mirror of
https://github.com/silverstripe/silverstripe-blog
synced 2024-10-22 11:05:58 +02:00
Fix string member IDs breaking permission checking
This commit is contained in:
parent
8b082e013f
commit
6345f9b6f7
@ -165,7 +165,7 @@ class Blog extends Page implements PermissionProvider {
|
|||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
if(is_int($member)) {
|
if(is_numeric($member)) {
|
||||||
$member = Member::get()->byID($member);
|
$member = Member::get()->byID($member);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -113,9 +113,7 @@ class BlogPost extends Page {
|
|||||||
* @return null|string
|
* @return null|string
|
||||||
*/
|
*/
|
||||||
public function RoleOf($member = null) {
|
public function RoleOf($member = null) {
|
||||||
if(is_int($member)) {
|
$member = $this->getMember($member);
|
||||||
$member = DataObject::get_by_id('Member', $member);
|
|
||||||
}
|
|
||||||
|
|
||||||
if(!$member) {
|
if(!$member) {
|
||||||
return null;
|
return null;
|
||||||
@ -298,7 +296,7 @@ class BlogPost extends Page {
|
|||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
if(is_int($member)) {
|
if(is_numeric($member)) {
|
||||||
$member = Member::get()->byID($member);
|
$member = Member::get()->byID($member);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -313,7 +311,7 @@ class BlogPost extends Page {
|
|||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function canCreateCategories($member = null) {
|
public function canCreateCategories($member = null) {
|
||||||
$member = $member = $this->getMember($member);
|
$member = $this->getMember($member);
|
||||||
|
|
||||||
$parent = $this->Parent();
|
$parent = $this->Parent();
|
||||||
|
|
||||||
@ -336,7 +334,7 @@ class BlogPost extends Page {
|
|||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function canCreateTags($member = null) {
|
public function canCreateTags($member = null) {
|
||||||
$member = $member = $this->getMember($member);
|
$member = $this->getMember($member);
|
||||||
|
|
||||||
$parent = $this->Parent();
|
$parent = $this->Parent();
|
||||||
|
|
||||||
|
@ -189,6 +189,26 @@ class BlogTest extends SapphireTest {
|
|||||||
$this->assertEquals('Editor', $postA->RoleOf($editor));
|
$this->assertEquals('Editor', $postA->RoleOf($editor));
|
||||||
$this->assertEmpty($postA->RoleOf($visitor));
|
$this->assertEmpty($postA->RoleOf($visitor));
|
||||||
|
|
||||||
|
// Test RoleOf with string values given
|
||||||
|
$this->assertEquals('Editor', $fourthBlog->RoleOf((string)(int)$editor->ID));
|
||||||
|
$this->assertEquals('Contributor', $fourthBlog->RoleOf((string)(int)$contributor->ID));
|
||||||
|
$this->assertEquals('Writer', $fourthBlog->RoleOf((string)(int)$writer->ID));
|
||||||
|
$this->assertEmpty($fourthBlog->RoleOf((string)(int)$visitor->ID));
|
||||||
|
$this->assertEquals('Author', $postA->RoleOf((string)(int)$writer->ID));
|
||||||
|
$this->assertEquals('Author', $postA->RoleOf((string)(int)$contributor->ID));
|
||||||
|
$this->assertEquals('Editor', $postA->RoleOf((string)(int)$editor->ID));
|
||||||
|
$this->assertEmpty($postA->RoleOf((string)(int)$visitor->ID));
|
||||||
|
|
||||||
|
// Test RoleOf with int values given
|
||||||
|
$this->assertEquals('Editor', $fourthBlog->RoleOf((int)$editor->ID));
|
||||||
|
$this->assertEquals('Contributor', $fourthBlog->RoleOf((int)$contributor->ID));
|
||||||
|
$this->assertEquals('Writer', $fourthBlog->RoleOf((int)$writer->ID));
|
||||||
|
$this->assertEmpty($fourthBlog->RoleOf((int)$visitor->ID));
|
||||||
|
$this->assertEquals('Author', $postA->RoleOf((int)$writer->ID));
|
||||||
|
$this->assertEquals('Author', $postA->RoleOf((int)$contributor->ID));
|
||||||
|
$this->assertEquals('Editor', $postA->RoleOf((int)$editor->ID));
|
||||||
|
$this->assertEmpty($postA->RoleOf((int)$visitor->ID));
|
||||||
|
|
||||||
$this->assertTrue($fourthBlog->canEdit($editor));
|
$this->assertTrue($fourthBlog->canEdit($editor));
|
||||||
$this->assertFalse($firstBlog->canEdit($editor));
|
$this->assertFalse($firstBlog->canEdit($editor));
|
||||||
$this->assertTrue($fourthBlog->canAddChildren($editor));
|
$this->assertTrue($fourthBlog->canAddChildren($editor));
|
||||||
|
Loading…
Reference in New Issue
Block a user