Merge pull request #1536 from open-sausages/pulls/4.0/namespace-security

API Apply SilverStripe\Security namespace
This commit is contained in:
Hamish Friedlander 2016-07-07 13:24:25 +12:00 committed by GitHub
commit d2485a60fd
32 changed files with 401 additions and 367 deletions

View File

@ -3,6 +3,7 @@
use SilverStripe\ORM\SS_List;
use SilverStripe\ORM\ArrayList;
use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\Security\Permission;
/**
* Publish items batch action.

View File

@ -5,6 +5,9 @@ use SilverStripe\ORM\ArrayList;
use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\SS_List;
use SilverStripe\Security\Security;
use SilverStripe\Security\PermissionProvider;
/**
* AssetAdmin is the 'file store' section of the CMS.

View File

@ -7,6 +7,12 @@ use SilverStripe\ORM\ArrayList;
use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\DataList;
use SilverStripe\ORM\DB;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;
use SilverStripe\Security\SecurityToken;
use SilverStripe\Security\Permission;
use SilverStripe\Security\PermissionProvider;
/**
@ -35,7 +41,7 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
private static $tree_class = "SiteTree";
private static $subitem_class = "Member";
private static $subitem_class = "SilverStripe\\Security\\Member";
/**
* Amount of results showing on a single page.

View File

@ -2,6 +2,8 @@
use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\ValidationException;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;
class CMSPageAddController extends CMSPageEditController {

View File

@ -2,6 +2,7 @@
use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\Security\Security;
/**
* @package cms

View File

@ -8,6 +8,11 @@ use SilverStripe\ORM\SS_List;
use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\ORM\FieldType\DBVarchar;
use SilverStripe\ORM\FieldType\DBHTMLText;
use SilverStripe\Security\Security;
use SilverStripe\Security\MemberAuthenticator;
use SilverStripe\Security\Member;
use SilverStripe\Security\Permission;
/**
@ -119,6 +124,7 @@ class ContentController extends Controller {
if($this->redirectedTo()) return;
// Check page permissions
/** @skipUpgrade */
if($this->dataRecord && $this->URLSegment != 'Security' && !$this->dataRecord->canView()) {
return Security::permissionFailure($this);
}
@ -294,7 +300,7 @@ class ContentController extends Controller {
$logInMessage = sprintf(
'%s - <a href="%s">%s</a>' ,
_t('ContentController.NOTLOGGEDIN', 'Not logged in') ,
Config::inst()->get('Security', 'login_url'),
Security::config()->login_url,
_t('ContentController.LOGIN', 'Login') ."</a>"
);
}

View File

@ -8,6 +8,11 @@ use SilverStripe\ORM\ArrayList;
use SilverStripe\ORM\DB;
use SilverStripe\ORM\DataList;
use SilverStripe\ORM\HiddenClass;
use SilverStripe\Security\Member;
use SilverStripe\Security\Permission;
use SilverStripe\Security\Group;
use SilverStripe\Security\PermissionProvider;
/**
* Basic data-object representing all pages within the site tree. All page types that live within the hierarchy should
@ -138,8 +143,8 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
);
private static $many_many = array(
"ViewerGroups" => "Group",
"EditorGroups" => "Group",
"ViewerGroups" => "SilverStripe\\Security\\Group",
"EditorGroups" => "SilverStripe\\Security\\Group",
);
private static $has_many = array(
@ -783,7 +788,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
* @return bool True if the the member is allowed to do the given action
*/
public function can($perm, $member = null, $context = array()) {
if(!$member || !(is_a($member, 'Member')) || is_numeric($member)) {
if(!$member || !($member instanceof Member) || is_numeric($member)) {
$member = Member::currentUserID();
}
@ -822,7 +827,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
return false;
}
if(!$member || !(is_a($member, 'Member')) || is_numeric($member)) {
if(!$member || !($member instanceof Member) || is_numeric($member)) {
$member = Member::currentUserID();
}
@ -857,7 +862,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
* @return bool True if the current user can view this page
*/
public function canView($member = null) {
if(!$member || !(is_a($member, 'Member')) || is_numeric($member)) {
if(!$member || !($member instanceof Member) || is_numeric($member)) {
$member = Member::currentUserID();
}
@ -895,7 +900,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
// check for specific groups
if($member && is_numeric($member)) {
$member = DataObject::get_by_id('Member', $member);
$member = DataObject::get_by_id('SilverStripe\\Security\\Member', $member);
}
if(
$this->CanViewType == 'OnlyTheseUsers'
@ -965,7 +970,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
* @return bool True if the current user can create pages on this class.
*/
public function canCreate($member = null, $context = array()) {
if(!$member || !(is_a($member, 'Member')) || is_numeric($member)) {
if(!$member || !(is_a($member, 'SilverStripe\\Security\\Member')) || is_numeric($member)) {
$member = Member::currentUserID();
}
@ -1140,7 +1145,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
//$ids = array_keys(array_filter(self::can_view_multiple($ids, $memberID)));
// Get the groups that the given member belongs to
$groupIDs = DataObject::get_by_id('Member', $memberID)->Groups()->column("ID");
$groupIDs = DataObject::get_by_id('SilverStripe\\Security\\Member', $memberID)->Groups()->column("ID");
$SQL_groupList = implode(", ", $groupIDs);
if (!$SQL_groupList) $SQL_groupList = '0';

