- 22 Dec, 2020 1 commit
-
-
Benni Mack authored
Change-Id: Ibcf3165f1628bec14ee50aaa601606ae37977f0f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67238 Tested-by:
Benni Mack <benni@typo3.org> Reviewed-by:
-
- 21 Dec, 2020 5 commits
-
-
This reverts commit 844f024a due to some unexpected behaviour when cropping and scaling, see #93090 and related issues in https://forge.typo3.org/issues/91855 for details Change-Id: If3f38cfeeb860e1a13648d239f05d2754f2f9102 Resolves: #93139 Revertes: #91855 Releases: master, 10.4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67202 Reviewed-by:
Benjamin Franzke <bfr@qbus.de> Reviewed-by:
Christian Kuhn <lolli@schwarzbu.ch> Reviewed-by:
Anja Leichsenring <aleichsenring@ab-softlab.de> Tested-by:
TYPO3com <noreply@typo3.com> Tested-by:
-
When deleting a record in workspaces that has been changed in comparison to live - if it is a new, a moved or a changed workspace record, those records where subject to the 'soft-delete' strategy of the core: Soft-delete enabled tables like pages or tt_content did set deleted=1 for those records instead of fully deleting them from the table. The idea was to allow 'undelete' via recycler or history module if those records have been deleted by accident. However, the undelete workspace records functionality never worked and has never been fixed. The oldest open forge issue on this topic is 11 (!) years old. The solution is to discard those records instead of soft-deleting them. This effectively drops soft-delete for workspace records. It's done by a trivial switch in the main DataHandler delete method to re-route workspace delete operation to the recently refactored discard methods instead. This change allows us to further refactor the remaining tasks the DataHandler delete functionality is concerned with, since delete still handles three things: * Deleting and soft-deleting records in live. * Creating 'delete placeholder' records in workspaces. This is the 'mark the record as to-be-deleted in live on workspace publish' operation. * Undeleting records using recycler and partially the history module. Dropping the workspace-delete scenarios reduces complexity significantly. The codebase can now be changed with upcoming patches to separate remaining concerns - similar to what has been done with discard already. The according scenarios will see improved test coverage and far better understandable code along the way. This will ultimately allow us to fix remaining bugs in this area on one hand and to improve user experience on the other hand. Change-Id: I33e1258cb6205668511933c0d9b225f4470655e7 Resolves: #93121 Resolves: #21299 Resolves: #89383 Releases: master Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67191 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de> Reviewed-by:
Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
With increased DB ses_id field size we can switch from HMAC-MD5 to HMAC-SHA256 in master. Resolves: #93136 Related: #93131 Releases: master Change-Id: Ie6151bf1c396863290260dc0d504a25373a52725 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67221 Tested-by:
Oliver Hader <oliver.hader@typo3.org> Reviewed-by:
-
Bootstrap v5 – introduced in #92616 – was added with CCS from beta1 but JavaScript from alpha2. bootstrap.bundle.js was manually wrapped into a AMD closure, and because bootstrap 5.0.0-beta1 contains alot of changes regarding data tags, it couldn't be updated in the initial patch. Bootstrap is now bundled using rollup using the ES6 sources in order to allow for automatic updates through `grunt build`. popperjs – previously bundled into bootstrap distributed files – is now added as dependency. The bootstap ES6 sources, that we now use through rollup, do not bundle this external dependency (for good reasons). Dependency added with: yarn add @popperjs/core Further adaptions contained in this change to ensure beta1 compatibility: a) Carousel "item" to "carousel-item" class migration b) $.fn.modal(options) does no longer imply $.fn.modal('show') c) Fix panels, both JS and CSS (card-group can't be used here) d) All bootstrap data- tags are migrated to data-bs-. (see https://github.com/twbs/bootstrap/pull/31827) Migrated with # renderes a sed substition with the help of a nested sed from all the # data-bs attributes that where changed in the twbs/bootstrap commit git grep -l data- | xargs sed -i $( \ curl -s \ https://patch-diff.githubusercontent.com/raw/twbs/bootstrap/pull/31827.patch | \ sed 's/data-bs-[a-z-]*/\n&\n/g' | grep "data-bs-[a-z-]" | \ sort | uniq | \ sed 's/data-bs-\(.*\)\([^a-z-]\|$\)/ -e s\/data-\1\\\([^a-z-]\\\)\/data-bs-\1\\1\/g -e s\/data('"'"'\1'"'"')\/data('"'"'bs-\1'"'"')\/g/g' \ ) # Revert false positives from the above auto-replacement git checkout -- typo3/sysext/core/Documentation/Changelog/ \ typo3/sysext/backend/Classes/Form/Container/FlexFormContainerContainer.php \ Build/Sources/TypeScript/backend/Resources/Public/TypeScript/LiveSearch.ts \ Build/Sources/TypeScript/backend/Resources/Public/TypeScript/FormEngineFlexForm.ts \ Build/Sources/TypeScript/install/Resources/Public/TypeScript/Module/Settings/ExtensionConfiguration.ts \ Build/Sources/Sass/typo3/_element_panel.scss (cd Build && grunt build) Resolves: #93126 Resolves: #93123 Resolves: #93132 Related: #92616 Releases: master Change-Id: Ie194d0f87d2c60df7b9e8a6de4893cfaaea55356 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67215 Tested-by:Martin Kutschker <mkutschker-typo3@yahoo.com> Tested-by:
