silverstripe-framework

mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-26 06:29:24 +02:00

Author	SHA1	Message	Date
Robbie Averill	f842ee2eec	Update deprecation PHPDocs to be PSR-5 compliant See: https://github.com/php-fig/fig-standards/blob/master/proposed/phpdoc-tags.md#55-deprecated	2018-09-28 10:49:14 +02:00
Robbie Averill	dbab696690	FIX Message when changing password with invalid token now contains correct links to login The Security controller should be used to return these links rather than the ChangePasswordHandler	2018-08-20 22:30:12 +12:00
Ingo Schommer	c541283093	Test coverage for session data change	2018-07-20 15:13:26 +12:00
Daniel Hensby	560fe9820a	FIX remove personal information from password reset confirmation screen	2018-07-05 14:19:15 +12:00
Damian Mooyman	6da72d686f	Maybe fix it?	2018-06-20 14:46:50 +12:00
Robbie Averill	6d98a912c9	Merge branch 'heads/4.1.1' into 4.1	2018-05-28 18:26:20 +12:00
Robbie Averill	722202fef4	Merge remote-tracking branch 'origin/4.0.4' into 4.1.1 # Conflicts: # src/Control/Director.php	2018-05-24 15:41:11 +12:00
Robbie Averill	e7e32d13a3	FIX Add namespace and encryptor to tests that expect blowfish to be available	2018-05-24 11:24:56 +12:00
Robbie Averill	5887201dd5	Merge pull request #64 from silverstripe-security/pulls/4.0/ss-2018-010 [SS-2018-010] Fix regression of SS-2017-002	2018-05-14 17:12:45 +12:00
Robbie Averill	beec0c0d47	[SS-2018-010] Fix regression of SS-2017-002	2018-05-14 17:12:07 +12:00
Damian Mooyman	e409d6f673	[ss-2018-001] Restrict non-admins from being assigned to admin groups	2018-05-14 17:10:22 +12:00
Damian Mooyman	9a12fac218	BUG Prevent password validator min score producing false negatives Replaces #7995	2018-04-18 10:35:31 +12:00
Daniel Hensby	c04ff8c55a	Merge branch '4.0' into 4.1	2018-02-21 13:40:30 +00:00
Damian Mooyman	0e26c06644	BUG Fix behaviour towards versioned but unstagable records	2018-02-20 12:20:18 +13:00
Daniel Hensby	7ec5fa2c8d	Merge branch '4.0' into 4.1	2018-02-09 15:19:15 +00:00
Daniel Hensby	e298fcc345	Merge branch '3.6' into 4.0	2018-02-09 14:32:58 +00:00
Damian Mooyman	2f1f5c0caa	Merge remote-tracking branch 'origin/4.0' into 4	2018-02-07 11:48:46 +13:00
Daniel Hensby	660dfd34a8	FIX Issue where default admin has no password encryption	2018-02-06 20:18:32 +00:00
Christopher Joe	456871fd91	Enhancement Updated PasswordValidator to fallback to config options - still retains instance variables	2018-01-31 10:54:43 +13:00
Damian Mooyman	a3c52f901a	Merge remote-tracking branch 'origin/4.0' into 4 # Conflicts: # src/Core/TempFolder.php # src/ORM/DataObject.php # src/View/ThemeResourceLoader.php # src/includes/constants.php # tests/php/Control/SimpleResourceURLGeneratorTest.php # tests/php/Forms/HTMLEditor/HTMLEditorFieldTest.php # tests/php/View/RequirementsTest.php	2018-01-22 14:57:05 +13:00
Daniel Hensby	db610aaf3b	Fixing string concat CS issues	2018-01-16 18:39:30 +00:00
Daniel Hensby	c959160375	FIX Misnamed test namespaces	2018-01-16 17:41:18 +00:00
Damian Mooyman	c4ff8443bb	API Shift basic auth checking into middleware Fixes #7554	2017-12-20 11:39:04 +13:00
Chris Joe	4ad9ceca6b	Merge pull request #7702 from open-sausages/pulls/4/fix-message-casting-permissions BUG Fix message casting for html security messages	2017-12-18 15:43:35 +13:00
Daniel Hensby	e4bf9a31ed	Merge branch '4.0' into 4	2017-12-14 21:20:11 +00:00
Daniel Hensby	1c72d6946d	Merge branch '3.6' into 4.0	2017-12-14 21:01:35 +00:00
Damian Mooyman	140ed72e2a	BUG Fix message casting for html security messages	2017-12-14 14:49:58 +13:00
Damian Mooyman	33b2d50d59	Cache warming in InheritedPermissions::getCachePermissions() Simplify Group::Members() code Remove cms-only config	2017-12-12 09:01:43 +13:00
Aaron Carlino	2be902ef2f	Adapt to new MemberCacheFlusher interface	2017-12-11 17:50:11 +13:00
