164 Commits

Author	SHA1	Message	Date
Matias Griese	1091e7ab26	Fixed configuration save location to point to existing config folder [#2176]	2021-09-14 17:59:12 +03:00
Matias Griese	853abfbbd3	Fixed X-Frame-Options to be DENY in all admin pages to prevent a clickjacking attack	2021-09-01 13:17:21 +03:00
Matias Griese	2546cd35e0	Make sure that login data is an array in taskLogin()	2021-08-18 13:41:04 +03:00
Matias Griese	f42e996138	Update taskGetChildTypes() to use Flex Pages (works without the plugin) [#2087]	2021-06-10 11:10:06 +03:00
Matias Griese	1136a1007e	Fixed configuration not fully updating on save [#2149]	2021-05-26 10:48:50 +03:00
Matias Griese	a01170576a	Updated SCSS compiler to v1.5	2021-05-18 18:32:32 +03:00
Andy Miller	1ceebec29f	improve plugin enabled logic	2021-05-05 12:53:07 -06:00
Andy Miller	3aae171297	improve activation logic	2021-05-05 12:14:04 -06:00
Matias Griese	9d21a98f61	Theme update - custom files overwritten #2135	2021-04-29 14:58:48 +03:00
Matias Griese	1b26b4ca7d	Fixed permission check for configuration save [#2130]	2021-04-23 11:21:41 +03:00
Djamil Legato	438c9716cc	Better Pages default permissions	2021-04-22 11:57:40 -07:00
Matias Griese	c097eee87f	Fixed error reporting for AJAX tasks if user has no permissions	2021-04-15 10:11:04 +03:00
Matias Griese	7ed36e462e	Fixed error reporting for AJAX tasks if user has no permissions	2021-04-14 21:43:40 +03:00
Matias Griese	cde46a2eb0	Regression: Fixed broken plugin/theme installer in admin	2021-04-14 13:54:01 +03:00
Matias Griese	9383007b93	Better document admin tasks	2021-04-14 13:40:02 +03:00
Matias Griese	1acb94e857	Fixed error message when user clicks logout link after his session has been expired	2021-04-13 10:16:17 +03:00
Matias Griese	da8a7b574c	Improve ACL checks for the tasks	2021-04-12 22:06:43 +03:00
Matias Griese	9108a4a85f	Fixed broken 2FA login when site is not configured to use Flex Users [#2109]	2021-04-08 10:56:18 +03:00
Matias Griese	9fca08ab43	Regression: Fixed broken 2FA form [#2109]	2021-04-07 14:14:04 +03:00
Matias Griese	58e2c6cc55	Change nonce expiration message	2021-03-31 11:48:15 +03:00
Matias Griese	f36b244198	Include query param task into task checks	2021-03-26 18:15:42 +02:00
Matias Griese	aa4f80eec1	Greatly improve login related actions for Admin ... * Better isolate admin to prevent session related vulnerabilities * Removed support for custom login redirects for improved security * Shorten forgot password link lifetime from 7 days to 1 hour * Fixed login related pages being accessible from admin when user has logged in * Fixed admin user creation and password reset allowing unsafe passwords * Fixed missing validation when registering the first admin user * Fixed reset password email not to have session specific token in it	2021-03-26 14:39:37 +02:00
Matias Griese	b3d66b3d3a	Rename internal save methods	2021-03-19 18:06:24 +02:00
Matias Griese	b7271bc424	Regression: Fixed enabling/disabling plugin or theme corrupting configuration	2021-02-19 22:04:04 +02:00
Matias Griese	7832d6992e	Fixed ACL for users with mixed case usernames [#2073]	2021-02-18 16:22:55 +02:00
Matias Griese	64e41b034e	Fixed fatal error in admin if POST request has data in it [#2074]	2021-02-18 15:33:38 +02:00
Matias Griese	a8983a003d	Fixed ACL for Configuration tabs [#771]	2021-02-10 15:26:02 +02:00
Matias Griese	417d82769b	Fixed onAdminAfterAddMedia event always pointing to the home page [#1905]	2021-02-10 13:08:34 +02:00
Matias Griese	725ed07ad9	Fixed onAdminAfterDelMedia event always pointing to home page [#1905]	2021-02-10 12:57:43 +02:00
Matias Griese	6328489170	Provide media object and filename in onAdminAfterDelMedia event [#1905]	2021-02-10 12:40:25 +02:00
Matias Griese	2223b2eb73	Fixed deleting list field options completely, didn't save changes [#2056]	2021-02-08 21:30:37 +02:00
Matias Griese	ad5d3a3829	Improve flash file error detection	2021-02-08 17:25:32 +02:00
Matias Griese	905a2a299f	Fixed case-sensitive accept in filepicker field	2021-02-04 17:08:05 +02:00
Matias Griese	01568544b5	Fixed admin style compilation failing to save CSS if assets folder does not exist	2021-01-21 14:44:41 +02:00
Matias Griese	5ed810a2ab	Fixed fatal error when moving a page using the old implementation [#2019]	2021-01-18 12:40:13 +02:00
Matias Griese	de3a557b80	Display controller exceptions in debugger	2021-01-18 12:05:24 +02:00
Matias Griese	1d669c5fb9	Minor code improvements	2021-01-08 18:57:41 +02:00
Djamil Legato	72116dcbca	Fixed notifications that would not be remembered as hidden + various improvements	2020-12-21 15:29:42 -08:00
Djamil Legato	06719a23dd	Properly exit the nested foreach when a matching dependency is found	2020-12-21 10:55:56 -08:00
Matias Griese	d9c73e2edb	Post merge conflicts	2020-12-01 09:51:43 +02:00
Matias Griese	432ef4bb1a	Composer update after merge	2020-12-01 09:37:58 +02:00
Matias Griese	be6428922d	Merge branch 'develop' of github.com:getgrav/grav-plugin-admin into 1.10 ... Conflicts: admin.php classes/plugin/AdminController.php composer.lock vendor/composer/autoload_classmap.php vendor/composer/autoload_psr4.php vendor/composer/autoload_real.php vendor/composer/autoload_static.php vendor/composer/installed.json	2020-12-01 09:24:05 +02:00
Matias Griese	ddc85f3b89	Merge branch 'develop' of github.com:getgrav/grav-plugin-admin into 1.10	2020-11-25 23:15:08 +02:00
Djamil Legato	a8bd391b78	Forward a sid to GPM when downloading a premium package	2020-10-29 15:25:40 -07:00
Djamil Legato	4e45a22837	Minor wording change for unauthorized downloads	2020-10-28 11:11:09 -07:00
Andy Miller	d063ac669b	Cleaner error messages	2020-09-03 22:28:47 -06:00
Andy Miller	c7fe6be9de	remove filename, not used	2020-09-03 18:14:36 -06:00
Matias Griese	04b17d6019	More multi-site routing fixes	2020-09-02 12:43:36 +03:00
Matias Griese	8a6f98b7bf	Fixed bad redirection after successful admin login in subdirectory multisite [#1487]	2020-08-31 22:59:22 +03:00
Matias Griese	6bcc5f7636	Fixed a glitch which allows user to delete entire pages directory, Admin 1.10 edition [#1941]	2020-08-28 13:38:58 +03:00