tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
4,432 Commits 31 Branches 527 Tags 162 MiB
d99caf31f7
Commit Graph

459 Commits

Author SHA1 Message Date
Ingo Schommer
8203e5b179 BUGFIX: Don't register member IDs that don't exist in the DB as being logged in. (from r98265) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102637 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-13 03:18:26 +00:00
Ingo Schommer
3a1868e8cf BUGFIX: fixed member labels not appearing in cms popup. #5025 (from r98030) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102567 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-13 01:49:24 +00:00
Ingo Schommer
74a04df3c8 API CHANGE Removed $blankItemText parameter from Permission::get_codes() 
ENHANCEMENT Allow ungrouped retrieval of Permission::get_codes() through new $grouped switch (from r97819)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102536 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 23:41:33 +00:00
Ingo Schommer
feb30e194f API CHANGE Removed Member::init_db_fields(), its no longer needed due to the Member.PasswordEncyrption property changing from an ENUM to Varchar. (from r97818) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102535 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 23:40:58 +00:00
Ingo Schommer
fdce2dfc22 BUGFIX: Fixed Permission::get_members_by_permission() for DB abstractions (from r97653) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102523 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 23:08:59 +00:00
Ingo Schommer
6450810b4c BUGFIX Checking for presence of all columns in Security::database_is_ready(). This was necessitated by an earlier change to the sapphire ORM which now selects all columns explicitly in a SQL query (instead of SELECT *) (see #4027) (from r97480) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102494 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 21:17:07 +00:00
Ingo Schommer
426190bc9e API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271) 
API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method.
ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install()
MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 21:16:26 +00:00
Ingo Schommer
f400c28099 BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly (from r97357) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102443 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 05:01:31 +00:00
Ingo Schommer
b69b03b9e0 API CHANGE: Unique_identifier now accepted as the login requirement, allowing alternatives to 'Email' (from r97270) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102440 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 05:00:05 +00:00
Ingo Schommer
89176afbc4 BUGFIX: Removed XSS holes (from r94823) (from r96773) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102402 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 03:21:00 +00:00
Ingo Schommer
920f0aaa1a BUGFIX: Don't let non ADMINs with permission-editing rights assign themselves ADMIN permissions. (from r89805) (from r96718) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102341 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 01:47:48 +00:00
Ingo Schommer
1ed1348cf3 MINOR update merge info, merged in r87119 (from r88839) (from r96714) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102337 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 01:46:20 +00:00
Ingo Schommer
603657b943 MERGE merged back a whole bunch of defect fixes from trunk (from r87846) (from r96712) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102336 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 01:45:52 +00:00
Ingo Schommer
0375eea256 BUGFIX: Fallback for arrays which do not contain 'alreadyLoggedIn' values (from r95968) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102322 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-04-12 00:51:21 +00:00
Ingo Schommer
c604341a1d API CHANGE Removed "auto-merging" of member records from Member->onBeforeWrite() due to security reasons - please use DataObject->merge() explicitly if this is desired behaviour 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@100705 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-03-09 04:10:38 +00:00
Ingo Schommer
f4e284a3c1 BUGFIX Fixing Member_ProfileForm to validate for existing members via Member_Validator to avoid CMS users to switch to another existing user account by using their email address 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@100704 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-03-09 04:08:52 +00:00
Ingo Schommer
61e27830c6 MINOR Fixed unit tests after change Member->checkPassword() to return ValidationResult instead of boolean (see r98268) (merged from r98274) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99701 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-23 04:05:34 +00:00
Ingo Schommer
8a1b1960c0 MINOR Placing 'ADMIN' permission in new 'Administrator' group at the top of the permissions list 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99601 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 10:02:10 +00:00
Ingo Schommer
09de9f7834 ENHANCEMENT Only show 'HTML Editor Config' dropdown in Group->getCMSFields() if more than one option exists 
BUGFIX Fixed bogus HTMLEditorConfig instance when get() is called without a valid identifier (due to NULL database columns)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99599 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 09:38:15 +00:00
Ingo Schommer
9c00cac768 ENHANCEMENT Showing checkboxes as disabled for inherited roles in Group->getCMSFields() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99597 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 06:11:59 +00:00
Ingo Schommer
4a93c9f6a7 MINOR Localized strings in PermissionCheckboxSetField 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99590 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 04:52:27 +00:00
Ingo Schommer
11ad275522 FEATURE Showing (readonly) permissions for a Member record in admin/security popup 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99586 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 04:37:36 +00:00
Ingo Schommer
705eaae2c3 ENHANCEMENT PermissionCheckboxSetField_Readonly (with all checkboxes disabled) 
MINOR Re-adding support for Group and PermissionRole records in PermissionCheckboxSetField
ENHANCEMENT Added 'assigned to...' label to group permissions in PermissionCheckboxSetField - used in Member->getCMSFields() readonly permission view

