mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-01 05:39:10 +02:00
BUGFIX Fixed visibility of admin/myprofile for non-admins by moving it to a new CMSProfileController class and overloaded canView()
This commit is contained in:
parent
46628721fe
commit
02e728fa08
@ -34,3 +34,4 @@ HtmlEditorConfig::get('cms')->addButtonsToLine(2, 'ssimage', 'ssflash', 'sslink'
|
||||
HtmlEditorConfig::get('cms')->removeButtons('tablecontrols');
|
||||
HtmlEditorConfig::get('cms')->addButtonsToLine(3, 'tablecontrols');
|
||||
|
||||
CMSMenu::remove_menu_item('CMSProfileController');
|
34
admin/code/CMSProfileController.php
Normal file
34
admin/code/CMSProfileController.php
Normal file
@ -0,0 +1,34 @@
|
||||
<?php
|
||||
class CMSProfileController extends LeftAndMain {
|
||||
|
||||
static $url_segment = 'myprofile';
|
||||
|
||||
public function index($request) {
|
||||
$form = $this->Member_ProfileForm();
|
||||
return $this->customise(array(
|
||||
'Content' => ' ',
|
||||
'Form' => $form
|
||||
))->renderWith('CMSDialog');
|
||||
}
|
||||
|
||||
public function Member_ProfileForm() {
|
||||
return new Member_ProfileForm($this, 'Member_ProfileForm', Member::currentUser());
|
||||
}
|
||||
|
||||
function canView($member = null) {
|
||||
if(!$member && $member !== FALSE) $member = Member::currentUser();
|
||||
|
||||
// cms menus only for logged-in members
|
||||
if(!$member) return false;
|
||||
|
||||
// Only check for generic CMS permissions
|
||||
if(
|
||||
!Permission::checkMember($member, "CMS_ACCESS_LeftAndMain")
|
||||
&& !Permission::checkMember($member, "CMS_ACCESS_CMSMain")
|
||||
) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
@ -73,10 +73,8 @@ class LeftAndMain extends Controller {
|
||||
'savetreenode',
|
||||
'getitem',
|
||||
'getsubtree',
|
||||
'myprofile',
|
||||
'printable',
|
||||
'show',
|
||||
'Member_ProfileForm',
|
||||
'EditorToolbar',
|
||||
'EditForm',
|
||||
'RootForm',
|
||||
@ -1106,18 +1104,6 @@ class LeftAndMain extends Controller {
|
||||
return $form;
|
||||
}
|
||||
|
||||
public function myprofile() {
|
||||
$form = $this->Member_ProfileForm();
|
||||
return $this->customise(array(
|
||||
'Content' => ' ',
|
||||
'Form' => $form
|
||||
))->renderWith('CMSDialog');
|
||||
}
|
||||
|
||||
public function Member_ProfileForm() {
|
||||
return new Member_ProfileForm($this, 'Member_ProfileForm', Member::currentUser());
|
||||
}
|
||||
|
||||
public function printable() {
|
||||
$form = $this->getEditForm($this->currentPageID());
|
||||
if(!$form) return false;
|
||||
|
@ -12,7 +12,7 @@
|
||||
<% control CurrentMember %>
|
||||
<span>
|
||||
<% _t('Hello','Hi') %>
|
||||
<a href="{$AbsoluteBaseURL}admin/settings/myprofile" class="profile-link ss-ui-dialog-link">
|
||||
<a href="{$AbsoluteBaseURL}admin/myprofile" class="profile-link ss-ui-dialog-link">
|
||||
<% if FirstName && Surname %>$FirstName $Surname<% else_if FirstName %>$FirstName<% else %>$Email<% end_if %>
|
||||
</a>
|
||||
</span>
|
||||
|
Loading…
Reference in New Issue
Block a user