View File

@ -3,6 +3,9 @@
use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\ArrayList;
use SilverStripe\Security\Permission;
use SilverStripe\Security\Security;
/**
@ -90,7 +93,7 @@ in the other stage:<br />
$orphans = $this->getOrphanedPages($this->orphanedSearchClass);
if($orphans) foreach($orphans as $orphan) {
$latestVersion = Versioned::get_latest_version($this->orphanedSearchClass, $orphan->ID);
$latestAuthor = DataObject::get_by_id('Member', $latestVersion->AuthorID);
$latestAuthor = DataObject::get_by_id('SilverStripe\\Security\\Member', $latestVersion->AuthorID);
$orphanBaseTable = DataObject::getSchema()->baseDataTable($this->orphanedSearchClass);
$liveRecord = Versioned::get_one_by_stage(
$this->orphanedSearchClass,

View File

@ -36,8 +36,8 @@ class UpgradeSiteTreePermissionSchemaTask extends BuildTask {
$pageIDs = DB::query("SELECT ID FROM SiteTree")->column('ID');
foreach($pageIDs as $pageID) {
$page = DataObject::get_by_id('SiteTree', $pageID);
if($page->ViewersGroup && DataObject::get_by_id("Group", $page->ViewersGroup)) $page->ViewerGroups()->add($page->ViewersGroup);
if($page->EditorsGroup && DataObject::get_by_id("Group", $page->EditorsGroup)) $page->EditorGroups()->add($page->EditorsGroup);
if($page->ViewersGroup && DataObject::get_by_id("SilverStripe\\Security\\Group", $page->ViewersGroup)) $page->ViewerGroups()->add($page->ViewersGroup);
if($page->EditorsGroup && DataObject::get_by_id("SilverStripe\\Security\\Group", $page->EditorsGroup)) $page->EditorGroups()->add($page->EditorsGroup);
$page->destroy();
unset($page);

View File

@ -30,7 +30,7 @@ class CMSMainTest extends FunctionalTest {
function testSiteTreeHints() {
$cache = SS_Cache::factory('CMSMain_SiteTreeHints');
// Login as user with root creation privileges
$user = $this->objFromFixture('Member', 'rootedituser');
$user = $this->objFromFixture('SilverStripe\\Security\\Member', 'rootedituser');
$user->logIn();
$cache->clean(Zend_Cache::CLEANING_MODE_ALL);
@ -105,7 +105,7 @@ class CMSMainTest extends FunctionalTest {
public function testPublish() {
$page1 = $this->objFromFixture('Page', "page1");
$page2 = $this->objFromFixture('Page', "page2");
$this->session()->inst_set('loggedInAs', $this->idFromFixture('Member', 'admin'));
$this->session()->inst_set('loggedInAs', $this->idFromFixture('SilverStripe\\Security\\Member', 'admin'));
$response = $this->get('admin/pages/publishall?confirm=1');
$this->assertContains(
@ -215,7 +215,7 @@ class CMSMainTest extends FunctionalTest {
* Test that a draft-deleted page can still be opened in the CMS
*/
public function testDraftDeletedPageCanBeOpenedInCMS() {
$this->session()->inst_set('loggedInAs', $this->idFromFixture('Member', 'admin'));
$this->session()->inst_set('loggedInAs', $this->idFromFixture('SilverStripe\\Security\\Member', 'admin'));
// Set up a page that is delete from live
$page = $this->objFromFixture('Page', 'page1');
@ -273,8 +273,8 @@ class CMSMainTest extends FunctionalTest {
$origFollow = $this->autoFollowRedirection;
$this->autoFollowRedirection = false;
$cmsUser = $this->objFromFixture('Member', 'allcmssectionsuser');
$rootEditUser = $this->objFromFixture('Member', 'rootedituser');
$cmsUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'allcmssectionsuser');
$rootEditUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'rootedituser');
// with insufficient permissions
$cmsUser->logIn();
@ -324,7 +324,7 @@ class CMSMainTest extends FunctionalTest {
$origFollow = $this->autoFollowRedirection;
$this->autoFollowRedirection = false;
$adminUser = $this->objFromFixture('Member', 'admin');
$adminUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
$adminUser->logIn();
// Create toplevel page
@ -395,7 +395,7 @@ class CMSMainTest extends FunctionalTest {
public function testBreadcrumbs() {
$page3 = $this->objFromFixture('Page', 'page3');
$page31 = $this->objFromFixture('Page', 'page31');
$adminuser = $this->objFromFixture('Member', 'admin');
$adminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
$this->session()->inst_set('loggedInAs', $adminuser->ID);
$response = $this->get('admin/pages/edit/show/' . $page31->ID);

