When uploading file through "CMS"->"Files"->"Add" -> "Upload file(s)", uploaded file doesn't have set file permissions according to "cms.defaultMask.file" from Config.
This patch fixes it so "defaultMask" can be different from umask and file has correctly set its permissions (usefull when required permissions are other than "644") as well as it has files/directories directly created in CMS section.
- Adds quotes around all strings inserted into config files, preventing them from being interpreted as constants.
- Changed all private methods in OctoberEnv.php to protected.
- Updated test to check some config files for expected changes.
This change allows for easy customisation of the relation manager titles and toolbar buttons.
For buttons - define your custom strings directly in the standard `toolbarButtons` syntax...
```
toolbarButtons:
create: acme.blog::lang.subcategory.CreateButtonText
delete: # omit the string to fall back to the default button text
```
...and the old syntax still works...
```
toolbarButtons: create|delete
```
For titles - define different strings for each mode (form, list or pivot)...
```
title:
form: acme.blog::lang.subcategory.FormTitle
list: acme.blog::lang.subcategory.ListTitle
```
This feature provides developer convenience, for example in this situation where I have a relation manager that is used to assign user permissions to a project:
Before
After
This PR contains no breaking changes.
Changing default redirect from http to https to 301 (permamently moved) from 302 (temporary moved).
Reason: every website in nowadays must be working through https protocol, and 302 status is wrong for this type of redirect.
jakub-onderka/php-parallel-lint has been abandoned, and the original author has recommended swithcing to php-parallel-lint/php-parallel-lint.
Fixes#5007.
This fix will apply quotes around string environment variables which contain either a single, or double, quote as well as any variables with a hash symbol - escaping any double-quotes encountered. When artisan october:env is run, this should correctly transfer all configuration values from the config files to the .env file.
Fixes#4979.
getLoadValue() was previously using the find method for getting the selected model on load when not using the Record Finder in relation mode.
This means it was searching by the primary key, regardless of whether the keyFrom setting on the Record Finder widget was changed. This has the effect of the keyFrom setting being correctly used to determine the value of the record finder field when a model is selected, but the widget being unable to find the model when it refreshes or reloads.
This change instead searches for the field's value in the column specified for the keyFrom setting, allowing us to use a different identifying column for loading the selected record.
This change removes the default postback handler for the datatable
widget (onSave) and instead relies on the closest form's request
handler. While `onSave` was a safe default, it did not take into account
the relation widget using other handlers.
The table widget will use an explicitly specified handler first, then it
will try and use the form's request handler, before using `onSave` as a
fallback, although this should really never occur.
Fixes#4776.
Don't bother retrieving the translated URL at construction time, it will be run through the translator during the validation process so there's no need to always hit the translator on every single Page model being loaded.
These can be added back in post-Laravel 6 era (> PHP 7.2)
Also removed the defaults since they are no longer needed, supplied by the new objects
Refs #4929
Can be one of three values:
- "default": Shows all repeater items expanded on load.
- "collapsed": Shows all repeater items collapsed on load.
- "accordion": Shows only the first repeater item expanded on load. When another item is clicked, all other open items are collapsed.
Implements #4801. Refs: https://github.com/rainlab/builder-plugin/issues/165, #2631
This no longer hinges on app.debug because it creates confusion for devops engineers. This is based on three independent reports coming from app environments that use a reverse proxy. The engineer will follow the proper security instructions by disabling debug mode, which in turn creates an infinite redirect loop when opening the back-end area, only to leave them scratching their heads
Ultimately it is the web server configuration's job to handle the enforcement of HTTPS, the app no longer enforces it as a strong opinion, but we still keep the setting available as a convenient security check for standard environments that do not use a reverse proxy
