50 Commits

Author	SHA1	Message	Date
Matias Griese	aa4f80eec1	Greatly improve login related actions for Admin ... * Better isolate admin to prevent session related vulnerabilities * Removed support for custom login redirects for improved security * Shorten forgot password link lifetime from 7 days to 1 hour * Fixed login related pages being accessible from admin when user has logged in * Fixed admin user creation and password reset allowing unsafe passwords * Fixed missing validation when registering the first admin user * Fixed reset password email not to have session specific token in it	2021-03-26 14:39:37 +02:00
Matias Griese	b7271bc424	Regression: Fixed enabling/disabling plugin or theme corrupting configuration	2021-02-19 22:04:04 +02:00
Matias Griese	7832d6992e	Fixed ACL for users with mixed case usernames [#2073]	2021-02-18 16:22:55 +02:00
Matias Griese	64e41b034e	Fixed fatal error in admin if POST request has data in it [#2074]	2021-02-18 15:33:38 +02:00
Matias Griese	a8983a003d	Fixed ACL for Configuration tabs [#771]	2021-02-10 15:26:02 +02:00
Matias Griese	2223b2eb73	Fixed deleting list field options completely, didn't save changes [#2056]	2021-02-08 21:30:37 +02:00
Matias Griese	1d669c5fb9	Minor code improvements	2021-01-08 18:57:41 +02:00
Djamil Legato	72116dcbca	Fixed notifications that would not be remembered as hidden + various improvements	2020-12-21 15:29:42 -08:00
Djamil Legato	06719a23dd	Properly exit the nested foreach when a matching dependency is found	2020-12-21 10:55:56 -08:00
Matias Griese	04b17d6019	More multi-site routing fixes	2020-09-02 12:43:36 +03:00
Matias Griese	8a6f98b7bf	Fixed bad redirection after successful admin login in subdirectory multisite [#1487]	2020-08-31 22:59:22 +03:00
Matias Griese	ae6d972d26	Fixed bad 'use ...\UserObject;' statement in Admin	2020-07-03 11:44:05 +03:00
Andy Miller	e9adc8f8f3	renamed markdownEditor->contentEditor	2020-05-26 08:19:26 -06:00
Andy Miller	6f8b5de163	new onAdminListMarkdownEditors event	2020-05-25 14:04:01 -06:00
Matias Griese	16fb712770	Do not use $pages->dispatch() to find a page, it redirects!	2020-05-22 20:06:40 +03:00
Matias Griese	b363309646	Fixed language redirect adding extra language prefix in Flex	2020-04-24 12:34:46 +03:00
Andy Miller	367d55d5e0	Revert "Fix for visible state when creating new pages #1831" ... This reverts commit 0f87a2691b.	2020-03-06 12:39:15 -07:00
Andy Miller	0f87a2691b	Fix for visible state when creating new pages #1831	2020-03-06 11:17:14 -07:00
Matias Griese	8483873e02	Added keysOnly parameter to AdminPlugin::pagesTypes() and AdminPlugin::pagesModularTypes() methods, ignore parameter to Admin::types() and Admin::modularTypes() methods	2020-02-25 13:58:36 +02:00
Matias Griese	20ae10bcb4	Added some debugging messages (turned off by default)	2020-02-10 22:19:39 +02:00
Matias Griese	87f3fd83ff	Pass phpstan level 1 tests	2020-02-04 11:22:27 +02:00
Matias Griese	cd286ad30c	Fixed editing own user	2020-02-03 12:15:51 +02:00
Matias Griese	9c929f15a4	Cleanup acl_picker field	2020-01-31 11:56:03 +02:00
Matias Griese	7a5a6ea48a	Improve admin user	2020-01-30 13:07:57 +02:00
Matias Griese	6abcdae5d6	Updated code for Grav 1.7.0-rc.4	2020-01-30 11:02:32 +02:00
Matias Griese	0e043aa0a9	Fixed admin_route() twig function to work properly with Grav 1.7.0-rc.4, which fixes Route base	2020-01-28 18:56:37 +02:00
Matias Griese	3c74b219fe	Better logged in user handling (Flex)	2020-01-21 09:46:42 +02:00
Matias Griese	5153266c7e	Fixed another case of bad profile link	2020-01-16 15:48:47 +02:00
Matias Griese	31f4e8ee03	DEPRECATED onAdminRegisterPermissions event and the corresponding admin methods	2020-01-15 16:05:16 +02:00
Andy Miller	31b8a8e12b	Added an Admin::getChangelog() method	2019-12-09 10:58:49 -07:00
Matias Griese	d252286947	Updated deprecated $page->modular() method calls to $page->isModule()	2019-11-15 21:51:47 +02:00
Matias Griese	f67f722252	Added support for hiding parts of admin by Deny permissions (Flex Users only)	2019-11-13 11:49:18 +02:00
Andy Miller	6485d6f99b	removed static log list for dynamic one via onAdminLogFiles #1765	2019-10-25 10:51:44 -06:00
Matias Griese	899d05fb7c	Fixed Admin::redirect() check for /admin, /en/admin, /root/admin or /root/en/admin	2019-09-16 21:59:56 +03:00
Matias Griese	52ba79f954	Fixed redirect with absolute language URL	2019-09-11 19:49:47 +03:00
Matias Griese	495ebcb42b	Keep language setting for AJAX requests	2019-09-11 18:05:45 +03:00
Matias Griese	a5bceca905	Changed Admin::getAdminRoute() to return language as it was in the request	2019-09-06 14:27:52 +03:00
Matias Griese	0e23631038	Fixed regression: Do not require Flex Objects plugin [grav#2653]	2019-08-30 09:40:14 +03:00
Matias Griese	73fd485a72	Do not remove language code in admin if language is set/forced	2019-08-29 16:28:19 +03:00
Matias Griese	58f8871450	If Flex pages are enabled, dashboard should use Flex regardless of Grav page type setting	2019-08-27 12:36:05 +03:00
Matias Griese	ec44621b68	Remove caching from Pages count (regular)	2019-08-27 10:57:33 +03:00
Matias Griese	4af1da9d95	Optimize datetime field	2019-08-26 15:09:04 +03:00
Matias Griese	31f96c771f	Major speedup on Dashboard (latest pages using Flex)	2019-08-24 13:20:16 +03:00
Matias Griese	74236c6da5	Improved page initialization logic	2019-08-23 20:45:51 +03:00
Matias Griese	5e219c8197	Optimize admin for speed (only load frontend pages on demand)	2019-08-22 19:25:59 +03:00
Matias Griese	30e38312c5	Fixed double slashes in Admin::adminRoute()	2019-07-01 20:35:53 +03:00
Matias Griese	121469311d	Fixed redirect when using full path on subfolder install	2019-07-01 20:18:42 +03:00
Matias Griese	bf4329c2d1	Merge branch 'feature/multilang' of github.com:getgrav/grav-plugin-admin into 1.10 ... # Conflicts: # CHANGELOG.md # classes/plugin/AdminController.php # classes/plugin/Twig/AdminTwigExtension.php	2019-06-29 14:57:22 +03:00
Matias Griese	f4d5ccf731	Use $grav->exit() instead of exit()	2019-06-03 13:17:16 +03:00
Matias Griese	cc03729964	Use PSR-4 for plugin classes	2019-05-31 14:43:16 +03:00