API making it possible to create checks that do not require admin permissions to run

2013-02-01 12:55:29 +13:00 · 2013-02-01 12:55:29 +13:00 · c5084be7d9
parent 0e8d61869a
commit c5084be7d9
3 changed files with 8 additions and 7 deletions
--- a/code/DevCheckController.php
+++ b/code/DevCheckController.php
@ -3,7 +3,7 @@
 class DevCheckController extends Controller {
 	function index() {
 		$e = new EnvironmentChecker('check', 'Environment status');
-		$e->init();
+		$e->init('ADMIN');  //check for admin permissions before running this check
 		return $e;
 	}
 }
--- a/code/DevHealthController.php
+++ b/code/DevHealthController.php
@ -3,7 +3,7 @@
 class DevHealthController extends Controller {
 	function index() {
 		$e = new EnvironmentChecker('health', 'Site health');
-		$e->init();
+		$e->init('');   //empty permission check, the "health" check does not require a permission check to run
 		$e->setErrorCode(404);
 		return $e;
 	}
--- a/code/EnvironmentChecker.php
+++ b/code/EnvironmentChecker.php
@ -28,21 +28,22 @@ class EnvironmentChecker extends RequestHandler {
 		$this->title = $title;
 	}
 	
-	function init() {
+	function init($permission = 'ADMIN') {
 		parent::init();
 		
-		if(!$this->canAccess()) return $this->httpError(403);
+		if(!$this->canAccess(null, $permission)) return $this->httpError(403);
 	}

-	function canAccess($member = null) {
+	function canAccess($member = null, $permission = "ADMIN") {
 		if(!$member) $member = Member::currentUser();

 		// We allow access to this controller regardless of live-status or ADMIN permission only
 		// if on CLI.  Access to this controller is always allowed in "dev-mode", or of the user is ADMIN.
 		if(
 			Director::isDev() 
-			|| Director::is_cli() 
-			|| Permission::checkMember($member, "ADMIN")
+			|| Director::is_cli()
+			|| empty($permission)
+			|| Permission::checkMember($member, $permission)
 		) {
 			return true;
 		}