Commit Graph

11674 Commits

Author SHA1 Message Date
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Simon Welsh
29c2b21a2a Merge pull request #2175 from jthomerson/fix_2174
FIX #2174: SearchFilter needs casting helper for DataObject base fields
2013-07-02 20:15:47 -07:00
Jeremy Thomerson
50e9eee2e9 FIX #2174: SearchFilter needs casting helper for DataObject base fields
Commit 964b3f2 fixed an issue where dbObject was returning casting helpers for
fields that were not actually DB objects, but had something in $casting config.

However, because dbObject was no longer calling DataObject->castingHelper, this
exposed a bug that the underlying function db($fieldName) was not returning
field specs for the base fields that are created by SS automatically on all
DataObjects (i.e. Created, LastEdited, etc).

This commit fixes the underlying issue that DataObject->db($fieldName) should
return the field specs for *all* DB fields like its documentation says it will,
including those base fields that are automatically created and do not appear in
$db.
2013-07-03 03:03:40 +00:00
Ingo Schommer
429bbc5223 Merge pull request #2137 from jthomerson/pulls/fix_viewable_data_wrapped_value
FIX: ViewableData wasn't setting values when using default cast
2013-07-02 00:40:56 -07:00
Mateusz Uzdowski
21844a8a07 Merge branch 'pr/2173' into 3.1 2013-07-02 15:52:31 +12:00
Mateusz Uzdowski
f9ede95e5b Add configuration system tests for Only and Except combinations. 2013-07-02 15:51:53 +12:00
Hamish Friedlander
df218d76da Clarify how Only and Except rules combine 2013-07-02 14:09:11 +12:00
Hamish Friedlander
5484283a25 FIX changing environment in config.php changes matched yaml rules 2013-07-02 13:21:27 +12:00
Hamish Friedlander
e74c002647 FIX Only and Except rules in Configs not working 2013-07-01 15:47:37 +12:00
Ingo Schommer
a6c3d1e269 Flag "insert image" behat test as @assets
Required in order to run them remotely, which currently
doesn't support file upload through Selenium
2013-06-28 12:21:00 +02:00
Ingo Schommer
a9f150126c Fix CMSBatchActionHandler::$allowed_actions
Regression from earlier API change to deny actions unless specified
2013-06-28 10:07:57 +02:00
Hamish Friedlander
03aa9e4b41 FIX ConfigManifest caching to not use existing cache from wrong $base 2013-06-28 11:25:14 +12:00
Andrew Short
973a23fac8 Merge pull request #2162 from simonwelsh/sec-redirect
Only redirect on logout if we're not already redirecting
2013-06-26 15:56:56 -07:00
Simon Welsh
1d5ac5876b Only redirect on logout if we're not already redirecting 2013-06-27 09:49:10 +12:00
Ingo Schommer
bcc09deb08 Merge pull request #2153 from chillu/pulls/form-fortemplate-access
Allow Form->forTemplate() URL access (fixes #788)
2013-06-26 13:56:56 -07:00
Simon Welsh
aecda4882b Merge pull request #2150 from hafriedlander/fix/templatevars-v2
FIX Arguments to method calls reseting scope
2013-06-25 21:59:14 -07:00
Hamish Friedlander
5c46acc018 Merge pull request #2156 from simonwelsh/staticnamesapce
FIX: ConfigStaticManifest not handling multipart namespaces
2013-06-25 21:23:36 -07:00
Simon Welsh
e55be50783 FIX: ConfigStaticManifest not handling multipart namespaces
Fixes #2126
2013-06-26 16:01:55 +12:00
Ingo Schommer
09b31c642f Allow Form->forTemplate() URL access (fixes #788)
Need to specifically whitelist URL-accessible actions now.
Used in "Insert Link" form in HtmlEditorField.
Regression from 1edf45fbed
2013-06-25 16:33:00 +02:00
Will Morgan
83726b21a2 Using extendedCan for can* 2013-06-25 16:26:38 +02:00
Ingo Schommer
755a95e3f7 FIX UploadField: IE10 single click for upload trigger
Fixes https://github.com/silverstripe/silverstripe-cms/issues/644.
See d45deb15f4
2013-06-25 15:35:45 +02:00
Ingo Schommer
50e8e3e46e Merge pull request #2146 from jonom/Configurable-default-width-for-Media
NEW: Allow configuration of initial insertion width for images and media
2013-06-25 00:27:47 -07:00
Hamish Friedlander
ae3e3f3b44 FIX Arguments to method calls reseting scope 2013-06-25 17:35:16 +12:00
Sean Harvey
7349682d44 Merge pull request #2145 from tractorcow/3.1-controller-redirect
Controller::redirect now returns the resulting SS_HTTPResponse
2013-06-24 14:16:18 -07:00
jonom
ffc764dc3c NEW: Allow configuration of initial insertion width for images and media
Moved default insertion dimensions logic from JS to PHP to allow setting through config API
2013-06-24 14:25:16 -06:00
Simon Welsh
1edf45fbed Merge pull request #2130 from chillu/pulls/allowed_actions-deny
API Enforce $allowed_actions in RequestHandler->checkAccessAction()
2013-06-24 12:41:15 -07:00
Ingo Schommer
18299322bc "Insert Media" dialog: Fixed event names
Fixes https://github.com/silverstripe/silverstripe-cms/issues/781
Regression from 9f600ada which uses jQuery UI widget "subclass"
that also affects event names.
2013-06-24 18:58:46 +02:00
Ingo Schommer
1046530ff6 "Insert Media" dialog: Prevent loading indicator in IE8+
Fixes https://github.com/silverstripe/silverstripe-cms/issues/782
2013-06-24 17:14:32 +02:00
Ingo Schommer
8c9ef8feb9 "Insert Media" dialog: Reposition separately (fixes #783)
FF21 and IE10 seem to propagate the DOM attribute changes differently
from Chrome: The dimensions can't be set in the same setOptions()
call through jQuery UI here. Fixed this by a separate setOption() call.
2013-06-24 16:13:29 +02:00
Ingo Schommer
2f9eaeea41 Merge pull request #2021 from jthomerson/fix_if_link_not_working
FIX: <% if Link %> wasn't working
2013-06-24 06:16:21 -07:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Ingo Schommer
474dde8012 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	docs/en/reference/grid-field.md
2013-06-24 14:39:09 +02:00
Damian Mooyman
7340da03a7 Controller::redirect now returns the resulting SS_HTTPResponse, allowing the function to better support chaining 2013-06-24 13:39:05 +12:00
Craig Weber
d8b106e6ee FIX: TestRunner was not cleaning up DB on failure
When a unit test being run by PHPUnit encountered a fatal error,
TestRunner::tearDown was never being called. This resulted in tmpdb schemas
littering the database from failed test runs. This changeset fixes the issue
by registering TestRunner::tearDown as a shutdown function, so that it gets
called even in the event of a PHP Fatal Error.
2013-06-24 01:15:09 +02:00
Ingo Schommer
b0e359ddb7 Merge pull request #2144 from micmania1/2143-paginatedlist-method-calls
ENHANCEMENT: Updated calls to methods instead of direct properties in PaginatedList
2013-06-23 14:35:13 -07:00
micmania1
49835c3bb1 Updated calls to methods instead of firect properties in PaginatedList 2013-06-23 13:20:38 +01:00
Will Rossiter
e72f9762b0 Merge pull request #2142 from ARNHOE/patch-2
Updated helplink to 3.1
2013-06-22 21:10:14 -07:00
ARNHOE
6e7cae50fd Updated helplink to 3.1 2013-06-22 18:08:25 +02:00
Jeremy Thomerson
e6bfabfd6c TEST: additional test for ViewableData not wrapping cached strings 2013-06-21 16:20:00 +00:00
CheeseSucker
761eec7736 Unit test for bugfix in ViewableData::obj(). 2013-06-21 16:17:22 +00:00
CheeseSucker
b52087105c FIX: ViewableData::obj() would sometimes return an empty object
For instance, this happens when these criteria are met:
  1) No casting has been specified for a method in $casting.
  2) A template accesses the field without any casting
  3) Any casts by the template will now yield an empty object.