View File

@ -89,7 +89,7 @@ Page:
Title: Home
URLSegment: home
Sort: 27
Group:
SilverStripe\Security\Group:
admin:
Title: Administrators
empty:
@ -100,41 +100,41 @@ Group:
Title: allcmssections
rooteditusers:
Title: rooteditusers
Member:
SilverStripe\Security\Member:
admin:
Email: admin@example.com
Password: ZXXlkwecxz2390232233
Groups: =>Group.admin
Groups: =>SilverStripe\Security\Group.admin
assetsonlyuser:
Email: assetsonlyuser@test.com
Groups: =>Group.assetsonly
Groups: =>SilverStripe\Security\Group.assetsonly
allcmssectionsuser:
Email: allcmssectionsuser@test.com
Groups: =>Group.allcmssections
Groups: =>SilverStripe\Security\Group.allcmssections
rootedituser:
Email: rootedituser@test.com
Groups: =>Group.rooteditusers
Permission:
Groups: =>SilverStripe\Security\Group.rooteditusers
SilverStripe\Security\Permission:
admin:
Code: ADMIN
GroupID: =>Group.admin
GroupID: =>SilverStripe\Security\Group.admin
assetsonly:
Code: CMS_ACCESS_AssetAdmin
GroupID: =>Group.assetsonly
GroupID: =>SilverStripe\Security\Group.assetsonly
allcmssections:
Code: CMS_ACCESS_LeftAndMain
GroupID: =>Group.allcmssections
GroupID: =>SilverStripe\Security\Group.allcmssections
allcmssections2:
Code: CMS_ACCESS_LeftAndMain
GroupID: =>Group.rooteditusers
GroupID: =>SilverStripe\Security\Group.rooteditusers
SiteConfig:
siteconfig1:
EditorGroups: =>Group.rooteditusers
EditorGroups: =>SilverStripe\Security\Group.rooteditusers
CanCreateTopLevelType: 'OnlyTheseUsers'
SiteConfig_CreateTopLevelGroups:
createtoplevelgroups1:
SiteConfigID: =>SiteConfig.siteconfig1
GroupID: =>Group.rooteditusers
GroupID: =>SilverStripe\Security\Group.rooteditusers
RedirectorPage:
page5:
Title: Page 5

View File

@ -37,7 +37,7 @@ class ContentControllerPermissionsTest extends FunctionalTest {
// should redirect to login
$this->assertEquals($response->getStatusCode(), 302, 'Redirects to login page when not logged in for draft stage');
$this->assertContains(
Config::inst()->get('Security', 'login_url'),
Config::inst()->get('SilverStripe\\Security\\Security', 'login_url'),
$response->getHeader('Location')
);

View File

@ -1,26 +1,25 @@
Group:
SilverStripe\Security\Group:
editors:
Title: Editors
admins:
Title: Administrators
Permission:
SilverStripe\Security\Permission:
admins:
Code: VIEW_DRAFT_CONTENT
Group: =>Group.admins
Group: =>SilverStripe\Security\Group.admins
editors:
Group: =>Group.editors
Group: =>SilverStripe\Security\Group.editors
Member:
SilverStripe\Security\Member:
editor:
FirstName: Test
Surname: Editor
Groups: =>Group.editors
Groups: =>SilverStripe\Security\Group.editors
admin:
FirstName: Test
Surname: Administrator
Groups: =>Group.admins
Groups: =>SilverStripe\Security\Group.admins
ContentControllerTest_Page:
root_page:
@ -42,5 +41,4 @@ ContentControllerTest_Page:
Title: Contact Page
URLSegment: contact
CanViewType: OnlyTheseUsers
EditorGroups: =>Group.admins
EditorGroups: =>SilverStripe\Security\Group.admins

View File

@ -10,8 +10,6 @@ class ModelAsControllerTest extends FunctionalTest {
protected $usesDatabase = true;
protected static $fixture_file = 'ModelAsControllerTest.yml';
protected $autoFollowRedirection = false;
protected $orig = array();

View File

@ -1,4 +1,7 @@
<?php
use SilverStripe\Security\Member;
use SilverStripe\Security\Permission;
/**
* @package cms
* @subpackage tests
@ -25,8 +28,8 @@ class SilverStripeNavigatorTest extends SapphireTest {
public function testCanView() {
$page = $this->objFromFixture('Page', 'page1');
$admin = $this->objFromFixture('Member', 'admin');
$author = $this->objFromFixture('Member', 'assetsonlyuser');
$admin = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
$author = $this->objFromFixture('SilverStripe\\Security\\Member', 'assetsonlyuser');
$navigator = new SilverStripeNavigator($page);
// TODO Shouldn't be necessary but SapphireTest logs in as ADMIN by default

View File

@ -2,6 +2,7 @@
use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\ORM\DB;
use SilverStripe\Security\Permission;
/**
* Possible actions:
@ -23,7 +24,7 @@ class SiteTreeActionsTest extends FunctionalTest {
public function testActionsReadonly() {
if(class_exists('SiteTreeCMSWorkflow')) return true;
$readonlyEditor = $this->objFromFixture('Member', 'cmsreadonlyeditor');
$readonlyEditor = $this->objFromFixture('SilverStripe\\Security\\Member', 'cmsreadonlyeditor');
$this->session()->inst_set('loggedInAs', $readonlyEditor->ID);
$page = new SiteTreeActionsTest_Page();
@ -59,14 +60,14 @@ class SiteTreeActionsTest extends FunctionalTest {
$this->assertInstanceOf("SiteTree", $page);
// Check that someone without the right permission can't delete the page
$editor = $this->objFromFixture('Member', 'cmsnodeleteeditor');
$editor = $this->objFromFixture('SilverStripe\\Security\\Member', 'cmsnodeleteeditor');
$this->session()->inst_set('loggedInAs', $editor->ID);
$actions = $page->getCMSActions();
$this->assertNull($actions->dataFieldByName('action_deletefromlive'));
// Check that someone with the right permission can delete the page
$this->objFromFixture('Member', 'cmseditor')->logIn();
$this->objFromFixture('SilverStripe\\Security\\Member', 'cmseditor')->logIn();
$actions = $page->getCMSActions();
$this->assertNotNull($actions->dataFieldByName('action_deletefromlive'));
}
@ -74,7 +75,7 @@ class SiteTreeActionsTest extends FunctionalTest {
public function testActionsPublishedRecord() {
if(class_exists('SiteTreeCMSWorkflow')) return true;
$author = $this->objFromFixture('Member', 'cmseditor');
$author = $this->objFromFixture('SilverStripe\\Security\\Member', 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID);
$page = new Page();
@ -96,7 +97,7 @@ class SiteTreeActionsTest extends FunctionalTest {
public function testActionsDeletedFromStageRecord() {
if(class_exists('SiteTreeCMSWorkflow')) return true;
$author = $this->objFromFixture('Member', 'cmseditor');
$author = $this->objFromFixture('SilverStripe\\Security\\Member', 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID);
$page = new Page();
@ -124,7 +125,7 @@ class SiteTreeActionsTest extends FunctionalTest {
public function testActionsChangedOnStageRecord() {
if(class_exists('SiteTreeCMSWorkflow')) return true;
$author = $this->objFromFixture('Member', 'cmseditor');
$author = $this->objFromFixture('SilverStripe\\Security\\Member', 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID);
$page = new Page();

