Commit Graph

455 Commits

Author SHA1 Message Date
Werner M. Krauß
2c84e627db upgrader: namespacing classes 2017-05-24 12:32:05 +02:00
Darren Inwood
0fc3490219 Update SQL to remove ambiguity 2017-05-22 12:29:03 +12:00
Danae Miller-Clendon
8705a46b98 Conditionally add Theme dropdown (if there are any themese available) for #261. Replace field instantiatiors in getCMSFields() with ::create() to support injection.
Add empty string / lang entry to Theme dropdown
2017-04-24 15:41:31 +12:00
David Craig
ae6badf5c0
Fix copying child pages to subsite 2016-11-11 16:18:41 +13:00
Loz Calver
e8f5f58bb0 SS4 namespaces compatibility 2016-09-23 09:34:23 +01:00
Daniel Hensby
65bf5c732b Merge pull request #255 from dnadesign/copy_children_subsites
NEW: Add IncludeChildren option for copying pages between subsites.
2016-07-18 11:40:23 +01:00
madmatt
3962df53cd Fix error when dataQuery is a null object 2016-07-18 17:10:11 +12:00
Will Rossiter
c8f6f4a588 NEW: Add IncludeChildren option for copying pages between subsites. 2016-07-18 16:41:38 +12:00
Ingo Schommer
871e2bcefd Merge pull request #250 from open-sausages/pulls/fix-copy
BUG Fix copy to subsite breaking on sub-pages
2016-06-13 10:24:13 +12:00
Damian Mooyman
ff28ac1b1e BUG Fix copy to subsite breaking on sub-pages
Fixes #192

Signed-off-by: Damian Mooyman <damian@silverstripe.com>
Signed-off-by: Ingo Schommer <ingo@silverstripe.com>
2016-06-13 10:23:33 +12:00
Damian Mooyman
98636f8f58
BUG Prevent SubsiteXHRController failing if there are no subsites available
Fixes #200
2016-05-27 15:55:27 +12:00
Damian Mooyman
a98958fdf9
BUG Fix issue with urlsegment being renamed in subsites 2016-05-23 15:29:01 +12:00
John Milmine
3587bc666f made duplication between subsites more robust
and added some extra methods so it's easier to overwrite or extend
2016-03-22 21:55:11 +13:00
Damian Mooyman
7ee8bdbf72 Merge pull request #176 from jason-zz/patch-1
Update SubsiteDomain.php
2016-02-04 17:26:56 +13:00
ctx2002
598d45aca6 Subsite module does not picks up themes
This PR fixed unable to create subsite problm.
 I was unable to create a subsite, because of no themes been shown in Theme dropdown menu.

How to test:

1> Use composer to install a fresh copy of Silverstripe 3.2
2> Use composer to install subsite module.
3> Try to create a subsite. 
4> No themes loaded into Theme dropdown menu.