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99585 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 04:37:35 +00:00
Ingo Schommer
19336e2fcb ENHANCEMENT Allowing PermissionCheckboxSetField to inspect multiple group records for existing permissions 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99584 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 04:37:34 +00:00
Ingo Schommer
246e866362 MINOR Using localized titles for permission formfields in PermissionRole and Member 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99583 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 04:37:34 +00:00
Ingo Schommer
17272c2126 MINOR Using TreeMultiselectField instead of MemberTableField->relationAutoSetting in Group->getCMSFields() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99582 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-22 04:37:33 +00:00
Ingo Schommer
aea2f94a5e FEATURE View and select groups for a specific member via the member popup in admin/security (requires EDIT_PERMISSIONS) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98880 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-12 04:01:42 +00:00
Ingo Schommer
735ed967a5 MINOR Setting new 'inlineadd' permissions on MemberTableField instance in Group->getCMSFields() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98827 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-11 21:55:44 +00:00
Andrew Short
5e9b78b798 FEATURE: Moved the log-in validation process from individual authenticators into Member->checkPassword() and canLogIn(), to allow more extensibility and control (trunk, 2.4). 
MINOR: Use a ValidationResult to log in a member so that custom errors can be generated.

From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98267 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-05 00:36:25 +00:00
Geoff Munn
fda7836aca BUG FIX: Default sort columns now quoted properly 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98232 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-02-04 19:45:14 +00:00
Andrew Short
bbd9f2a2b5 ENHANCEMENT: Updated Member->getMemberFormFields() to use scaffolding and to be in line with Member->getCMSFields(). 
From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@97401 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2010-01-21 22:59:19 +00:00
Sean Harvey
d459e17288 BUGFIX: adding onAfterDelete hooks to remove the no longer necessary permissions (from r94859) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95627 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-16 05:43:47 +00:00
Sean Harvey
d8017fe459 MINOR: added comment (from r94856) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95626 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-16 05:43:40 +00:00
Sean Harvey
ca45cbe7e2 BUGFIX: orphaned permissions and subsite administrator groups were causing trouble - now with the JOIN the first global administrator group is picked up when ussing the override login. (from r94835) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95625 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-16 05:43:35 +00:00
Sean Harvey
14c66fb2f8 BUGFIX: removing permissions before re-applying them (previously it just removed the components on the relation which resulted in permissions having GroupID set to 0) (from r94810) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95624 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-16 05:43:20 +00:00
Sean Harvey
3aa391afdf MINOR: removed duplicate writes for performance (from r94438) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95615 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-16 05:41:44 +00:00
Sean Harvey
c0db452069 APICHANGE: Group::addByGroupName() now creates the group if one does not already exist (from r83010) (from r94430) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95611 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-16 05:41:08 +00:00
Sean Harvey
298ef035ed BUGFIX: Make sure findAnAdministrator gets a global administrator when subsites is installed. (from r94369) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95603 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-16 05:40:05 +00:00
Sean Harvey
35628832d6 BUGFIX #4686 Fixed $member non-object error, and decorated checks from not working in Member::canView(), Member::canEdit() and Member::canDelete() 
MINOR Added additional tests to MemberTest (from r94358)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95601 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-16 05:39:39 +00:00
Ingo Schommer
155e981158 ENHANCEMENT Added GroupCsvBulkLoader class to facilitate group imports with permission codes and hierarchy 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@94252 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-02 09:40:38 +00:00
Ingo Schommer
fd86a0ba0e ENHANCEMENT MemberCsvBulkLoader for easy member import with group associations 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@94251 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-12-02 09:40:33 +00:00
Will Rossiter
2ff4631c1f API CHANGE: removed listOfFields() function. Use custom code instead. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@93647 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-26 21:24:38 +00:00
Will Rossiter
e0f1fa8c3a APICHANGE: removed deprecated extend calls 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@93632 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-26 20:40:49 +00:00
Ingo Schommer
d92bbbecfb API CHANGE Refactored hiding of Permissions added in r92428. Added PermissionCheckboxSetField->setHiddenPermissions() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92865 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 05:23:42 +00:00
Ingo Schommer
84125b4416 MINOR Added CMSTreeClasses() methods to Group and Folder, to mirror SiteTree behaviour and allow reusage in CMS tree implementations 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92567 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:33:42 +00:00
