b78a89a76c
FIX Default cache state should be no-cache 2018-07-23 14:05:12 +01:00
Daniel Hensby
793aafae91
FIX Transaction depth should error if not implemented by child classes 2018-07-23 14:03:20 +01:00
Robbie Averill
1048520fbe
Restore check for zero or negative transaction nesting 2018-07-23 14:01:22 +01:00
Daniel Hensby
cbdf547c1b
Address feedback 2018-07-23 14:01:22 +01:00
Damian Mooyman
8ea3bb36a0
Maybe fix it? 2018-07-23 14:01:21 +01:00
Damian Mooyman
225e61dc67
BUG FIx manual resetDBSchema() calls breaking the database 2018-07-23 14:01:21 +01:00
Damian Mooyman
11e0a3de43
BUG Ensure that build includes extra classes 2018-07-23 14:01:21 +01:00
Damian Mooyman
95bcac796a
ENHANCEMENT Ensure test DB is flushed on either DDL or transaction-disabled tests
Fixes #8182
2018-07-23 14:01:20 +01:00
Daniel Hensby
b984959170
Merge branch '4.1' into 4.2 2018-07-23 13:30:49 +01:00
Ingo Schommer
e415bcb44a Fix tests on unset session data
Thanks Robbie!
2018-07-19 13:32:08 +12:00
Ingo Schommer
93b0884e19 BUG Lazy session state (fixes #8267)
Fixes regression from 3.x, where sessions where lazy started as required:
Either because an existing session identifier was sent through with the request,
or because new session data needed to be persisted as part of the request execution.

Without this lazy starting, *every* request will get a session,
which makes all those responses uncacheable by HTTP layers.

Note that 4.x also changed the $data vs. $changedData payloads:
In 3.x, they both contained key/value pairs.
In 4.x, $data contains key/value, while $changedData contains key/boolean to declare isChanged.
While this reduces duplication in the class, it also surfaced a bug which was latent in 3.x:
When an existing session is lazily resumed via start(), $data is set back to an empty array.
In 3.x, any changed data before this point was *also* retained in $changedData,
ensuring it gets merged into existing $_SESSION data.
In 4.x, this clears out data - hence the need for a more complex merge logic.

Since isset($this->data) is no longer an accurate indicator of a started session,
we introduce a separate $this->started flag.

Note that I've chosen not to make lazy an opt-in (e.g. via start($request, $lazy=false)).
We already have a distinction between lazy starting via init(), and force starting via start().
2018-07-19 13:32:04 +12:00
Daniel Hensby
921b98112e
Merge pull request #8262 from open-sausages/pulls/4/falsifying-tab-evidence
MINOR removeField(s)FromTab no longer creates a tab if it doesn't exist
2018-07-16 17:26:41 +01:00
Gerald Baumeister
df5395b101 Added check for php-intl requirement 2018-07-16 18:08:25 +02:00
Loz Calver
b317bf163c
Merge pull request #8213 from creative-commoners/pulls/4.2/falsy-forms
FIX FormField::Link works when no form is currently set
2018-07-16 13:53:58 +01:00
Robbie Averill
b93e94c0c3
FIX FormField::Link now throws a LogicException if no form is set yet 2018-07-16 13:02:58 +01:00
Daniel Hensby
1a634f5ba6
Merge pull request #8244 from altwohill/column-not-distinct
Make column query not distinct
2018-07-16 13:01:32 +01:00
Al Twohill
3292a8b773
NEW Add columnUnique API SS_List classes. 2018-07-16 12:16:17 +01:00
Al Twohill
91068c23b5
FIX Make column query not distinct
When selecting a column, it doesn't  make sense to have it distinct.

