From a050d926ded1157ad68b6dac3eb9733905a8847b Mon Sep 17 00:00:00 2001 From: Jonathon Menz Date: Thu, 17 Dec 2015 19:34:13 -0800 Subject: [PATCH] Better permission management Closes #11 --- code/BetterNavigator.php | 90 ++++++++++---------- templates/BetterNavigator.ss | 157 +++++++++++++++++------------------ 2 files changed, 124 insertions(+), 123 deletions(-) diff --git a/code/BetterNavigator.php b/code/BetterNavigator.php index 94d6d29..0904709 100755 --- a/code/BetterNavigator.php +++ b/code/BetterNavigator.php @@ -23,52 +23,56 @@ class BetterNavigator extends DataExtension { * @return string */ public function BetterNavigator() { + // Make sure this is a page + if (!($this->owner && $this->owner->dataRecord && $this->owner->dataRecord instanceof SiteTree && $this->owner->dataRecord->ID > 0)) return false; + + // Only show navigator to appropriate users $isDev = Director::isDev(); - - if($isDev || Permission::check('CMS_ACCESS_CMSMain') || Permission::check('VIEW_DRAFT_CONTENT')) { - if($this->owner && $this->owner->dataRecord && $this->owner->dataRecord instanceof SiteTree) { - - //Get SilverStripeNavigator links & stage info (CMS/Stage/Live/Archive) - $nav = array(); - $viewing = ''; - $navigator = new SilverStripeNavigator($this->owner->dataRecord); - $items = $navigator->getItems(); - foreach($items as $item) { - $name = $item->getName(); - $active = $item->isActive(); - $nav[$name] = array( - 'Link' => $item->getLink(), - 'Active' => $active - ); - if ($active) { - if ($name == 'LiveLink') $viewing = 'Live'; - if ($name == 'StageLink') $viewing = 'Draft'; - if ($name == 'ArchiveLink') $viewing = 'Archived'; - } + $canViewDraft = (Permission::check('VIEW_DRAFT_CONTENT') || Permission::check('CMS_ACCESS_CMSMain')); + if($isDev || $canViewDraft) { + // Get SilverStripeNavigator links & stage info (CMS/Stage/Live/Archive) + $nav = array(); + $viewing = ''; + $navigator = new SilverStripeNavigator($this->owner->dataRecord); + $items = $navigator->getItems(); + foreach($items as $item) { + $name = $item->getName(); + $active = $item->isActive(); + $nav[$name] = array( + 'Link' => $item->getLink(), + 'Active' => $active + ); + if ($active) { + if ($name == 'LiveLink') $viewing = 'Live'; + if ($name == 'StageLink') $viewing = 'Draft'; + if ($name == 'ArchiveLink') $viewing = 'Archived'; } - - //Is the logged in member nominated as a developer? - $member = Member::currentUser(); - $devs = Config::inst()->get('BetterNavigator', 'developers'); - $isDeveloper = $member && is_array($devs) ? in_array($member->Email, $devs) : false; - - //Add other data for template - $backURL = '?BackURL=' . urlencode($this->owner->Link()); - $bNData = array_merge($nav, array( - 'Member' => $member, - 'Stage' => Versioned::current_stage(), - 'Viewing' => $viewing, // What we're viewing doesn't necessarily align with the active Stage - 'LoginLink' => Config::inst()->get('Security', 'login_url') . $backURL, - 'LogoutLink' => 'Security/logout' . $backURL, - 'Mode' => Director::get_environment_type(), - 'IsDeveloper' => $isDeveloper - )); - - //Merge with page data, send to template and render - $bNData = new ArrayData($bNData); - $page = $this->owner->customise(array('BetterNavigator' => $bNData)); - return $page->renderWith('BetterNavigator'); } + // Only show edit link if user has permission to edit this page + $editLink = (($this->owner->dataRecord->canEdit() && Permission::check('CMS_ACCESS_CMSMain')) || $isDev) ? $nav['CMSLink']['Link'] : false; + + // Is the logged in member nominated as a developer? + $member = Member::currentUser(); + $devs = Config::inst()->get('BetterNavigator', 'developers'); + $isDeveloper = $member && is_array($devs) ? in_array($member->Email, $devs) : false; + + // Add other data for template + $backURL = '?BackURL=' . urlencode($this->owner->Link()); + $bNData = array_merge($nav, array( + 'Member' => $member, + 'Stage' => Versioned::current_stage(), + 'Viewing' => $viewing, // What we're viewing doesn't necessarily align with the active Stage + 'LoginLink' => Config::inst()->get('Security', 'login_url') . $backURL, + 'LogoutLink' => 'Security/logout' . $backURL, + 'EditLink' => $editLink, + 'Mode' => Director::get_environment_type(), + 'IsDeveloper' => $isDeveloper + )); + + // Merge with page data, send to template and render + $bNData = new ArrayData($bNData); + $page = $this->owner->customise(array('BetterNavigator' => $bNData)); + return $page->renderWith('BetterNavigator'); } return false; } diff --git a/templates/BetterNavigator.ss b/templates/BetterNavigator.ss index 52921c5..72dc2a0 100644 --- a/templates/BetterNavigator.ss +++ b/templates/BetterNavigator.ss @@ -1,93 +1,90 @@ -<% if $ID > 0 %><%-- Only show on 'real' pages --%> +<% require javascript("betternavigator/javascript/betternavigator.js") %> +<% require css("betternavigator/css/betternavigator.css") %> - <% require javascript("betternavigator/javascript/betternavigator.js") %> - <% require css("betternavigator/css/betternavigator.css") %> +