View File

@ -1,4 +1,4 @@
Permission:
SilverStripe\Security\Permission:
cmsmain1:
Code: CMS_ACCESS_CMSMain
cmsmain2:
@ -11,23 +11,23 @@ Permission:
Code: SiteTreeActionsTest_Page_CANEDIT
canedit2:
Code: SiteTreeActionsTest_Page_CANEDIT
Group:
SilverStripe\Security\Group:
cmseditors:
Title: CMS Editors
Permissions: =>Permission.cmsmain1,=>Permission.canedit1,=>Permission.candelete
Permissions: =>SilverStripe\Security\Permission.cmsmain1,=>SilverStripe\Security\Permission.canedit1,=>SilverStripe\Security\Permission.candelete
cmsreadonly:
Title: CMS Readonly
Permissions: =>Permission.cmsmain2
Permissions: =>SilverStripe\Security\Permission.cmsmain2
cmsnodelete:
Title: CMS No Delete
Permissions: =>Permission.cmsmain3,=>Permission.canedit2
Member:
Permissions: =>SilverStripe\Security\Permission.cmsmain3,=>SilverStripe\Security\Permission.canedit2
SilverStripe\Security\Member:
cmseditor:
Email: cmseditor@test.com
Groups: =>Group.cmseditors
Groups: =>SilverStripe\Security\Group.cmseditors
cmsreadonlyeditor:
Email: cmsreadonlyeditor@test.com
Groups: =>Group.cmsreadonly
Groups: =>SilverStripe\Security\Group.cmsreadonly
cmsnodeleteeditor:
Email: cmsnodeleteeditor@test.com
Groups: =>Group.cmsnodelete
Groups: =>SilverStripe\Security\Group.cmsnodelete