As an alternative, the API could be changed to give the end user the option
(eg `->column($field, $distinct = false)`)
However if we did that, we would need to make sure we do something
similar with `SilverStripe\ORM\UnsavedRelationList` to ensure consistency.
2018-07-16 11:38:41 +01:00
Loz Calver
106ca6643a
Merge pull request #8263 from dhensby/pulls/4.1/mask-backtrace
FIX updateValidatePassword calls need to be masked from backtraces
2018-07-16 10:30:22 +01:00
Damian Mooyman
c6952b46c4
Merge pull request #8245 from dhensby/pulls/4.2/http-cache-fixes
HTTPCacheControlMiddleware fixes
2018-07-16 13:13:12 +12:00
Robbie Averill
d122995652 FIX Duplicate config values for cascade_duplicates no longer duplicate their duplicates
Previously you could define identical values for this config prop via a DataExtension and on the base
class, resulting in double duplication
2018-07-16 12:04:56 +12:00
Daniel Hensby
8703839eb1
FIX updateValidatePassword calls need to be masked from backtraces 2018-07-15 01:06:45 +01:00
Daniel Hensby
ac5c3416a4
Merge branch '4.2' into 4 2018-07-13 17:06:51 +01:00
Daniel Hensby
bd2abc7a12
Merge branch '4.1' into 4.2 2018-07-13 16:44:23 +01:00
Daniel Hensby
ec9281ee02
Merge branch '4.0' into 4.1 2018-07-13 16:42:00 +01:00
Luke Edwards
7ed056ec50 MINOR removeField(s)FromTab no longer creates a tab if it doesn't exist 2018-07-13 14:18:04 +12:00
Luke Edwards
599a4420bf FIX Improve GridFieldViewButton to work with new Archive Admin (#8240)
* Add gridfield restore action, enable view button in action menu

