silverstripe-framework/docs/en/04_Changelogs/rc/3.3.0-rc1.md

# 3.3.0-rc1

## Upgrading notes

### New permission model for Versioned DataObjects

When adding the `Versioned` extension to dataobjects, typically it's necessary to explicitly declare
permissions on these objects in order to prevent un-published content surfacing to unauthenticated users.

In order to better support this, versioned by default will now deny canView permissions on objects
that are not published.

For more information on how to customise the permission model for versioned dataobjects then please
refer to the [versioned extension documentation](../../developer_guides/model/versioning).

### Block ?stage=Stage for unauthenticated users

By default users must now be logged in with CMS access permissions in order to change the viewing
mode of the site frontend using the `?stage` querystring parameter.

This permission can be customised by altering the `Versioned.non_live_permissions`
config by assigning a different set of permissions.

<!--- Changes below this line will be automatically regenerated -->

## Change Log

### Bugfixes

 * 2016-01-22 [f80467a](https://github.com/silverstripe/silverstripe-cms/commit/f80467a74859fba58be835a878ceddbbb4601b42) Don't keep stale treeview data when refreshing Content area (Damian Mooyman)
 * 2016-01-22 [bf8bf5e](https://github.com/silverstripe/silverstripe-framework/commit/bf8bf5e4d558126bb99ea63881f1885faafddd3d) Prevent Versioned::doRollbackTo from creating incorrect versions on subclasses of Versioned DataObjects (Damian Mooyman)
 * 2016-01-21 [cca7129](https://github.com/silverstripe/silverstripe-framework/commit/cca7129385dbb3be1001a8861423c2cf490f02d4) Revert lost documentation (Damian Mooyman)
 * 2016-01-21 [e364fdb](https://github.com/silverstripe/silverstripe-cms/commit/e364fdb794896b5c6b4810d84c0dfac75d80b53b) Fix incorrect "Add Page" button selector (Damian Mooyman)
 * 2016-01-20 [abc5556](https://github.com/silverstripe/silverstripe-cms/commit/abc5556520f891d0e3f5cf3d2c3838a194ac5335) Fix legacy breadcrumbs appearing on page save (Damian Mooyman)
 * 2016-01-20 [df76d78](https://github.com/silverstripe/silverstripe-framework/commit/df76d783fe1f7baaeed67a7c6d63235facd364cd) Fix VersionedTest sometimes failing given certain querystring arguments (Damian Mooyman)
 * 2016-01-20 [7c4e6f4](https://github.com/silverstripe/silverstripe-cms/commit/7c4e6f4b60567268ed879081823598438c90e729) prevent "Home page" being selected when no selection was made (Damian Mooyman)
 * 2016-01-11 [85ba918](https://github.com/silverstripe/silverstripe-framework/commit/85ba918a54f51dd524d45f2c93172a18421ae3bf) Update field IDs for file link (fixes silverstripe/silverstripe-cms#1307) (Loz Calver)
 * 2016-01-11 [d637141](https://github.com/silverstripe/silverstripe-cms/commit/d6371414876e32e7369ec0219a57d2186cfe3f0f) preg_quote() anchors in SiteTreeLinkTracking (fixes #1359) (Loz Calver)
 * 2016-01-05 [00544ff](https://github.com/silverstripe/silverstripe-framework/commit/00544ff100048afdb7ccb1905304dddf8ab3205a) session_regenerate_id uses config system (Daniel Hensby)
 * 2016-01-05 [4335d8e](https://github.com/silverstripe/silverstripe-framework/commit/4335d8ed221a2b402299b32e31f97fc2956ec161) Members with no ID inherit logged in user permission (Daniel Hensby)
 * 2016-01-02 [b30d335](https://github.com/silverstripe/silverstripe-cms/commit/b30d33585f4640950dc573b9fa283c0db7b5f14c) Adding context parameter to canCreate-check in getClassDropdown of SiteTree (fixes #1334) (Stephan Bauer)
 * 2016-01-02 [95e96fa](https://github.com/silverstripe/silverstripe-framework/commit/95e96fa2b2d0db9e26f8c716ee3d5e1a26ee09df) jquery.jstree patched to improve drag-and-drop handling (fixes #4881) (Stephan Bauer)
 * 2015-11-18 [e9b833f](https://github.com/silverstripe/silverstripe-framework/commit/e9b833f5f0f989af8d611f8cfe71f0b0e2cb0159) ConfirmedPassword field correctly reports mismatching passwords (Christopher Darling)