Commit Graph

407 Commits

Author SHA1 Message Date
Sean Harvey
0e07f1a7f5 Merge remote-tracking branch 'origin/3.0' into 3.1 2014-08-22 17:50:36 +12:00
Ingo Schommer
1661213e5b FIX Opt-out pf form message escaping (fixes #2796)
This fixes a limitation introduced through http://www.silverstripe.org/ss-2013-008-xss-in-numericfield-validation/.
Form messages used to accept HTML, now they’re escaped by default, effectively removing the ability
to pass in HTML and take care of escaping manually.

We pass through HTML to message in core through the CTF system, so this needs to be fixed.
It’s an alternative fix to https://github.com/silverstripe/silverstripe-framework/pull/2803.
2014-08-22 16:59:34 +12:00
Damian Mooyman
eb069e605d Remove all redundant whitespace 2014-08-19 09:17:15 +12:00
Mateusz Uzdowski
8bf3853887 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	docs/en/misc/contributing/issues.md
	docs/en/reference/uploadfield.md
	forms/HtmlEditorField.php
	i18n/i18n.php
	javascript/HtmlEditorField.js
	model/DB.php
	model/Image.php
	model/SQLQuery.php
2014-08-14 09:08:26 +12:00
John Milmine
e7d5537f34 Added hasMethod so that you can pass ArrayData to GridField 2014-08-07 20:55:34 +10:00
Damian Mooyman
d8e9af8af8 API New Database abstraction layer. Ticket #7429
Database abstraction broken up into controller, connector, query builder, and schema manager, each independently configurable via YAML / Injector
Creation of new DBQueryGenerator for database specific generation of SQL
Support for parameterised queries, move of code base to use these over escaped conditions
Refactor of SQLQuery into separate query classes for each of INSERT UPDATE DELETE and SELECT
Support for PDO
Installation process upgraded to use new ORM
SS_DatabaseException created to handle database errors, maintaining details of raw sql and parameter details for user code designed interested in that data.
Renamed DB static methods to conform correctly to naming conventions (e.g. DB::getConn -> DB::get_conn)
3.2 upgrade docs
Performance Optimisation and simplification of code to use more concise API
API Ability for database adapters to register extensions to ConfigureFromEnv.php
2014-07-09 18:04:05 +12:00
Ingo Schommer
bb03f6ba2f Merge remote-tracking branch 'origin/3.1'
Conflicts:
	forms/HtmlEditorField.php
2014-06-15 22:50:20 +12:00
Mateusz Uzdowski
741ab96418 Fetch the nearest Controller instead of relying on global state.
Controller:curr() in this context are equivalent to calling
getToplevelController() which already solves the issue of nested
GridFields.
2014-06-12 16:47:49 +12:00
Ingo Schommer
802b46bd0a GridFieldDetailForm_ItemRequest->getRecord() 2014-05-07 23:49:04 +12:00
Damian Mooyman
e9c3ff933f Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
	composer.json
2014-05-06 10:22:09 +12:00
Damian Mooyman
892b440115 API Make default gridfield paging configurable
Documentation improved
2014-04-28 15:13:01 +12:00
Simon Welsh
8f31352039 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
2014-03-16 09:36:48 +13:00
Simon Welsh
bc8d2d638e Merge pull request #2875 from kinglozzer/2361-gridfield-column-header-css
FIX: Ensure valid CSS classes for GridField header (fixes #2361)
2014-03-15 21:39:42 +13:00
Simon Welsh
b145e96d27 Merge pull request #2818 from tractorcow/pulls/gridstate_data-error-test
BUG GridState_Data doesn't hold falsey values - Fixes #2813
2014-03-15 21:29:56 +13:00
Simon Welsh
d431e98ecf Merge branch '3.1'
Conflicts:
	forms/Form.php
	forms/FormField.php
	security/Member.php
	security/MemberLoginForm.php
2014-03-10 22:58:49 +13:00
Damian Mooyman
0cbad41d3b Rewrote usages of error suppression operator 2014-03-05 15:48:55 +13:00
Damian Mooyman
6d5d3d8cb7 Rewrote usages of error suppression operator 2014-03-05 14:22:19 +13:00
Loz Calver
90952e7bd4 FIX: Ensure valid CSS classes for GridField header (fixes #2361) 2014-02-19 21:17:52 +00:00
Damian Mooyman
cd213ab488 BUG Fixed handing of false values in GridState_Data
API Added ability to unset values
2014-02-04 10:26:26 +13:00
Ingo Schommer
0d7e9a9692 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	_config/routes.yml
	docs/en/topics/datamodel.md
	forms/DropdownField.php
2014-02-04 08:19:04 +13:00
Ingo Schommer
ab070944d5 Merge branch 'pulls/apidocs-package-list' of https://github.com/madmatt/silverstripe-framework into madmatt-pulls/apidocs-package-list
Conflicts:
	view/SSTemplateParser.php
	view/SSTemplateParser.php.inc
2014-01-31 15:15:59 +13:00
Will Rossiter
4ea62b44f9 FIX: Ensure GridFieldDetailForm has the current record validator.
Currently the validator is only set through
ModelAdmin and not through GridField
directly. This will set the validator based on the
record unless a custom validator has been
provided.