* Abstract restore action and create test

* Use more appropriate canRestoreToDraft and isArchived, move translations

* Use Hierarchy to determine if a record should be restored to root

* Move restore action to versioned
2018-07-13 10:45:13 +12:00
Daniel Hensby
4acec33562
FIX Fixed bug in config merging priorities so that config values set by extensions are now least important instead of most important 2018-07-12 00:55:39 +01:00
Daniel Hensby
fd8448889c
State default should be state enabled (no-cache is an enabled state) 2018-07-10 16:58:08 +01:00
Daniel Hensby
601bb4d768
Make augmentState method more efficient 2018-07-10 16:58:07 +01:00
Daniel Hensby
399ebd0031
FIX If theres a max-age set remove no-cache and no-store 2018-07-10 16:58:07 +01:00
Harsh Chokshi
6af736a9e1 Change DBCurrency scaffolded form field to CurrencyField (fixes #8246)
Add test ensuring DBCurrency scaffolds CurrencyField
2018-07-09 10:57:01 +12:00
Ingo Schommer
2e6f29fea0
Merge pull request #8223 from dhensby/pulls/4.0/remove-email-from-pswdrecovery
FIX remove personal information from password reset confirmation screen
2018-07-06 11:27:03 +12:00
Daniel Hensby
92f5ef31d8
FIX Allow setNoCache(false) to remove no-cache directive 2018-07-05 22:51:39 +01:00
Daniel Hensby
18b7dc235a
FIX Add must-revalidate to default state so its common on all our core states 2018-07-05 22:51:03 +01:00
Daniel Hensby
9e829c1607
FIX Allow cache control changes to affect default state 2018-07-05 22:50:35 +01:00
Daniel Hensby
560fe9820a FIX remove personal information from password reset confirmation screen 2018-07-05 14:19:15 +12:00
Luke Edwards
fbf30ee747 Message reflect previous return type change 2018-07-04 10:55:20 +12:00
Daniel Hensby
3116b1f97c
Consolidate disabling cache logic 2018-07-02 15:13:46 +01:00
Daniel Hensby
b9b1a74b92
Make config private (notation isnt working) 2018-07-02 13:54:11 +01:00
Daniel Hensby
e4ef83bd2a
FIX Default cache state should be no-cache 2018-07-02 13:33:36 +01:00
Luke Edwards
9ee84fd515 MINOR: DataObject->fieldLabels() will only return an array 2018-07-02 13:53:59 +12:00
Robbie Averill
a39a221c4c Merge branch '4.2' into 4 2018-06-25 13:45:03 +12:00
Daniel Hensby
27b60ae989
FIX Transaction depth should error if not implemented by child classes 2018-06-21 14:26:21 +01:00
Robbie Averill
df257686c1 Restore check for zero or negative transaction nesting 2018-06-20 14:46:50 +12:00
Daniel Hensby
d8430f549d Address feedback 2018-06-20 14:46:50 +12:00
Damian Mooyman
6da72d686f Maybe fix it? 2018-06-20 14:46:50 +12:00
Damian Mooyman
a116b5dad8 BUG FIx manual resetDBSchema() calls breaking the database 2018-06-20 14:46:50 +12:00
Damian Mooyman
f2c2ded27f BUG Ensure that build includes extra classes 2018-06-20 14:46:50 +12:00
Damian Mooyman
fbfd454d65 ENHANCEMENT Ensure test DB is flushed on either DDL or transaction-disabled tests
Fixes #8182
2018-06-20 14:46:50 +12:00
Robbie Averill
7d90a14f37 NEW Shift Embeddable and EmbedResource from asset-admin, lazy load Embed to allow injected dependencies (#8194) 2018-06-20 11:40:28 +12:00
Robbie Averill
725212a707 FIX Allow dispatcher in Embed to be configured with injector (#8192) 2018-06-20 11:37:35 +12:00
Daniel Hensby
a7a45559f0
Merge pull request #8188 from gelysis/array-lib
Tweaks on the ArrayLib class
2018-06-19 15:06:39 +01:00
Robbie Averill
12cc2c68a5
Merge pull request #8023 from silverstripe-terraformers/feature/lookup_field_set_value_fix
LookupField value handling corrected
2018-06-19 21:37:36 +12:00
Damian Mooyman
82634bf08c
Merge remote-tracking branch 'origin/4.2' into 4 2018-06-19 17:20:49 +12:00
