2009-10-16 00:27:56 +02:00
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
* A PermissionRole represents a collection of permission codes that can be applied to groups.
|
|
|
|
|
*
|
|
|
|
|
* Because permission codes are very granular, this lets website administrators create more
|
|
|
|
|
* business-oriented units of access control - Roles - and assign those to groups.
|
2010-04-23 02:11:41 +02:00
|
|
|
*
|
|
|
|
|
* @package sapphire
|
|
|
|
|
* @subpackage security
|
2009-10-16 00:27:56 +02:00
|
|
|
*/
|
|
|
|
|
class PermissionRole extends DataObject {
|
|
|
|
|
static $db = array(
|
|
|
|
|
"Title" => "Varchar",
|
2009-10-29 23:07:44 +01:00
|
|
|
"OnlyAdminCanApply" => "Boolean"
|
2009-10-16 00:27:56 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
static $has_many = array(
|
|
|
|
|
"Codes" => "PermissionRoleCode",
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
static $belongs_many_many = array(
|
|
|
|
|
"Groups" => "Group",
|
|
|
|
|
);
|
2009-10-16 00:28:11 +02:00
|
|
|
|
2010-02-04 20:45:14 +01:00
|
|
|
static $default_sort = "\"Title\"";
|
2009-10-16 00:28:11 +02:00
|
|
|
|
|
|
|
|
function getCMSFields() {
|
|
|
|
|
$fields = parent::getCMSFields();
|
|
|
|
|
|
|
|
|
|
$fields->removeFieldFromTab('Root', 'Codes');
|
|
|
|
|
$fields->removeFieldFromTab('Root', 'Groups');
|
|
|
|
|
|
2009-10-29 00:03:35 +01:00
|
|
|
$fields->addFieldToTab('Root.Main', new PermissionCheckboxSetField(
|
|
|
|
|
'Codes',
|
2010-02-22 05:37:34 +01:00
|
|
|
singleton('Permission')->i18n_plural_name(),
|
2009-10-29 00:03:35 +01:00
|
|
|
'PermissionRoleCode',
|
2010-02-22 05:37:36 +01:00
|
|
|
'RoleID'
|
|
|
|
|
));
|
2009-10-16 00:28:11 +02:00
|
|
|
|
|
|
|
|
return $fields;
|
|
|
|
|
}
|
2009-12-16 06:43:47 +01:00
|
|
|
|
|
|
|
|
function onAfterDelete() {
|
|
|
|
|
parent::onAfterDelete();
|
|
|
|
|
|
|
|
|
|
// Delete associated permission codes
|
|
|
|
|
$codes = $this->Codes();
|
|
|
|
|
foreach ( $codes as $code ) {
|
|
|
|
|
$code->delete();
|
|
|
|
|
}
|
|
|
|
|
}
|
2009-10-16 00:28:11 +02:00
|
|
|
}
|