Aaron Carlino	aefb0aeaa8	Make InheritedPermissions use cache and implement cache flushing	2017-12-11 17:50:11 +13:00
Damian Mooyman	ee27329728	Minor linting / style updates	2017-12-11 16:46:59 +13:00
Aaron Carlino	86458941be	Refactor to MemberCacheFlusher	2017-12-11 16:46:59 +13:00
Aaron Carlino	4857816c9e	Revisions per robbieaverill	2017-12-11 16:46:59 +13:00
Aaron Carlino	eecb9f64d3	Add new InheritedPermissionFlusher extension, CacheFlusher service	2017-12-11 16:46:59 +13:00
Damian Mooyman	f1dd3d6f03	[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt	2017-11-30 17:00:49 +13:00
Damian Mooyman	6a73466b41	BUG Fix basicauth	2017-11-03 12:08:38 +13:00
Robbie Averill	6b52412693	NEW Make Member::changePassword extensible	2017-10-05 11:18:34 +13:00
Mike Cochrane	41d1b2a882	Test fix: Don't hard code the security page_class controller	2017-09-16 11:27:16 +12:00
Daniel Hensby	c0211927aa	Merge branch '3' into 4	2017-08-14 21:18:03 +01:00
Damian Mooyman	b6a8e45888	BUG Ensure mocked controller has request assigned Fixes #7237	2017-08-03 15:52:31 +12:00
Robbie Averill	da4e46e4de	FIX Use merge and set instead of update for config calls	2017-07-17 17:59:40 +12:00
Damian Mooyman	85359ad59e	BUG Ensure that installer can create an initial admin account Fixes #7124	2017-07-06 13:30:04 +12:00
Damian Mooyman	f65e3627dc	BUG Implement or exclude all pending upgrader deltas	2017-07-03 12:21:47 +12:00
Daniel Hensby	c69a565b08	Merge pull request #7046 from andrewandante/FEAT/add_inGroup_to_Group add inGroup(s) methods to Group	2017-06-30 16:38:55 +01:00
Andrew Aitken-Fincham	ab60a167e6	add inGroup(s) methods to Group	2017-06-30 12:47:37 +01:00
Daniel Hensby	30986b4ea3	[SS-2017-002] FIX Lock out users who dont exist in the DB	2017-06-29 13:58:55 +12:00
Ingo Schommer	60a3c8754a	Simplify SecurityTest redirect assertion It causes inexplicable failures in the installer test, while it's passing running in framework standalone. This might be related to the cms module being present (with framework tests executed). Either way, testing that FunctionalTest can follow a redirect and correctly display the "/" homepage isn't really the point of this test. It should limit its assertion to the presence of a redirect. See https://travis-ci.org/silverstripe/silverstripe-installer/jobs/246703789	2017-06-27 09:23:37 +12:00
Ingo Schommer	e592bed3e5	Fixed merge error	2017-06-22 23:07:58 +12:00
Damian Mooyman	3873e4ba00	API Refactor bootstrap, request handling See https://github.com/silverstripe/silverstripe-framework/pull/7037 and https://github.com/silverstripe/silverstripe-framework/issues/6681 Squashed commit of the following: commit `8f65e56532` Author: Ingo Schommer <me@chillu.com> Date: Thu Jun 22 22:25:50 2017 +1200 Fixed upgrade guide spelling commit `76f95944fa` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 16:38:34 2017 +1200 BUG Fix non-test class manifest including sapphiretest / functionaltest commit `9379834cb4` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 15:50:47 2017 +1200 BUG Fix nesting bug in Kernel commit `188ce35d82` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 15:14:51 2017 +1200 BUG fix db bootstrapping issues commit `7ed4660e7a` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 14:49:07 2017 +1200 BUG Fix issue in DetailedErrorFormatter commit `738f50c497` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 11:49:19 2017 +1200 Upgrading notes on mysite/_config.php commit `6279d28e5e` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 11:43:28 2017 +1200 Update developer documentation commit `5c90d53a84` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 10:48:44 2017 +1200 Update installer to not use global databaseConfig commit `f9b2ba4755` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 21:04:39 2017 +1200 Fix behat issues commit `5b59a912b6` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 17:07:11 2017 +1200 Move HTTPApplication