Commit Graph

134 Commits

Author SHA1 Message Date
Loz Calver
5d27dccd60 NEW: Add CSRF token to logout action 2017-06-21 15:42:13 +01:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services
API Improve validation of authentication process
2017-06-15 15:53:57 +12:00
Simon Erkelens
576eee72dc Remove DefaultAdmin things from Security and Member into the MemberAuthenticator, unifying and removing duplicate code. 2017-06-15 14:20:29 +12:00
Damian Mooyman
d89bd15330
Move authentication hooks to SapphireTest 2017-06-09 16:25:40 +12:00
Simon Erkelens
082db89550 Feedback from Damian.
- Move the success and message to a validationresult
- Fix tests for validationresult return
- We need to clear the session in Test logOut method
- Rename to MemberAuthenticator and CMSMemberAuthenticator for consistency.
- Unify all to getCurrentUser on Security
- ChangePasswordHandler removed from Security
- Update SapphireTest for CMS login/logout
- Get the Member ID correctly, if it's an object.
- Only enable "remember me" when it's allowed.
- Add flag to disable password logging
- Remove Subsites coupling, give it an extension hook to disable itself
- Change cascadeLogInTo to cascadeInTo for the logout method logic naming
- Docblocks
- Basicauth config
2017-06-08 17:50:20 +12:00
Simon Erkelens
2b26cafcff Separate out the log-out handling.
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
2017-06-07 21:11:58 +12:00
Sam Minnee
f9ea752bae NEW: Add AuthenticationHandler interface
NEW: Add IdentityStore for registering log-in / log-out data
NEW: Add AuthenticationRequestFilter for managing login
NEW: Add Security:setCurrentUser() / Security::getCurrentUser()
NEW: Add FunctionalTest::logOut()
2017-06-07 21:11:55 +12:00
Simon Erkelens
c4194f0ed2 CMS Login Handling
Move to canLogin in the authentication check. Protected isLockedOut

Enable login to be called with a different login service (CMSLogin), enabling CMS Log in. Seems the styling and/or output is still broken.

logOut could be managed from the Authenticator instead of the member
2017-06-07 21:11:54 +12:00
Sam Minnee
7af7e6719e API: Security.authenticators is now a map, not an array
Authenticators is now a map of keys -> service names. The key is used
in things such as URL segments. The “default_authenticator” value has
been replaced with the key “default” in this map, although in time a
default authenticator may not be needed.
IX: Refactor login() to avoid code duplication on single/multiple handlers
IX: Refactor LoginHandler to be more amenable to extension
IX: Fixed permissionFailure hack
his LoginHandler is expected to be the starting point for other
custom authenticators so it should be easier to repurpose components
`of it.
IX: Fix database-is-ready checks in tests.
IX: Fixed MemberAuthenticatorTest to match the new API
IX: Update security URLs in MemberTest
2017-06-07 21:11:53 +12:00
Sam Minnee
e226b67d06 Refactoring of authenticators
Further down the line, I'm only returning the `Member` on the doLogin, so it's possible for the Handler or Extending Handler to move to a second step.
Also cleaned up some minor typos I ran in to. Nothing major.

This solution works and is manually tested for now. Supports multiple login forms that end up in the correct handler. I haven't gotten past the handler yet, as I've yet to refactor my Yubiauth implementation.

FIX: Corrections to the multi-login-form support.

Importantly, the system provide a URL-space for each handler, e.g.
“Security/login/default” and “Security/login/other”. This is much
cleaner than identifying the active authenticator by a get parameter,
and means that the tabbed interface is only needed on the very first view.