http://www.silverstripe.org/data-model-questions/show/34650?start=8#post331958
2014-01-12 16:08:31 +13:00
Ingo Schommer
323364bc85 Fixed merge errors 2013-12-06 15:44:24 +01:00
Ingo Schommer
740560c487 Fixed merge errors
- HTML identifier changes in master breaking tests
- Regression from b6b3cd9889 in GridFieldSortableHeader (var capitalisation)
2013-12-06 15:37:51 +01:00
Ingo Schommer
6176d65bd2 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	forms/gridfield/GridFieldSortableHeader.php
	model/DataList.php
	model/fieldtypes/Enum.php
2013-12-02 20:49:34 +01:00
madmatt
bebe0f6e37 Updating @package and @subpackage doc tags 2013-11-29 17:49:30 +13:00
Damian Mooyman
7636699c9f BUG Fixes #2682 - Regression in #2595 causing gridfield headers to break on summary_fields containing field methods 2013-11-27 18:43:27 +13:00
Ingo Schommer
7e291133a0 Merge pull request #2663 from ajshort/has-many-prepopulate
NEW: Pre-populate and disable foreign key field on has many lists.
2013-11-22 11:18:11 -08:00
Ingo Schommer
053258b984 Merge pull request #2595 from kinglozzer/gridfield-sort-relation
NEW: GridField can sort on relation columns
2013-11-22 11:14:12 -08:00
Loz Calver
a1a402224f NEW: GridField can sort on relation columns
Slightly improved logic

Add support for relations more than one 'level' apart

Add unit tests

Fixing PostgreSQL support

Throw exception if attempting to sort on a has_many/many_many relation
2013-11-13 10:33:00 +00:00
Andrew Short
fc773c5c22 NEW: Pre-populate and disable foreign key field on has many lists.
This is a common use case, and by default a form field is added which
has no effect. While this coupling is undesirable, it makes the default
behaviour much more sensible.

