Commit Graph

57 Commits

Author SHA1 Message Date
Werner M. Krauß
25754e1158 fixing code analysis: updating phpdoc 2017-06-01 15:32:45 +02:00
Werner M. Krauß
17010f39a3 fixing code analysis: removing unneeded else statements 2017-06-01 15:32:44 +02:00
Werner M. Krauß
abe1ac9fe6 fixing code analysis: replacing deprecated methods 2017-06-01 15:32:38 +02:00
Werner M. Krauß
e7ad086641 fixing code analysis: safely use single quotes 2017-06-01 15:32:30 +02:00
Werner M. Krauß
76852594a8 fixing code analysis: public method and case mismatch 2017-06-01 15:31:30 +02:00
Werner M. Krauß
997459caf3 Get some more tests working
Updating config and i18n calls
2017-05-30 20:50:22 +02:00
Tim Kung
5d3af16aaf - namespacing all classes
- moving all phpunit tests into tests/php
- moving all extensions from _config.php into config.yml and removing obsolete _config.php
- moving GridFieldSubsiteDetailForm_ItemRequest into own file

(cherry picked from commit ee02828)
2017-05-30 15:13:40 +02:00
Werner M. Krauß
9862cf5ea6 merge ss4 fixes by cheddam 2017-05-29 13:42:42 +02:00
Werner M. Krauß
c5f507b3f9 reformat code and tests 2017-05-24 15:26:28 +02:00
Werner M. Krauß
a49189ef58 fix removed i18n::get_common_locales() 2017-05-24 15:09:13 +02:00
Werner M. Krauß
a7ef6472ee db query fixes 2017-05-24 14:55:03 +02:00
Werner M. Krauß
b71e544820 adding table names config 2017-05-24 14:31:56 +02:00
Werner M. Krauß
e33a5b4cae upgrader: upgrade code 2017-05-24 13:36:04 +02:00
Werner M. Krauß
2c84e627db upgrader: namespacing classes 2017-05-24 12:32:05 +02:00
Loz Calver
e8f5f58bb0 SS4 namespaces compatibility 2016-09-23 09:34:23 +01:00
Damian Mooyman
7ee8bdbf72 Merge pull request #176 from jason-zz/patch-1
Update SubsiteDomain.php
2016-02-04 17:26:56 +13:00
Will Rossiter
b979b38694 FIX: #138 allow subsite summary fields to be customized 2015-10-21 09:09:10 +13:00
Jason
d99785d773 Update SubsiteDomain.php
Add $default_sort.
2014-12-17 10:44:43 +11:00
Sean Harvey
1477155653 Removing unused permission SUBSITE_ASSETS_CREATE_SUBSITE
This isn't used, according to the description it would limit the list
of subsites you can choose to apply a File/Folder to. However, this
dropdown is shown to the user based on whether they have access to
that subsite, so this unused permission code isn't needed.
2014-08-18 11:31:03 +12:00
Elliot Sawyer
205754854c Sanitise domain name field to prevent XSS attack on the CMS
PWC identified an issue with the subsites module that would allow someone with authenticated access to attack other CMS users, such as "stealing the session ID and hijacking an authenticated user's session".
I can't imagine a case where HTML would ever be allowed in the subdomain of a website, so it's a good practice to strip it out anyway.

Steps to reproduce the original issue:
1. Enter a subsite name and mark as the default site.
2. Add a new domain named <script>alert(2)</script> and mark it as primary
3. Switch to the new subsite.
4. Make a new Page. This will execute a javascript alert containing "2".

MINOR update documentation for onBeforeWrite()
MINOR add @property attributes into docblock
2014-07-16 15:43:05 +12:00
Mateusz Uzdowski
9cf7a1453f BUG Fixes to link rewriting when previewing subsites.
* JS error with href-less links.
* All forms get injected hidden fields, even though the loop attempts to
check for only the ones that submit locally.
* Also check for action-less forms.

Requires
https://github.com/silverstripe/silverstripe-framework/pull/3000 to be
merged for the Framework.
https://github.com/silverstripe-labs/silverstripe-testsession/pull/11
2014-04-02 13:39:01 +13:00
Matt Peel
fb5d791444 BUGFIX: permissions to check the ‘CMS_ACCESS_LeftAndMain’ global permission.
‘CMS_ACCESS_LeftAndMain’ is used by the PermissionCheckboxSetField to allow
applicable Members to access all CMS sections. There are then further
permissions to restrict the Members (e.g. ‘CMS_ACCESS_LeftAndMain’ will give you
access to the ‘Pages’ section, but you still need the ‘Edit any page’ permission
to actually edit anything).