Damian Mooyman
cfc3b851e7
Merge remote-tracking branch 'origin/4.1' into 4.2
# Conflicts:
#	lang/sv.yml
2018-06-19 17:20:25 +12:00
Maxime Rainville
3f80e2dc67 FIX Don't reload form session data using FormField::setSubmittedValue… (#8184) 2018-06-19 11:27:09 +12:00
Ingo Schommer
39a86e6d92
Merge pull request #8195 from dhensby/pulls/4.2/cache-default
FIX Default cache state should be `no-cache`
2018-06-19 11:15:57 +12:00
Daniel Hensby
2f1c2992f8
FIX Default cache state should be no-cache 2018-06-18 21:45:38 +01:00
Aaron Carlino
05edb372f1 Revise per tractorcow review 2018-06-18 16:00:17 +12:00
jovenden
b0863fee91 Ensure tables are properly named on dontRequireTable() 2018-06-18 16:00:17 +12:00
Andreas Gerhards
59fe36ba04 Tweaked the other flattening method as well, allowing keys to be preserved 2018-06-18 11:16:20 +12:00
Andreas Gerhards
1753bb2d07 Improved speed on the recursive array flattening 2018-06-18 10:37:20 +12:00
Andreas Gerhards
f45cf75407 Implemented improved associative array check 2018-06-18 08:45:22 +12:00
Damian Mooyman
8181dc4fd2 ENHANCEMENT Ensure extensions are told the internal item request class for gridfield detail form (#8164)
Fixes https://github.com/silverstripe/silverstripe-framework/issues/8136
2018-06-15 17:58:53 +12:00
Damian Mooyman
53dded8cff
API Remove @internal from new 4.2 methods 2018-06-15 13:14:42 +12:00
Robbie Averill
5fa5abf295 Merge branch '4.1' into 4
# Conflicts:
  #	src/Forms/DateField.php
2018-06-15 11:52:07 +12:00
Damian Mooyman
b636587945
Respect semver and add tests 2018-06-15 11:04:12 +12:00
Damian Mooyman
310a259c5f
Add locale to Format
Fix up some regressions
2018-06-14 17:28:16 +12:00
Ingo Schommer
1c5876acf0
Merge pull request #8179 from open-sausages/pulls/4/safer-test-clear
BUG Make regression in #7839 safer
2018-06-14 17:28:13 +12:00
Ingo Schommer
bd84944c0d
Merge pull request #8166 from open-sausages/pulls/4/http-cache-middleware
NEW Add better HTTP cache-control manipulation (4.x branch)
2018-06-14 17:19:54 +12:00
Damian Mooyman
d52c4dd602
BUG Make regression in #7839 safer 2018-06-14 16:45:09 +12:00
Damian Mooyman
b686b86c34 Session now prevents cache headers being sent unintentionally 2018-06-14 15:59:51 +12:00
Ingo Schommer
513e0891d3 Clarify function of registerModificationDate() 2018-06-14 14:13:28 +12:00
Damian Mooyman
6b8f63c4d5
Refactor redirect cache busting into middleware 2018-06-14 14:11:31 +12:00
Robbie Averill
acc8d48b11 FIX SapphireTest can load relative fixtures in subfolders, switch "needs db" priority check order
A minute performance gain by checking instance properties for "uses database" before loading and parsing PHPDoc
annotations for the same thing, rather than doing it afterwards.
2018-06-14 13:59:44 +12:00
Damian Mooyman
3ce8ab3adc
Improve handling of deprecated apis 2018-06-14 13:01:27 +12:00
Damian Mooyman
163f1523e9
Add upgrade rule for HTTPCacheControl 2018-06-14 11:55:05 +12:00
Damian Mooyman
9274692415
Fix core tests 2018-06-14 11:46:47 +12:00
Damian Mooyman
59ba208df0
Fix HTTPTest 2018-06-14 11:46:28 +12:00
Damian Mooyman
e93289326e
Add Form::canBeCached() method 2018-06-14 11:17:21 +12:00
Damian Mooyman
6b68495c0d
Rename ETagMiddleware to ChangeDetectionMiddleware 2018-06-14 11:16:52 +12:00
Damian Mooyman
b7e54bad24
Adjust HTTPResponse::getVersion() to match PSR-7 Method signature 2018-06-14 11:04:07 +12:00
Daniel Hensby
a88257efac
NEW Add version to HTTPRequest and create raw string representation 2018-06-13 15:29:04 +01:00
Daniel Hensby
1b425570cf
Remove IE edge case handling 2018-06-13 15:29:04 +01:00