View File

@ -1,6 +1,7 @@
<?php
use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\Security\Member;
/**
* @package cms
@ -50,7 +51,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
}
$this->assertEquals($response->getStatusCode(), '302');
$this->assertContains(
Config::inst()->get('Security', 'login_url'),
Config::inst()->get('SilverStripe\\Security\\Security', 'login_url'),
$response->getHeader('Location')
);
@ -78,7 +79,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
$page = Versioned::get_one_by_stage('SiteTree', 'Live', "\"SiteTree\".\"ID\" = $pageID");
// subadmin has edit rights on that page
$member = $this->objFromFixture('Member','subadmin');
$member = $this->objFromFixture('SilverStripe\\Security\\Member','subadmin');
$member->logIn();
// Test can_edit_multiple
@ -100,7 +101,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
$page->doUnpublish();
// subadmin has edit rights on that page
$member = $this->objFromFixture('Member','subadmin');
$member = $this->objFromFixture('SilverStripe\\Security\\Member','subadmin');
$member->logIn();
// Test can_edit_multiple
@ -126,7 +127,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
$page = Versioned::get_latest_version('SiteTree', $pageID);
// subadmin had edit rights on that page, but now it's gone
$member = $this->objFromFixture('Member','subadmin');
$member = $this->objFromFixture('SilverStripe\\Security\\Member','subadmin');
$member->logIn();
$this->assertFalse($page->canEdit());
@ -143,8 +144,8 @@ class SiteTreePermissionsTest extends FunctionalTest {
$page->Title = 1;
$page->write();
$editor = $this->objFromFixture('Member', 'editor');
$websiteuser = $this->objFromFixture('Member', 'websiteuser');
$editor = $this->objFromFixture('SilverStripe\\Security\\Member', 'editor');
$websiteuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
$this->assertTrue($page->canViewStage('Live', $websiteuser));
$this->assertFalse($page->canViewStage('Stage', $websiteuser));
@ -158,7 +159,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
public function testAccessTabOnlyDisplaysWithGrantAccessPermissions() {
$page = $this->objFromFixture('Page', 'standardpage');
$subadminuser = $this->objFromFixture('Member', 'subadmin');
$subadminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'subadmin');
$this->session()->inst_set('loggedInAs', $subadminuser->ID);
$fields = $page->getSettingsFields();
$this->assertFalse(
@ -170,7 +171,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
'Users with SITETREE_GRANT_ACCESS permission can change "edit" permissions in cms fields'
);
$editoruser = $this->objFromFixture('Member', 'editor');
$editoruser = $this->objFromFixture('SilverStripe\\Security\\Member', 'editor');
$this->session()->inst_set('loggedInAs', $editoruser->ID);
$fields = $page->getSettingsFields();
$this->assertTrue(
@ -202,7 +203,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
);
// website users
$websiteuser = $this->objFromFixture('Member', 'websiteuser');
$websiteuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
$this->assertTrue(
$page->canView($websiteuser),
'Authenticated members can view a page marked as "Viewable for any logged in users" even if they dont have access to the CMS'
@ -234,7 +235,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
);
// subadmin users
$subadminuser = $this->objFromFixture('Member', 'subadmin');
$subadminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'subadmin');
$this->assertFalse(
$page->canView($subadminuser),
'Authenticated members cant view a page marked as "Viewable by these groups" if theyre not in the listed groups'
@ -249,7 +250,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
$this->session()->inst_set('loggedInAs', null);
// website users
$websiteuser = $this->objFromFixture('Member', 'websiteuser');
$websiteuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
$this->assertTrue(
$page->canView($websiteuser),
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups'
@ -274,7 +275,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
);
// website users
$websiteuser = $this->objFromFixture('Member', 'websiteuser');
$websiteuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
$websiteuser->logIn();
$this->assertFalse(
$page->canEdit($websiteuser),
@ -282,7 +283,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
);
// subadmin users
$subadminuser = $this->objFromFixture('Member', 'subadmin');
$subadminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'subadmin');
$this->assertTrue(
$page->canEdit($subadminuser),
'Authenticated members can edit a page marked as "Editable by logged in users" if they have cms permissions and belong to any of these groups'
@ -299,14 +300,14 @@ class SiteTreePermissionsTest extends FunctionalTest {
);
// subadmin users
$subadminuser = $this->objFromFixture('Member', 'subadmin');
$subadminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'subadmin');
$this->assertTrue(
$page->canEdit($subadminuser),
'Authenticated members can view a page marked as "Editable by these groups" if theyre in the listed groups'
);
// website users
$websiteuser = $this->objFromFixture('Member', 'websiteuser');
$websiteuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
$this->assertFalse(
$page->canEdit($websiteuser),
'Authenticated members cant edit a page marked as "Editable by these groups" if theyre not in the listed groups'
@ -331,7 +332,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
);
// subadmin users
$subadminuser = $this->objFromFixture('Member', 'subadmin');
$subadminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'subadmin');
$this->assertTrue(
$childPage->canView($subadminuser),
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups by inherited permission'
@ -357,7 +358,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
);
// subadmin users
$subadminuser = $this->objFromFixture('Member', 'subadmin');
$subadminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'subadmin');
$this->assertTrue(
$childPage->canEdit($subadminuser),
'Authenticated members can edit a page marked as "Editable by these groups" if theyre in the listed groups by inherited permission'
@ -393,7 +394,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
$this->assertTrue(is_object($page), 'Versioned::get_one_by_stage() is returning an object');
// subadmin users
$subadminuser = $this->objFromFixture('Member', 'subadmin');
$subadminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'subadmin');
$this->assertTrue(
$page->canEdit($subadminuser),
'Authenticated members can edit a page that was deleted from stage and marked as "Editable by logged in users" if they have cms permissions and belong to any of these groups'
@ -403,8 +404,8 @@ class SiteTreePermissionsTest extends FunctionalTest {
public function testInheritCanViewFromSiteConfig() {
$page = $this->objFromFixture('Page', 'inheritWithNoParent');
$siteconfig = $this->objFromFixture('SiteConfig', 'default');
$editor = $this->objFromFixture('Member', 'editor');
$editorGroup = $this->objFromFixture('Group', 'editorgroup');
$editor = $this->objFromFixture('SilverStripe\\Security\\Member', 'editor');
$editorGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'editorgroup');
$siteconfig->CanViewType = 'Anyone';
$siteconfig->write();
@ -428,9 +429,9 @@ class SiteTreePermissionsTest extends FunctionalTest {
public function testInheritCanEditFromSiteConfig() {
$page = $this->objFromFixture('Page', 'inheritWithNoParent');
$siteconfig = $this->objFromFixture('SiteConfig', 'default');
$editor = $this->objFromFixture('Member', 'editor');
$user = $this->objFromFixture('Member', 'websiteuser');
$editorGroup = $this->objFromFixture('Group', 'editorgroup');
$editor = $this->objFromFixture('SilverStripe\\Security\\Member', 'editor');
$user = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
$editorGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'editorgroup');
$siteconfig->CanEditType = 'LoggedInUsers';
$siteconfig->write();

