mirror of
https://github.com/silverstripe/silverstripe-cms
synced 2024-09-28 12:26:29 +02:00
ENH update SiteTree permissions in CMS
This commit is contained in:
parent
2ea9d85ee8
commit
14eb767c9c
@ -35,6 +35,7 @@ use SilverStripe\Forms\GridField\GridField;
|
|||||||
use SilverStripe\Forms\GridField\GridFieldDataColumns;
|
use SilverStripe\Forms\GridField\GridFieldDataColumns;
|
||||||
use SilverStripe\Forms\GridField\GridFieldLazyLoader;
|
use SilverStripe\Forms\GridField\GridFieldLazyLoader;
|
||||||
use SilverStripe\Forms\HTMLEditor\HTMLEditorField;
|
use SilverStripe\Forms\HTMLEditor\HTMLEditorField;
|
||||||
|
use SilverStripe\Forms\ListboxField;
|
||||||
use SilverStripe\Forms\LiteralField;
|
use SilverStripe\Forms\LiteralField;
|
||||||
use SilverStripe\Forms\OptionsetField;
|
use SilverStripe\Forms\OptionsetField;
|
||||||
use SilverStripe\Forms\Tab;
|
use SilverStripe\Forms\Tab;
|
||||||
@ -1187,6 +1188,14 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// check for specific users
|
||||||
|
if ($this->CanViewType === InheritedPermissions::ONLY_THESE_MEMBERS
|
||||||
|
&& $member
|
||||||
|
&& $this->ViewerMembers()->filter('ID', $member->ID)->count() > 0
|
||||||
|
) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2238,6 +2247,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
|
|||||||
};
|
};
|
||||||
$viewAllGroupsMap = $mapFn(Permission::get_groups_by_permission(['SITETREE_VIEW_ALL', 'ADMIN']));
|
$viewAllGroupsMap = $mapFn(Permission::get_groups_by_permission(['SITETREE_VIEW_ALL', 'ADMIN']));
|
||||||
$editAllGroupsMap = $mapFn(Permission::get_groups_by_permission(['SITETREE_EDIT_ALL', 'ADMIN']));
|
$editAllGroupsMap = $mapFn(Permission::get_groups_by_permission(['SITETREE_EDIT_ALL', 'ADMIN']));
|
||||||
|
$membersMap = Member::get()->map('ID', 'Name');
|
||||||
|
|
||||||
$fields = new FieldList(
|
$fields = new FieldList(
|
||||||
$rootTab = new TabSet(
|
$rootTab = new TabSet(
|
||||||
@ -2269,6 +2279,11 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
|
|||||||
_t(__CLASS__.'.VIEWERGROUPS', "Viewer Groups"),
|
_t(__CLASS__.'.VIEWERGROUPS', "Viewer Groups"),
|
||||||
Group::class
|
Group::class
|
||||||
),
|
),
|
||||||
|
$viewerMembersField = ListboxField::create(
|
||||||
|
"ViewerMembers",
|
||||||
|
_t(__CLASS__.'.VIEWERMEMBERS', "Viewer Users"),
|
||||||
|
$membersMap,
|
||||||
|
),
|
||||||
$editorsOptionsField = new OptionsetField(
|
$editorsOptionsField = new OptionsetField(
|
||||||
"CanEditType",
|
"CanEditType",
|
||||||
_t(__CLASS__.'.EDITHEADER', "Who can edit this page?")
|
_t(__CLASS__.'.EDITHEADER', "Who can edit this page?")
|
||||||
@ -2277,6 +2292,11 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
|
|||||||
"EditorGroups",
|
"EditorGroups",
|
||||||
_t(__CLASS__.'.EDITORGROUPS', "Editor Groups"),
|
_t(__CLASS__.'.EDITORGROUPS', "Editor Groups"),
|
||||||
Group::class
|
Group::class
|
||||||
|
),
|
||||||
|
$editorMembersField = ListboxField::create(
|
||||||
|
"EditorMembers",
|
||||||
|
_t(__CLASS__.'.EDITORMEMBERS', "Editor Users"),
|
||||||
|
$membersMap
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
@ -2317,6 +2337,10 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
|
|||||||
__CLASS__.'.ACCESSONLYTHESE',
|
__CLASS__.'.ACCESSONLYTHESE',
|
||||||
"Only these groups (choose from list)"
|
"Only these groups (choose from list)"
|
||||||
),
|
),
|
||||||
|
InheritedPermissions::ONLY_THESE_MEMBERS => _t(
|
||||||
|
__CLASS__.'.ACCESSONLYMEMBERS',
|
||||||
|
"Only these users (choose from list)"
|
||||||
|
),
|
||||||
];
|
];
|
||||||
$viewersOptionsField->setSource($viewersOptionsSource);
|
$viewersOptionsField->setSource($viewersOptionsSource);
|
||||||
|
|
||||||
@ -2343,17 +2367,27 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
|
|||||||
|
|
||||||
if (!Permission::check('SITETREE_GRANT_ACCESS')) {
|
if (!Permission::check('SITETREE_GRANT_ACCESS')) {
|
||||||
$fields->makeFieldReadonly($viewersOptionsField);