5> Apply this PR.
6> fresh page / or dev/build,  now, themes loaded into The dropdown menu.
2016-01-25 15:36:20 +13:00
Damian Mooyman
ce90c2124b API Add option to specify http / https on subsite domains 2015-11-24 18:03:49 +13:00
Damian Mooyman
a0ede56c0e Reformat for psr-2 2015-11-23 16:53:45 +13:00
Damian Mooyman
0d7dc49d6b API Rename mysiteconfig to subsiteconfig
API make ErrorPageSubsite 4.x compatible
BUG Fix incorrect yml
BUG Fix incorrect DataExtension::augmentSQL implementation
2015-11-20 17:04:23 +13:00
Damian Mooyman
5e18e8dca3 Merge remote-tracking branch 'origin/1.1'
Conflicts:
	.travis.yml
2015-11-13 19:06:09 +13:00
Damian Mooyman
c22c8dc810 Merge remote-tracking branch 'origin/1.0' into 1.1
Conflicts:
	code/extensions/LeftAndMainSubsites.php
	tests/SiteTreeSubsitesTest.php
2015-11-13 19:02:12 +13:00
Ingo Schommer
cf534aad31 BUG Subsites selection on SubsitesVirtualPage (fixes #45 and #47) 2015-11-13 17:31:44 +13:00
Will Rossiter
b979b38694 FIX: #138 allow subsite summary fields to be customized 2015-10-21 09:09:10 +13:00
Will Rossiter
9c9e0bfa94 Correct link to editing a subsite virtual page. 2015-07-27 10:57:10 +12:00
wernerkrauss
996abfcc58 Wrong edit link in SubsitesVirtualPage
In SS3.1 we have /admin/pages for cms, was still old link.
2015-06-17 16:30:56 +02:00
Christopher Pitt
750cdbcff9 3.2 compat changes 2015-06-09 10:50:43 +12:00
Ingo Schommer
5604879146 4.x core compat 2015-04-30 22:39:22 +12:00
Damian Mooyman
5b9af35566 Use 3.2 compatible API 2015-02-24 09:34:34 +13:00
Damian Mooyman
e6c8dff7be Merge remote-tracking branch 'origin/1.0'
Conflicts:
	.travis.yml
	code/extensions/LeftAndMainSubsites.php
	composer.json
2015-02-24 09:12:38 +13:00
micmania1
3ca2861c2d FIX: Removed unnecessary redirect. This is early enough in the script that the correct subsite will be used from hereon. 2015-02-17 01:13:56 +00:00
Jason
d99785d773 Update SubsiteDomain.php
Add $default_sort.
2014-12-17 10:44:43 +11:00
John Milmine
91591a3752 redirect_fix_between_CMS_sections
previously if you were editing settings and you changed subsites ti would revert you to /admin, now it stays within your current controller
2014-11-24 15:32:05 +13:00
James Cocker
498d6e0619 Fixes #135: LeftAndMain switching between subsites
When trying to switch to a different subsite from a page's editing view, it wouldn't switch. This was partly due to a $record always existing due to the homepage fallback on currentPageID : https://github.com/silverstripe/silverstripe-cms/blob/3.1/code/controllers/CMSMain.php#L816

So as currentPage() couldn't actually be used to test for the existance of a current page, I've added in a check for isset($this->owner->urlParams['ID']).

I've also moved the check for $_GET['SubsiteID’] which indicated a forced subsite switch (eg. via the dropdown switcher) above the check for a current page, as it should take precedence, and it wasn't being run when both conditions matched causing the subsite not to change.

Tested changing subsites from /admin/pages, from page edit view, from a page edit URL, and from other CMS sections such as Files and Security, and all seems to be working perfectly now.
2014-11-24 15:25:53 +13:00
Will Rossiter
0520b57f84 Merge pull request #145 from purplespider/patch-2
Fixes #135: LeftAndMain switching between subsites
2014-11-24 15:11:12 +13:00
Damian Mooyman
a97b0d33eb BUG Fix incompatibility with framework 3.2 2014-08-26 11:42:50 +12:00
Juul Hobert
2e32eab6ae Bugfix for urls with %28 in the url 2014-08-22 13:21:18 +02:00
Shoaib Ali
1f2cb4380d Removed hard coding of HTTP protocol 2014-08-18 21:03:52 +12:00
Sean Harvey
1477155653 Removing unused permission SUBSITE_ASSETS_CREATE_SUBSITE
This isn't used, according to the description it would limit the list
of subsites you can choose to apply a File/Folder to. However, this
dropdown is shown to the user based on whether they have access to
that subsite, so this unused permission code isn't needed.
2014-08-18 11:31:03 +12:00
Stig Lindqvist
bd5bd877fd Security: XSS can be injected in the group edit view 2014-08-01 10:48:44 +12:00
Elliot Sawyer
205754854c Sanitise domain name field to prevent XSS attack on the CMS
PWC identified an issue with the subsites module that would allow someone with authenticated access to attack other CMS users, such as "stealing the session ID and hijacking an authenticated user's session".
I can't imagine a case where HTML would ever be allowed in the subdomain of a website, so it's a good practice to strip it out anyway.