View File

@ -4,37 +4,37 @@ SiteConfig:
Tagline: There is no doubt this is a great test site
CanViewType: Anyone
CanEditType: LoggedInUsers
Permission:
SilverStripe\Security\Permission:
cmsmain1:
Code: CMS_ACCESS_CMSMain
cmsmain2:
Code: CMS_ACCESS_CMSMain
grantaccess:
Code: SITETREE_GRANT_ACCESS
Group:
SilverStripe\Security\Group:
subadmingroup:
Title: Create, edit and delete pages
Code: subadmingroup
Permissions: =>Permission.cmsmain1,=>Permission.grantaccess
Permissions: =>SilverStripe\Security\Permission.cmsmain1,=>SilverStripe\Security\Permission.grantaccess
editorgroup:
Title: Edit existing pages
Code: editorgroup
Permissions: =>Permission.cmsmain2
Permissions: =>SilverStripe\Security\Permission.cmsmain2
websiteusers:
Title: View certain restricted pages
Member:
SilverStripe\Security\Member:
subadmin:
Email: subadmin@test.com
Password: test
Groups: =>Group.subadmingroup
Groups: =>SilverStripe\Security\Group.subadmingroup
editor:
Email: editor@test.com
Password: test
Groups: =>Group.editorgroup
Groups: =>SilverStripe\Security\Group.editorgroup
websiteuser:
Email: websiteuser@test.com
Password: test
Groups: =>Group.websiteusers
Groups: =>SilverStripe\Security\Group.websiteusers
Page:
standardpage:
URLSegment: standardpage
@ -43,18 +43,18 @@ Page:
URLSegment: restrictedViewLoggedInUsers
restrictedViewOnlyWebsiteUsers:
CanViewType: OnlyTheseUsers
ViewerGroups: =>Group.websiteusers
ViewerGroups: =>SilverStripe\Security\Group.websiteusers
URLSegment: restrictedViewOnlyWebsiteUsers
restrictedViewOnlySubadminGroup:
CanViewType: OnlyTheseUsers
ViewerGroups: =>Group.subadmingroup
ViewerGroups: =>SilverStripe\Security\Group.subadmingroup
URLSegment: restrictedViewOnlySubadminGroup
restrictedEditLoggedInUsers:
CanEditType: LoggedInUsers
URLSegment: restrictedEditLoggedInUsers
restrictedEditOnlySubadminGroup:
CanEditType: OnlyTheseUsers
EditorGroups: =>Group.subadmingroup
EditorGroups: =>SilverStripe\Security\Group.subadmingroup
URLSegment: restrictedEditOnlySubadminGroup
inheritWithNoParent:
CanEditType: Inherit
@ -62,7 +62,7 @@ Page:
URLSegment: inheritWithNoParent
parent_restrictedViewOnlySubadminGroup:
CanViewType: OnlyTheseUsers
ViewerGroups: =>Group.subadmingroup
ViewerGroups: =>SilverStripe\Security\Group.subadmingroup
URLSegment: parent-restrictedViewOnlySubadminGroup
child_restrictedViewOnlySubadminGroup:
CanViewType: Inherit
@ -70,7 +70,7 @@ Page:
URLSegment: child-restrictedViewOnlySubadminGroup
parent_restrictedEditOnlySubadminGroup:
CanEditType: OnlyTheseUsers
EditorGroups: =>Group.subadmingroup
EditorGroups: =>SilverStripe\Security\Group.subadmingroup
URLSegment: parent-restrictedEditOnlySubadminGroup
child_restrictedEditOnlySubadminGroup:
CanEditType: Inherit
@ -81,7 +81,7 @@ Page:
URLSegment: deleteTestParentPage
deleteTestChildPage:
CanEditType: OnlyTheseUsers
EditorGroups: =>Group.subadmingroup
EditorGroups: =>SilverStripe\Security\Group.subadmingroup
URLSegment: deleteTestChildPage
draftOnlyPage:
CanViewType: Anyone

View File

@ -5,6 +5,9 @@ use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\ValidationException;
use SilverStripe\ORM\DataExtension;
use SilverStripe\Security\Member;
use SilverStripe\Security\Permission;
use SilverStripe\Security\Group;
/**
* @package cms
@ -459,7 +462,7 @@ class SiteTreeTest extends SapphireTest {
}
public function testEditPermissions() {
$editor = $this->objFromFixture("Member", "editor");
$editor = $this->objFromFixture("SilverStripe\\Security\\Member", "editor");
$home = $this->objFromFixture("Page", "home");
$staff = $this->objFromFixture("Page", "staff");
@ -487,8 +490,8 @@ class SiteTreeTest extends SapphireTest {
public function testCanEditWithAccessToAllSections() {
$page = new Page();
$page->write();
$allSectionMember = $this->objFromFixture('Member', 'allsections');
$securityAdminMember = $this->objFromFixture('Member', 'securityadmin');
$allSectionMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'allsections');
$securityAdminMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'securityadmin');
$this->assertTrue($page->canEdit($allSectionMember));
$this->assertFalse($page->canEdit($securityAdminMember));
@ -532,31 +535,31 @@ class SiteTreeTest extends SapphireTest {
// Lock down the site config
$sc = $page->SiteConfig;
$sc->CanEditType = 'OnlyTheseUsers';
$sc->EditorGroups()->add($this->idFromFixture('Group', 'admins'));
$sc->EditorGroups()->add($this->idFromFixture('SilverStripe\\Security\\Group', 'admins'));
$sc->write();
// Confirm that Member.editor can't edit the page
$this->objFromFixture('Member','editor')->logIn();
$this->objFromFixture('SilverStripe\\Security\\Member','editor')->logIn();
$this->assertFalse($page->canEdit());
// Change the page to be editable by Group.editors, but do not publish
$this->objFromFixture('Member','admin')->logIn();
$this->objFromFixture('SilverStripe\\Security\\Member','admin')->logIn();
$page->CanEditType = 'OnlyTheseUsers';
$page->EditorGroups()->add($this->idFromFixture('Group', 'editors'));
$page->EditorGroups()->add($this->idFromFixture('SilverStripe\\Security\\Group', 'editors'));
$page->write();
// Clear permission cache
SiteTree::on_db_reset();
// Confirm that Member.editor can now edit the page
$this->objFromFixture('Member','editor')->logIn();
$this->objFromFixture('SilverStripe\\Security\\Member','editor')->logIn();
$this->assertTrue($page->canEdit());
// Publish the changes to the page
$this->objFromFixture('Member','admin')->logIn();
$this->objFromFixture('SilverStripe\\Security\\Member','admin')->logIn();
$page->publishRecursive();
// Confirm that Member.editor can still edit the page
$this->objFromFixture('Member','editor')->logIn();
$this->objFromFixture('SilverStripe\\Security\\Member','editor')->logIn();
$this->assertTrue($page->canEdit());
}
@ -592,7 +595,7 @@ class SiteTreeTest extends SapphireTest {
if($member) {
$memberID = $member->ID;
} else {
$memberID = $this->idFromFixture("Member", "admin");
$memberID = $this->idFromFixture("SilverStripe\\Security\\Member", "admin");
Session::set("loggedInAs", $memberID);
}

