mirror of
https://github.com/silverstripe/silverstripe-cms
synced 2024-10-22 08:05:56 +02:00
BUGFIX Restored old permission code model, broken due to new controller structure. Introduced LeftAndMain::$required_permission_codes as a way to control permissions independently of subclasses, and "cluster" multiple classes under a single code.
This commit is contained in:
parent
e938c60e9a
commit
e0a67a80c7
@ -6,7 +6,7 @@
|
||||
* @package cms
|
||||
* @subpackage assets
|
||||
*/
|
||||
class AssetAdmin extends LeftAndMain {
|
||||
class AssetAdmin extends LeftAndMain implements PermissionProvider{
|
||||
|
||||
static $url_segment = 'assets';
|
||||
|
||||
@ -558,6 +558,16 @@ JS
|
||||
|
||||
return $items;
|
||||
}
|
||||
|
||||
function providePermissions() {
|
||||
$title = _t("AssetAdmin.MENUTITLE", LeftAndMain::menu_title_for_class($this->class));
|
||||
return array(
|
||||
"CMS_ACCESS_AssetAdmin" => array(
|
||||
'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
|
||||
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
/**
|
||||
|
@ -2,8 +2,8 @@
|
||||
class CMSFileAddController extends AssetAdmin {
|
||||
|
||||
static $url_segment = 'assets/add';
|
||||
|
||||
static $url_priority = 60;
|
||||
static $required_permission_codes = 'CMS_ACCESS_AssetAdmin';
|
||||
|
||||
// public function upload($request) {
|
||||
// $formHtml = $this->renderWith(array('AssetAdmin_UploadContent'));
|
||||
|
@ -553,7 +553,8 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
|
||||
$form->setTemplate($this->getTemplatesWithSuffix('_EditForm'));
|
||||
|
||||
// Use <button> to allow full jQuery UI styling
|
||||
foreach($actions->dataFields() as $action) $action->setUseButtonTag(true);
|
||||
$actions = $actions->dataFields();
|
||||
if($actions) foreach($actions as $action) $action->setUseButtonTag(true);
|
||||
|
||||
$this->extend('updateEditForm', $form);
|
||||
|
||||
@ -1315,44 +1316,19 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Provide the permission codes used by LeftAndMain.
|
||||
* Can't put it on LeftAndMain since that's an abstract base class.
|
||||
*/
|
||||
function providePermissions() {
|
||||
$classes = ClassInfo::subclassesFor('LeftAndMain');
|
||||
|
||||
foreach($classes as $i => $class) {
|
||||
$title = _t("{$class}.MENUTITLE", LeftAndMain::menu_title_for_class($class));
|
||||
$perms["CMS_ACCESS_" . $class] = array(
|
||||
'name' => sprintf(_t(
|
||||
'CMSMain.ACCESS',
|
||||
"Access to '%s' section",
|
||||
PR_MEDIUM,
|
||||
"Item in permission selection identifying the admin section. Example: Access to 'Files & Images'"
|
||||
), $title, null),
|
||||
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
|
||||
);
|
||||
}
|
||||
$perms["CMS_ACCESS_LeftAndMain"] = array(
|
||||
'name' => _t('CMSMain.ACCESSALLINTERFACES', 'Access to all CMS sections'),
|
||||
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access'),
|
||||
'help' => _t('CMSMain.ACCESSALLINTERFACESHELP', 'Overrules more specific access settings.'),
|
||||
'sort' => -100
|
||||
$title = _t("CMSPagesController.MENUTITLE", LeftAndMain::menu_title_for_class('CMSPagesController'));
|
||||
return array(
|
||||
"CMS_ACCESS_CMSMain" => array(
|
||||
'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
|
||||
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access'),
|
||||
'help' => _t(
|
||||
'CMSMain.ACCESS_HELP',
|
||||
'Allow viewing of the section containing page tree and content. View and edit permissions can be handled through page specific dropdowns, as well as the separate "Content permissions".'
|
||||
),
|
||||
'sort' => -99 // below "CMS_ACCESS_LeftAndMain", but above everything else
|
||||
)
|
||||
);
|
||||
|
||||
$perms['CMS_ACCESS_CMSMain']['help'] = _t(
|
||||
'CMSMain.ACCESS_HELP',
|
||||
'Allow viewing of the section containing page tree and content. View and edit permissions can be handled through page specific dropdowns, as well as the separate "Content permissions".'
|
||||
);
|
||||
$perms['CMS_ACCESS_SecurityAdmin']['help'] = _t(
|
||||
'SecurityAdmin.ACCESS_HELP',
|
||||
'Allow viewing, adding and editing users, as well as assigning permissions and roles to them.'