Steps to reproduce the original issue:
1. Enter a subsite name and mark as the default site.
2. Add a new domain named <script>alert(2)</script> and mark it as primary
3. Switch to the new subsite.
4. Make a new Page. This will execute a javascript alert containing "2".

MINOR update documentation for onBeforeWrite()
MINOR add @property attributes into docblock
2014-07-16 15:43:05 +12:00
James Cocker
47df87f62c Fixes #135: LeftAndMain switching between subsites
When trying to switch to a different subsite from a page's editing view, it wouldn't switch. This was partly due to a $record always existing due to the homepage fallback on currentPageID : https://github.com/silverstripe/silverstripe-cms/blob/3.1/code/controllers/CMSMain.php#L816

So as currentPage() couldn't actually be used to test for the existance of a current page, I've added in a check for isset($this->owner->urlParams['ID']).

I've also moved the check for $_GET['SubsiteID’] which indicated a forced subsite switch (eg. via the dropdown switcher) above the check for a current page, as it should take precedence, and it wasn't being run when both conditions matched causing the subsite not to change.

Tested changing subsites from /admin/pages, from page edit view, from a page edit URL, and from other CMS sections such as Files and Security, and all seems to be working perfectly now.
2014-06-04 16:41:28 +01:00
James Cocker
38e4bc196d Fixes #139 - Broken URL Segment CMS Links
Fixes issue #139 using normann's solution that seems to work perfectly with both long and short links.
2014-06-04 13:12:28 +01:00
Mateusz Uzdowski
9cf7a1453f BUG Fixes to link rewriting when previewing subsites.
* JS error with href-less links.
* All forms get injected hidden fields, even though the loop attempts to
check for only the ones that submit locally.
* Also check for action-less forms.

Requires
https://github.com/silverstripe/silverstripe-framework/pull/3000 to be
merged for the Framework.
https://github.com/silverstripe-labs/silverstripe-testsession/pull/11
2014-04-02 13:39:01 +13:00
Sean Harvey
4e20228c2e Merge pull request #132 from mateusz/session-can-edit
Make canEdit fall back to session if the object's SubsiteID not there.
2014-01-14 14:07:32 -08:00
Mateusz Uzdowski
82159e38d3 Make canEdit fall back to session if the object's SubsiteID not there.
This problem manifests when a GridField-managed relationship tries to
create an object that references the container from canEdit - the
container in this case has empty fields.

An example of that is a HomePage with CarouselItem - if the
CarouselItem::canEdit tries to call $this->Page()->canEdit(), the "Page"
will be a dummy object, not the actual instance of the HomePage that's
doing the manipulation.

This is similar to the behaviour of SiteTree::canEdit, which solves
this situation by falling back to "return
$this->getSiteConfig()->canEdit($member);"
2014-01-10 09:58:53 +13:00
Matt Peel
fb5d791444 BUGFIX: permissions to check the ‘CMS_ACCESS_LeftAndMain’ global permission.
‘CMS_ACCESS_LeftAndMain’ is used by the PermissionCheckboxSetField to allow
applicable Members to access all CMS sections. There are then further
permissions to restrict the Members (e.g. ‘CMS_ACCESS_LeftAndMain’ will give you
access to the ‘Pages’ section, but you still need the ‘Edit any page’ permission
to actually edit anything).