|
$fields->makeFieldReadonly($viewersOptionsField);
|
||||||
if ($this->CanEditType === InheritedPermissions::ONLY_THESE_USERS) {
|
if ($this->CanViewType === InheritedPermissions::ONLY_THESE_USERS) {
|
||||||
$fields->makeFieldReadonly($viewerGroupsField);
|
$fields->makeFieldReadonly($viewerGroupsField);
|
||||||
|
$fields->removeByName('ViewerMembers');
|
||||||
|
} elseif ($this->CanViewType === InheritedPermissions::ONLY_THESE_MEMBERS) {
|
||||||
|
$fields->makeFieldReadonly($viewerMembersField);
|
||||||
|
$fields->removeByName('ViewerGroups');
|
||||||
} else {
|
} else {
|
||||||
$fields->removeByName('ViewerGroups');
|
$fields->removeByName('ViewerGroups');
|
||||||
|
$fields->removeByName('ViewerMembers');
|
||||||
}
|
}
|
||||||
|
|
||||||
$fields->makeFieldReadonly($editorsOptionsField);
|
$fields->makeFieldReadonly($editorsOptionsField);
|
||||||
if ($this->CanEditType === InheritedPermissions::ONLY_THESE_USERS) {
|
if ($this->CanEditType === InheritedPermissions::ONLY_THESE_USERS) {
|
||||||
$fields->makeFieldReadonly($editorGroupsField);
|
$fields->makeFieldReadonly($editorGroupsField);
|
||||||
|
$fields->removeByName('EditorMembers');
|
||||||
|
} elseif ($this->CanEditType === InheritedPermissions::ONLY_THESE_MEMBERS) {
|
||||||
|
$fields->makeFieldReadonly($editorMembersField);
|
||||||
|
$fields->removeByName('EditorGroups');
|
||||||
} else {
|
} else {
|
||||||
$fields->removeByName('EditorGroups');
|
$fields->removeByName('EditorGroups');
|
||||||
|
$fields->removeByName('EditorMembers');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -173,6 +173,7 @@ en:
|
|||||||
ACCESSANYONE: Anyone
|
ACCESSANYONE: Anyone
|
||||||
ACCESSHEADER: 'Who can view this page?'
|
ACCESSHEADER: 'Who can view this page?'
|
||||||
ACCESSLOGGEDIN: 'Logged-in users'
|
ACCESSLOGGEDIN: 'Logged-in users'
|
||||||
|
ACCESSONLYMEMBERS: 'Only these users (choose from list)'
|
||||||
ACCESSONLYTHESE: 'Only these groups (choose from list)'
|
ACCESSONLYTHESE: 'Only these groups (choose from list)'
|
||||||
ADDEDTODRAFTHELP: 'Page has not been published yet'
|
ADDEDTODRAFTHELP: 'Page has not been published yet'
|
||||||
ADDEDTODRAFTSHORT: Draft
|
ADDEDTODRAFTSHORT: Draft
|
||||||
@ -200,6 +201,7 @@ en:
|
|||||||
DependtPageColumnLinkType: 'Link type'
|
DependtPageColumnLinkType: 'Link type'
|
||||||
EDITHEADER: 'Who can edit this page?'
|
EDITHEADER: 'Who can edit this page?'
|
||||||
EDITORGROUPS: 'Editor Groups'
|
EDITORGROUPS: 'Editor Groups'
|
||||||
|
EDITORMEMBERS: 'Editor Users'
|
||||||
EDITOR_GROUPS_FIELD_DESC: 'Groups with global edit permissions: {groupList}'
|
EDITOR_GROUPS_FIELD_DESC: 'Groups with global edit permissions: {groupList}'
|
||||||
EDIT_ALL_DESCRIPTION: 'Edit any page'
|
EDIT_ALL_DESCRIPTION: 'Edit any page'
|
||||||
EDIT_ALL_HELP: 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to ''Pages'' section" permission'
|
EDIT_ALL_HELP: 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to ''Pages'' section" permission'
|
||||||
@ -257,6 +259,7 @@ en:
|
|||||||
URLSegment: 'URL segment'
|
URLSegment: 'URL segment'
|
||||||
UntitledDependentObject: 'Untitled {instanceType}'
|
UntitledDependentObject: 'Untitled {instanceType}'
|
||||||
VIEWERGROUPS: 'Viewer Groups'
|
VIEWERGROUPS: 'Viewer Groups'
|
||||||
|
VIEWERMEMBERS: 'Viewer Users'
|
||||||
VIEWER_GROUPS_FIELD_DESC: 'Groups with global view permissions: {groupList}'
|
VIEWER_GROUPS_FIELD_DESC: 'Groups with global view permissions: {groupList}'
|
||||||
VIEW_ALL_DESCRIPTION: 'View any page'
|
VIEW_ALL_DESCRIPTION: 'View any page'
|
||||||
VIEW_ALL_HELP: 'Ability to view any page on the site, regardless of the settings on the Access tab. Requires the "Access to ''Pages'' section" permission'
|
VIEW_ALL_HELP: 'Ability to view any page on the site, regardless of the settings on the Access tab. Requires the "Access to ''Pages'' section" permission'
|
||||||
|
Loading…
Reference in New Issue
Block a user