silverstripe-framework/src/Security/PermissionRoleCode.php

<?php

namespace SilverStripe\Security;

use SilverStripe\ORM\DataObject;
use SilverStripe\Security\PermissionRole;

/**
 * A PermissionRoleCode represents a single permission code assigned to a {@link PermissionRole}.
 *
 * @property string Code
 * @property int RoleID
 * @method PermissionRole Role()
 */
class PermissionRoleCode extends DataObject
{
    private static $db = [
        "Code" => "Varchar",
    ];

    private static $has_one = [
        "Role" => PermissionRole::class,
    ];

    private static $table_name = "PermissionRoleCode";
    
    private static $indexes = [
        "Code" => true,
    ];

    public function validate()
    {
        $result = parent::validate();

        // Check that new code doesn't increase privileges, unless an admin is editing.
        $privilegedCodes = Permission::config()->privileged_permissions;
        if ($this->Code
            && in_array($this->Code, $privilegedCodes)
            && !Permission::check('ADMIN')
        ) {
            $result->addError(
                _t(
                    __CLASS__ . '.PermsError',
                    'Can\'t assign code "{code}" with privileged permissions (requires ADMIN access)',
                    ['code' => $this->Code]
                )
            );
        }

        return $result;
    }

    public function canCreate($member = null, $context = [])
    {
        return Permission::check('APPLY_ROLES', 'any', $member);
    }

    public function canEdit($member = null)
    {
        return Permission::check('APPLY_ROLES', 'any', $member);
    }

    public function canDelete($member = null)
    {
        return Permission::check('APPLY_ROLES', 'any', $member);
    }
}
API CHANGE: Added PermissionRole and PermissionRoleCode, along with relevant tests for the permission system. (from r85173) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89187 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-10-16 00:27:56 +02:00			`<?php`
API Apply Framework\ORM Namespace to model 2016-06-15 06:03:16 +02:00
API Apply Framework\Security namespace 2016-06-23 01:37:22 +02:00			`namespace SilverStripe\Security;`

API Apply Framework\ORM Namespace to model 2016-06-15 06:03:16 +02:00			`use SilverStripe\ORM\DataObject;`
FIX Replace deprecated %s placeholders in translations with named placeholders * Remove the use of sprintf and %s placeholders in the i18n tests 2017-02-04 20:41:31 +01:00			`use SilverStripe\Security\PermissionRole;`
API Apply Framework\Security namespace 2016-06-23 01:37:22 +02:00
API CHANGE: Added PermissionRole and PermissionRoleCode, along with relevant tests for the permission system. (from r85173) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89187 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-10-16 00:27:56 +02:00			`/**`
			`* A PermissionRoleCode represents a single permission code assigned to a {@link PermissionRole}.`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00			`*`
Documented magic properties of DataObject 2014-01-26 04:17:17 +01:00			`* @property string Code`
			`* @property int RoleID`
			`* @method PermissionRole Role()`
API CHANGE: Added PermissionRole and PermissionRoleCode, along with relevant tests for the permission system. (from r85173) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89187 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-10-16 00:27:56 +02:00			`*/`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`class PermissionRoleCode extends DataObject`
			`{`
Convert array delcarations to short array syntax 2020-04-20 19:58:09 +02:00			`private static $db = [`
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`"Code" => "Varchar",`
Convert array delcarations to short array syntax 2020-04-20 19:58:09 +02:00			`];`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00
Convert array delcarations to short array syntax 2020-04-20 19:58:09 +02:00			`private static $has_one = [`
FIX Replace deprecated %s placeholders in translations with named placeholders * Remove the use of sprintf and %s placeholders in the i18n tests 2017-02-04 20:41:31 +01:00			`"Role" => PermissionRole::class,`
Convert array delcarations to short array syntax 2020-04-20 19:58:09 +02:00			`];`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`private static $table_name = "PermissionRoleCode";`
MINOR: adding index to PermissionRoleCode.Code for faster filtering and sorting 2022-01-04 21:40:12 +01:00
			`private static $indexes = [`
			`"Code" => true,`
			`];`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00
			`public function validate()`
			`{`
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`$result = parent::validate();`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`// Check that new code doesn't increase privileges, unless an admin is editing.`
			`$privilegedCodes = Permission::config()->privileged_permissions;`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`if ($this->Code`
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`&& in_array($this->Code, $privilegedCodes)`
			`&& !Permission::check('ADMIN')`
			`) {`
FIX Replace deprecated %s placeholders in translations with named placeholders * Remove the use of sprintf and %s placeholders in the i18n tests 2017-02-04 20:41:31 +01:00			`$result->addError(`
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`_t(`
FIX Replace deprecated %s placeholders in translations with named placeholders * Remove the use of sprintf and %s placeholders in the i18n tests 2017-02-04 20:41:31 +01:00			`__CLASS__ . '.PermsError',`
			`'Can\'t assign code "{code}" with privileged permissions (requires ADMIN access)',`
			`['code' => $this->Code]`
			`)`
			`);`
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`}`

			`return $result;`
			`}`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00
Convert array delcarations to short array syntax 2020-04-20 19:58:09 +02:00			`public function canCreate($member = null, $context = [])`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`{`
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`return Permission::check('APPLY_ROLES', 'any', $member);`
			`}`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00
			`public function canEdit($member = null)`
			`{`
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`return Permission::check('APPLY_ROLES', 'any', $member);`
			`}`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00
			`public function canDelete($member = null)`
			`{`
API Updates to Form, ValidationResponse, ValidationException API Implement form schema "errors" handling 2016-11-23 06:09:10 +01:00			`return Permission::check('APPLY_ROLES', 'any', $member);`
			`}`
MINOR Add newline to end of files without one 2012-03-24 04:04:52 +01:00			`}`