mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-06-30 16:39:38 +02:00
BUGFIX Fixed visibility of admin/myprofile for non-admins by moving it to a new CMSProfileController class and overloaded canView()
This commit is contained in:
Ingo Schommer
parent
46628721fe
commit
02e728fa08
|
|
@ -34,3 +34,4 @@ HtmlEditorConfig::get('cms')->addButtonsToLine(2, 'ssimage', 'ssflash', 'sslink'
|
|||
HtmlEditorConfig::get('cms')->removeButtons('tablecontrols');
|
||||
HtmlEditorConfig::get('cms')->addButtonsToLine(3, 'tablecontrols');
|
||||
|
||||
CMSMenu::remove_menu_item('CMSProfileController');
|
||||
34
admin/code/CMSProfileController.php
Normal file
34
admin/code/CMSProfileController.php
Normal file
|
|
@ -0,0 +1,34 @@
|
|||
<?php
|
||||
class CMSProfileController extends LeftAndMain {
|
||||
|
||||
static $url_segment = 'myprofile';
|
||||
|
||||
public function index($request) {
|
||||
$form = $this->Member_ProfileForm();
|
||||
return $this->customise(array(
|
||||
'Content' => ' ',
|
||||
'Form' => $form
|
||||
))->renderWith('CMSDialog');
|
||||
}
|
||||
|
||||
public function Member_ProfileForm() {
|
||||
return new Member_ProfileForm($this, 'Member_ProfileForm', Member::currentUser());
|
||||
}
|
||||
|
||||
function canView($member = null) {
|
||||
if(!$member && $member !== FALSE) $member = Member::currentUser();
|
||||
|
||||
// cms menus only for logged-in members
|
||||
if(!$member) return false;
|
||||
|
||||
// Only check for generic CMS permissions
|
||||
if(
|
||||
!Permission::checkMember($member, "CMS_ACCESS_LeftAndMain")
|
||||
&& !Permission::checkMember($member, "CMS_ACCESS_CMSMain")
|
||||
) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
@ -73,10 +73,8 @@ class LeftAndMain extends Controller {
|
|||
'savetreenode',
|
||||
'getitem',
|
||||
'getsubtree',
|
||||
'myprofile',
|
||||
'printable',
|
||||
'show',
|
||||
'Member_ProfileForm',
|
||||
'EditorToolbar',
|
||||
'EditForm',
|
||||
'RootForm',
|
||||
|
|
@ -1106,18 +1104,6 @@ class LeftAndMain extends Controller {
|
|||
return $form;
|
||||
}
|
||||
|
||||
public function myprofile() {
|
||||
$form = $this->Member_ProfileForm();
|
||||
return $this->customise(array(
|
||||
'Content' => ' ',
|
||||
'Form' => $form
|
||||
))->renderWith('CMSDialog');
|
||||
}
|
||||
|
||||
public function Member_ProfileForm() {
|
||||
return new Member_ProfileForm($this, 'Member_ProfileForm', Member::currentUser());
|
||||
}
|
||||
|
||||
public function printable() {
|
||||
$form = $this->getEditForm($this->currentPageID());
|
||||
if(!$form) return false;
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@
|
|||
<% control CurrentMember %>
|
||||
<span>
|
||||
<% _t('Hello','Hi') %>
|
||||
<a href="{$AbsoluteBaseURL}admin/settings/myprofile" class="profile-link ss-ui-dialog-link">
|
||||
<a href="{$AbsoluteBaseURL}admin/myprofile" class="profile-link ss-ui-dialog-link">
|
||||
<% if FirstName && Surname %>$FirstName $Surname<% else_if FirstName %>$FirstName<% else %>$Email<% end_if %>
|
||||
</a>
|
||||
</span>
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user