See #2662, #2651, #2637 for more information.
2013-11-13 16:21:18 +11:00
Andrew Short
bedf292612 Merge branch '3.1'
Conflicts:
	docs/en/reference/execution-pipeline.md
	lang/nl.yml
2013-11-11 18:18:25 +11:00
Zauberfisch
2df5269ae5 disable source_file_comments in GridFieldAddExistingAutocompleter->doSearch() because they would be displayed as plaintext in the dropdown 2013-11-08 08:34:22 +00:00
Zauberfisch
54a58eff27 Replace HTML entities in GridFieldAddExistingAutocompleter->doSearch() with actual charaters as the DropDown does not play nicely with HTML entities 2013-11-08 07:54:47 +00:00
Sean Harvey
8e36290b56 Merge pull request #2205 from jthomerson/pulls/fix_gridfield_class_name
FIX: wrong class name being returned
2013-10-31 18:19:05 -07:00
Simon Welsh
60bb9d81c5 Merge pull request #2411 from simonwelsh/circ_ref
Revert "Merge pull request #2390 from phptek/2389"
2013-10-28 14:05:13 -07:00
Ingo Schommer
2266d77237 Revert "Style destructive actions destructively"
This reverts commit 3851ef9f2c.
Breaks button alignment in CMS.
2013-10-24 11:37:40 +02:00
Damian Mooyman
b6b3cd9889 API GridState_Data values can have default values specified during retrieval.
Fixes issues with GridStata_Data being returned from various states when value types are necessary.
Pruning of dead code from GridFieldAddExistingAutocompleter
Documentation for GridState
2013-10-24 16:15:33 +13:00
Ingo Schommer
b56ca812dc Merge remote-tracking branch 'origin/3.1'
Conflicts:
	tests/security/MemberTest.php
2013-10-23 14:53:29 +02:00
Ingo Schommer
ea5b3e4269 Merge pull request #2520 from wilr/destructivestyles
Style destructive actions destructively
2013-10-22 17:07:38 -07:00
Loz Calver
e9fdfb05b2 GridField 'Add existing' action styling improvements 2013-10-22 16:44:28 +01:00
Will Rossiter
3851ef9f2c Style destructive actions destructively 2013-10-11 20:00:11 +13:00
Ingo Schommer
60fc7e5346 Merge remote-tracking branch 'origin/3.1' 2013-10-06 19:07:39 +02:00
Ingo Schommer
dcf9f2c133 Merge pull request #2311 from unclecheese/patch-12
API Change: Make GridFieldConfig objects decoratable
2013-10-03 16:46:13 -07:00
Ingo Schommer
9709a5cd8c Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-10-01 01:45:27 +02:00
Ingo Schommer
deadc154ca Don't link record in GridField form message
This is no longer allows through Form->sessionMessage() to avoid XSS.
2013-10-01 00:00:37 +02:00
Ingo Schommer
bda56eb9b0 Don't link record in GridField form message
This is no longer allows through Form->sessionMessage() to avoid XSS.
2013-09-30 23:55:32 +02:00
Ingo Schommer
298de5a67d FIX Escape breadcrumbs in SecurityAdmin (SS-2013-007) 2013-09-30 22:53:43 +02:00
Ingo Schommer
d3aa38f4b4 $.data() for GridField autocomplete (fixes #2440) 2013-09-27 19:51:32 +02:00
Ingo Schommer
debd81d380 Merge pull request #2453 from chillu/pulls/escape-3.1.0
Escaping 3.1
2013-09-25 16:02:45 -07:00
Ingo Schommer
78ce99be09 FIX Escape breadcrumbs in SecurityAdmin (SS-2013-007) 2013-09-24 21:41:18 +02:00
Simon Welsh
6df6cb719d Revert "Merge pull request #2390 from phptek/2389"
This reverts commit 58da57dd1b, reversing
changes made to 8864256601.
2013-09-13 08:22:32 +12:00
Russell Michell
abcb2ef40b FIX: Modified fix for #2389 to ensure existing tests pass. 2013-09-06 08:48:32 +12:00
Russell Michell
128c33b82c FIX: Fixes #2389
- Prevent circular references in `GridFieldAddExistingAutocompleter` when linking DataObjects whose ID matches the current object to which the gridfield is attached.
2013-09-05 13:55:47 +12:00
Ingo Schommer
20b49e215c Merge pull request #2136 from nedmas/fix-remove-export-button-padding
FIX: GridField button styling
2013-08-30 00:24:21 -07:00
Ingo Schommer
a6da1f5570 Merge pull request #2294 from wilr/fixgridexport
FIX: Remove limit on GridField export
2013-08-20 14:08:18 -07:00
Ingo Schommer
02cc662aaf More specific entwine rule for delete alert in GridField
The rule didn't apply in Firefox because of how it handles specificity,
so made it a bit more specific (added "button" and ".action")
2013-08-16 16:06:31 +02:00
micmania1
8ce50c3ae6 Added gridField->getName() to field names to avoid duplication 2013-08-09 22:57:48 +01:00
unclecheese
4385264aa9 API Change: Make GridFieldConfig objects decoratable
This change promotes GridFieldConfig objects to first-class Object descendants, making them extendable through the decorator pattern.

Relevant discussion in the dev group: https://groups.google.com/forum/#!topic/silverstripe-dev/Z6tu1k05ZmA
2013-08-08 17:12:40 +12:00
Will Rossiter
65d96e8d7c FIX: Remove limit on GridField export
Allow DataList::limit() to take a null value to remove the limit.

