tonyair/silverstripe-cms
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-cms synced 2024-10-22 08:05:56 +02:00
Code Issues Projects Releases Wiki Activity
2ac0a555ea
silverstripe-cms/code/model/SiteConfig.php
Damian Mooyman a84361e4e8 Ensure SiteConfig::canView
2015-03-19 16:16:54 +13:00

383 lines
12 KiB
PHP
Raw Blame History

<?php
/**
* Sitewide configuration.
*
* @property string Title Title of the website.
* @property string Tagline Tagline of the website.
* @property string Theme Current theme.
* @property string CanViewType Type of restriction used for view permissions.
* @property string CanEditType Type of restriction used for edit permissions.
* @property string CanCreateTopLevelType Type of restriction used for creation of root-level pages.
*
* @method ManyManyList ViewerGroups() List of groups that can view SiteConfig.
* @method ManyManyList EditorGroups() List of groups that can edit SiteConfig.
* @method ManyManyList CreateTopLevelGroups() List of groups that can create root-level pages.
*
* @author Tom Rix
* @package cms
*/
class SiteConfig extends DataObject implements PermissionProvider, TemplateGlobalProvider {
private static $db = array(
"Title" => "Varchar(255)",
"Tagline" => "Varchar(255)",
"Theme" => "Varchar(255)",
"CanViewType" => "Enum('Anyone, LoggedInUsers, OnlyTheseUsers', 'Anyone')",
"CanEditType" => "Enum('LoggedInUsers, OnlyTheseUsers', 'LoggedInUsers')",
"CanCreateTopLevelType" => "Enum('LoggedInUsers, OnlyTheseUsers', 'LoggedInUsers')",
);
private static $many_many = array(
"ViewerGroups" => "Group",
"EditorGroups" => "Group",
"CreateTopLevelGroups" => "Group"
);
private static $defaults = array(
"CanViewType" => "Anyone",
"CanEditType" => "LoggedInUsers",
"CanCreateTopLevelType" => "LoggedInUsers",
);
/**
* @config
* @var array
*/
private static $disabled_themes = array();
/**
* Default permission to check for 'LoggedInUsers' to create or edit pages
*
* @var array
* @config
*/
private static $required_permission = array('CMS_ACCESS_CMSMain', 'CMS_ACCESS_LeftAndMain');
/**
* @deprecated 3.2 Use the "SiteConfig.disabled_themes" config setting instead
*/
static public function disable_theme($theme) {
Deprecation::notice('3.2', 'Use the "SiteConfig.disabled_themes" config setting instead');
Config::inst()->update('SiteConfig', 'disabled_themes', array($theme));
}
public function populateDefaults()
{
$this->Title = _t('SiteConfig.SITENAMEDEFAULT', "Your Site Name");
$this->Tagline = _t('SiteConfig.TAGLINEDEFAULT', "your tagline here");
// Allow these defaults to be overridden
parent::populateDefaults();
}
/**
* Get the fields that are sent to the CMS. In
* your extensions: updateCMSFields($fields)
*
* @return FieldList
*/
public function getCMSFields() {
$groupsMap = array();
foreach(Group::get() as $group) {
// Listboxfield values are escaped, use ASCII char instead of &raquo;
$groupsMap[$group->ID] = $group->getBreadcrumbs(' > ');
}
asort($groupsMap);
$fields = new FieldList(
new TabSet("Root",
$tabMain = new Tab('Main',
$titleField = new TextField("Title", _t('SiteConfig.SITETITLE', "Site title")),
$taglineField = new TextField("Tagline", _t('SiteConfig.SITETAGLINE', "Site Tagline/Slogan")),
$themeDropdownField = new DropdownField("Theme", _t('SiteConfig.THEME', 'Theme'), $this->getAvailableThemes())
),
$tabAccess = new Tab('Access',
$viewersOptionsField = new OptionsetField("CanViewType", _t('SiteConfig.VIEWHEADER', "Who can view pages on this site?")),
$viewerGroupsField = ListboxField::create("ViewerGroups", _t('SiteTree.VIEWERGROUPS', "Viewer Groups"))
->setMultiple(true)
->setSource($groupsMap)
->setAttribute(
'data-placeholder',
_t('SiteTree.GroupPlaceholder', 'Click to select group')
),