|
||||
);
|
||||
|
||||
if (isset($perms['CMS_ACCESS_ModelAdmin'])) unset($perms['CMS_ACCESS_ModelAdmin']);
|
||||
|
||||
return $perms;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -5,6 +5,7 @@ class CMSPageAddController extends CMSMain {
|
||||
static $url_rule = '/$Action/$ID/$OtherID';
|
||||
static $url_priority = 42;
|
||||
static $menu_title = 'Add page';
|
||||
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||
|
||||
function AddForm() {
|
||||
$form = parent::AddForm();
|
||||
|
@ -8,4 +8,5 @@ class CMSPageEditController extends CMSMain {
|
||||
static $url_segment = 'page/edit';
|
||||
static $url_rule = '/$Action/$ID/$OtherID';
|
||||
static $url_priority = 41;
|
||||
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||
}
|
@ -10,6 +10,7 @@ class CMSPageHistoryController extends CMSMain {
|
||||
static $url_rule = '/$Action/$ID/$VersionID/$OtherVersionID';
|
||||
static $url_priority = 42;
|
||||
static $menu_title = 'History';
|
||||
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||
|
||||
static $allowed_actions = array(
|
||||
'VersionsForm',
|
||||
|
@ -6,10 +6,9 @@
|
||||
class CMSPageSettingsController extends CMSMain {
|
||||
|
||||
static $url_segment = 'page/settings';
|
||||
|
||||
static $url_rule = '/$Action/$ID/$OtherID';
|
||||
|
||||
static $url_priority = 42;
|
||||
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||
|
||||
function getEditForm($id = null, $fields = null) {
|
||||
$record = $this->getRecord($id ? $id : $this->currentPageID());
|
||||
|
@ -9,6 +9,7 @@ class CMSPagesController extends CMSMain {
|
||||
static $url_rule = '/$Action/$ID/$OtherID';
|
||||
static $url_priority = 41;
|
||||
static $menu_title = 'Pages';
|
||||
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||
|
||||
function init() {
|
||||
parent::init();
|
||||
|
@ -11,7 +11,7 @@
|
||||
* @package cms
|
||||
* @subpackage reports
|
||||
*/
|
||||
class ReportAdmin extends LeftAndMain {
|
||||
class ReportAdmin extends LeftAndMain implements PermissionProvider {
|
||||
|
||||
static $url_segment = 'reports';
|
||||
|
||||
@ -97,5 +97,15 @@ class ReportAdmin extends LeftAndMain {
|
||||
FormResponse::load_form($this->EditForm()->forTemplate());
|
||||
return FormResponse::respond();
|
||||
}
|
||||
|
||||
function providePermissions() {
|
||||
$title = _t("ReportAdmin.MENUTITLE", LeftAndMain::menu_title_for_class($this->class));
|
||||
return array(
|
||||
"CMS_ACCESS_ReportAdmin" => array(
|
||||
'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
|
||||
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2660,7 +2660,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
|
||||
'name' => _t('SiteTree.EDIT_ALL_DESCRIPTION', 'Edit any page'),
|
||||
'category' => _t('Permissions.CONTENT_CATEGORY', 'Content permissions'),
|
||||
'sort' => -50,
|
||||
'help' => _t('SiteTree.EDIT_ALL_HELP', 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to Site Content" permission')
|
||||
'help' => _t('SiteTree.EDIT_ALL_HELP', 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to \'Pages\' section" permission')
|
||||
),
|
||||
'SITETREE_REORGANISE' => array(
|
||||
'name' => _t('SiteTree.REORGANISE_DESCRIPTION', 'Change site structure'),
|
||||
|
@ -357,7 +357,7 @@ $lang['en_US']['SiteTree']['EDITHEADER'] = 'Who can edit this page?';
|
||||
$lang['en_US']['SiteTree']['EDITONLYTHESE'] = 'Only these people (choose from list)';
|
||||
$lang['en_US']['SiteTree']['EDITORGROUPS'] = 'Editor Groups';
|
||||
$lang['en_US']['SiteTree']['EDIT_ALL_DESCRIPTION'] = 'Edit any page';
|
||||
$lang['en_US']['SiteTree']['EDIT_ALL_HELP'] = 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to Site Content" permission';
|
||||
$lang['en_US']['SiteTree']['EDIT_ALL_HELP'] = 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to \'Pages\' section" permission';
|
||||
$lang['en_US']['SiteTree']['Editors'] = 'Editors Groups';
|
||||
$lang['en_US']['SiteTree']['HASBROKENLINKS'] = 'This page has broken links.';
|
||||
$lang['en_US']['SiteTree']['HOMEPAGEFORDOMAIN'] = array(
|
||||
|
Loading…
Reference in New Issue
Block a user