Added tests for limit(). Note the one failure, currently the ORM doesn't support unlimited values with an offset.
2013-08-05 19:59:12 +12:00
Jeremy Thomerson
dbb2efcbb3 FIX: wrong class name being returned
This resulted in an error since the returned class name did not exist.
Note that this only happened when someone subclassed GridFieldDetailForm
and did not subclass GridFieldDetailForm_ItemRequest.
2013-07-09 20:59:56 +00:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Tom Densham
3596892001 FIX: GridField button styling
Remove all top/bottom margins from buttons and apply to GridFieldButtonRow component. Ensure that all buttons are added to a suitable GridFieldButtonRow in ModelAdmin, SecurityAdmin and Group.
2013-06-21 14:22:00 +01:00
Ingo Schommer
7ce9677dcb Moved GridField table padding to buttons
Avoid double padding when no bottom buttons exist
2013-06-15 10:13:43 +02:00
Loz Calver
dcec30f4e3 Fix: Enable delete button for users with canDelete() but no canEdit() permissions
$form->makeReadonly(); iterates over all fields/actions, disabling the 'delete' button even when the user has permission
2013-06-03 12:31:40 +01:00
Ingo Schommer
5d97f615ce Merge remote-tracking branch 'origin/3.0' into 3.1 2013-05-31 17:52:24 +02:00
Ingo Schommer
c85c495848 BUG GridFieldFilterHeader works without non-filterable cols
Previously relied on the presence of a last column which wasn't filterable,
commonly a GridFieldEditButton. If this wasn't present, the filter buttons
were never added, leading to the GridField JS reload request being sent
without the required button form action, so GridFieldFilterHeader->handleAction()
was never called.
2013-05-23 17:48:27 +02:00
Will Rossiter
ddcfcf7bed Update @package, @subpackage labels
Cleanup of framework's use of @package and @subpackage labels and additional of labels for classes missing packages.

Moved all GridField related components to the one name.

Countless spelling fixes, grammar for other comments.

Link ClassName references in file headers.
2013-05-21 22:24:41 +12:00
Ingo Schommer
a1216b5e32 Merge pull request #1250 from wilr/gridfield-action-fixes
FIX: Do not blindly pass input values to GridField_FormAction URL's
2013-05-08 04:20:40 -07:00
Simon Welsh
8930304dfc Only set GridField state in request if a value is submitted 2013-05-07 08:15:27 +12:00
Ingo Schommer
9856fcef21 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	javascript/DateField.js
	model/DataQuery.php
	model/Versioned.php
	tests/forms/RequirementsTest.php
	tests/model/DataObjectLazyLoadingTest.php
	view/Requirements.php
2013-04-09 14:45:35 +02:00
Nik Rolls
5143c8149a Form now loads correctly when ClassName is changed. 2013-04-02 11:03:49 +02:00
Stig Lindqvist
3aced1151f BUG: GridFieldFilterHeader only filters on last filter
GridFieldFilterHeader only filters on the last filter argument because it keeps recloning the original datalist
2013-03-29 20:06:57 +13:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
ajshort
a965d3b374 BUG: Fix grid field rendering when the list is null 2013-03-09 01:04:51 +11:00
Will Rossiter
1ddd1ddc47 Docblock and coding conventions for GridField related classes. 2013-03-05 10:29:27 +13:00
Will Rossiter
36d3303e1b FIX GridField export and print actions should preserve state. 2013-03-05 10:27:15 +13:00
Hamish Friedlander
4b54383d68 API change request handling to be more orthogonal
RequestHandler#handleAction now exists. It takes the request, and
the action to call on itself. All calls from handleRequest to call an action
will go through this method

Controller#handleAction has had it's signature changed to
match new RequestHandler#handleAction

RequestHandler#findAction has been added, which extracts the
"match URL to rules to find action" portion of RequestHandler#handleRequest
into a separate, overrideable function

GridField#handleAction has beeen renamed to handleAlterAction and
CMSBatchActionHandler#handleAction has been renamed to handleBatchAction to
avoid name clash with new RequestHandler#handleAction