This patch ensures that the subsites module follows those permissions, and
doesn’t unnecessarily deny permission to legitimate users.
2014-01-10 09:31:44 +13:00
Matt Peel
083194857e Allow ‘ADMIN’ and ‘CMS_ACCESS_LeftAndMain’ access to CMS. Fixes CWPBUG-113.
Previously, only the global ‘ADMIN’ permission was allowing users to bypass the
stricter Permission check. We also need to allow the ‘CMS_ACCESS_LeftAndMain’
permission to bypass this check, as otherwise a user who is in a Group with the
‘Access to all CMS sections’ permission set (which only sets the
CMS_ACCESS_LeftAndMain permission code and no others) would be denied access to
the CMS for that sub site.
2014-01-09 17:12:47 +13:00
Mateusz Uzdowski
58b926af25 BUG Refactor the access checks and initial subsite redirections.
Remove the special AJAX handling to simplify the code. Now redirection
will be forced on any request that changes the subsite to re-synchronise
with the frontend.

Introduce canAccess method, and add it to alternateAccessCheck to make
sure this subsite-specific chceck is also done in situations that are
not captured by onBeforeInit.
2013-12-04 17:34:27 +13:00
Mateusz Uzdowski
a771e2239b Do not change the session-stored subsite, if session is not enabled.
This causes issues with Security::findAnAdmistrator which incorrectly
forces the current session-stored subsite to 0 - it uses
Subsite::currentSubsiteID before the session support is enabled, and
hence obtains wrong value.
2013-11-26 13:12:17 +13:00
Mateusz U
c04208ed79 Merge pull request #121 from stojg/pr/cleanup
Minor cleanup of subsite code
2013-11-25 16:10:55 -08:00
Stig Lindqvist
ff7328ea94 Adding docblocks to SubsiteDomain 2013-11-15 09:50:21 +13:00
Stig Lindqvist
b7f1c66de7 Make SubsiteDomain#getCMSFields extendable 2013-11-15 09:50:15 +13:00
Stig Lindqvist
859bde1257 Reorder methods and variables to follow the SS coding conventions
The coding conventions is mentioned here http://doc.silverstripe.org/framework/en/trunk/misc/coding-conventions#class-member-ordering
2013-11-11 12:09:27 +13:00
Stig Lindqvist
7bb36eae7b Adding docblocks and visibility keywords to methods 2013-11-11 11:56:02 +13:00
Stig Lindqvist
dc7a0560fb Removed Subsite::set_allowed_domains()
Removed documentation and code since the method has been throwing user error since 2010-03-01
2013-11-11 11:56:02 +13:00
Stig Lindqvist
cc0349026e Removed unused variable 2013-11-11 11:34:52 +13:00
Mateusz Uzdowski
aacaee08cd BUG Prevent session-interface mismatch.
Disables transparent subsite switch on AJAX requests.

Makes sure the subsite is appropriately set up when opening up the CMS
with a link to subsited object.
2013-11-08 11:37:10 +13:00
Ingo Schommer
5ff3b691d7 More globalisation 2013-10-30 13:44:06 +01:00
Ingo Schommer
7c100f90d2 Merge pull request #115 from mateusz/admin-access
Fix CMS Admin access issues
2013-10-23 01:34:30 +02:00
Mateusz Uzdowski
5b00ba352f API Refactor to always redirect to accessible Admin location.
Tries to find an accessible section in the current site, falls back to
searching across all sites and all sections.

Also adds more powerful and generic functionss:
Subsites::all_sites - get the full list
Subsites::all_accessible_sites - get Member accessible list
LeftAndMainExtension::sectionSites - get section-specific list
2013-10-16 16:40:20 +13:00
Mateusz Uzdowski
91cca0c64d BUG Move the SubsiteList PJAX request to a dedicated Controller.
Currently the request cannot be made if one doesn't have access to the
SubsiteAdmin section, which often happens with subsite-specific admins.
2013-10-16 13:20:54 +13:00
spronkey
23e9cd40a0 Better fix for #106 using DataQuery queryParams. Thanks simon_w 2013-09-12 15:33:18 +12:00
spronkey
586d88562c Added test case for subsites virtual page onAfterWrite issue, plus changed get_from_all_subsites method to immediately eval and return an ArrayList, instead of lazy eval DataList. Fixes #106 2013-09-12 14:23:42 +12:00
Naomi Guyer
37843f447e API: Subsite support for menu of cms (hide admins that don't declare support) (fixes #101 and #89 )
* Hide admins without subsite support from subsites menu
* Add subsite support to default site areas
* Enable reloading of subsites switcher dropdown when navigating the
site, and when editing subsite areas

API Fix parallel pjax menu fetching for subsites.
- thanks Mateusz!