This patch ensures that the subsites module follows those permissions, and
doesn’t unnecessarily deny permission to legitimate users.
2014-01-10 09:31:44 +13:00
Mateusz Uzdowski
a771e2239b Do not change the session-stored subsite, if session is not enabled.
This causes issues with Security::findAnAdmistrator which incorrectly
forces the current session-stored subsite to 0 - it uses
Subsite::currentSubsiteID before the session support is enabled, and
hence obtains wrong value.
2013-11-26 13:12:17 +13:00
Mateusz U
c04208ed79 Merge pull request #121 from stojg/pr/cleanup
Minor cleanup of subsite code
2013-11-25 16:10:55 -08:00
Stig Lindqvist
ff7328ea94 Adding docblocks to SubsiteDomain 2013-11-15 09:50:21 +13:00
Stig Lindqvist
b7f1c66de7 Make SubsiteDomain#getCMSFields extendable 2013-11-15 09:50:15 +13:00
Stig Lindqvist
859bde1257 Reorder methods and variables to follow the SS coding conventions
The coding conventions is mentioned here http://doc.silverstripe.org/framework/en/trunk/misc/coding-conventions#class-member-ordering
2013-11-11 12:09:27 +13:00
Stig Lindqvist
7bb36eae7b Adding docblocks and visibility keywords to methods 2013-11-11 11:56:02 +13:00
Stig Lindqvist
dc7a0560fb Removed Subsite::set_allowed_domains()
Removed documentation and code since the method has been throwing user error since 2010-03-01
2013-11-11 11:56:02 +13:00
Stig Lindqvist
cc0349026e Removed unused variable 2013-11-11 11:34:52 +13:00
Ingo Schommer
5ff3b691d7 More globalisation 2013-10-30 13:44:06 +01:00
Mateusz Uzdowski
5b00ba352f API Refactor to always redirect to accessible Admin location.
Tries to find an accessible section in the current site, falls back to
searching across all sites and all sections.

Also adds more powerful and generic functionss:
Subsites::all_sites - get the full list
Subsites::all_accessible_sites - get Member accessible list
LeftAndMainExtension::sectionSites - get section-specific list
2013-10-16 16:40:20 +13:00
spronkey
23e9cd40a0 Better fix for #106 using DataQuery queryParams. Thanks simon_w 2013-09-12 15:33:18 +12:00
spronkey
586d88562c Added test case for subsites virtual page onAfterWrite issue, plus changed get_from_all_subsites method to immediately eval and return an ArrayList, instead of lazy eval DataList. Fixes #106 2013-09-12 14:23:42 +12:00
Naomi Guyer
37843f447e API: Subsite support for menu of cms (hide admins that don't declare support) (fixes #101 and #89 )
* Hide admins without subsite support from subsites menu
* Add subsite support to default site areas
* Enable reloading of subsites switcher dropdown when navigating the
site, and when editing subsite areas

API Fix parallel pjax menu fetching for subsites.
- thanks Mateusz!

Delint LeftAndMain_Subsites.js
2013-08-22 13:02:46 +12:00
Ingo Schommer
b49c86bd0b Require subsite title (fixes #26) 2013-07-10 16:28:08 +02:00
Frank Mullenger
7bf6e89320 BUGFIX: Session var for active subsite out of sync with current subsite. Refs silverstripe/silverstripe-subsites#93. 2013-07-10 12:24:42 +02:00
Sean Harvey
a6990394cc Partially reverting 7c5310e1a2 2013-05-06 22:59:18 +12:00
Sean Harvey
7c5310e1a2 Fixing more uses of statics in Subsite class 2013-05-06 22:54:23 +12:00
Sean Harvey
7fee2aeea3 Defining static as private for 3.1+ 2013-05-06 22:44:19 +12:00
Sean Harvey
8ffeeb1ee6 Fixing declaration of statics to private for 3.1+ compatibility 2013-05-06 22:21:09 +12:00
Sean Harvey
0247765563 API Removed related pages functionality, this is now a separate module
If you need this functionality still, please checkout
github.com/silverstripe-labs/silverstripe-subsites_relatedpages
2013-05-01 12:35:17 +12:00
Sean Harvey
fbddc076b8 Remove underscore from label 2013-04-30 17:53:09 +12:00
Sean Harvey
9658af5cc8 Fixing subsites not working with i18n in SilverStripe 3.1
Tries to access i18n::$likely_subtags directly. Config changes in
3.1 now prevent this from happening and fails.
i18n::get_locale_from_lang() is used instead to provide the locale.
2013-04-30 15:15:11 +12:00
Sean Harvey
397f74a561 Removing underscore from text 2013-04-30 15:08:47 +12:00
Ingo Schommer
82f1d980e8 Merge remote-tracking branch 'origin/0.3'
Conflicts:
	code/SubsiteAdmin.php
	code/extensions/LeftAndMainSubsites.php
	code/extensions/SiteTreeSubsites.php
	code/model/Subsite.php
	composer.json
	javascript/SubsitesTreeDropdownField.js
	lang/en_US.php
	tests/SubsiteAdminTest.php
	tests/SubsiteTest.php
	tests/SubsiteTest.yml
	tests/SubsitesVirtualPageTest.php
2013-01-03 21:03:26 +01:00
Mateusz Uzdowski
2488489e22 BUG Switch the subsite on GET parameter only.
This fixes the bug where creating the top level pages is broken whenever
subsites module is installed. This is because the SubsiteID is
explicitly specified on AddForm POST submission, which incorrectly
triggers a redirect from LeftAndMainSubsites::init and the form action
never has a chance to execute.

Also do not look at POST when checking for the current subsite ID.
2012-10-26 11:53:40 +13:00
Sean Harvey
d4faeac98f Merge branch 'master' of git://github.com/halkyon/silverstripe-subsites into halkyon-master 2012-10-12 15:09:38 +13:00
Sean Harvey
89c6382101 Remove adminSearchFields which is never used and causes a test failure 2012-10-12 12:54:18 +13:00
Sean Harvey
488ea71c45 Removing unncessary end PHP tags from subsites code 2012-10-12 11:08:24 +13:00