-
The value from columns that are marked as "dbType" date(time) fields in TCA configuration are now explicitly interpreted using UTC timezone, when the string value has no timezone specifier given. JS supplied values contain Z as specifier, while records from the database (which are processed during copy operations) do not contain a timezone specifier. Local time was assumed by PHP in the latter case before, as we did not pass an explicit timezone information to the DateTime constructor. Therefore we now assure no timezone conversion will happen and no time/date-offset will be added, by using UTC explicitly. Resolves: #89914 Releases: master, 10.4, 9.5 Change-Id: I8e531ae5f3367c4493ce1e7db4bec0ef02311e24 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/66670 Tested-by:
Markus Klein <markus.klein@typo3.org> Tested-by:
-
- 20 Dec, 2020 4 commits
-
-
The alternative type stdClass is missing from the type annotation. Also make the return type of createPseudoUser more specific in order to help static analysis. Releases: master, 10.4 Resolves: #93118 Change-Id: I54a4665c9b15434b6a59c217dc61d636faf24dbc Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67212 Tested-by:
-
Since CommandLineUserAuthentication does not initialize the session property (because session handling is not needed on cli), a fatal error occurs, when calling the `writeLog` because a potentially simulated user is checked by accessing the session within this method. Therefore this check is now overridden as well in CommandLineUserAuthentication to always assume the original (cli) user for logging. Resolves: #93127 Releases: master Change-Id: Ife7d969944f7775e015b8366450dc09b6ffb36b7 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67184 Reviewed-by:
Oliver Klee <typo3-coding@oliverklee.de> Reviewed-by:
Simon Gilli <typo3@gilbertsoft.org>
Reviewed-by: Simon Gilli <typo3@gilbertsoft.org>
Tested-by: -
Depending on SQL structure of an MM table, the recent fix for issue #93064 can lead to query errors: It works with core category relations but fails for instance with ext:news 'related news' relations. This is due to an assumption about existence of field 'tablenames', which is bogus. If needed, the according where restriction comes from TCA MM_match_fields already, which is sufficient. Resolves: #93109 Related: #93064 Releases: master, 10.4 Change-Id: Ifcc15989f87119cfb10c2da47c22b42a0dd4558a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67188 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Sebastian Michaelsen <michaelsen@t3seo.de> Tested-by:
Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
This changes removes the frontend framework Bootstrap 3, and adds Bootstrap 5 beta 1 (we expect Bootstrap 5 final by the time we release TYPO3 v11 LTS). Bootstrap v3 is not supported by the Bootstrap team any longer, so an update is critical for TYPO3 Core. Bootstrap v5 adds a few accessibility improvements as well as flexbox for rendering containers and grids throughout TYPO3 Backend. All JS components are not bound to jQuery anymore, and have been reworked. A lot of HTML/CSS changes happened, which we slowly migrate (and not in a huge change) to TYPO3's templates, in order to keep this change managable. A legacy CSS/SCSS file is added to keep some backwards-compatibility classes to ease the migration for extension developers who have built their own backend modules. Key features of Bootstrap 5: * "rem" instead of "px" is used by default * CSS variables are introduced * Improved bootstrap focus outline styling (buttons / inputs / links) * Simplified grid functionality * use new button color mixin to increase contrast: Primary, Success and Warning Button color is now dark instead of white EXT:styleguide was used as a basis for upgrading to keep compatibility as much as possible, but more changes will be coming in the next few minor releases. Resolves: #92616 Releases: master Change-Id: Iec989f39649b5460b055ec879199faf38e424f2b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/66247 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by:
-
- 19 Dec, 2020 1 commit
-
-