$editorsOptionsField = new OptionsetField("CanEditType", _t('SiteConfig.EDITHEADER', "Who can edit pages on this site?")),
$editorGroupsField = ListboxField::create("EditorGroups", _t('SiteTree.EDITORGROUPS', "Editor Groups"))
->setMultiple(true)
->setSource($groupsMap)
->setAttribute(
'data-placeholder',
_t('SiteTree.GroupPlaceholder', 'Click to select group')
),
$topLevelCreatorsOptionsField = new OptionsetField("CanCreateTopLevelType", _t('SiteConfig.TOPLEVELCREATE', "Who can create pages in the root of the site?")),
$topLevelCreatorsGroupsField = ListboxField::create("CreateTopLevelGroups", _t('SiteTree.TOPLEVELCREATORGROUPS', "Top level creators"))
->setMultiple(true)
->setSource($groupsMap)
->setAttribute(
'data-placeholder',
_t('SiteTree.GroupPlaceholder', 'Click to select group')
)
)
),
new HiddenField('ID')
);
$themeDropdownField->setEmptyString(_t('SiteConfig.DEFAULTTHEME', '(Use default theme)'));
$viewersOptionsSource = array();
$viewersOptionsSource["Anyone"] = _t('SiteTree.ACCESSANYONE', "Anyone");
$viewersOptionsSource["LoggedInUsers"] = _t('SiteTree.ACCESSLOGGEDIN', "Logged-in users");
$viewersOptionsSource["OnlyTheseUsers"] = _t('SiteTree.ACCESSONLYTHESE', "Only these people (choose from list)");
$viewersOptionsField->setSource($viewersOptionsSource);
$editorsOptionsSource = array();
$editorsOptionsSource["LoggedInUsers"] = _t('SiteTree.EDITANYONE', "Anyone who can log-in to the CMS");
$editorsOptionsSource["OnlyTheseUsers"] = _t('SiteTree.EDITONLYTHESE', "Only these people (choose from list)");
$editorsOptionsField->setSource($editorsOptionsSource);
$topLevelCreatorsOptionsField->setSource($editorsOptionsSource);
if (!Permission::check('EDIT_SITECONFIG')) {
$fields->makeFieldReadonly($viewersOptionsField);
$fields->makeFieldReadonly($viewerGroupsField);
$fields->makeFieldReadonly($editorsOptionsField);
$fields->makeFieldReadonly($editorGroupsField);
$fields->makeFieldReadonly($topLevelCreatorsOptionsField);
$fields->makeFieldReadonly($topLevelCreatorsGroupsField);
$fields->makeFieldReadonly($taglineField);
$fields->makeFieldReadonly($titleField);
}
if(file_exists(BASE_PATH . '/install.php')) {
$fields->addFieldToTab("Root.Main", new LiteralField("InstallWarningHeader",
"<p class=\"message warning\">" . _t("SiteTree.REMOVE_INSTALL_WARNING",
"Warning: You should remove install.php from this SilverStripe install for security reasons.")
. "</p>"), "Title");
}
$tabMain->setTitle(_t('SiteConfig.TABMAIN', "Main"));
$tabAccess->setTitle(_t('SiteConfig.TABACCESS', "Access"));
$this->extend('updateCMSFields', $fields);
return $fields;
}
/**
* Get all available themes that haven't been marked as disabled.
* @param string $baseDir Optional alternative theme base directory for testing
* @return array of theme directory names
*/
public function getAvailableThemes($baseDir = null) {
$themes = SSViewer::get_themes($baseDir);
$disabled = (array)$this->config()->disabled_themes;
foreach($disabled as $theme) {
if(isset($themes[$theme])) unset($themes[$theme]);
}
return $themes;
}
/**
* Get the actions that are sent to the CMS. In
* your extensions: updateEditFormActions($actions)
*
* @return Fieldset
*/
public function getCMSActions() {
if (Permission::check('ADMIN') || Permission::check('EDIT_SITECONFIG')) {
$actions = new FieldList(
FormAction::create('save_siteconfig', _t('CMSMain.SAVE','Save'))
->addExtraClass('ss-ui-action-constructive')->setAttribute('data-icon', 'accept')
);
} else {
$actions = new FieldList();
}
$this->extend('updateCMSActions', $actions);
return $actions;
}
/**
* @return String
*/
public function CMSEditLink() {
return singleton('CMSSettingsController')->Link();
}
/**
* Get the current sites SiteConfig, and creates a new one
* through {@link make_site_config()} if none is found.