View File

@ -6,7 +6,7 @@ SiteConfig:
CanEditType: LoggedInUsers
CanCreateTopLevelType: LoggedInUsers
Group:
SilverStripe\Security\Group:
editors:
Title: Editors
admins:
@ -16,43 +16,43 @@ Group:
securityadmins:
Title: Security Admins
Permission:
SilverStripe\Security\Permission:
admins:
Code: ADMIN
Group: =>Group.admins
Group: =>SilverStripe\Security\Group.admins
editors:
Code: CMS_ACCESS_CMSMain
Group: =>Group.editors
Group: =>SilverStripe\Security\Group.editors
allsections:
Code: CMS_ACCESS_LeftAndMain
Group: =>Group.allsections
Group: =>SilverStripe\Security\Group.allsections
securityadmins:
Code: CMS_ACCESS_SecurityAdmin
Group: =>Group.securityadmins
Group: =>SilverStripe\Security\Group.securityadmins
Member:
SilverStripe\Security\Member:
editor:
FirstName: Test
Surname: Editor
Groups: =>Group.editors
Groups: =>SilverStripe\Security\Group.editors
admin:
FirstName: Test
Surname: Administrator
Groups: =>Group.admins
Groups: =>SilverStripe\Security\Group.admins
allsections:
Groups: =>Group.allsections
Groups: =>SilverStripe\Security\Group.allsections
securityadmin:
Groups: =>Group.securityadmins
Groups: =>SilverStripe\Security\Group.securityadmins
Page:
home:
Title: Home
CanEditType: OnlyTheseUsers
EditorGroups: =>Group.admins
EditorGroups: =>SilverStripe\Security\Group.admins
about:
Title: About Us
CanEditType: OnlyTheseUsers
EditorGroups: =>Group.admins
EditorGroups: =>SilverStripe\Security\Group.admins
staff:
Title: Staff
URLSegment: my-staff
@ -68,7 +68,7 @@ Page:
products:
Title: Products
CanEditType: OnlyTheseUsers
EditorGroups: =>Group.editors
EditorGroups: =>SilverStripe\Security\Group.editors
product1:
Title: 1.1 Test Product
Parent: =>Page.products
@ -85,7 +85,7 @@ Page:
Title: Another Product
Parent: =>Page.products
CanEditType: OnlyTheseUsers
EditorGroups: =>Group.admins
EditorGroups: =>SilverStripe\Security\Group.admins
contact:
Title: Contact Us
object:

View File

@ -229,8 +229,8 @@ class VirtualPageTest extends FunctionalTest {
public function testCanEdit() {
$parentPage = $this->objFromFixture('Page', 'master3');
$virtualPage = $this->objFromFixture('VirtualPage', 'vp3');
$bob = $this->objFromFixture('Member', 'bob');
$andrew = $this->objFromFixture('Member', 'andrew');
$bob = $this->objFromFixture('SilverStripe\\Security\\Member', 'bob');
$andrew = $this->objFromFixture('SilverStripe\\Security\\Member', 'andrew');
// Bob can edit the mirrored page, but he shouldn't be able to edit the virtual page.
$this->logInAs($bob);
@ -248,8 +248,8 @@ class VirtualPageTest extends FunctionalTest {
$parentPage->copyVersionToStage(Versioned::DRAFT, Versioned::LIVE);
$virtualPage = $this->objFromFixture('VirtualPage', 'vp3');
$virtualPage->copyVersionToStage(Versioned::DRAFT, Versioned::LIVE);
$cindy = $this->objFromFixture('Member', 'cindy');
$alice = $this->objFromFixture('Member', 'alice');
$cindy = $this->objFromFixture('SilverStripe\\Security\\Member', 'cindy');
$alice = $this->objFromFixture('SilverStripe\\Security\\Member', 'alice');
// Cindy can see both pages
$this->logInAs($cindy);

