Commit Graph

467 Commits

Author SHA1 Message Date
Elliot Sawyer
205754854c Sanitise domain name field to prevent XSS attack on the CMS
PWC identified an issue with the subsites module that would allow someone with authenticated access to attack other CMS users, such as "stealing the session ID and hijacking an authenticated user's session".
I can't imagine a case where HTML would ever be allowed in the subdomain of a website, so it's a good practice to strip it out anyway.

Steps to reproduce the original issue:
1. Enter a subsite name and mark as the default site.
2. Add a new domain named <script>alert(2)</script> and mark it as primary
3. Switch to the new subsite.
4. Make a new Page. This will execute a javascript alert containing "2".

MINOR update documentation for onBeforeWrite()
MINOR add @property attributes into docblock
2014-07-16 15:43:05 +12:00
James Cocker
47df87f62c Fixes #135: LeftAndMain switching between subsites
When trying to switch to a different subsite from a page's editing view, it wouldn't switch. This was partly due to a $record always existing due to the homepage fallback on currentPageID : https://github.com/silverstripe/silverstripe-cms/blob/3.1/code/controllers/CMSMain.php#L816

So as currentPage() couldn't actually be used to test for the existance of a current page, I've added in a check for isset($this->owner->urlParams['ID']).

I've also moved the check for $_GET['SubsiteID’] which indicated a forced subsite switch (eg. via the dropdown switcher) above the check for a current page, as it should take precedence, and it wasn't being run when both conditions matched causing the subsite not to change.

Tested changing subsites from /admin/pages, from page edit view, from a page edit URL, and from other CMS sections such as Files and Security, and all seems to be working perfectly now.
2014-06-04 16:41:28 +01:00
James Cocker
38e4bc196d Fixes #139 - Broken URL Segment CMS Links
Fixes issue #139 using normann's solution that seems to work perfectly with both long and short links.
2014-06-04 13:12:28 +01:00
Mateusz Uzdowski
9cf7a1453f BUG Fixes to link rewriting when previewing subsites.
* JS error with href-less links.
* All forms get injected hidden fields, even though the loop attempts to
check for only the ones that submit locally.
* Also check for action-less forms.

Requires
https://github.com/silverstripe/silverstripe-framework/pull/3000 to be
merged for the Framework.
https://github.com/silverstripe-labs/silverstripe-testsession/pull/11
2014-04-02 13:39:01 +13:00
Sean Harvey
4e20228c2e Merge pull request #132 from mateusz/session-can-edit
Make canEdit fall back to session if the object's SubsiteID not there.
2014-01-14 14:07:32 -08:00
Mateusz Uzdowski
82159e38d3 Make canEdit fall back to session if the object's SubsiteID not there.
This problem manifests when a GridField-managed relationship tries to
create an object that references the container from canEdit - the
container in this case has empty fields.

An example of that is a HomePage with CarouselItem - if the
CarouselItem::canEdit tries to call $this->Page()->canEdit(), the "Page"
will be a dummy object, not the actual instance of the HomePage that's
doing the manipulation.

This is similar to the behaviour of SiteTree::canEdit, which solves
this situation by falling back to "return
$this->getSiteConfig()->canEdit($member);"
2014-01-10 09:58:53 +13:00
Matt Peel
fb5d791444 BUGFIX: permissions to check the ‘CMS_ACCESS_LeftAndMain’ global permission.
‘CMS_ACCESS_LeftAndMain’ is used by the PermissionCheckboxSetField to allow
applicable Members to access all CMS sections. There are then further
permissions to restrict the Members (e.g. ‘CMS_ACCESS_LeftAndMain’ will give you
access to the ‘Pages’ section, but you still need the ‘Edit any page’ permission
to actually edit anything).

This patch ensures that the subsites module follows those permissions, and
doesn’t unnecessarily deny permission to legitimate users.
2014-01-10 09:31:44 +13:00
Matt Peel
083194857e Allow ‘ADMIN’ and ‘CMS_ACCESS_LeftAndMain’ access to CMS. Fixes CWPBUG-113.
Previously, only the global ‘ADMIN’ permission was allowing users to bypass the
stricter Permission check. We also need to allow the ‘CMS_ACCESS_LeftAndMain’
permission to bypass this check, as otherwise a user who is in a Group with the
‘Access to all CMS sections’ permission set (which only sets the
CMS_ACCESS_LeftAndMain permission code and no others) would be denied access to
the CMS for that sub site.
2014-01-09 17:12:47 +13:00
Mateusz Uzdowski
58b926af25 BUG Refactor the access checks and initial subsite redirections.
Remove the special AJAX handling to simplify the code. Now redirection
will be forced on any request that changes the subsite to re-synchronise
with the frontend.

