mirror of
https://github.com/silverstripe/silverstripe-comments
synced 2024-10-22 11:05:49 +02:00
Fixed comment permissions
This commit is contained in:
parent
7585b5d19f
commit
6effd8d5aa
@ -267,54 +267,80 @@ class Comment extends DataObject {
|
|||||||
* @return Boolean
|
* @return Boolean
|
||||||
*/
|
*/
|
||||||
public function canView($member = null) {
|
public function canView($member = null) {
|
||||||
if(!$member) $member = Member::currentUser();
|
$member = $this->getMember($member);
|
||||||
|
|
||||||
// Standard mechanism for accepting permission changes from decorators
|
if(!$member) {
|
||||||
$extended = $this->extendedCan('canView', $member);
|
return false;
|
||||||
if($extended !== null) return $extended;
|
|
||||||
|
|
||||||
// Allow admin
|
|
||||||
if(Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin')) return true;
|
|
||||||
|
|
||||||
// Check if parent has comments and can be viewed
|
|
||||||
$parent = $this->getParent();
|
|
||||||
return $parent && $parent->ProvideComments && $parent->canView($member);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
if($extended = $this->extendedCan('canView', $member)) {
|
||||||
* Checks for "CMS_ACCESS_CommentAdmin" permission codes and
|
return $extended;
|
||||||
* {@link canView()}.
|
}
|
||||||
*
|
|
||||||
* @param Member $member
|
|
||||||
*
|
|
||||||
* @return Boolean
|
|
||||||
*/
|
|
||||||
public function canEdit($member = null) {
|
|
||||||
if(!$member) $member = Member::currentUser();
|
|
||||||
|
|
||||||
// Standard mechanism for accepting permission changes from decorators
|
if($parent = $this->getParent()) {
|
||||||
$extended = $this->extendedCan('canEdit', $member);
|
return $parent->canView($member);
|
||||||
if($extended !== null) return $extended;
|
}
|
||||||
|
|
||||||
if(!$this->canView($member)) return false;
|
|
||||||
|
|
||||||
return (bool) Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin');
|
return (bool) Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks for "CMS_ACCESS_CommentAdmin" permission codes and
|
* Checks if the comment can be edited.
|
||||||
* {@link canEdit()}.
|
|
||||||
*
|
*
|
||||||
* @param Member $member
|
* @param null|int|Member $member
|
||||||
|
*
|
||||||
|
* @return Boolean
|
||||||
|
*/
|
||||||
|
public function canEdit($member = null) {
|
||||||
|
$member = $this->getMember($member);
|
||||||
|
|
||||||
|
if(!$member) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if($extended = $this->extendedCan('canEdit', $member)) {
|
||||||
|
return $extended;
|
||||||
|
}
|
||||||
|
|
||||||
|
if($parent = $this->getParent()) {
|
||||||
|
return $parent->canEdit($member);
|
||||||
|
}
|
||||||
|
|
||||||
|
return (bool) Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Resolves Member object.
|
||||||
|
*
|
||||||
|
* @param null|int|Member $member
|
||||||
|
*
|
||||||
|
* @return DataObject|Member|null
|
||||||
|
*/
|
||||||
|
protected function getMember($member = null) {
|
||||||
|
if(!$member) $member = Member::currentUser();
|
||||||
|
|
||||||
|
if(is_numeric($member)) $member = Member::get()->byID($member);
|
||||||
|
|
||||||
|
return $member;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks if the comment can be deleted.
|
||||||
|
*
|
||||||
|
* @param null|int|Member $member
|
||||||
*
|
*
|
||||||
* @return Boolean
|
* @return Boolean
|
||||||
*/
|
*/
|
||||||
public function canDelete($member = null) {
|
public function canDelete($member = null) {
|
||||||
if(!$member) $member = Member::currentUser();
|
$member = $this->getMember($member);
|
||||||
|
|
||||||
// Standard mechanism for accepting permission changes from decorators
|
if(!$member) {
|
||||||
$extended = $this->extendedCan('canDelete', $member);
|
return false;
|
||||||
if($extended !== null) return $extended;
|
}
|
||||||
|
|
||||||
|
if($extended = $this->extendedCan('canDelete', $member)) {
|
||||||
|
return $extended;
|
||||||
|
}
|
||||||
|
|
||||||
return $this->canEdit($member);
|
return $this->canEdit($member);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user