View File

@ -1,4 +1,4 @@
Group:
SilverStripe\Security\Group:
bobgroup:
Title: BobGroup
code: bobgroup
@ -10,27 +10,27 @@ Group:
code: cindygroup
alicegroup:
Title: AliceGroup
code: alicegrouip
Permission:
code: alicegroup
SilverStripe\Security\Permission:
bobpermission:
Code: CMS_ACCESS_CMSMain
Group: =>Group.bobgroup
Group: =>SilverStripe\Security\Group.bobgroup
andrewpermission:
Code: CMS_ACCESS_CMSMain
Group: =>Group.andrewgroup
Member:
Group: =>SilverStripe\Security\Group.andrewgroup
SilverStripe\Security\Member:
bob:
Email: bob@bobby.com
Groups: =>Group.bobgroup
Groups: =>SilverStripe\Security\Group.bobgroup
andrew:
Email: andrew@andrew.com
Groups: =>Group.andrewgroup
Groups: =>SilverStripe\Security\Group.andrewgroup
cindy:
Email: cindy@cindy.com
Groups: =>Group.cindygroup
Groups: =>SilverStripe\Security\Group.cindygroup
alice:
Email: alice@alice.com
Groups: =>Group.alicegroup
Groups: =>SilverStripe\Security\Group.alicegroup
Page:
master:
Title: My Page
@ -44,7 +44,7 @@ Page:
Title: CanEditBob
CanEditType: OnlyTheseUsers
CanViewType: Inherit
EditorGroups: =>Group.bobgroup
EditorGroups: =>SilverStripe\Security\Group.bobgroup
VirtualPage:
vp1:
Title: vp1
@ -59,5 +59,5 @@ VirtualPage:
Parent: =>Page.holder
CanEditType: OnlyTheseUsers
CanViewType: OnlyTheseUsers
EditorGroups: =>Group.andrewgroup
ViewerGroups: =>Group.cindygroup
EditorGroups: =>SilverStripe\Security\Group.andrewgroup
ViewerGroups: =>SilverStripe\Security\Group.cindygroup

View File

@ -4,7 +4,7 @@ class CMSMainSearchFormTest extends FunctionalTest {
protected static $fixture_file = '../controller/CMSMainTest.yml';
public function testTitleFilter() {
$this->session()->inst_set('loggedInAs', $this->idFromFixture('Member', 'admin'));
$this->session()->inst_set('loggedInAs', $this->idFromFixture('SilverStripe\\Security\\Member', 'admin'));
$response = $this->get(
'admin/pages/SearchForm/?' .

View File

@ -2,6 +2,9 @@
use SilverStripe\ORM\DB;
use SilverStripe\ORM\Versioning\Versioned;
use SilverStripe\MSSQL\MSSQLDatabase;
use SilverStripe\PostgreSQL\PostgreSQLDatabase;
/**
* @package cms
@ -51,7 +54,7 @@ class ZZZSearchFormTest extends FunctionalTest {
*/
protected function checkFulltextSupport() {
$conn = DB::get_conn();
if(class_exists('MSSQLDatabase') && $conn instanceof MSSQLDatabase) {
if(class_exists('SilverStripe\\MSSQL\\MSSQLDatabase') && $conn instanceof MSSQLDatabase) {
$supports = $conn->fullTextEnabled();
} else {
$supports = true;
@ -137,7 +140,7 @@ class ZZZSearchFormTest extends FunctionalTest {
'Page with "Restrict to logged in users" doesnt show without valid login'
);
$member = $this->objFromFixture('Member', 'randomuser');
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'randomuser');
$member->logIn();
$results = $sf->getResults(null, array('Search'=>'restrictedViewLoggedInUsers'));
$this->assertContains(
@ -162,7 +165,7 @@ class ZZZSearchFormTest extends FunctionalTest {
'Page with "Restrict to these users" doesnt show without valid login'
);
$member = $this->objFromFixture('Member', 'randomuser');
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'randomuser');
$member->logIn();
$results = $sf->getResults(null, array('Search'=>'restrictedViewOnlyWebsiteUsers'));
$this->assertNotContains(
@ -172,7 +175,7 @@ class ZZZSearchFormTest extends FunctionalTest {
);
$member->logOut();
$member = $this->objFromFixture('Member', 'websiteuser');
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
$member->logIn();
$results = $sf->getResults(null, array('Search'=>'restrictedViewOnlyWebsiteUsers'));
$this->assertContains(
@ -198,7 +201,7 @@ class ZZZSearchFormTest extends FunctionalTest {
'Page inheriting "Restrict to loggedin users" doesnt show without valid login'
);
$member = $this->objFromFixture('Member', 'websiteuser');
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
$member->logIn();
$results = $sf->getResults(null, array('Search'=>'inheritRestrictedView'));
$this->assertContains(
@ -251,7 +254,7 @@ class ZZZSearchFormTest extends FunctionalTest {
public function testSearchTitleAndContentWithSpecialCharacters() {
if(!$this->checkFulltextSupport()) return;
if(class_exists('PostgreSQLDatabase') && DB::get_conn() instanceof PostgreSQLDatabase) {
if(class_exists('SilverStripe\\PostgreSQL\\PostgreSQLDatabase') && DB::get_conn() instanceof PostgreSQLDatabase) {
$this->markTestSkipped("PostgreSQLDatabase doesn't support entity-encoded searches");
}

View File

@ -1,14 +1,14 @@
Group:
SilverStripe\Security\Group:
websiteusers:
Title: View certain restricted pages
Member:
SilverStripe\Security\Member:
randomuser:
Email: randomuser@test.com
Password: test
websiteuser:
Email: websiteuser@test.com
Password: test
Groups: =>Group.websiteusers
Groups: =>SilverStripe\Security\Group.websiteusers
SiteTree:
searchformholder:
URLSegment: searchformholder
@ -22,7 +22,7 @@ SiteTree:
Title: restrictedViewLoggedInUsers
restrictedViewOnlyWebsiteUsers:
CanViewType: OnlyTheseUsers
ViewerGroups: =>Group.websiteusers
ViewerGroups: =>SilverStripe\Security\Group.websiteusers
Title: restrictedViewOnlyWebsiteUsers
inheritRestrictedView:
CanViewType: Inherit