Upgrading notes

New permission model for Versioned DataObjects

When adding the Versioned extension to dataobjects, typically it's necessary to explicitly declare permissions on these objects in order to prevent un-published content surfacing to unauthenticated users.

In order to better support this, versioned by default will now deny canView permissions on objects that are not published.

For more information on how to customise the permission model for versioned dataobjects then please refer to the versioned extension documentation.

Block ?stage=Stage for unauthenticated users

By default users must now be logged in with CMS access permissions in order to change the viewing mode of the site frontend using the ?stage querystring parameter.

This permission can be customised by altering the Versioned.non_live_permissions config by assigning a different set of permissions.

Change Log


  • 2016-01-22 f80467a Don't keep stale treeview data when refreshing Content area (Damian Mooyman)
  • 2016-01-22 bf8bf5e Prevent Versioned::doRollbackTo from creating incorrect versions on subclasses of Versioned DataObjects (Damian Mooyman)
  • 2016-01-21 cca7129 Revert lost documentation (Damian Mooyman)
  • 2016-01-21 e364fdb Fix incorrect "Add Page" button selector (Damian Mooyman)
  • 2016-01-20 abc5556 Fix legacy breadcrumbs appearing on page save (Damian Mooyman)
  • 2016-01-20 df76d78 Fix VersionedTest sometimes failing given certain querystring arguments (Damian Mooyman)
  • 2016-01-20 7c4e6f4 prevent "Home page" being selected when no selection was made (Damian Mooyman)
  • 2016-01-11 85ba918 Update field IDs for file link (fixes silverstripe/silverstripe-cms#1307) (Loz Calver)
  • 2016-01-11 d637141 preg_quote() anchors in SiteTreeLinkTracking (fixes #1359) (Loz Calver)
  • 2016-01-05 00544ff session_regenerate_id uses config system (Daniel Hensby)
  • 2016-01-05 4335d8e Members with no ID inherit logged in user permission (Daniel Hensby)
  • 2016-01-02 b30d335 Adding context parameter to canCreate-check in getClassDropdown of SiteTree (fixes #1334) (Stephan Bauer)
  • 2016-01-02 95e96fa jquery.jstree patched to improve drag-and-drop handling (fixes #4881) (Stephan Bauer)
  • 2015-11-18 e9b833f ConfirmedPassword field correctly reports mismatching passwords (Christopher Darling)