*
* @return SiteConfig
*/
static public function current_site_config() {
if ($siteConfig = DataObject::get_one('SiteConfig')) return $siteConfig;
return self::make_site_config();
}
/**
* Setup a default SiteConfig record if none exists
*/
public function requireDefaultRecords() {
parent::requireDefaultRecords();
$siteConfig = DataObject::get_one('SiteConfig');
if(!$siteConfig) {
self::make_site_config();
DB::alteration_message("Added default site config","created");
}
}
/**
* Create SiteConfig with defaults from language file.
*
* @return SiteConfig
*/
static public function make_site_config() {
$config = SiteConfig::create();
$config->write();
return $config;
}
/**
* Can a user view this SiteConfig instance?
*
* @param Member $member
* @return boolean
*/
public function canView($member = null) {
if(!$member) $member = Member::currentUserID();
if($member && is_numeric($member)) $member = DataObject::get_by_id('Member', $member);
$extended = $this->extendedCan('canView', $member);
if($extended !== null) return $extended;
// Assuming all that can edit this object can also view it
return $this->canEdit($member);
}
/**
* Can a user view pages on this site? This method is only
* called if a page is set to Inherit, but there is nothing
* to inherit from.
*
* @param Member $member
* @return boolean
*/
public function canViewPages($member = null) {
if(!$member) $member = Member::currentUserID();
if($member && is_numeric($member)) $member = DataObject::get_by_id('Member', $member);
if ($member && Permission::checkMember($member, "ADMIN")) return true;
$extended = $this->extendedCan('canViewPages', $member);
if($extended !== null) return $extended;
if (!$this->CanViewType || $this->CanViewType == 'Anyone') return true;
// check for any logged-in users
if($this->CanViewType === 'LoggedInUsers' && $member) return true;
// check for specific groups
if($this->CanViewType === 'OnlyTheseUsers' && $member && $member->inGroups($this->ViewerGroups())) return true;
return false;
}
/**
* Can a user edit pages on this site? This method is only
* called if a page is set to Inherit, but there is nothing
* to inherit from, or on new records without a parent.
*
* @param Member $member
* @return boolean
*/
public function canEditPages($member = null) {
if(!$member) $member = Member::currentUserID();
if($member && is_numeric($member)) $member = DataObject::get_by_id('Member', $member);
if ($member && Permission::checkMember($member, "ADMIN")) return true;
$extended = $this->extendedCan('canEditPages', $member);
if($extended !== null) return $extended;
// check for any logged-in users with CMS access
if( $this->CanEditType === 'LoggedInUsers'
&& Permission::checkMember($member, $this->config()->required_permission)
) {
return true;
}
// check for specific groups
if($this->CanEditType === 'OnlyTheseUsers' && $member && $member->inGroups($this->EditorGroups())) {
return true;
}
return false;
}
public function canEdit($member = null) {
if(!$member) $member = Member::currentUserID();
if($member && is_numeric($member)) $member = DataObject::get_by_id('Member', $member);
$extended = $this->extendedCan('canEdit', $member);
if($extended !== null) return $extended;
return Permission::checkMember($member, "EDIT_SITECONFIG");
}
public function providePermissions() {
return array(
'EDIT_SITECONFIG' => array(
'name' => _t('SiteConfig.EDIT_PERMISSION', 'Manage site configuration'),
'category' => _t('Permissions.PERMISSIONS_CATEGORY', 'Roles and access permissions'),
'help' => _t('SiteConfig.EDIT_PERMISSION_HELP', 'Ability to edit global access settings/top-level page permissions.'),
'sort' => 400
)
);
}
/**
* Can a user create pages in the root of this site?
*
* @param Member $member
* @return boolean
*/
public function canCreateTopLevel($member = null) {
if(!$member) $member = Member::currentUserID();
if($member && is_numeric($member)) $member = DataObject::get_by_id('Member', $member);
if ($member && Permission::checkMember($member, "ADMIN")) return true;
$extended = $this->extendedCan('canCreateTopLevel', $member);
if($extended !== null) return $extended;
// check for any logged-in users with CMS permission
if( $this->CanCreateTopLevelType === 'LoggedInUsers'
&& Permission::checkMember($member, $this->config()->required_permission)
) {
return true;
}
// check for specific groups
if( $this->CanCreateTopLevelType === 'OnlyTheseUsers'
&& $member
&& $member->inGroups($this->CreateTopLevelGroups())
) {
return true;
}
return false;
}
/**
* Add $SiteConfig to all SSViewers
*/
public static function get_template_global_variables() {
return array(
'SiteConfig' => 'current_site_config',
);
}
}
Reference in New Issue View Git Blame Copy Permalink