This change removes the &route parameter from all Backend URLs, and changes them to speaking URLs like /typo3/main?token=123123123. For this change, it is necessary to adapt the installations' webserver configuration rewrite rules to enable URL rewriting in TYPO3 Backend. An silent upgrader will automatically update existing webserver configuration files like .htaccess or web.config to adapt to the TYPO3 Backend navigation concepts. Further steps will be using the browsers pushState functionality to update the URL when a module changes, and further deep-linking into TYPO3 Backend. Resolves: #93048 Releases: master Change-Id: Icdccfb4dbba71d2ecd08d619ed17ff49f6225b3e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67083 Tested-by:
-
- 18 Dec, 2020 2 commits
-
-
This change adapts the frontend user resolving to use the same functionality as in backend users, which wasn't the case in the past 15 years. The newly introduced GroupResolver now also resolves groups for frontend users recursively, making the "getGroupsFE" and "authGroupsFE" functionality obsolete. The AuthenticationService->getGroups methods are removed, also the properties userTS, userData_change and TSdataArray have been made protected, as it is only used for internal purposes. The "userTSUpdated" flag has been removed and the property $TSdataArray has been marked as internal. Resolves: #93108 Releases: master Change-Id: I630be39e855d45802c0236a0a38acbc07e0dd812 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67177 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
Add the lit-html template engine, that originated from the polymer project and is now base for web components together with the web component base case LitElement. It is used to replace string-concatenation/jquery based templating in order to adapt to modern web standards. typo3/testing-framework is adapted to include lit-html and lit-element with: https://github.com/TYPO3/testing-framework/pull/221 (releases as 6.6.0 and merged in #93074) Commands: yarn add lit-html@^1.3 lit-element@^2.4 yarn add --dev grunt-rollup grunt build Resolves: #91810 Related: #93074 Releases: master Change-Id: If419d378d6e98c150b219fe441b0766d12e9b639 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67092 Tested-by:
-
- 15 Dec, 2020 2 commits
-
-
Class RelationHandler is a confusing mess with tons of state spread over 28 class properties and 35 consuming methods. Nearly everything is public and of course far from bug free. The patch protects a series of properties and methods that handle internal state and do not need to be accessed from outside. For instance, the same state created by the 'read' methods is done by start(). This is a starter patch to allow refactorings towards a better manageable codebase. Change-Id: I8aa45fcd0306209fcc298972ad850449d2c4f125 Resolves: #93080 Releases: master Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67138 Tested-by:
Georg Ringer <georg.ringer@gmail.com> Reviewed-by:
-
When a user logs in, the "cache" field "usergroup_cached_list" is updated in the be_users table. This value is used so the groups do not need to be recalculated each time for each user (e.g. in Workspaces when sending notifications and in Log module). However, this has serious flaws: 1) If an admin removes a previously active user from a BE group, the cached list still contains the old group, until the user logs in 2) If a user never logged in before, the list is empty This change removes this conceptual bug, and builds this into the GroupResolver to use direct (optimized) DB queries for these use cases, making the DB field obsolete. Resolves: #79565 Releases: master Change-Id: I9d8fd04cc466906d7f8da43887788f48de81c642 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67137 Tested-by:
-
- 14 Dec, 2020 8 commits
-
-
To explicitly refresh the internal cache of StorageRepository when a file storage has been added/removed/updated, a public method flush() has been added to the class. Releases: master Resolves: #93057 Change-Id: I514bc5c39f6749a171006968a8b513803c599f4d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67097 Tested-by:
Simon Gilli <typo3@gilbertsoft.org>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl> Reviewed-by:
-
TYPO3 Core has its own implementation of driver classes for database abstraction by effectively overriding e.g. the PDO Statement class with TYPO3's Statment class to ensure that resources are strings to be completely transparent with Database abstraction. Doctrine DBAL 3.0 will force Drivers to either switch to composition or extend from the Abstract Driver classes. This change switches TYPO3's native implementation to extend from Abstract Driver classes, ensuring forward-compatibility with Doctrine DBAL 3.0 for TYPO3 v11 with Drivers. Resolves: #93076 Releases: master Change-Id: I32b886fe13bc7b5c759c1d127b31fe6d3ba94141 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67115 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
