tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
9a40b16496
silverstripe-framework/docs
History
Ingo Schommer fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction() 
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
..
en API Enforce $allowed_actions in RequestHandler->checkAccessAction() 2013-06-24 14:50:40 +02:00
_manifest_exclude ENHANCEMENT Added sapphire/docs (migrated from https://github.com/chillu/silverstripe-doc-restructuring) 2011-02-07 19:55:13 +13:00
LICENSE ENHANCEMENT Added sapphire/docs (migrated from https://github.com/chillu/silverstripe-doc-restructuring) 2011-02-07 19:55:13 +13:00