tonyair/silverstripe-cms
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-cms synced 2024-10-22 06:05:56 +00:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/3.1.0' into 3.1

Browse Source
This commit is contained in:
Ingo Schommer 2013-08-20 21:00:00 +02:00
commit d4e9471820
3 changed files with 43 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
code/controllers/ContentController.php
View File

@ -101,12 +101,22 @@ class ContentController extends Controller {
if($this->redirectedTo()) return;
// Check page permissions
if($this->dataRecord && $this->URLSegment != 'Security' && !$this->dataRecord->canView()) {
$permissionMessage = null;
// Check if we could view the live version, offer redirect if so
if($this->canViewStage('Live')) {
// Draft/Archive security check - only CMS users should be able to look at stage/archived content
if(
$this->URLSegment != 'Security'
&& !Session::get('unsecuredDraftSite')
&& (
Versioned::current_archived_date()
|| (Versioned::current_stage() && Versioned::current_stage() != 'Live')
)
) {
if(!$this->dataRecord->canViewStage(Versioned::current_archived_date() ? 'Stage' : Versioned::current_stage())) {
$link = $this->Link();
$message = _t(
"ContentController.DRAFT_SITE_ACCESS_RESTRICTION",
'You must log in with your CMS password in order to view the draft or archived content. ' .
'<a href="%s">Click here to go back to the published site.</a>'
);
Session::clear('currentStage');
Session::clear('archiveDate');
@ -215,7 +225,7 @@ class ContentController extends Controller {
$response = $this->request->isMedia() ? null : ErrorPage::response_for($code);
// Failover to $message if the HTML response is unavailable / inappropriate
parent::httpError($code, $response ? $response : $message);
}
}
/**
* Get the project name

20
code/model/SiteTree.php
View File

@ -841,8 +841,8 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
}
if(!$fromLive
&& !Session::get('unsecuredDraftSite')
&& !Permission::checkMember($member, array('CMS_ACCESS_CMSMain', 'VIEW_DRAFT_CONTENT'))) {
&& !Session::get('unsecuredDraftSite')
&& !Permission::checkMember($member, array('CMS_ACCESS_CMSMain', 'VIEW_DRAFT_CONTENT'))) {
// If we weren't definitely loaded from live, and we can't view non-live content, we need to
// check to make sure this version is the live version and so can be viewed
if (Versioned::get_versionnumber_by_stage($this->class, 'Live', $this->ID) != $this->Version) return false;
@ -1607,7 +1607,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
);
return !($existingPage);
}
}
/**
* Generate a URL segment based on the title provided.
@ -1712,7 +1712,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
foreach($contentLinks as $item) {
$item->DependentLinkType = 'Content link';
$linkList->push($item);
}
}
$items->merge($linkList);
}
@ -1724,9 +1724,9 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
foreach($virtuals as $item) {
$item->DependentLinkType = 'Virtual page';
$virtualList->push($item);
}
$items->merge($virtualList);
}
$items->merge($virtualList);
}
}
// Redirector pages
@ -1736,7 +1736,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
foreach($redirectors as $item) {
$item->DependentLinkType = 'Redirector page';
$redirectorList->push($item);
}
}
$items->merge($redirectorList);
}
@ -1999,9 +1999,9 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
->setAttribute(
'data-placeholder',
_t('SiteTree.GroupPlaceholder', 'Click to select group')
)
)
)
)
);
$visibility->setTitle($this->fieldLabel('Visibility'));
@ -2226,7 +2226,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
// Set up the initial state of the button to reflect the state of the underlying SiteTree object.
if($this->stagesDiffer('Stage', 'Live')) {
$publish->addExtraClass('ss-ui-alternate');
}
}
}
$actions = new FieldList(array($majorActions, $rootTabSet));
@ -2666,7 +2666,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
if(!$this->canEdit() && !$this->canAddChildren()) {
if (!$this->canView()) {
$classes .= " disabled";
$classes .= " disabled";
} else {
$classes .= " edit-disabled";
}

5
tests/search/SearchFormTest.php
View File

@ -109,7 +109,6 @@ class ZZZSearchFormTest extends FunctionalTest {
$page = $this->objFromFixture('SiteTree', 'restrictedViewLoggedInUsers');
$page->publish('Stage', 'Live');
$results = $sf->getResults(null, array('Search'=>'restrictedViewLoggedInUsers'));
$this->assertNotContains(
$page->ID,
@ -135,7 +134,6 @@ class ZZZSearchFormTest extends FunctionalTest {
$page = $this->objFromFixture('SiteTree', 'restrictedViewOnlyWebsiteUsers');
$page->publish('Stage', 'Live');
$results = $sf->getResults(null, array('Search'=>'restrictedViewOnlyWebsiteUsers'));
$this->assertNotContains(
$page->ID,
@ -165,8 +163,6 @@ class ZZZSearchFormTest extends FunctionalTest {
}
public function testInheritedRestrictedPagesNotIncluded() {
if(!$this->checkFulltextSupport()) return;
$sf = new SearchForm($this->mockController, 'SearchForm');
$parent = $this->objFromFixture('SiteTree', 'restrictedViewLoggedInUsers');
@ -174,7 +170,6 @@ class ZZZSearchFormTest extends FunctionalTest {
$page = $this->objFromFixture('SiteTree', 'inheritRestrictedView');
$page->publish('Stage', 'Live');
$results = $sf->getResults(null, array('Search'=>'inheritRestrictedView'));
$this->assertNotContains(
$page->ID,