After a brief look at the commit history, it can seem like this bug is several years old, unless it is a side-effect of other changes in the code.

== Steps to reproduce ==
Add two methods to be accessed by a template. Make sure you do not define an entry in $casting for them:
	public function Testus() {
		return "Te<x>t1";
	}

	public function Testus2() {
		return "Te<x>t2";
	}

Add this to a template:
	<p>
		First access:<br />
		"$Testus" : "$Testus.XML"<br />
		"$Testus2.XML" : "$Testus2"<br />
	</p>
	<p>
		Second access:<br />
		"$Testus" : "$Testus.XML"<br />
		"$Testus2.XML" : "$Testus2"<br />
	</p>

Open the page in a browser, and you will get:
 First access:
"Tet1" : ""
"Te<x>t2" : "Tet2"

Second access:
"Tet1" : ""
"" : "Tet2"

We see that any cast can yield an empty string.
2013-06-21 16:16:49 +00:00
Ingo Schommer
e908613c47 Merge pull request #2132 from mateusz/note
Add a note on the unit of the Session.timeout.
2013-06-20 16:00:40 -07:00
Mateusz Uzdowski
53a2dbd207 Add a note on the unit of the Session.timeout. 2013-06-21 10:56:00 +12:00
Ingo Schommer
09ca497b36 Merge pull request #2127 from silverstripe-rebelalliance/cookietimestamp
BUG: Fix for Cookie expiry timeout being passed as a large number on 64 ...
2013-06-20 15:42:07 -07:00
Ingo Schommer
da0cc25c3b Merge pull request #2129 from tractorcow/3.1-htmleditor-mediaform-fixes
BUG Fixed issue in file upload via the HTML Editor media dialogue
2013-06-20 02:10:16 -07:00
Will Rossiter
cf12ccbd2c Merge pull request #2120 from ryanwachtl/patch-1
Missing directory separators in output of suggested _ss_environment paths
2013-06-20 00:16:49 -07:00
Will Rossiter
d1756a5a58 Update simple-contact-form.md 2013-06-20 18:35:12 +12:00
Sean Harvey
ba10d270b3 Merge pull request #2128 from hafriedlander/fix/hashleak
FIX: ConfirmedPasswordField used to expose existing hash
2013-06-19 20:34:53 -07:00
Damian Mooyman
f47383f52e BUG Fixed issue where file upload via the HTML Editor media dialogue would not prompt users to overwrite existing files 2013-06-20 15:21:18 +12:00
Hamish Friedlander
328467f1b5 FIX: ConfirmedPasswordField used to expose existing hash 2013-06-20 14:09:30 +12:00