mirror of
https://github.com/getgrav/grav-plugin-admin.git
synced 2025-12-16 21:40:31 +01:00
Merge tag '1.10.50' into develop
Release v1.10.50 # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEEwbiolRD/eEYBHGp5nyzziuvbCuAFAmkXTbEACgkQnyzziuvb # CuDW5BAArQLCnU/02r4r73WQ50FfojJOnH8+i0K2zTVVtheNvUsbOEbYTokCPrrQ # 5udhL1Psd004g3M0uiKYAv10D3GmRuBi+q8LZaI+AMDRY1dDURjDSzKL70FTqgUa # TEQX5snT0tuPRUzS27hJi3l7P27WNQwK29Pl0m+JDAUcqzoqFZZzJoawQRBRnfeH # AnmhocPNOYIV23RsQzE5XzO0Y0SAz8DbFLoUVyVMP+Cr2YuP7wqd0cSjkqFh+FS4 # eLGjPj7OA+oBHDoiaITlAMXCAH7mpmCnxPqjOKLdR9S6C7/btAWa1p+j3nLLv1od # h2nM/e5K+pxg7eb3BHK0Xs2j5YNl7RfgKspg3BeSVueOTCniaPC8lzexp0MlIaKn # Aulc7g7egb75LEknDpgt7vM636Vbv/noxMeqgwyxMnhJ60iojq6Hsxtk9u/699kL # /1s+a4VjkGPgxQHqErNu4ig9gFPA1nHNwwW2ngXU+5F44lKD+025bgMPqjEutGaR # waYEp6t8hp6IUJM3CI8NidxPlnU82kSHUAhem16k9cDxhsau8DsST91enqdREt4G # xdqxyBLOQDLlPhtlMNfdh1ojrbUQx+UUdVcMnmPWpO4y+BHRqRmFIhb0W+wPdxCt # PwIt/55ICTR57HzVXvAX4k0nkFCj4Go5x0Gj6sPbGCOql/zyTwg= # =elGV # -----END PGP SIGNATURE----- # gpg: Signature made Fri Nov 14 15:41:37 2025 GMT # gpg: using RSA key C1B8A89510FF7846011C6A799F2CF38AEBDB0AE0 # gpg: Good signature from "Andy Miller <rhuk@mac.com>" [ultimate]
This commit is contained in:
Andy Miller
13
CHANGELOG.md
13
CHANGELOG.md
@@ -1,3 +1,16 @@
|
|||||||
|
# v1.10.50
|
||||||
|
## 11/14/2025
|
||||||
|
|
||||||
|
1. [](#new)
|
||||||
|
* Support for 'safe-upgrade' installation
|
||||||
|
* Support for safe-upgrade restore functionality in Tools
|
||||||
|
1. [](#improved)
|
||||||
|
* Improved session expiration/logout handling
|
||||||
|
* Various minor CSS fixes
|
||||||
|
1. [](#bugfix)
|
||||||
|
* Fix for deeply nested sortable fields (at last!)
|
||||||
|
* Restore admin session timeout modal by returning 401 for timed-out AJAX requests
|
||||||
|
|
||||||
# v1.10.49.1
|
# v1.10.49.1
|
||||||
## 09/03/2025
|
## 09/03/2025
|
||||||
|
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
name: Admin Panel
|
name: Admin Panel
|
||||||
slug: admin
|
slug: admin
|
||||||
type: plugin
|
type: plugin
|
||||||
version: 1.10.49.1
|
version: 1.10.50
|
||||||
description: Adds an advanced administration panel to manage your site
|
description: Adds an advanced administration panel to manage your site
|
||||||
icon: empire
|
icon: empire
|
||||||
author:
|
author:
|
||||||
|
|||||||
@@ -96,6 +96,8 @@ class AdminBaseController
|
|||||||
|
|
||||||
// Make sure that user is logged into admin.
|
// Make sure that user is logged into admin.
|
||||||
if (!$this->admin->authorize()) {
|
if (!$this->admin->authorize()) {
|
||||||
|
$this->respondUnauthorizedIfAjax();
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -236,6 +238,31 @@ class AdminBaseController
|
|||||||
$this->close($response);
|
$this->close($response);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return a JSON 401 response when an unauthenticated request was clearly triggered via AJAX.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
protected function respondUnauthorizedIfAjax(): void
|
||||||
|
{
|
||||||
|
$uri = $this->grav['uri'] ?? null;
|
||||||
|
$extension = $uri ? $uri->extension() : null;
|
||||||
|
$accept = $_SERVER['HTTP_ACCEPT'] ?? '';
|
||||||
|
$requestedWith = $_SERVER['HTTP_X_REQUESTED_WITH'] ?? '';
|
||||||
|
|
||||||
|
$acceptsJson = is_string($accept) && (stripos($accept, 'application/json') !== false || stripos($accept, 'text/json') !== false);
|
||||||
|
$isAjax = ($extension === 'json') || $acceptsJson || (is_string($requestedWith) && strtolower($requestedWith) === 'xmlhttprequest');
|
||||||
|
|
||||||
|
if (!$isAjax) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->sendJsonResponse([
|
||||||
|
'status' => 'unauthenticated',
|
||||||
|
'message' => Admin::translate('PLUGIN_ADMIN.SESSION_EXPIRED_DESC')
|
||||||
|
], 401);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param ResponseInterface $response
|
* @param ResponseInterface $response
|
||||||
* @return never-return
|
* @return never-return
|
||||||
|
|||||||
@@ -26,6 +26,9 @@ class KeepAlive {
|
|||||||
|
|
||||||
return fetch(`${config.base_url_relative}/task${config.param_sep}keepAlive`, {
|
return fetch(`${config.base_url_relative}/task${config.param_sep}keepAlive`, {
|
||||||
credentials: 'same-origin',
|
credentials: 'same-origin',
|
||||||
|
headers: {
|
||||||
|
'Accept': 'application/json'
|
||||||
|
},
|
||||||
method: 'post',
|
method: 'post',
|
||||||
body: data
|
body: data
|
||||||
})
|
})
|
||||||
|
|||||||
3
themes/grav/js/admin.min.js
vendored
3
themes/grav/js/admin.min.js
vendored
@@ -1064,6 +1064,9 @@ var KeepAlive = /*#__PURE__*/function () {
|
|||||||
data.append('admin-nonce', external_GravAdmin_namespaceObject.config.admin_nonce);
|
data.append('admin-nonce', external_GravAdmin_namespaceObject.config.admin_nonce);
|
||||||
return fetch("".concat(external_GravAdmin_namespaceObject.config.base_url_relative, "/task").concat(external_GravAdmin_namespaceObject.config.param_sep, "keepAlive"), {
|
return fetch("".concat(external_GravAdmin_namespaceObject.config.base_url_relative, "/task").concat(external_GravAdmin_namespaceObject.config.param_sep, "keepAlive"), {
|
||||||
credentials: 'same-origin',
|
credentials: 'same-origin',
|
||||||
|
headers: {
|
||||||
|
'Accept': 'application/json'
|
||||||
|
},
|
||||||
method: 'post',
|
method: 'post',
|
||||||
body: data
|
body: data
|
||||||
}).then(function (response) {
|
}).then(function (response) {
|
||||||
|
|||||||
Reference in New Issue
Block a user