Christian Kuhn authored
A 'true' MM relation (select / group with MM, but not inline with foreign_field - used in core for pages/tt_content table to sys_category via sys_category_record_mm) has two sorting fields: 'sorting' for the local (sys_category) side, and 'sorting_foreign' for the foreign (pages / tt_content) side. When categories are added to a tt_content element, 'sorting_foreign' is set to the given order of sys_category elements. 'sorting' is set to 0. When then opening a sys_category record that has multiple records pointing to it with 0 as sorting, the returned order of records is non-deterministic and depends on implicit DB engine fallbacks. This also confuses the reference index, which checks refindex integrity always from the 'local' side. The patch adds 'uid_foreign' as second order-by field to force deterministic ordering. There is still a possible collision in multi table relations (more than one foreign table uses the mm table like pages AND tt_content to sys_category with foreign records having the same uid) and if the mm table allows "multi" relations. Those scenarios however have no explicit TCA configuration (only implicit via MM_match_fields), need a deeper investigation and possibly further detail patches later. The patch should for now fix a functional test that is flaky with postgres. Change-Id: I3c89d0e67f8a4065354f9df173020ca0080e0d57 Resolves: #93075 Releases: master, 10.4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67110 Reviewed-by:
Oliver Bartsch <bo@cedev.de>
Reviewed-by: Oliver Bartsch <bo@cedev.de>
Tested-by: -
Benni Mack authored
In order to re-use the group resolving, this logic is now extract from AbstractUserAuthentication, allowing to further optimize this code. The hook $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauthgroup.php']['fetchGroups_postProcessing'] is removed and replaced by a PSR-14 event to modify the Group Data. Resolves: #93056 Releases: master Change-Id: If0fc7939e2617fae899474ba47ba786405e87a3c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67034 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
The option "forceSetCookie", previously used for lifetime, is only set in FrontendUserAuthentication, and is moved to that subclass as a protected property, making the dependencies between the parent class and the main class cleaner. Resolves: #93073 Releases: master Change-Id: Ia711b2a0eb7b03ec1b352b0fd498d296a44df101 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67086 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
Releases: master Resolves: #93069 Relates: #93011 Change-Id: I80c970009694462d48ec65f96eb9b0f29cacf18c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67108 Tested-by:
-
In preparation for Doctrine DBAL 3.0, 1. all usages of Doctrine\DBAL\DBALException have been migrated to Doctrine\DBAL\Exception, because DBAL Exception does not exist in Doctrine 3.0 anymore. 2. Doctrine\DBAL\Platforms\PostgreSqlPlatform has been migrated to Doctrine\DBAL\Platforms\PostgreSQL94Platform because this class does not exist anymore in Doctrine DBAL 3.0, same goes for Doctrine\DBAL\Platforms\SQLServerPlatform which has been replaced by Doctrine\DBAL\Platforms\SQLServer2012Platform 3. Doctrine\DBAL\Driver\PDOException has been renamed to Doctrine\DBAL\Driver\PDO\Exception 4. Doctrine\DBAL\Driver\PDOStatement has been renamed to Doctrine\DBAL\Driver\PDO\Statement Resolves: #93071 Releases: master Change-Id: I05e82f2fca09eb7718a90c09f95e503980ae10ae Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67109 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
Due to some missing casting and usage of wrong properties, a wrong comparison happened. In addition, the change now checks for "user" instead of "userSession", as the "userSession" property is obsolete. Resolves: #93066 Releases: master Change-Id: I4a0ff4797265c15e5cf9a822e4f7e1ea31fb31c1 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67103 Tested-by:
-
- 13 Dec, 2020 1 commit
-
-
This patch adds EventDispatcher and Logger support to the various transports where it was missing so far. Now the Mailer API should be compatible to the underlaying Symfony Mailer and all features can be used. Resolves: #93000 Releases: master, 10.4 Change-Id: Iea222586a0f4d3e35e462c3cf27c16eec914b5c4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/66145 Tested-by:
Markus Gerdes <markus@madaxel.de> Tested-by:
-
- 12 Dec, 2020 3 commits
-
-
A first patch towards more reliable workspace-mm scenarios: When a record is discarded that has mm relations, those relations are now deleted along with the deleted "parent" record. Change-Id: Ic2abe8d1c828158cf86abe760aec8766abcd0e71 Resolves: #93064 Releases: master, 10.4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67100 Tested-by:
