mirror of
https://github.com/silverstripe/silverstripe-blog
synced 2024-10-22 11:05:58 +02:00
Merge pull request #287 from tractorcow/pulls/fix-canview
BUG Fix canview for non-admins
This commit is contained in:
commit
a8e7bff69b
@ -409,22 +409,24 @@ class BlogPost extends Page {
|
|||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function canView($member = null) {
|
public function canView($member = null) {
|
||||||
|
$member = $this->getMember($member);
|
||||||
|
|
||||||
if(!parent::canView($member)) {
|
if(!parent::canView($member)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($this->PublishDate) {
|
|
||||||
/**
|
/**
|
||||||
* @var SS_Datetime $publishDate
|
* @var SS_Datetime $publishDate
|
||||||
*/
|
*/
|
||||||
$publishDate = $this->dbObject('PublishDate');
|
$publishDate = $this->dbObject('PublishDate');
|
||||||
|
|
||||||
if($publishDate->InFuture() && !Permission::checkMember($member, 'VIEW_DRAFT_CONTENT')) {
|
// Show past posts
|
||||||
return false;
|
if(!$publishDate->exists() || !$publishDate->InFuture()) {
|
||||||
}
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
// Anyone that can edit this page can view it
|
||||||
|
return $this->canEdit($member);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
66
tests/BlogPostTest.php
Normal file
66
tests/BlogPostTest.php
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
class BlogPostTest extends SapphireTest {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
|
static $fixture_file = 'blog.yml';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function tearDown() {
|
||||||
|
SS_Datetime::clear_mock_now();
|
||||||
|
parent::tearDown();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider canViewProvider
|
||||||
|
*/
|
||||||
|
public function testCanView($date, $user, $page, $canView) {
|
||||||
|
$userRecord = $this->objFromFixture('Member', $user);
|
||||||
|
$pageRecord = $this->objFromFixture('BlogPost', $page);
|
||||||
|
SS_Datetime::set_mock_now($date);
|
||||||
|
$this->assertEquals($canView, $pageRecord->canView($userRecord));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function canViewProvider() {
|
||||||
|
$someFutureDate = '2013-10-10 20:00:00';
|
||||||
|
$somePastDate = '2009-10-10 20:00:00';
|
||||||
|
return array(
|
||||||
|
// Check this post given the date has passed
|
||||||
|
array($someFutureDate, 'Editor', 'PostA', true),
|
||||||
|
array($someFutureDate, 'Contributor', 'PostA', true),
|
||||||
|
array($someFutureDate, 'BlogEditor', 'PostA', true),
|
||||||
|
array($someFutureDate, 'Writer', 'PostA', true),
|
||||||
|
|
||||||
|
// Check unpublished pages
|
||||||
|
array($somePastDate, 'Editor', 'PostA', true),
|
||||||
|
array($somePastDate, 'Contributor', 'PostA', true),
|
||||||
|
array($somePastDate, 'BlogEditor', 'PostA', true),
|
||||||
|
array($somePastDate, 'Writer', 'PostA', true),
|
||||||
|
|
||||||
|
// Test a page that was authored by another user
|
||||||
|
|
||||||
|
// Check this post given the date has passed
|
||||||
|
array($someFutureDate, 'Editor', 'FirstBlogPost', true),
|
||||||
|
array($someFutureDate, 'Contributor', 'FirstBlogPost', true),
|
||||||
|
array($someFutureDate, 'BlogEditor', 'FirstBlogPost', true),
|
||||||
|
array($someFutureDate, 'Writer', 'FirstBlogPost', true),
|
||||||
|
|
||||||
|
// Check future pages - non-editors shouldn't be able to see this
|
||||||
|
array($somePastDate, 'Editor', 'FirstBlogPost', true),
|
||||||
|
array($somePastDate, 'Contributor', 'FirstBlogPost', false),
|
||||||
|
array($somePastDate, 'BlogEditor', 'FirstBlogPost', false),
|
||||||
|
array($somePastDate, 'Writer', 'FirstBlogPost', false),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user