* Add MemberType/MemberTypeContainer to supported EntityContainer object types
* Implement MemberTypeContainerRepository
* Update and add member type container API endpoints
* Complete server and client-side implementation for member type container support.
* Fix FE linting errors.
* Export folder constants.
* Applied suggestions from code review.
* Updated management API authorization tests for member types.
* Resolved breaking change on copy member type controller.
* Allow content types to be moved to own folder without error.
* Use flag providers for member type siblings endpoint.
---------
Co-authored-by: Andy Butland <abutland73@gmail.com>
* Ensure redirects with domains are stored with the domain node id prefix.
* Handle removal of self-referencing redirect when domains are used.
* Use entity path to save further queries for retrieving ancestor IDs.
* Apply suggestions from code review
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Applied refactoring suggested in code review.
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Use empty folder under temp as localized text source folder in non umbraco core integration tests.
* Added clarifying comment to the GetLocalizedTextService override for tests
Handles rich text blocks created with TinyMCE in convert local links migration.
Refreshes internal datatype cache following migration requiring cache rebuild.
Handles rich text blocks created with TinyMCE in convert local links migration.
Refreshes internal datatype cache following migration requiring cache rebuild.
* Removed skips for tests whose related issues have been fixed.
* Remove skip tags and update tests for content with list view
* Removed skip tags
* Added comment and change to fixme for tests that need to implement later
* Removed skip tag
* Bumped version
* configure max chars for textbox
* min 1
* Adds server-side check for text box min and max character validation.
* Applied suggestion from code review.
* Bumped version of test helper
* Fixed test that was creating a text string data type with too large a maximum characters setting.
---------
Co-authored-by: Andy Butland <abutland73@gmail.com>
Co-authored-by: Nhu Dinh <hnd@umbraco.dk>
* Replace dependency track bom script with devops task
* Introduce new url variable in order to fix new task uri
The initial variable contained the api path (/api) in the URL.
Redact back-office PKCE codes from the server (#20847)
* Redact back-office PKCE codes from the server
* Update src/Umbraco.Cms.Api.Common/DependencyInjection/HideBackOfficeTokensHandler.cs
---------
Co-authored-by: Andy Butland <abutland73@gmail.com>
* Redact back-office PKCE codes from the server
* Update src/Umbraco.Cms.Api.Common/DependencyInjection/HideBackOfficeTokensHandler.cs
---------
Co-authored-by: Andy Butland <abutland73@gmail.com>
* Removes npm commands from the MSBuild of the CSPROJ of the umbraco-extension dotnet new template
Was agreed by the community package team to remove this, as this DX can cause more issues than actually help users in our opinion
* Removed the unused value - good catch by Copilot
* Adding fix for self-referncing redirects for 17
* Using umbraco context on failing tests
* Tests to see if self referencing redirects gets deleted
* Refactoring and adding correct tests.
* Expanding tests for RedirectTrackerTests.cs
* Optimize by only retrieving th list of existing URLs for a content item if we have a valid route to create a redirect for.
* Extract method refactoring, added explanatory comment, fixed warnings and formatting.
* Resolved warnings in RedirectService.
* Minor naming and formatting refactor in tests.
---------
Co-authored-by: Andy Butland <abutland73@gmail.com>
* Move access/refresh tokens to secure cookies (#20779)
* feat: adds the `credentials: include` header to all manual requests
* feat: adds `credentials: include` as a configurable option to xhr requests (and sets it by default to true)
* feat: configures the auto-generated fetch client from hey-api to include credentials by default
* Add OpenIddict handler to hide tokens from the back-office client
* Make back-office token redaction optional (default false)
* Clear back-office token cookies on logout
* Add configuration for backoffice cookie settings
* Make cookies forcefully secure + move cookie handler enabling to the BackOfficeTokenCookieSettings
* Use the "__Host-" prefix for cookie names
* docs: adds documentation on cookie settings
* build: sets up launch profile for vscode with new cookie recommended settings
* docs: adds extra note around SameSite settings
* docs: adds extra note around SameSite settings
* Respect sites that do not use HTTPS
* Explicitly invalidate potentially valid, old refresh tokens that should no longer be used
* Removed obsolete const
---------
Co-authored-by: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
* Remove configuration option
* Invalidate all existing access tokens on upgrade
* docs: updates recommended settings for development
* build: removes non-existing variable
* Skip flaky test
* Bumped version of our test helpers to fix failing tests
---------
Co-authored-by: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
Co-authored-by: Andreas Zerbst <andr317c@live.dk>
* Added form control support to color picker.
* Avoid submit when readonly is true.
* Added mandatory support.
* Added form control support to date picker.
* Removed an unused import.
* Added form control and mandatory support to document picker.
* Added form control support to Eye dropper.
* Added. mandatory support for multi url picker also bind inner input in the eye dropper.
* Removed unused import.
* fix update of value
* fixing not needed override of get and set methods
---------
Co-authored-by: Niels Lyngsø <niels.lyngso@gmail.com>
* Added mandatory support for block grid property editor.
* Added form control and mandatory support to code editor.
* Added form control and mandatory support to markdown editor.
---------
Co-authored-by: Niels Lyngsø <niels.lyngso@gmail.com>
* Implemented input-with-alias in the content-type-design-editor.
* Added auto-generate-alias property to the input and revert deletion of checkAliasAutoGenerate method.
* Added form-validation-message.
* Added validation to the input-with-alias element to avoid special characters.
* Chenged right and left position of the infobox.
* Added focus support to open the modal.
* Moved tabindex out the constructor and added support for enter and space keys.
* Removed isLoding condition from the rich media input and let the thumbnail handle the loader.
* Removed unused import.
* change loader and adjust lit property configuration
* update reflect configuration
---------
Co-authored-by: Niels Lyngsø <niels.lyngso@gmail.com>
