mirror of
https://github.com/silverstripe/silverstripe-cms
synced 2024-10-22 06:05:56 +00:00
ENHANCEMENT Allowing to hide certain permission from showing in SecurityAdmin through add_hidden_permission() (refactored from r92428)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@92866 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer
parent
8e8f9c5e77
commit
7a1e3a9bda
@ -26,6 +26,11 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
||||
'EditForm',
|
||||
);
|
||||
|
||||
/**
|
||||
* @var Array
|
||||
*/
|
||||
static $hidden_permissions = array();
|
||||
|
||||
public function init() {
|
||||
parent::init();
|
||||
|
||||
@ -42,6 +47,10 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
||||
'action_save'
|
||||
);
|
||||
|
||||
// Filter permissions
|
||||
$permissionField = $form->Fields()->dataFieldByName('Permissions');
|
||||
if($permissionField) $permissionField->setHiddenPermissions(self::$hidden_permissions);
|
||||
|
||||
return $form;
|
||||
}
|
||||
|
||||
@ -214,15 +223,36 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
||||
}
|
||||
|
||||
/**
|
||||
* the permissions represented in the $codes will not appearing in the form
|
||||
* containning {@link PermissionCheckboxSetField} so as not to be checked / unchecked.
|
||||
* @param $codes array of permission code
|
||||
* @return void
|
||||
* The permissions represented in the $codes will not appearing in the form
|
||||
* containing {@link PermissionCheckboxSetField} so as not to be checked / unchecked.
|
||||
*
|
||||
* @param $codes String|Array
|
||||
*/
|
||||
static function hide_permissions($codes){
|
||||
foreach($codes as $code){
|
||||
Permission::add_to_hidden_permissions($code);
|
||||
}
|
||||
static function add_hidden_permission($codes){
|
||||
if(is_string($codes)) $codes = array($codes);
|
||||
self::$hidden_permissions += $codes;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $codes String|Array
|
||||
*/
|
||||
static function remove_hidden_permission($codes){
|
||||
if(is_string($codes)) $codes = array($codes);
|
||||
self::$hidden_permissions = array_diff(self::$hidden_permissions, $codes);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Array
|
||||
*/
|
||||
static function get_hidden_permissions(){
|
||||
return self::$hidden_permissions;
|
||||
}
|
||||
|
||||
/**
|
||||
* Clear all permissions previously hidden with {@link add_hidden_permission}
|
||||
*/
|
||||
static function clear_hidden_permissions(){
|
||||
self::$hidden_permissions = array();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -36,16 +36,51 @@ class SecurityAdminTest extends FunctionalTest {
|
||||
$this->assertEquals($lines[1], '', "Empty export only has no content row");
|
||||
}
|
||||
|
||||
function testHidePermissions() {
|
||||
$permissionCheckboxSet = new PermissionCheckboxSetField('Permissions','Permissions','Permission','GroupID');
|
||||
$this->assertContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field());
|
||||
$this->assertContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field());
|
||||
function testAddHiddenPermission() {
|
||||
SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
|
||||
SecurityAdmin::hide_permissions(array('CMS_ACCESS_CMSMain','CMS_ACCESS_AssetAdmin'));
|
||||
$this->assertNotContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field());
|
||||
$this->assertNotContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field());
|
||||
// reset to defaults
|
||||
SecurityAdmin::clear_hidden_permissions();
|
||||
}
|
||||
|
||||
function testRemoveHiddenPermission() {
|
||||
SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
SecurityAdmin::remove_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertNotContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
|
||||
// reset to defaults
|
||||
SecurityAdmin::clear_hidden_permissions();
|
||||
}
|
||||
|
||||
function testClearHiddenPermission() {
|
||||
SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
SecurityAdmin::clear_hidden_permissions('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertNotContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
}
|
||||
|
||||
function testPermissionFieldRespectsHiddenPermissions() {
|
||||
$this->session()->inst_set('loggedInAs', $this->idFromFixture('Member', 'admin'));
|
||||
|
||||
$group = $this->objFromFixture('Group', 'admin');
|
||||
|
||||
SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$response = $this->get('admin/security/show/' . $group->ID);
|
||||
|
||||
$this->assertContains(
|
||||
'CMS_ACCESS_CMSMain',
|
||||
$response->getBody()
|
||||
);
|
||||
$this->assertNotContains(
|
||||
'CMS_ACCESS_ReportAdmin',
|
||||
$response->getBody()
|
||||
);
|
||||
|
||||
// reset to defaults
|
||||
SecurityAdmin::clear_hidden_permissions();
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
Loading…
x
Reference in New Issue
Block a user