Ingo Schommer
58cfa9ffca ENHANCEMENT Setting default group title in Group->populateDefaults() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92564 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:33:35 +00:00
Ingo Schommer
78ec0cbfa7 MINOR Updated jquery-concrete 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92558 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:33:12 +00:00
Ingo Schommer
dca8c0cb6f merging 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92557 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:33:06 +00:00
Ingo Schommer
926834db27 MINOR Removed redundant jquery-ui.js dependency from TabSet.php and Security.php 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92550 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:32:27 +00:00
Ingo Schommer
f7f3bc7050 MINOR Removed unused cmsCleanup_parentChanged() callback from Group, Folder and SiteTree classes 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92543 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:31:59 +00:00
Ingo Schommer
4b1293771d MINOR Using jquery.concrete and jquery.selector on github through piston dependency management 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92542 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:31:55 +00:00
Ingo Schommer
204d4fb076 API CHANGED Changed SiteTree->TreeTitle() to getTreeTitle() to make it available as a dynamic property, e.g. for the CMS forms 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92534 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:31:27 +00:00
Ingo Schommer
757df3088e ENHANCEMENT Returning FALSE from Security->ping() if no valid user session exists, for more accurate login checking through the CMS javascript pinging 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92527 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:31:09 +00:00
Ingo Schommer
1b138d6916 MINOR Removed layout_helpers.js dependency 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92516 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:30:42 +00:00
Ingo Schommer
2fc966cc44 MINOR Removed loader.js dependencies 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92514 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:30:36 +00:00
Ingo Schommer
dd074069de MINOR Moved css specific to Security/login in Security_login.css (shouldnt be in the generic Form.css declarations) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92509 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:30:24 +00:00
Ingo Schommer
a11db29672 MINOR Changed paths to moved thirdparty dependencies (mostly from /jsparty to /sapphire/thirdparty, /cms/javascript and /sapphire/javascript) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92502 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:29:59 +00:00
Ingo Schommer
3b547ec9c9 ENHANCEMENT Using "concrete" jQuery plugin for tabbed Security/login view (in combination with jQuery UI tabs) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92480 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:22:41 +00:00
Ingo Schommer
deb691a481 ENHANCEMENT Using jQuery UI tabs for Security/login with multiple authentication methods (e.g. CMS-login and OpenID) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92478 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 02:22:36 +00:00
Ingo Schommer
bf3b7e0e9e APICHANGE: add the ability to remove some permissions specified by their code in the rendered field html of PermissionChecksetBoxField and full-covered unit tests of this ability. (from r92428) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92463 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 01:44:52 +00:00
Ingo Schommer
48c0418840 BUGFIX More robust checks on the current member in Member::canEdit() and Member::canDelete() if there is no logged in member (from r92129) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92458 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 01:43:16 +00:00
Ingo Schommer
a21927e462 BUGFIX Fixed Group::collateFamilyIDs() when working with MSSQL (from r91775) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92455 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-21 01:42:27 +00:00
Sam Minnee
87e1454cd2 BUGFIX: Include salt in legacy password encryptor 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@91743 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-16 03:25:41 +00:00
Sam Minnee
0bb067eddf BUGFIX: Made use of new BasicAuth::protect_entire_site() consistent. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@91658 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-15 23:43:30 +00:00
Sam Minnee
ba69ce1d7e BUGFIX: Don't enable site-wide protection by default 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@91609 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-15 21:41:13 +00:00
Sam Minnee
2db7a1d001 API CHANGE: Replaced BasicAuth::enable() with BasicAuth::protect_entire_site() 
API CHANGE: BasicAuth::requireLogin() no longer has an option to automatically log you in.  You can call logIn() on the object returned, instead.

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@91603 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-15 21:24:58 +00:00
Andrew O'Neil
649079f4e8 BUGFIX: Use Object::create() for lostpassword(). (#4670, Tjofras) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@91270 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-11 03:00:02 +00:00
Ingo Schommer
e4ca24c7e2 BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-06 02:23:30 +00:00
Ingo Schommer
e675381cd4 ENHANCEMENT Pluggable password encryption through PasswordEncryptor class (#3665) 
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004)
API CHANGE Deprecated Security::encrypt_passwords()
API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation
API CHANGE Removed Security::get_encryption_algorithms()
API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword
API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others.