Delint LeftAndMain_Subsites.js
2013-08-22 13:02:46 +12:00
Ingo Schommer
b49c86bd0b Require subsite title (fixes #26) 2013-07-10 16:28:08 +02:00
Ingo Schommer
6a9003e8df Less intrusive doSave() overwrite of GridFieldDetailForm
Fixes issues with valiation errors not showing due
to lack of PjaxResponseNegotiator support (parent implementation has changed).
2013-07-10 16:15:04 +02:00
Ingo Schommer
e6832aadca 3.1 allowed_actions fixes for SubsitesTreeDropdownField 2013-07-10 15:31:39 +02:00
Frank Mullenger
7bf6e89320 BUGFIX: Session var for active subsite out of sync with current subsite. Refs silverstripe/silverstripe-subsites#93. 2013-07-10 12:24:42 +02:00
Ingo Schommer
ac507ddc7b $allowed_actions for GridField subclass
Taken from https://github.com/silverstripe/silverstripe-subsites/pull/94,
thanks @frankmullenger
2013-07-10 11:46:09 +02:00
Naomi Guyer
c970889516 Add custom menu-icon 2013-05-29 10:15:17 +12:00
Sean Harvey
b2ffb7c89e BUG Fixing "Add new" not adding the page to the correct subsite 2013-05-28 12:17:16 +12:00
Sean Harvey
1538e49e1b Merge pull request #90 from mateusz/previews-by-id
Change the preview iframe to use injected SubsiteID GET/POST params.
2013-05-25 18:29:59 -07:00
Mateusz Uzdowski
0fb49ba502 Change the preview iframe to use injected SubsiteID GET/POST params.
Use the CMS domain for fetching the preview content to avoid SSL
errors and single-origin violations on the iframe.
2013-05-26 13:18:52 +12:00
Naomi Guyer
3ad7ddcfce BUG: Subsite save SiteConfig overwrites MainSite SiteConfig (Issue #15)
Implemented the fix mentioned in the bug ticket within the subsites
settings extension (use current subsite id)
2013-05-24 16:26:57 +12:00
Sean Harvey
3c6000111c BUG FileSubsites doesn't respect $disable_subsite_filter 2013-05-09 12:18:48 +12:00
Sean Harvey
f35a42ec64 BUG LeftAndMainSubsites::Subsites() fails with limited CMS access
Users with non-ADMIN permissions won't see the dropdown of available
subsites, because LeftAndMainSubsites::Subsites() will check if
the user has a non-existent code CMS_ACCESS_CMSPagesController.