Introduce canAccess method, and add it to alternateAccessCheck to make
sure this subsite-specific chceck is also done in situations that are
not captured by onBeforeInit.
2013-12-04 17:34:27 +13:00
Mateusz Uzdowski
a771e2239b Do not change the session-stored subsite, if session is not enabled.
This causes issues with Security::findAnAdmistrator which incorrectly
forces the current session-stored subsite to 0 - it uses
Subsite::currentSubsiteID before the session support is enabled, and
hence obtains wrong value.
2013-11-26 13:12:17 +13:00
Mateusz U
c04208ed79 Merge pull request #121 from stojg/pr/cleanup
Minor cleanup of subsite code
2013-11-25 16:10:55 -08:00
Stig Lindqvist
ff7328ea94 Adding docblocks to SubsiteDomain 2013-11-15 09:50:21 +13:00
Stig Lindqvist
b7f1c66de7 Make SubsiteDomain#getCMSFields extendable 2013-11-15 09:50:15 +13:00
Stig Lindqvist
859bde1257 Reorder methods and variables to follow the SS coding conventions
The coding conventions is mentioned here http://doc.silverstripe.org/framework/en/trunk/misc/coding-conventions#class-member-ordering
2013-11-11 12:09:27 +13:00
Stig Lindqvist
7bb36eae7b Adding docblocks and visibility keywords to methods 2013-11-11 11:56:02 +13:00
Stig Lindqvist
dc7a0560fb Removed Subsite::set_allowed_domains()
Removed documentation and code since the method has been throwing user error since 2010-03-01
2013-11-11 11:56:02 +13:00
Stig Lindqvist
cc0349026e Removed unused variable 2013-11-11 11:34:52 +13:00
Mateusz Uzdowski
aacaee08cd BUG Prevent session-interface mismatch.
Disables transparent subsite switch on AJAX requests.

Makes sure the subsite is appropriately set up when opening up the CMS
with a link to subsited object.
2013-11-08 11:37:10 +13:00
Ingo Schommer
5ff3b691d7 More globalisation 2013-10-30 13:44:06 +01:00
Ingo Schommer
7c100f90d2 Merge pull request #115 from mateusz/admin-access
Fix CMS Admin access issues
2013-10-23 01:34:30 +02:00
Mateusz Uzdowski
5b00ba352f API Refactor to always redirect to accessible Admin location.
Tries to find an accessible section in the current site, falls back to
searching across all sites and all sections.

Also adds more powerful and generic functionss:
Subsites::all_sites - get the full list
Subsites::all_accessible_sites - get Member accessible list
LeftAndMainExtension::sectionSites - get section-specific list
2013-10-16 16:40:20 +13:00
Mateusz Uzdowski
91cca0c64d BUG Move the SubsiteList PJAX request to a dedicated Controller.
Currently the request cannot be made if one doesn't have access to the
SubsiteAdmin section, which often happens with subsite-specific admins.
2013-10-16 13:20:54 +13:00
spronkey
23e9cd40a0 Better fix for #106 using DataQuery queryParams. Thanks simon_w 2013-09-12 15:33:18 +12:00
spronkey
586d88562c Added test case for subsites virtual page onAfterWrite issue, plus changed get_from_all_subsites method to immediately eval and return an ArrayList, instead of lazy eval DataList. Fixes #106 2013-09-12 14:23:42 +12:00
Naomi Guyer
37843f447e API: Subsite support for menu of cms (hide admins that don't declare support) (fixes #101 and #89 )
* Hide admins without subsite support from subsites menu
* Add subsite support to default site areas
* Enable reloading of subsites switcher dropdown when navigating the
site, and when editing subsite areas

API Fix parallel pjax menu fetching for subsites.
- thanks Mateusz!

