BUGFIX Only show "Roles" tab in admin/security if user has APPLY_ROLES permissions (fixes #5258)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@101719 467b73ca-7a2a-4603-9d3b-597d59a354a9
2024-09-27 20:06:43 +02:00 · 2010-03-25 22:44:33 +00:00 · 2010-03-25 22:44:33 +00:00 · e507f9488b
commit e507f9488b
parent fb16cc63f6
1 changed files with 14 additions and 13 deletions
--- a/code/SecurityAdmin.php
+++ b/code/SecurityAdmin.php
@ -81,20 +81,21 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
 						)
 					)
 				);
-				
-				$fields->addFieldToTab(
-					'Root.Roles',
-					new LiteralField(
-						'RolesAddEditLink', 
-						sprintf(
-							'<p class="add-role"><a href="%s">%s</a></p>',
-							$this->Link('show/root'),
-							// TODO This should include #Root_Roles to switch directly to the tab,
-							// but tabstrip.js doesn't display tabs when directly adressed through a URL pragma
-							_t('Group.RolesAddEditLink', 'Add/edit roles')
+				if(Permission::check('APPLY_ROLES')) { 
+					$fields->addFieldToTab(
+						'Root.Roles',
+						new LiteralField(
+							'RolesAddEditLink', 
+							sprintf(
+								'<p class="add-role"><a href="%s">%s</a></p>',
+								$this->Link('show/root'),
+								// TODO This should include #Root_Roles to switch directly to the tab,
+								// but tabstrip.js doesn't display tabs when directly adressed through a URL pragma
+								_t('Group.RolesAddEditLink', 'Add/edit roles')
+							)
 						)
-					)
-				);
+					);
+				}
 			}
 		
 			$actions = new FieldSet(