Note that you can test this without a module simply by loading the
default authenticator twice:

SilverStripe\Security\Security:
  authenticators:
    default: SilverStripe\Security\MemberAuthenticator\Authenticator
    other: SilverStripe\Security\MemberAuthenticator\Authenticator

FIX: Refactor delegateToHandler / delegateToHandlers to have less
duplicated code.
2017-06-07 21:11:52 +12:00
Damian Mooyman
fba8e2c245 API Remove Object class
API DataObjectSchema::manyManyComponent() return array is now associative array
2017-05-23 13:50:35 +12:00
Damian Mooyman
0b70b008b3 API Implement InheritedPermission calculator (#6877)
* API Implement InheritedPermission calculator

* API Rename RootPermissions to DefaultPermissionChecker
API Refactor inherited permission fields into InheritedPermissionExtension
API Introduce PermissionChecker interface
2017-05-11 21:07:27 +12:00
Damian Mooyman
942c0257b7 API Upgrade to behat 3 2017-05-05 14:32:07 +12:00
Uncle Cheese
494cbd1875 Ran upgrader for lang files 2017-04-28 14:59:42 +12:00
Simon Erkelens
ff3ad6eb6b Use Config for authenticator settings 2017-04-22 14:48:56 +12:00
Ingo Schommer
e9693467bf Fixed tests 2017-04-03 20:04:37 +12:00
Daniel Hensby
ac075eaf0b Remove TestListener and rely on PHPUnits APIs 2017-03-30 11:46:58 +13:00
Daniel Hensby
0410b4c35e
Respect PHPUnit method visibility 2017-03-24 16:23:03 +13:00
Damian Mooyman
0c41a97a8b API Refactor Form request handling into FormRequestHandler
API Add HasRequestHandler interface
API Refactor Link() and url handling behaviour from Controller into RequestHandler
API RequestHandler classes now must define url_segment to have a default Link()
API Clean up redirectBack()
2017-03-10 15:04:33 +13:00
Damian Mooyman
8444a21cbf API Upgrade tests to use new Config API 2017-02-27 16:54:01 +13:00
Damian Mooyman
029a8b9586
API Substitute Zend_Currency with NumberFormatter based solution
API Substitute Zend_Locale with Locale / NumberFormatter
API Substitute Zend_Date with IntlDateFormatter
API Added DBTIme::Nice12, FormatFromSettings
API Added Short() method to DBDate / DBTime / DBDatetime
API Add Date::getTimestamp()
API Added setSubmittedValue api for FormField
API Add second arg to base FormField::setValue()
API Major refactor of i18n into component data parts
API Implement Resettable interface to reset objects between tests
ENHANCEMENT Changed DBField::create_field return type to `static` to support better type hinting
ENHANCEMENT i18nTextCollector supports __CLASS__
2017-02-09 15:28:59 +13:00
Damian Mooyman
de02a3f733
Restored context parameter to i18n, and added to a “comment” key
Rolled pluralisation functionality into the i18n::_t() method
Warnings on missing default can now be turned off
2017-01-25 18:12:40 +13:00
Daniel Hensby
8b4cce435e
Merge branch '3' 2017-01-17 14:17:45 +00:00
Damian Mooyman
7d67c5b9bd
API Allow users to act-as another 2017-01-16 09:04:20 +13:00
Daniel Hensby
faccdef532 Merge pull request #6444 from robbieaverill/feature/add-group-tests
TEST Add Group tests for collating family IDs and getting all children
2016-12-29 23:41:31 +00:00
Robbie Averill
b4e183aba5
TEST Add Group tests for collating family IDs and getting all children 2016-12-30 11:27:52 +13:00
Robbie Averill
e8b959864e TEST Add historical password count test 2016-12-30 00:43:14 +13:00
Damian Mooyman
c2a1e86f5d Apply PSR2 / Namespace to remaining admin / tests 2016-12-19 16:08:19 +13:00
Damian Mooyman
6e589aac75
API Updates to Form, ValidationResponse, ValidationException
API Implement form schema "errors" handling
2016-12-09 14:24:11 +13:00
Sam Minnee
6650561dac Don't use session and FormSchema to manage server-side React validation responses 2016-12-09 10:27:23 +13:00
Daniel Hensby
1be2e70a2a
Merge branch '3' 2016-11-24 14:18:09 +00:00
Damian Mooyman
22cb3d0d74 Fix various ORM test issues 2016-11-23 19:25:12 +13:00
Damian Mooyman
6e8304ff2f API Namespace framework tests 2016-11-23 19:25:12 +13:00
Damian Mooyman
789cb5b465 Move files to psr-2 standard locations 2016-11-23 19:25:12 +13:00