Delint LeftAndMain_Subsites.js
2013-08-22 13:02:46 +12:00
Ingo Schommer
b49c86bd0b Require subsite title (fixes #26) 2013-07-10 16:28:08 +02:00
Ingo Schommer
6a9003e8df Less intrusive doSave() overwrite of GridFieldDetailForm
Fixes issues with valiation errors not showing due
to lack of PjaxResponseNegotiator support (parent implementation has changed).
2013-07-10 16:15:04 +02:00
Ingo Schommer
e6832aadca 3.1 allowed_actions fixes for SubsitesTreeDropdownField 2013-07-10 15:31:39 +02:00
Frank Mullenger
7bf6e89320 BUGFIX: Session var for active subsite out of sync with current subsite. Refs silverstripe/silverstripe-subsites#93. 2013-07-10 12:24:42 +02:00
Ingo Schommer
ac507ddc7b $allowed_actions for GridField subclass
Taken from https://github.com/silverstripe/silverstripe-subsites/pull/94,
thanks @frankmullenger
2013-07-10 11:46:09 +02:00
Naomi Guyer
c970889516 Add custom menu-icon 2013-05-29 10:15:17 +12:00
Sean Harvey
b2ffb7c89e BUG Fixing "Add new" not adding the page to the correct subsite 2013-05-28 12:17:16 +12:00
Sean Harvey
1538e49e1b Merge pull request #90 from mateusz/previews-by-id
Change the preview iframe to use injected SubsiteID GET/POST params.
2013-05-25 18:29:59 -07:00
Mateusz Uzdowski
0fb49ba502 Change the preview iframe to use injected SubsiteID GET/POST params.
Use the CMS domain for fetching the preview content to avoid SSL
errors and single-origin violations on the iframe.
2013-05-26 13:18:52 +12:00
Naomi Guyer
3ad7ddcfce BUG: Subsite save SiteConfig overwrites MainSite SiteConfig (Issue #15)
Implemented the fix mentioned in the bug ticket within the subsites
settings extension (use current subsite id)
2013-05-24 16:26:57 +12:00
Sean Harvey
3c6000111c BUG FileSubsites doesn't respect $disable_subsite_filter 2013-05-09 12:18:48 +12:00
Sean Harvey
f35a42ec64 BUG LeftAndMainSubsites::Subsites() fails with limited CMS access
Users with non-ADMIN permissions won't see the dropdown of available
subsites, because LeftAndMainSubsites::Subsites() will check if
the user has a non-existent code CMS_ACCESS_CMSPagesController.