-
Flash Messages which should be stored in sessions, are now stored as stringified JsonSerializable instead of their objects themselves. The huge advantages over the previous functionality is that the FlashMessage objects are not instantiated during the process when a session is loaded, but actually only when the FlashMessages are needed, bringing a bit of performance for Backend functionality. Resolves: #93063 Releases: master Change-Id: Ie2da3b3d0a3fbb14416fd5743b3109221d30d28d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67098 Tested-by:
-
The "$BE_USER->groupList" property is a comma-separated list of userGroupUID, whereas "$BE_USER->includeGroupArray" is a list of groups added to the includeGroupArray which contains groups possibly added multiple times due to recursion. This is not needed, and therefore cleaned up, the properties are removed. Resolves: #93062 Releases: master Change-Id: Ic358c1be56253acdbe3be4222196a074aab1e98c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67099 Tested-by:
-
- 10 Dec, 2020 3 commits
-
-
The internal public property BE_USER->dataLists is removed as all data is now directly written into groupData now. This is part of a larger clean up of legacy code of UserAuthentication. Resolves: #93052 Releases: master Change-Id: I92ce48e71c5463ff5ddd3971deb5a82931dcc908 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67089 Tested-by:
-
The public property $sendNoCacheHeaders of AbstractUserAuthentication is now fully put into PSR-15 middlewares, which decide on their own if headers diasallowing HTTP caches should be sent to the client. This change removes the property, as the PSR-15 middlewares set the headers already since TYPO3 v10. Resolves: #93047 Releases: master Change-Id: I242d972c1a37a0642be19522f321e3f0ee88935d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67082 Tested-by:
Daniel Goerz <daniel.goerz@posteo.de> Reviewed-by:
-
Benni Mack authored
The AbstractUserAuthentication class handles way too much of what it should know / do. For this reason, a new UserSession object which contains basic information needed for everything belonging to a non-fixated session, a fixated anonymous session, if a session was evelated, or if a session has expired, is kept in there. The "SessionManager" should not be used anymore publically but slowly dissolve into a SessionBackendManager. Design goals: * UserAuth object should not know about session backends * UserAuth should not store sessionData etc. directly in its own object * Decouple UserSession info from any properties of UserAuth * A UserSessionManager deals with the creation and validation of the UserSession objects. No Session Objects can be created etc outside of this class to maintain persistability * UserSessionManager also encapsulates ipLocking and the responsible SessionBackend Final goals to be tackled later: * Build a user session object from the request object, and not within the UserAuth object * Session Handling can be accessed outside of UserAuth * Cookie Handling and Session Handling are separated from UserAuth * Load Session information from PSR-7 request instead of $_COOKIE Resolves: #93023 Releases: master Change-Id: Ia2d8244e433d0f6adf220d443b2c0947f251b5e9 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/66935 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by:
-
- 09 Dec, 2020 1 commit
-
-
* Since introduction of class ReferenceIndexUpdater each record is handled only once when updating the reference index. The record runtime cache is obsolete and can be dropped. * The $excludedTables and $excludedColumns properties are non-static now: In normal operation only one instance of ReferenceIndex class is created and used for many records, there is no point in creating hard to evict static state. * A runtime cache has been used for information derived from TCA (no db calls). This is dropped in favor of a class property. Change-Id: I5cf16e38ec8f36dfa838cdbc6591b59b463be3f9 Resolves: #93038 Releases: master Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67076 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by:
-
- 08 Dec, 2020 2 commits
-
-
Keeping relation information for soft deleted records in sys_refindex is quite useless: When records are undeleted, the reference index is updated to recreate rows. Additionally, the deleted handling was incomplete, especially if a record on the 'right' side of the relation got deleted. The patch drops the deleted field from the table and prevents adding relations for soft deleted rows. Furthermore, visibility of a couple of properties and methods is changed to protected and a series of not used methods is removed. Note the hash sums change due to the removal of the deleted field. The CLI command "bin/typo3 referenceindex:update" will update hashes and will drop obsolete deleted rows. Change-Id: I58d7a904a6b4c555529b7c70e45d56ccb498f77f Resolves: #93029 Releases: master Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/66968 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