to SilverStripe\Control namespace commit `e2c4a18f63` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 16:29:03 2017 +1200 More documentation Fix up remaining tests Refactor temp DB into TempDatabase class so it’s available outside of unit tests. commit `5d235e64f3` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 12:13:15 2017 +1200 API HTTPRequestBuilder::createFromEnvironment() now cleans up live globals BUG Fix issue with SSViewer Fix Security / View tests commit `d88d4ed4e4` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 16:39:43 2017 +1200 API Refactor AppKernel into CoreKernel commit `f7946aec33` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 16:00:40 2017 +1200 Docs and minor cleanup commit `12bd31f936` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 15:34:34 2017 +1200 API Remove OutputMiddleware API Move environment / global / ini management into Environment class API Move getTempFolder into TempFolder class API Implement HTTPRequestBuilder / CLIRequestBuilder BUG Restore SS_ALLOWED_HOSTS check in original location API CoreKernel now requires $basePath to be passed in API Refactor installer.php to use application to bootstrap API move memstring conversion globals to Convert BUG Fix error in CoreKernel nesting not un-nesting itself properly. commit `bba9791146` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 18:07:53 2017 +1200 API Create HTTPMiddleware and standardise middleware for request handling commit `2a10c2397b` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 17:42:42 2017 +1200 Fixed ORM tests commit `d75a8d1d93` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 17:15:07 2017 +1200 FIx i18n tests commit `06364af3c3` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 16:59:34 2017 +1200 Fix controller namespace Move states to sub namespace commit `2a278e2953` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 12:49:45 2017 +1200 Fix forms namespace commit `b65c21241b` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 15 18:56:48 2017 +1200 Update API usages commit `d1d4375c95` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 15 18:41:44 2017 +1200 API Refactor $flush into HTPPApplication API Enforce health check in Controller::pushCurrent() API Better global backup / restore Updated Director::test() to use new API commit `b220534f06` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 22:05:57 2017 +1200 Move app nesting to a test state helper commit `603704165c` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 21:46:04 2017 +1200 Restore kernel stack to fix multi-level nesting commit `2f6336a15b` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 17:23:21 2017 +1200 API Implement kernel nesting commit `fc7188da7d` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:43:13 2017 +1200 Fix core tests commit `a0ae723514` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:23:52 2017 +1200 Fix manifest tests commit `ca03395251` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:00:00 2017 +1200 API Move extension management into test state commit `c66d433977` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 14:10:59 2017 +1200 API Refactor SapphireTest state management into SapphireTestState API Remove Injector::unregisterAllObjects() API Remove FakeController commit `f26ae75c6e` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 12 18:04:34 2017 +1200 Implement basic CLI application object commit `001d559662` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 12 17:39:38 2017 +1200 Remove references to SapphireTest::is_running_test() Upgrade various code commit `de079c041d` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 7 18:07:33 2017 +1200 API Implement APP object API Refactor of Session	2017-06-22 22:50:45 +12:00
Loz Calver	5d27dccd60	NEW: Add CSRF token to logout action	2017-06-21 15:42:13 +01:00

1 2

83 Commits