Fallback to checking required_permission_codes first, and failing
that, check for CMS_ACCESS_LeftAndMain
2013-05-08 15:36:18 +12:00
Sean Harvey
a6990394cc Partially reverting 7c5310e1a2 2013-05-06 22:59:18 +12:00
Sean Harvey
7c5310e1a2 Fixing more uses of statics in Subsite class 2013-05-06 22:54:23 +12:00
Sean Harvey
7fee2aeea3 Defining static as private for 3.1+ 2013-05-06 22:44:19 +12:00
Sean Harvey
306cb79b19 Fixing more statics that weren't private, and nested_urls deprecated usage 2013-05-06 22:32:40 +12:00
Sean Harvey
8ffeeb1ee6 Fixing declaration of statics to private for 3.1+ compatibility 2013-05-06 22:21:09 +12:00
Sean Harvey
3275f4768c Removing underscore from "Default site" text 2013-05-06 22:04:42 +12:00
Sean Harvey
36f9547c8a Merge pull request #79 from adrexia/ui
Style site selector dropdown
2013-05-01 19:50:45 -07:00
Naomi Guyer
1a8122ea89 Style site selector dropdown
Made dropdown receive chzn, and applied a dark style to the dropdown to
match the ui of the cms
2013-05-01 17:04:41 +12:00
Sean Harvey
ffaaed072f Removing bits of test that broke because of removal of related pages 2013-05-01 17:01:56 +12:00
Sean Harvey
0247765563 API Removed related pages functionality, this is now a separate module
If you need this functionality still, please checkout
github.com/silverstripe-labs/silverstripe-subsites_relatedpages
2013-05-01 12:35:17 +12:00
Sean Harvey
fbddc076b8 Remove underscore from label 2013-04-30 17:53:09 +12:00
Sean Harvey
2812f6311c Removing redundant class, relies on TableListField which was removed 2013-04-30 15:25:08 +12:00
Sean Harvey
9658af5cc8 Fixing subsites not working with i18n in SilverStripe 3.1
Tries to access i18n::$likely_subtags directly. Config changes in
3.1 now prevent this from happening and fails.
i18n::get_locale_from_lang() is used instead to provide the locale.
2013-04-30 15:15:11 +12:00
Sean Harvey
397f74a561 Removing underscore from text 2013-04-30 15:08:47 +12:00
Sean Harvey
8a280b1865 BUG Fixing deprecated setEmptyString() 2013-04-30 15:08:13 +12:00
Robert Curry
5effc64607 Add description to Subsites Virtual Page 2013-04-29 12:25:29 +12:00
Morven Lewis-Everley
5747704c97 Make LeftAndMain redirect direct to admin
Currently, using the Subsites dropdown in the admin interface causes the CMS to reload to admin/pages. This can cause issues if you have set another interface as your default (other than CMSMain).
2013-04-25 19:29:56 +02:00
Robert Curry
90c16117f3 Extension and config fixes for 3.1 2013-04-04 15:10:22 +13:00
Sean Harvey
0968eac399 BUG Fixing misspelled variable not being able to select subsite for Folder 2013-02-04 15:21:08 +13:00
Sean Harvey
bf1390f0f8 BUG Fixing saving of Subsite records from SubsiteAdmin
LeftAndMain assumes tree_class exists, and tries to use it,
but causes a non-object error because of querying with a NULL
class name.
2013-02-04 14:49:51 +13:00
Ingo Schommer
82f1d980e8 Merge remote-tracking branch 'origin/0.3'
Conflicts:
	code/SubsiteAdmin.php
	code/extensions/LeftAndMainSubsites.php
	code/extensions/SiteTreeSubsites.php
	code/model/Subsite.php
	composer.json
	javascript/SubsitesTreeDropdownField.js
	lang/en_US.php
	tests/SubsiteAdminTest.php
	tests/SubsiteTest.php
	tests/SubsiteTest.yml
	tests/SubsitesVirtualPageTest.php
2013-01-03 21:03:26 +01:00
Ingo Schommer
172752a9f4 NEW Access to non-public subsites for logged-in users
Also added caching subsite domain mapping
2013-01-03 14:10:32 +01:00
Ingo Schommer
25f83daf0e NEW Copy page to different subsite, select MasterPageID
This is also the only UI-facing way to set a master page
after the initial copy action when creating a new subsite.
Shows "edit" link when master page is already set.
2013-01-03 14:10:20 +01:00
Ingo Schommer
c952db1cb1 SubsiteCopyPagesTask 2013-01-03 14:10:14 +01:00
Ingo Schommer
f909aad7b4 API CHANGE Removed Subsite_Template subclass, as it unnecessarily duplicates the Subsite->duplicate() logic in Subsite_Template->createInstance(). It also arbitrarily limits duplication of subsites to templates. 2013-01-03 14:10:08 +01:00
Sean Harvey
cac77703ed BUG Fixing FileSubsites failing when deleting ImageTracking 2012-11-07 14:25:32 +13:00
Sean Harvey
3d59f10331 Merge pull request #63 from mateusz/top-level
BUG Switch the subsite on GET parameter only.
2012-11-04 17:31:37 -08:00
Mateusz Uzdowski
20ae380350 BUG Flip the conditional to restore the original intention.
The original intention was to skip if ImageTracking was found, but it
got broken on c9d3a1f8.
2012-11-02 15:32:31 +13:00
Mateusz Uzdowski
2488489e22 BUG Switch the subsite on GET parameter only.
This fixes the bug where creating the top level pages is broken whenever
subsites module is installed. This is because the SubsiteID is
explicitly specified on AddForm POST submission, which incorrectly
triggers a redirect from LeftAndMainSubsites::init and the form action
never has a chance to execute.

