silverstripe-framework/forms
Ingo Schommer fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
..
gridfield API Enforce $allowed_actions in RequestHandler->checkAccessAction() 2013-06-24 14:50:40 +02:00
AjaxUniqueTextField.php Add codesniffer that ensures indentation is with tabs. 2012-12-12 17:33:31 +13:00
CheckboxField.php Merge remote-tracking branch 'origin/3.0' into 3.1 2013-04-12 01:13:32 +02:00
CheckboxSetField.php BUG UnsavedRelationList aren't checked 2013-02-19 14:58:31 +00:00
CompositeField.php Fixed deprecated usage of <% control %> 2013-03-19 12:58:14 +01:00
ConfirmedPasswordField.php FIX: ConfirmedPasswordField used to expose existing hash 2013-06-20 14:09:30 +12:00
CountryDropdownField.php API Marked statics private, use Config API instead (#8317) 2013-03-24 17:20:53 +01:00
CreditCardField.php Add codesniffer that ensures indentation is with tabs. 2012-12-12 17:33:31 +13:00
CurrencyField.php API Copying instance props on FormField readonly/disabled transformations 2012-12-14 01:58:04 +01:00
DatalessField.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
DateField.php API Marked statics private, use Config API instead (#8317) 2013-03-24 17:20:53 +01:00
DatetimeField.php DatetimeField returns wrong year 2013-04-13 06:26:52 +08:00
DisabledTransformation.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
DropdownField.php NEW Disable items in DropdownField and GroupedDropdownField 2013-01-11 16:32:20 +01:00
EmailField.php FIX Remove instances of lines longer than 120c 2012-09-30 17:18:13 +13:00
FieldGroup.php Avoid mid-sentence periods in combined field validation messages 2013-03-08 12:16:03 +01:00
FieldList.php API: Allow array of fields passed to FieldList::removeByName() 2013-05-25 15:31:30 +12:00
FileField.php API UploadField functions on new records 2013-05-27 15:22:59 +12:00
Form.php API Enforce $allowed_actions in RequestHandler->checkAccessAction() 2013-06-24 14:50:40 +02:00
FormAction.php Merge remote-tracking branch 'origin/3.0' into 3.1 2013-02-26 13:28:35 +01:00
FormField.php API UploadField functions on new records 2013-05-27 15:22:59 +12:00
FormScaffolder.php FIX Remove instances of lines longer than 120c 2012-09-30 17:18:13 +13:00
FormTransformation.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
GroupedDropdownField.php NEW Disable items in DropdownField and GroupedDropdownField 2013-01-11 16:32:20 +01:00
HeaderField.php FIX Remove instances of lines longer than 120c 2012-09-30 17:18:13 +13:00
HiddenField.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
HtmlEditorConfig.php API Marked statics private, use Config API instead (#8317) 2013-03-24 17:20:53 +01:00
HtmlEditorField.php BUG Fixed issue where file upload via the HTML Editor media dialogue would not prompt users to overwrite existing files 2013-06-20 15:21:18 +12:00
InlineFormAction.php API Copying instance props on FormField readonly/disabled transformations 2012-12-14 01:58:04 +01:00
LabelField.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
ListboxField.php BUG UnsavedRelationList aren't checked 2013-02-19 14:58:31 +00:00
LiteralField.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
LookupField.php FIX: Add support for multi dimensional source arrays in LookupField (open/6132) 2013-05-11 00:01:39 +12:00
MemberDatetimeOptionsetField.php Merge remote-tracking branch 'origin/3.0' into 3.1 2013-02-18 14:31:57 +13:00
MoneyField.php FIX Remove instances of lines longer than 120c 2012-09-30 17:18:13 +13:00
NestedForm.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
NullableField.php FIX Remove instances of lines longer than 120c 2012-09-30 17:18:13 +13:00
NumericField.php Include Zend_Locale_Format 2013-05-13 10:55:05 -07:00
OptionsetField.php API Copying instance props on FormField readonly/disabled transformations 2012-12-14 01:58:04 +01:00
PasswordField.php Add autocomplete=off switch for the password field. 2013-06-12 09:41:18 +12:00
PhoneNumberField.php BUG Fixed incorrect variable usage in generation of PhoneNumberField form fields 2013-04-12 15:13:58 +12:00
PrintableTransformation.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
ReadonlyField.php NEW: Add ReadonlyField::setIncludeHiddenField() 2013-01-08 17:45:17 +13:00
ReadonlyTransformation.php Clean up trailing ?> per coding standard 2012-02-12 12:40:16 -08:00
RequiredFields.php FIX: Removed notice-level error after forms w/ required fields are made readonly. 2013-01-29 18:03:47 +01:00
ResetFormAction.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
SelectionGroup.php API Removed keyed arrays for title/value setting in SelectionGroup 2012-12-11 11:06:06 +01:00
Tab.php ENHANCEMENT addExtraClass() support for Tab and TabSet 2012-05-08 11:25:44 +02:00
TabSet.php BUG Remove .ss-tabset class from CMS tabs to prevent rogue ajax load (#7980) 2012-11-01 00:25:13 +01:00
TabularStyle.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
TextareaField.php Merge remote-tracking branch 'origin/3.0' into 3.1 2013-01-21 11:14:57 +01:00
TextField.php Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
TimeField.php API Marked statics private, use Config API instead (#8317) 2013-03-24 17:20:53 +01:00
ToggleCompositeField.php Removed deprecated ToggleCompositeField::startClosed() 2012-11-15 14:43:21 +13:00
ToggleField.php BUG Fixing ToggleField to work correctly with jQuery 2012-11-16 11:33:58 +13:00
TreeDropdownField.php NEW Enforce max node counts to avoid excessive resource usage 2013-04-09 10:24:18 +12:00
TreeMultiselectField.php FIX #8328 Expose previously selected values of TreeMultiSelectField so they are not wipped out when selecting more values at an higher level in hierarchy 2013-03-19 08:48:44 +13:00
UploadField.php API Enforce $allowed_actions in RequestHandler->checkAccessAction() 2013-06-24 14:50:40 +02:00
Validator.php Removing deprecated Validator javascript methods 2012-11-15 14:43:17 +13:00