Fallback to checking required_permission_codes first, and failing
that, check for CMS_ACCESS_LeftAndMain
2013-05-08 15:36:18 +12:00
Sean Harvey
a6990394cc Partially reverting 7c5310e1a2 2013-05-06 22:59:18 +12:00
Sean Harvey
7c5310e1a2 Fixing more uses of statics in Subsite class 2013-05-06 22:54:23 +12:00
Sean Harvey
7fee2aeea3 Defining static as private for 3.1+ 2013-05-06 22:44:19 +12:00
Sean Harvey
306cb79b19 Fixing more statics that weren't private, and nested_urls deprecated usage 2013-05-06 22:32:40 +12:00
Sean Harvey
8ffeeb1ee6 Fixing declaration of statics to private for 3.1+ compatibility 2013-05-06 22:21:09 +12:00
Sean Harvey
3275f4768c Removing underscore from "Default site" text 2013-05-06 22:04:42 +12:00
Sean Harvey
36f9547c8a Merge pull request #79 from adrexia/ui
Style site selector dropdown
2013-05-01 19:50:45 -07:00
Naomi Guyer
1a8122ea89 Style site selector dropdown
Made dropdown receive chzn, and applied a dark style to the dropdown to
match the ui of the cms
2013-05-01 17:04:41 +12:00
Sean Harvey
ffaaed072f Removing bits of test that broke because of removal of related pages 2013-05-01 17:01:56 +12:00
Sean Harvey
0247765563 API Removed related pages functionality, this is now a separate module
If you need this functionality still, please checkout
github.com/silverstripe-labs/silverstripe-subsites_relatedpages
2013-05-01 12:35:17 +12:00
Sean Harvey
fbddc076b8 Remove underscore from label 2013-04-30 17:53:09 +12:00
Sean Harvey
2812f6311c Removing redundant class, relies on TableListField which was removed 2013-04-30 15:25:08 +12:00
Sean Harvey
9658af5cc8 Fixing subsites not working with i18n in SilverStripe 3.1
Tries to access i18n::$likely_subtags directly. Config changes in
3.1 now prevent this from happening and fails.
i18n::get_locale_from_lang() is used instead to provide the locale.
2013-04-30 15:15:11 +12:00
Sean Harvey
397f74a561 Removing underscore from text 2013-04-30 15:08:47 +12:00
Sean Harvey
8a280b1865 BUG Fixing deprecated setEmptyString() 2013-04-30 15:08:13 +12:00
Robert Curry
5effc64607 Add description to Subsites Virtual Page 2013-04-29 12:25:29 +12:00
Morven Lewis-Everley
5747704c97 Make LeftAndMain redirect direct to admin
Currently, using the Subsites dropdown in the admin interface causes the CMS to reload to admin/pages. This can cause issues if you have set another interface as your default (other than CMSMain).
2013-04-25 19:29:56 +02:00
Robert Curry
90c16117f3 Extension and config fixes for 3.1 2013-04-04 15:10:22 +13:00
Sean Harvey
0968eac399 BUG Fixing misspelled variable not being able to select subsite for Folder 2013-02-04 15:21:08 +13:00
Sean Harvey
bf1390f0f8 BUG Fixing saving of Subsite records from SubsiteAdmin
LeftAndMain assumes tree_class exists, and tries to use it,
but causes a non-object error because of querying with a NULL
class name.
2013-02-04 14:49:51 +13:00
Ingo Schommer
82f1d980e8 Merge remote-tracking branch 'origin/0.3'
Conflicts:
	code/SubsiteAdmin.php
	code/extensions/LeftAndMainSubsites.php
	code/extensions/SiteTreeSubsites.php
	code/model/Subsite.php
	composer.json
	javascript/SubsitesTreeDropdownField.js
	lang/en_US.php
	tests/SubsiteAdminTest.php
	tests/SubsiteTest.php
	tests/SubsiteTest.yml
	tests/SubsitesVirtualPageTest.php
2013-01-03 21:03:26 +01:00
Ingo Schommer
172752a9f4 NEW Access to non-public subsites for logged-in users
Also added caching subsite domain mapping
2013-01-03 14:10:32 +01:00
Ingo Schommer
25f83daf0e NEW Copy page to different subsite, select MasterPageID
This is also the only UI-facing way to set a master page
after the initial copy action when creating a new subsite.
Shows "edit" link when master page is already set.
2013-01-03 14:10:20 +01:00
Ingo Schommer
c952db1cb1 SubsiteCopyPagesTask 2013-01-03 14:10:14 +01:00
Ingo Schommer
f909aad7b4 API CHANGE Removed Subsite_Template subclass, as it unnecessarily duplicates the Subsite->duplicate() logic in Subsite_Template->createInstance(). It also arbitrarily limits duplication of subsites to templates. 2013-01-03 14:10:08 +01:00