Also do not look at POST when checking for the current subsite ID.
2012-10-26 11:53:40 +13:00
Sean Harvey
d4faeac98f Merge branch 'master' of git://github.com/halkyon/silverstripe-subsites into halkyon-master 2012-10-12 15:09:38 +13:00
Sean Harvey
89c6382101 Remove adminSearchFields which is never used and causes a test failure 2012-10-12 12:54:18 +13:00
Sean Harvey
5e1906c9f4 BUG Fixing use of FormResponse, use X-Status header instead 2012-10-12 12:06:09 +13:00
Sean Harvey
488ea71c45 Removing unncessary end PHP tags from subsites code 2012-10-12 11:08:24 +13:00
Sean Harvey
6747ba65bb Fixing LeftAndMainSubsites using deprecated Director::redirect() 2012-10-12 11:06:23 +13:00
Sean Harvey
19a904d1d2 LeftAndMainSubsites failover if map() returns an array instead of an SS_Map 2012-10-12 11:05:00 +13:00
Sean Harvey
070eaf54ae Fixing deprecated call to Director::redirect() 2012-10-11 15:16:38 +13:00
Sean Harvey
d4df26db72 BUG Fixing correct URL location to pages 2012-10-10 13:49:08 +13:00
Kirk Mayo
e7c5dd5d93 BUG: Fixing creating subsites from templates trac/7318 2012-07-18 12:21:35 +12:00
Kirk Mayo
c345f6fcc5 BUG: Coding convention fixes
BUG: more coding convention fixing
2012-07-16 11:44:54 +12:00
UndefinedOffset
ef4d539a12 BUG: Merged patch from kmayo how ever re-added some of the removed fields since they really should appear on the Main Content tab instead of the Metadata tab.
Fixed a few missed strict errors

Applied patch from kmayo to fix issues with SubsiteAdminTest.php

Fixed issue causing the url segments of subsites created from a template to add -2 to the end

Fixed undefined method TotalItems() on datalist for the SubsiteTest

Fixed failure on SubsiteTest because DataObject::get_one() now returns boolean false instead of null when no result is found

Fixed failure on SubsitesVirtualPageTest caused by Versioned::get_one_by_stage() returning null instead of false

Fixed failure caused by the contact-us page existing on subsite 2

Merged another patch from kmayo

Force main site to be on, for some reason it gets hidden in some cases i.e. refreshing the cms while editing a page
2012-07-16 11:21:54 +12:00
UndefinedOffset
598b0253f5 BUG: Coding convention updates 2012-07-16 11:21:30 +12:00
Ed
c9d3a1f854 BUG: More SS 3.0 modifications
Fixes for SS 3.0 beta 3

Fixed compatibility issues with ss3.0 rc1

fixed potential issue caused by the from array format changing in 3.0

Fixed strict standards warnings

Fixed strict notice "Only variables should be passed by reference"

Fixed strict notice "Only variables should be passed by reference"

Fixed strict notice caused by SubsiteAdmin not declaring all of the properties for getCMSFields()

Made Subsite::accessible_sites() static

Fixed issue caused when trying to add a domain before saving for the first time

Fixed undefined property ParentID
2012-07-16 11:21:24 +12:00
Ed
a2b612570b MINOR: Replaced deprecated extraStatics() with static variables 2012-07-16 11:18:44 +12:00
Ed
0cec9a6f33 BUGFIX: Fixed issue caused by HTMLEditorField selecting the column FieldName
BUGFIX: Fixed issue caused by ManyManyList remove all removing the File table from the FROM statement when removing all records from SiteTree_ImageTracking for a given page
2012-07-16 11:18:44 +12:00
Ed
2ef72b374c BUG: Modifying the module to work with SS 3.0
Replaced deprecated DataObjectDecorator with DataExtension

Fixed hard crashes in the cms

Updated to support new LeftAndMain template structure

Made the subsites model admin functional

Moved the LeftAndMain_Menu template up a directory so it overrides the core

Fixed some errors caused by changes to the framework

Re-organized the code folder

Fixed permission issue causing to default to first subsite regardless if it is the default or not

Fixed crashes on the subsite virtual page when creating/editing

Removed toDropdownMap() calls replacing with map()

Fixed the URLSegment field on subsites

Fixed error when detecting subsite for a domain

Improved styles on the subsite dropdown

Updated LeftAndMain_Subsites.js to work with jQuery entwine

Started porting the SubsitesTreeDropdownField.js to use jQuery entwine and work with the new TreeDropdownField.js

Fixed issue causing crash when viewing a page who is linked to by a subsite virtual page

Removed unused methods on SubsitesTreeDropdownField.js

Re-added classes that were moved

Fixed hard crash after saving caused by the many_many definition on SiteTreeSubsites

Replaced deprecated DataObjectSet creation with ArrayList

Compatibility fixes with SS 3.0 beta 2

Fixed crash in cms caused by no parameter being passed to the SubsiteReportWrapper constructor