In previous TYPO3 versions, AbstractUserAuthentication emitted cookies directly via header() or setcookie() methods. In order to have a better testing scenario, this change builds Cookie objects and keeps them until a PSR-15 middleware asks to apply the cookie information to a PSR-7 Response. This also makes it possible to manipulate the authentication cookies in Middlewares. AbstractUserAuthentication does not actually "remove" or "set" a cookie but rather keeps the information for setting a cookie. Resolves: #93011 Releases: master Change-Id: Iaec0007a1347676bc3ba570b4b5a1da63d58d7e6 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67032 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by:
-
- 07 Dec, 2020 3 commits
-
-
PageRenderer->render() does not accept any arguments anymore. This change allows to later-on hand in a Request object into the PageRenderer and/or continue building a generic View for rendering content, without marker-based changes. In addition, the corresponding constants are now marked as protected. Resolves: #93003 Releases: master Change-Id: Ia24c81647d665fdc23a8c961fe89722cf0e5a31d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67033 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
TYPO3 v11 supports PHP 7.4 or higher, some workarounds regarding same site functionality can be simplified and removed. Resolves: #92999 Releases: master Change-Id: I6ab5e257cfbe595f81693fc60d824bb46e106594 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67009 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
In order to allow further manipulation of Response objects, using "throw new ImmediateResponseException" is much more flexible than calling HttpUtility::redirect() which immediately stops the PHP process. This way, it is not even possible for developers to manipulate the response, or even test this behavior in functional tests with TYPO3 Core. The change removes all usages of HttpUtility::redirect(). The method will be deprecated at a later stage. Resolves: #93004 Releases: master Change-Id: I9bd0db2b2ee0c15b39b38168d67e6d78ba4be2db Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67038 Tested-by:
Daniel Gorges <daniel.gorges@b13.com> Tested-by:
-
- 05 Dec, 2020 1 commit
-
-
Benni Mack authored
The related HTTP no-cache headers (e.g. when a user is logged in) are now only set via PSR-15 middlewares (already in place for Backend Users, but now added for Frontend Users / Sessions as well), but not directly emitted via "header()" functions anymore. The next steps for having autonomous tests are: * Do not send cookies directly anymore * Double-check backend login cookies and * Check for ImmediateResponse / HttpUtility::redirect() methods * Evaluate the HTTP headers emitted inside the Installer. Resolves: #92997 Releases: master Change-Id: I7f1e9826b3d61977cb24e4622e0888e301b807e3 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67001 Tested-by:
-
- 04 Dec, 2020 2 commits
-
-
The public property svConfig is just a short-hand variable for $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth'], but should not be accessed from the outside, and is therefore moved from a public property to a local variable within the "checkAuthentication" method where it is mainly used. Resolves: #92990 Releases: master Change-Id: I1f8cadc36b22e535efb1940c8090ff5e487952bb Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67002 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
The flag AbstractUserAuthentication->loginFailure is removed. The current plans are to clean up the AbstractUserAuthentication class, and build separate concerns as much as possible. The main "monster" method "checkAuthentication" is now cleaned up, and the public property "loginFailure" is removed, as this is handled by a local variable now. Resolves: #92989 Releases: master Change-Id: I377baa94d6681fab7de04a74991254156235af52 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/66999 Tested-by:
-
- 01 Dec, 2020 1 commit
-
-
Christian Kuhn authored
Final patch to deprecate TYPO3_MODE and TYPO3_REQUESTTYPE with an excessive changelog file to explain details and migration for extension developers. Resolves: #92947 Related: #92948 Related: #92951 Related: #92949 Related: #92952 Related: #92953 Releases: master Change-Id: Id0570582aa08dd34faea3506d5ef8bc85afdda33 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/66948 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by:
-