Daniel Hensby
17ad985925
Cleanup ETag middleware 2018-06-13 15:29:03 +01:00
Daniel Hensby
0b308c871d
DOCS Update doc errors 2018-06-13 15:29:03 +01:00
Damian Mooyman
687d0a6af1
Refactor everything out of HTTP and into separate middlewares 2018-06-13 17:56:47 +12:00
Damian Mooyman
6f32762268
Fix unit tests 2018-06-13 14:09:31 +12:00
Damian Mooyman
aa1ba0ef90
Fix inverted condition
Remove unnecessary yml block
Deprecate HTTP::set_cache_age()
2018-06-13 13:56:47 +12:00
Damian Mooyman
02ae2e7ed0
BUG Fix internal date formatting inheriting default locale
Fixes #8097
2018-06-13 13:32:11 +12:00
Daniel Hensby
befd81d0c2 FIX Bug with forms being cached 2018-06-13 11:33:46 +12:00
Daniel Hensby
7c875918c7 FIX make sure we create ETags from the body, not the request 2018-06-13 11:33:46 +12:00
Daniel Hensby
6bb69d1ae5 Throw caught exceptions in HTTPCacheControlMiddleware::process 2018-06-13 11:33:46 +12:00
Daniel Hensby
37343cf0e2 Use veradic argument for HTTP::combineVary 2018-06-13 11:33:45 +12:00
Daniel Hensby
bf90af4845 Linting fixes 2018-06-13 11:33:45 +12:00
Damian Mooyman
442db3050c Manual merge up of 3.x changes to HTTP class 2018-06-13 11:33:45 +12:00
Damian Mooyman
76bf2ab21a WIP of cache middlware 2018-06-13 11:33:45 +12:00
Damian Mooyman
6c985c4e5f
Merge remote-tracking branch 'origin/4.1' into 4 2018-06-13 11:25:20 +12:00
Damian Mooyman
c2123f772f
Merge remote-tracking branch 'origin/4.0' into 4.1 2018-06-13 11:24:12 +12:00
Daniel Hensby
ec956a682d API Moving tests to use transactions 2018-06-13 09:35:45 +12:00
Robbie Averill
f256045020
Merge pull request #8158 from open-sausages/pulls/4.0/fix-cli-canonical-middleware
BUG Prevent canonical URL causing a redirect on CLI unless explicitly enabled
2018-06-12 10:53:37 +12:00
Daniel Hensby
ce58890baf
Merge branch '4.0' into 4.1 2018-06-11 09:27:42 +01:00
Robbie Averill
27e24a4728
Merge pull request #8142 from open-sausages/pulls/4.0/fix-injector-empty
BUG Safely handle empty injector factory responses
2018-06-11 15:20:24 +12:00
Damian Mooyman
2a51f34c3e
BUG Prevent canonical URL causing a redirect on CLI unless explicitly enabled
Replaces #8157
2018-06-11 13:54:27 +12:00
Damian Mooyman
77a45c0dbc
Merge remote-tracking branch 'origin/4.1' into 4
# Conflicts:
#	src/Forms/HTMLEditor/HTMLEditorSanitiser.php
#	src/ORM/DataObjectSchema.php
#	src/ORM/Queries/SQLSelect.php
#	src/View/Parsers/ShortcodeParser.php
2018-06-11 10:19:04 +12:00
Robbie Averill
d842225df6 FIX Codesniffer style violations with comments 2018-06-11 09:55:18 +12:00
Damian Mooyman
546c6c3e22
Merge pull request #8125 from open-sausages/pulls/4/date-field-tweaks
Remove legacy logic from DateField_Disabled
2018-06-11 09:23:33 +12:00
Daniel Hensby
e260319823
Merge branch '4.0' into 4.1 2018-06-08 23:05:24 +01:00
Maxime Rainville
582c69d32f
BUG Fix issue with Disabled DateField always display (not set). 2018-06-08 13:51:22 +01:00
Daniel Hensby
e1450b5e82
Merge pull request #8147 from kinglozzer/mysql-pdo-attr
FIX: Only set MYSQL_ATTR_INIT_COMMAND when using mysql driver (fixes #8103)
2018-06-08 13:06:03 +01:00
Ingo Schommer
80c30c7b05
Merge pull request #8089 from creative-commoners/pulls/4.1/fix-maori-macron
FIX Add macron to Māori language name
2018-06-08 14:07:05 +12:00
Damian Mooyman
29f9b1c18f
Fix linting issues 2018-06-08 11:38:36 +12:00
Loz Calver
66f57bd4da FIX: Only set MYSQL_ATTR_INIT_COMMAND when using mysql driver (fixes #8103) 2018-06-07 10:26:00 +01:00
Aaron Carlino
31ad3cdaab
BUGFIX: Allow buttons to opt out of display (#8113)
* Allow buttons to opt out of display