Reason for change: The exact behaviour of request handling depended heavily
on whether you inherited from RequestHandler or Controller, and whether the
rule extracted it's action directly (like "foo/$ID" => 'foo') or dynamically
(like "$Action/$ID" => "handleAction"). This cleans up behaviour so
all calls follow the same path through handleRequest and handleAction, and
the additional behaviour that Controller adds is clear.
2013-02-18 14:56:04 +13:00
Simon Welsh
3439e30ac1 Corrects indentation and line length 2013-01-24 19:56:02 +13:00
Ingo Schommer
c11b3918fc Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	core/PaginatedList.php
	email/Mailer.php
2013-01-21 11:14:57 +01:00
Andrew Short
16efd7402e ENHANCEMENT: Add grid field save handler. 2013-01-15 22:41:25 +11:00
Ingo Schommer
80feb8c0b4 Respect displayFields in GridFieldPrintButton
Provides more coherent and expected default behaviour
2013-01-15 00:55:24 +01:00
uniun
e020c7be57 BUG doSave() and doDelete() should use translated singular name 2013-01-11 15:50:09 +01:00
Nicolaas
a32451f72e adding extension hook in GridFieldDetailForm.php
This hook is useful so that you can add additional fields / actions in a gridfield form that are not available in other settings (e.g. additional actions: previous / next / save and publish / unpublish / etc
2012-12-27 19:22:54 +13:00
Ingo Schommer
8ec3641e60 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.FieldHelp.js
	lang/en.yml
	model/URLSegmentFilter.php
2012-12-21 15:04:17 +01:00
Ingo Schommer
661a4a2492 Removed direct sprintf() usage from _t() calls
Parameterized strings are easier to understand,
and more fail-proof, don't fatal out when not enough sprintf() args
2012-12-21 11:46:38 +01:00
Ingo Schommer
7a6ce01567 BUG Skip pagination on UnsavedRelationList in GFPaginator 2012-12-20 20:16:53 +01:00
Ingo Schommer
bbc8e06d49 API Show GridFieldEditButton even without edit permissions (for readonly forms) 2012-12-17 00:47:23 +01:00
Ingo Schommer
1848d7e90a API Check model permissions in GridField 2012-12-17 00:46:51 +01:00
Ingo Schommer
1ca3883a76 NEW Tooltip and inline help text support for CMS form fields 2012-12-14 01:58:04 +01:00
Simon Welsh
b0121b541c Add codesniffer that ensures indentation is with tabs. 2012-12-12 17:33:31 +13:00
Simon Welsh
fc5dd2994c Add codesniffer that ensures indentation is with tabs. 2012-12-12 00:12:11 +13:00
Ingo Schommer
8108f7f936 NEW Relation search for GridFieldAddExistingAutocompleter
Now also searches 1:n relations if they where defined in searchableFields() with dot notation.
2012-11-27 10:51:10 +01:00
Ingo Schommer
c8136f5d4c NEW Many-many relation data editing in GridFieldDetailForm
Also adds GridFieldDetailForm->setFields() for customizing
the displayed form fields (required for adding relational fields).
2012-11-27 10:45:43 +01:00
Ingo Schommer
c55c7c33f8 Merge branch '3.0'
Conflicts:
	admin/code/CMSProfileController.php
	composer.json
	tests/model/DataObjectTest.php
2012-11-22 23:51:28 +01:00
Ingo Schommer
434759cc83 BUGFIX Correct redirection URL on deletion in GridFieldDetailForm 2012-11-16 15:32:17 +13:00
Ingo Schommer
bd0e597ac6 Use button tag for delete button in GridFieldEditForm 2012-11-16 15:32:17 +13:00
Hamish Friedlander
7315be4531 FIX default values from DataObject not showing in GridField details form 2012-11-16 12:36:00 +13:00
Sean Harvey
8b0bb8dd09 API Replace deprecated FormField::createTag() with static create_tag()
GridField uses createTag() which is marked for deprecation, rather
than have it used as the cornerstone of generating FormField templates,
use it as a helper in case fields generate HTML tags from PHP.
2012-11-15 14:43:21 +13:00
Sean Harvey
532699c2ac Merge pull request #877 from UndefinedOffset/3.0
FIX 7906 Regression: GridFieldConfig_RelationEditor: Removing relation d...
2012-11-05 11:53:25 -08:00