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90949 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-06 02:23:21 +00:00
Ingo Schommer
7dc1d607de MINOR Moved Security::encryptallpasswords() to EncryptAllPasswordsTask 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90948 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-06 02:23:13 +00:00
Tom Rix
8216448da3 MINOR run checks before running hasMethod, as an extension does not neccessairily have that method. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90691 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-03 02:33:53 +00:00
Tom Rix
a1fdff6910 MINOR update PermissionCheckboxSetField to look at roles on the actual group 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90677 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-11-03 01:00:54 +00:00
Sam Minnee
57924a2c95 BUGFIX: Fixed glitch in permission code formats. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90550 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-31 00:58:16 +00:00
Tom Rix
33489cdc7f MINOR i18n'd a whole bunch of the new permission codes 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90493 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-30 01:43:34 +00:00
Tom Rix
3dfa7a2103 MINOR fixed ambiguous column 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90481 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-30 00:23:02 +00:00
Tom Rix
26ee7ade66 MINOR implement OnlyAdminCanApply 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90457 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-29 22:07:44 +00:00
Tom Rix
8096f91ae1 MINOR remove duplicate header 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90397 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-29 02:56:18 +00:00
Tom Rix
9c5dae4dff MINOR shuffled permissions around, gave them help text and categorized them. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90371 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-29 00:55:20 +00:00
Tom Rix
643be30e67 MINOR permissions on Groups and Roles are now handled by a checkbox set field 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90342 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-28 23:03:35 +00:00
Sam Minnee
994e93f790 API CHANGE: replaced Database::USE_ANSI_SQL with DB::USE_ANSI_SQL 
API CHANGE: replaced Database::alteration_message() with DB::alteration_message()

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90097 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-26 22:03:29 +00:00
Andrew Short
79773042be API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog. 
MINOR: Replaced usage of renamed classes with the new namespaced name.

From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-26 03:06:31 +00:00
Andrew O'Neil
813760108c BUGFIX: Security::$default_login_dest isn't used (#4179, simon_w) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90023 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-23 00:18:10 +00:00
Sean Harvey
8bd78f77d8 MINOR Supress session warnings in session_regenerate_id() for a win32 environment (from r81984) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89712 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-21 02:21:05 +00:00
Sam Minnee
3da29fb08d MINOR show the permission/role inheritance chain on a group (from r89024) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89212 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-15 22:40:52 +00:00
Sam Minnee
88d5843cab FEATURE: Add a simple interface for administrating permission roles. (from r85297) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89189 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-15 22:28:11 +00:00
Sam Minnee
dd8120aed7 API CHANGE: Added PermissionRole and PermissionRoleCode, along with relevant tests for the permission system. (from r85173) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89187 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-15 22:27:56 +00:00
Sam Minnee
0c41f681b8 MINOR create the ability to have some roles only be able to be applied by admins (from r88090) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89180 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-15 22:23:39 +00:00
Sam Minnee
7e54fc1fc2 BUGFIX: Fix error when adding roles tab (from r86997) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89172 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-15 22:13:19 +00:00
Sam Minnee
7dd6d10cde MINOR added more documentation around SiteConfig. Also wrote unit tests for permissions inheritance off it. (from r86132) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89164 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-15 21:53:15 +00:00
Sam Minnee
9642c7171c ENHANCEMENT: Added Member::set_login_marker_cookie(), to let developers bypass static caching for logged-in users (from r73803) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88635 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-12 03:27:41 +00:00
Sean Harvey
8b6772fff0 Merged in Member::sendInfo() bug fixes from branches/2.3 - r85779 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86679 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-09-18 03:07:15 +00:00
Ingo Schommer
e9df16ba5a MINOR Formatting and documentation in Permission 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86084 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-09-10 07:01:52 +00:00
Ingo Schommer
2700d73e97 ENHANCEMENT Limiting "alc_enc" cookie (remember login token) to httpOnly to reduce risk of information exposure through XSS 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86027 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-09-10 03:23:31 +00:00
Ingo Schommer
d386db0bc3 ENHANCEMENT Avoid information disclosure in Security/lostpassword form by returning the same message regardless wether a matching email address was found in the database. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86021 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-09-10 03:01:46 +00:00
Ingo Schommer
ed5475bbae ENHANCEMENT Added Member->FailedLoginCount property to allow Member->registerFailedLogin() to persist across sessions by writing them to the database, and be less vulnerable to brute force attacks. This means failed logins will persist longer than before, but are still reset after a valid login. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86017 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-09-10 02:42:26 +00:00
Ingo Schommer
6b6c2a8bfa API CHANGE Removed Permission->listcodes(), use custom code 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86006 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-09-10 01:54:15 +00:00
Will Rossiter
ebce107d07 MINOR: added check for exec() and fixed the path for the wordlist file. Ticket #4428 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@85701 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-09-03 23:36:45 +00:00
Normann Lou
02f4ff232f ENHANCMENT: get svn merged revision 84806:84808 from branches/iss 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84814 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-08-19 05:47:02 +00:00
Sam Minnee
cd3db788a9 BUGFIX: Performance improvement to Member::currentUserID() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84167 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-08-11 09:16:34 +00:00
Andrew O'Neil
66543e6002 NOTFORMERGE: Merged 84085 from 2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84089 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-08-10 04:32:39 +00:00