* Linting

* Remove redundant function call

* Add test for group delete action

* Add menu group check and test for delete action

* Fix linting
2018-06-06 21:14:29 +12:00
Damian Mooyman
c070e989c4
BUG Safely handle empty injector factory responses
Fixes issue with ImageBackendFactory returning null and breaking injector
2018-06-06 16:45:16 +12:00
Damian Mooyman
0aa13da0d9
BUG Backport bugfix for belongs_many_many with many_many through.
Partial backport of #7928
Fixes #8131
2018-06-06 09:43:04 +12:00
Jonathon Menz
bf07ba30f4 FIX: Make error messages available to extensions 2018-06-05 14:12:28 -07:00
Jonathon Menz
5a5ba1e5c0 Fix: negative values in read only currency field
Don’t strip out ‘-‘ character as this makes negative values appear to be positive (Fixes #8126)
2018-06-01 12:59:02 -07:00
Damian Mooyman
2510935b53
Merge pull request #8065 from dhensby/pulls/4/mmtl-jointable
NEW Add getJoinTable to MMTL
2018-06-01 10:33:46 +12:00
Robbie Averill
e0993043f8 Merge branch '4.1' into 4 2018-05-30 15:08:39 +12:00
Robbie Averill
d0d936bc40 Merge branch '4.0' into 4.1 2018-05-30 14:52:31 +12:00
Robbie Averill
c8b0bc0ad7 Merge branch '4.0' into 4.1
# Conflicts:
  #	src/ORM/DataObject.php
  #	tests/php/ORM/DataObjectDuplicationTest.php
  #	tests/php/ORM/DataObjectDuplicationTest/Class1.php
2018-05-30 14:52:07 +12:00
Robbie Averill
624a5326a7
Typo in PHPDoc type 2018-05-30 14:51:09 +12:00
Luke Edwards
385e9e105c Create GridField Actions Menu component (#8083)
* WIP GridField action menu work, the gist of the idea is using a new gridfield component

* Add delete action to actions menu

* Actions are added automatically to action menu (allows for extension)

* Add test and minor changes

* Add docs and minor changes

* Refactor ActionMenuItem into distinct types, general ActionMenu cleanup

* Add icons and fix title

* Pass columnName, so it can be used by components

* Update test to open and find action menu buttons

* Add section in changelog upgrade section for GridField_ActionMenu
2018-05-29 16:10:52 +12:00
Robbie Averill
c3e5ab2258
Merge pull request #65 from silverstripe-security/pulls/4.2/ss-2018-009
[SS-2018-009] Allow forced redirects to HTTPS for responses with basic authentication
2018-05-28 18:57:38 +12:00
Robbie Averill
ea16e28aa7 Merge branch '4.1' into 4 2018-05-28 18:33:56 +12:00
Robbie Averill
6d98a912c9 Merge branch 'heads/4.1.1' into 4.1 2018-05-28 18:26:20 +12:00
Robbie Averill
3a537bc745 Merge branch 'heads/4.0.4' into 4.0 2018-05-28 17:50:07 +12:00
Robbie Averill
722202fef4 Merge remote-tracking branch 'origin/4.0.4' into 4.1.1
# Conflicts:
  #	src/Control/Director.php
2018-05-24 15:41:11 +12:00
Damian Mooyman
5bff64b47b BUG Fix Director::test() not persisting removed session keys on teardown 2018-05-24 13:10:03 +12:00
Robbie Averill
c308416afa FIX Add macron to Māori language name 2018-05-23 11:22:30 +12:00
Damian Mooyman
865ebb3398 ENHANCEMENT Improve upgrading experience. (#8025)
* ENHANCEMENT Improve upgrading experience.
Show errors and back button if errors encountered during install
BUG Fix hard-coded 'mysite' folder
Fixes #8024

* Patch behat tests to work with new  buttons
2018-05-21 22:08:34 +12:00
Daniel Hensby
1a57c7c1d0
NEW Add getJoinTable to MMTL 2018-05-14 11:19:24 +01:00
Aaron Carlino
f847f186b1 [ss-2018-013] Remove password text from session data on failed submission 2018-05-14 17:14:38 +12:00
Robbie Averill
5887201dd5
Merge pull request #64 from silverstripe-security/pulls/4.0/ss-2018-010
[SS-2018-010] Fix regression of SS-2017-002
2018-05-14 17:12:45 +12:00
Robbie Averill
beec0c0d47 [SS-2018-010] Fix regression of SS-2017-002 2018-05-14 17:12:07 +12:00
Robbie Averill
1e6790bfb6
Merge pull request #62 from silverstripe-security/pulls/4.0/ss-2018-001
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-14 17:11:03 +12:00
Damian Mooyman
e409d6f673 [ss-2018-001] Restrict non-admins from being assigned to admin groups 2018-05-14 17:10:22 +12:00