Proper fix for report wrapper

Removed table list field in favor of a basic grid field

Fixed updateCMSFields() for file subsites

Migrated translations to yml

Fixed issue causing the current page to not get cleared when changing subsites in the cms

Fixed virtual page icon

Fixed language files issue
2012-07-16 11:18:38 +12:00
Ingo Schommer
a6bb5a3fb7 BUGFIX Update SubsiteID in session and clear currently viewed record when changing subsite via a GET parameter, which is more common now through 069c5ada3 (fixes AIR-130) 2012-02-03 09:31:29 +01:00
Mateusz Uzdowski
5f337db553 BUGFIX: make sure non-admins can access the main site via group role 2011-10-05 17:58:24 +13:00
Sam Minnee
fe25268274 BUGFIX: Removed unnecessary SiteTreeSubsites event handlers, since SiteTree is now sufficiently subsite aware. This provided a significant performance increase. (by sminnee, merged from r103169) 2011-09-22 18:19:58 +02:00
Sam Minnee
0760673568 BUGFIX: Limit the top-right subsites dropdown to the content, files, and security sections. (by sminnee, merged from r102044) 2011-09-22 18:19:53 +02:00
Sam Minnee
674f4bee27 BUGFIX: Added caching to Subsite::accessible_sites() (by sminnee, merged from r100872) 2011-09-22 18:19:47 +02:00
Sam Minnee
28f63853e1 BUGFIX: Show virtual pages in virtual page tree select field (so that you can select their children), but ignore any attempts to set the tree select field to a virtual page when saving. (by sminnee, merged from r100638) 2011-09-22 18:19:40 +02:00
Sam Minnee
9ad409d5d4 BUGFIX: Removed virtual pages tab from subsites. (sminnee, merged from r100426) 2011-09-22 18:19:22 +02:00
Ingo Schommer
da8a313881 BUGFIX Include main site in SubsiteReportWrapper drop down selection 2011-09-12 14:01:13 +02:00
Ingo Schommer
552a6e784d BUGFIX Consistently resetting Subsite::$disable_subsite_filter to its original state 2011-09-12 12:18:56 +02:00
Ingo Schommer
1d1811b308 BUGFIX Don't show subsites drop down in ReportAdmin, as filtering works differently here (AIR-49) 2011-09-09 14:12:59 +02:00
Ingo Schommer
ac2704b968 MINOR Documentation and formatting in Subsite->domain() 2011-09-09 12:40:09 +02:00
Ingo Schommer
2b506b02b1 ENHANCEMENT Allowing strict subdomain checks on 'www.example.com' vs. 'example.com' via Subsite::$strict_domain_matching (AIR-54) 2011-09-09 12:40:05 +02:00
Ingo Schommer
32d51ed986 MINOR Clearer testing and documentation around wildcard usage for domain matching 2011-09-09 10:50:52 +02:00
Ingo Schommer
47c545f658 API CHANGE Removed unused nextWriteDoesntCustomise flag on SiteTreeSubsites, removed references to non-existent CustomContent field in SiteTreeSubsites->onBeforeWrite() (field was removed with 08207510c in 2008) (AIR-52) 2011-09-07 21:55:13 +02:00
Ingo Schommer
bb486548d6 MINOR Removed SiteTreeSubsites->onAfterWrite(), same behaviour already implemented in SiteTree (copying content from VirtualPage records, including its subclass SubsitesVirtualPage) (AIR-52) 2011-09-05 18:11:51 +02:00
Ingo Schommer
069c5ada3c BUGFIX Removed ajaxified switch of subsite in the CMS, as it would need to deal with too much UI state like refreshing the "insert link" panel. Refresh the entire window instead. 2011-09-05 17:55:00 +02:00
Ingo Schommer
1697126957 MINOR Testing and documenting "super-admin" behaviour on "ADMIN" permission in Subsite::accessible_sites() and Subsite::hasMainSitePermission() 2011-09-05 17:54:57 +02:00
Ingo Schommer
01435e0de5 MINOR Ensuring valid return values in Subsite::accessible_sites() (AIR-48) 2011-09-05 17:20:24 +02:00
