stat('tree_class'), $id);
if(!$record) return false;
$fields = $record->getCMSFields();
$actions = new FieldSet(
new FormAction('addmember',_t('SecurityAdmin.ADDMEMBER','Add Member')),
new FormAction('save',_t('SecurityAdmin.SAVE','Save'))
$form = new Form($this, "EditForm", $fields, $actions);
return $form;
public function AddRecordForm() {
$m = Object::create('MemberTableField',
return $m->AddRecordForm();
* Ajax autocompletion
public function autocomplete() {
$fieldName = $this->urlParams['ID'];
$fieldVal = $_REQUEST[$fieldName];
$result = '';
// Make sure we only autocomplete on keys that actually exist, and that we don't autocomplete on password
if(!array_key_exists($fieldName, singleton($this->stat('subitem_class'))->stat('db')) || $fieldName == 'Password') return;
$matches = DataObject::get($this->stat('subitem_class'),"$fieldName LIKE '" . Convert::raw2sql($fieldVal) . "%'");
if($matches) {
$result .= "
foreach($matches as $match) {
$data = $match->FirstName;
$data .= ",$match->Surname";
$data .= ",$match->Email";
$result .= "- " . $match->$fieldName . "($match->FirstName $match->Surname, $match->Email)$data
$result .= "
return $result;
public function MemberForm() {
$id = $_REQUEST['ID'] ? $_REQUEST['ID'] : Session::get('currentMember');
if($id) return $this->getMemberForm($id);
public function getMemberForm($id) {
if($id && $id != 'new') $record = DataObject::get_by_id('Member', (int) $id);
if($record || $id == 'new') {
$fields = new FieldSet(
new HiddenField('MemberListBaseGroup', '', $this->currentPageID() )
if($extraFields = $record->getCMSFields()) {
foreach($extraFields as $extra) {
$fields->push( $extra );
$fields->push($idField = new HiddenField('ID'));
$fields->push($groupIDField = new HiddenField('GroupID'));
$actions = new FieldSet();
$actions->push(new FormAction('savemember', _t('SecurityAdmin.SAVE')));
$form = new Form($this, 'MemberForm', $fields, $actions);
if($record) $form->loadDataFrom($record);
return $form;
function savemember() {
$data = $_REQUEST;
$className = $this->stat('subitem_class');
$id = $_REQUEST['ID'];
if($id == 'new') $id = null;
if($id) {
$record = DataObject::get_by_id($className, $id);
if($record && !$record->canEdit()) return Security::permissionFailure($this);
} else {
if(!singleton($this->stat('subitem_class'))->canCreate()) return Security::permissionFailure($this);
$record = new $className();
$record->ID = $id;
return FormResponse::respond();
function addmember($className=null) {
$data = $_REQUEST;
if($className == null) $className = $this->stat('subitem_class');
$record = new $className();
if($data['GroupID']) $record->Groups()->add((int)$data['GroupID']);
return FormResponse::respond();
* Return the entire site tree as a nested set of ULs.
* @return string Unordered list HTML
public function SiteTreeAsUL() {
$obj = singleton($this->stat('tree_class'));
if($p = $this->currentPage()) $obj->markToExpose($p);
// getChildrenAsUL is a flexible and complex way of traversing the tree
$siteTreeList = $obj->getChildrenAsUL(
'"- ID\" class=\"$child->class " . ($child->Locked ? " nodelete" : "") . $child->markingClasses() . ($extraArg->isCurrentPage($child) ? " current" : "") . "\">" . ' .
'"Link(),0,-1), "show", $child->ID) . "\" >" . $child->TreeTitle() . "" ',
// Wrap the root if needs be
$rootLink = $this->Link() . 'show/root';
$rootTitle = _t('SecurityAdmin.SGROUPS', 'Security Groups');
if(!isset($rootID)) {
$siteTree = "";
return $siteTree;
public function addgroup() {
$newGroup = Object::create($this->stat('tree_class'));
$newGroup->Title = _t('SecurityAdmin.NEWGROUP',"New Group");
$newGroup->Code = "new-group";
$newGroup->ParentID = (is_numeric($_REQUEST['ParentID'])) ? (int)$_REQUEST['ParentID'] : 0;
return $this->returnItemToUser($newGroup);
public function EditedMember() {
if(Session::get('currentMember')) return DataObject::get_by_id('Member', (int) Session::get('currentMember'));
function providePermissions() {
return array(
'EDIT_PERMISSIONS' => _t('SecurityAdmin.EDITPERMISSIONS', 'Edit permissions and IP addresses on each group'),