Ingo Schommer
9433a097ac MINOR Using built-in escaping mechanisms in LeftAndMainSubsites, replaced hardcoded language string (AIR-46) 2011-09-05 15:11:23 +02:00
Ingo Schommer
17dde8ff58 FEATURE Blacklisting of page types by subsite through Subsite->PageTypeBlacklist (AIR-20) 2011-08-30 18:59:21 +02:00
Ingo Schommer
33a9b90953 BUGFIX Calling parent on Subsite::onAfterWrite() (AIR-16) 2011-08-30 14:43:53 +02:00
Ingo Schommer
c6969439a1 MINOR Check for existence of related page in RelatedPageLink->RelatedPageAdminLink() (AIR-74) 2011-08-30 08:41:13 +02:00
Ingo Schommer
72e1e5b1b2 BUGFIX Overload validateURLSegment() in SubsitesVirtualPage to allow for same URLSegments as linked pages, as long as they only exist in a different subsite (only change the URLSegment if it already exists in the same subsite). (AIR-4) 2011-08-22 17:52:21 +02:00
Mateusz Uzdowski
fb998aec87 BUGFIX: Change the default setting to include the main site. Users able to AccessAllSites should be able to access
the main site as well.
2011-04-11 12:59:42 +12:00
Mateusz Uzdowski
f0e93b1b3c BUGFIX: flush cache always after changing the subsite - otherwise a user who has access only to one of the subsites will not be able to get to the CMS at all. 2011-04-11 10:32:51 +12:00
Michael Gall
f7a6b4be05 BUGFIX: augmentInit is deprecated. Use 'init' instead 2011-02-14 14:10:47 +11:00
Sean Harvey
7b6b35328c BUGFIX SubsitesTreeDropdownField::getsubtree() failed because it was removed from TreeDropdownField in r88482 2010-09-29 04:02:15 +00:00
Ingo Schommer
59c3dd1ea2 BUGFIX Fixes wrong logic for session existence checks in ErrorPageSubsite and SubsitesVirtualPage (no current controller is available when called through "phpunit" executable) 2010-09-22 01:43:57 +00:00
Ingo Schommer
a178d7c4c3 BUGFIX Don't check for Controller::curr() in ErrorPageSubsite, this causes a user_error when none is available (e.g. when running tests through "phpunit" executable) 2010-09-21 21:10:29 +00:00
Sean Harvey
5039e2ebd3 ENHANCEMENT Subsite::Language field now falls back to the default set in i18n - this is useful for a good default when adding a new Subsite via SubsiteAdmin 2010-08-23 00:30:34 +00:00
Sean Harvey
c5ce9dc1aa BUGFIX Fixed SiteTreeSubsites overriding SiteTree::getCMSActions() and causing pages to have publish, unpublish buttons etc even though the user is readonly 2010-08-23 00:07:05 +00:00
Julian Seidenberg
1e58cca92c MINOR: removed accidental debug::show left in last commit (again) 2010-07-26 06:49:33 +00:00
Julian Seidenberg
9afc8a452f MINOR: removed accidental debug::show left in last commit 2010-07-26 06:48:15 +00:00
Julian Seidenberg
a7935bc3e3 BUGFIX: admin user can now access subsite zero (main site) without the LeftAndMain access check reverting them back to a previous subsite (includes test for this edge-case). 2010-07-26 03:56:03 +00:00
Sean Harvey
b8213d368a API CHANGE Re-added SiteTreeSubsites::isMainSite() method which was incorrectly removed in r100324 2010-06-28 21:40:36 +00:00
Geoff Munn
09b1b06bd2 BUGFIX: columns quoted properly 2010-05-06 03:27:02 +00:00
Geoff Munn
06bb7c7423 BUGFIX: tables and columns quoted properly 2010-04-29 22:58:10 +00:00
Saophalkun Ponlu
40170aac62 MINOR: stamp the current date in host-map.php to help in debugging
MINOR: documentation - a link to a documentation on how to use subsite with static publisher
2010-04-29 06:59:33 +00:00
Sean Harvey
c3b20fd3bd BUGFIX #5315 FileSubsites::augmentSQL() should not apply ordering when doing COUNT() selects, as this breaks some databases like SQL Server 2010-04-12 04:04:15 +00:00
Tom Rix
8ee35be254 BUGFIX default to correct subsite 2010-04-06 03:15:44 +00:00
Tom Rix
b83b2b442a MINOR line coverage to 70% 2010-03-30 22:50:37 +00:00
Tom Rix
2792c1780a MINOR removing old cruft, improving formatting 2010-03-30 21:02:44 +00:00
Tom Rix
92976e8eff MINOR get the files & error page tests on subsites passing 2010-03-30 20:43:34 +00:00
Tom Rix
1b4c314304 2010-03-21 22:32:22 +00:00
Sean Harvey
47d35fcca1 BUGFIX FileSubsites::augmentSQL() sometimes tries to add an ORDER BY clause when running DELETE queries... obviously this makes no sense, and some databases will choke 2010-03-11 22:11:14 +00:00
Sean Harvey
69033011af BUGFIX SiteTreeSubsites::alternateSiteConfig() now returns false if there's no SubsiteID set on SiteTree 2010-03-11 21:51:06 +00:00
Sean Harvey
5984e62e45 BUGFIX Workarounds for GroupSubsites::augmentSQL() so that it doesn't fail on databases other than MySQL like SQL Server 2010-03-09 02:34:09 +00:00
Sean Harvey
dce64a567f BUGFIX Fixed Subsite::hasMainSitePermission() SQL query, removed use of USING() and rely on standard INNER JOIN ON syntax that works on all databases 2010-03-09 01:42:56 +00:00
Sean Harvey
bdd3069098 BUGFIX Fixed missing double quote in Subsite SQL query 2010-03-09 01:22:16 +00:00
Sean Harvey
92dd4b0c02 BUGFIX Removed backticks from FileSubsites 2010-03-09 01:12:49 +00:00
Sean Harvey
ddaf3e72c0 BUGFIX Removed non-ANSI SQL support in subsites as there's already a branch (0.2) for 2.3 compatibility 2010-03-09 01:09:25 +00:00
Tom Rix
966776df5a BUGFIX correct classname 2010-03-04 22:52:16 +00:00
Luke Hudson
9583918d78 BUGFIX: Rename Database to SS_Database, bug reintroduced post merge 2010-03-03 03:09:13 +00:00
Luke Hudson
9a4d52f754 BUGFIX: Re-enable javascript onchange for subsites selector 2010-03-02 23:28:57 +00:00
Tom Rix
fa21df693f MINOR pass tests 2010-03-02 01:15:11 +00:00
Tom Rix
fe0cf8be7d BUGFIX syntax errors 2010-03-01 22:41:44 +00:00
Tom Rix
f5bbbf979e BUGFIX: Don't let SubsitesVirtualPages link to subclasses of virtual page (from r100004) 2010-03-01 22:35:35 +00:00
Tom Rix
2eddac12f0 BUGFIX display bug (from r98950) 2010-03-01 22:35:27 +00:00
Tom Rix
02951b5d05 MINOR don't run subsite filter on delete queries (from r98235) 2010-03-01 22:35:21 +00:00
Tom Rix
ca45089f54 2010-03-01 22:34:19 +00:00
Tom Rix
bd24b7aec7 BUGFIX: Ensure that DataObject::get_one() cache knows which subsite you're on (from r93096) (from r96337) 2010-03-01 22:32:15 +00:00
Tom Rix
2eb808720a BUGFIX removed invalid path, would break form actions (from r90459) (from r96331) 2010-03-01 22:30:56 +00:00
Tom Rix
ce3581c51d BUGFIX: If the site config for a subsite is missing, create it. (from r90262) (from r96327) 2010-03-01 22:28:50 +00:00
Tom Rix
61649efe3e MINOR changed the method to get a page's siteconfig, it is now subsite aware. (from r89870) (from r96321) 2010-03-01 22:27:21 +00:00
Tom Rix
c5dbb89137 ENHANCEMENT: Exclude bidirection links from the 'in addition' list on the related pages tab. (from r89844) (from r96320) 2010-03-01 22:27:10 +00:00
Tom Rix
ce3688ff89 BUGFIX: Improved linking behavior of links and reverse links. (from r89843) (from r96319) 2010-03-01 22:26:56 +00:00
Tom Rix
5ed8e71160 BUGFIX: Fixed edit/view/delete permissions of related links for non-ADMINs (from r89838) (from r96317) 2010-03-01 22:21:48 +00:00
Tom Rix
a2cdac98d4 BUGFIX: Fixed link labelling and behaviour in Related page tab (from r89837) (from r96316) 2010-03-01 22:19:08 +00:00