tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

BUGFIX Fixed SiteTree::can_edit_multiple() and canEdit() to collect permissions from different Versioned tables, which fixes querying a SiteTree record which has been deleted from stage for its permissions (e.g. in SiteTreeActionsTest)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@85336 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2009-08-27 06:53:28 +00:00
parent 1a7418c18b
commit 1193aed711
1 changed files with 40 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
core/model/SiteTree.php
View File

@ -810,6 +810,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
// Regular canEdit logic is handled by can_edit_multiple // Regular canEdit logic is handled by can_edit_multiple
$results = self::can_edit_multiple(array($this->ID), $memberID); $results = self::can_edit_multiple(array($this->ID), $memberID);
return $results[$this->ID]; return $results[$this->ID];
} }
@ -910,47 +911,52 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
//$ids = array_keys(array_filter(self::can_view_multiple($ids, $memberID))); //$ids = array_keys(array_filter(self::can_view_multiple($ids, $memberID)));
// Get the groups that the given member belongs to // Get the groups that the given member belongs to
//Debug::message("can_edit_multiple");
$groupIDs = DataObject::get_by_id('Member', $memberID)->Groups()->column("ID"); $groupIDs = DataObject::get_by_id('Member', $memberID)->Groups()->column("ID");
$SQL_groupList = implode(", ", $groupIDs); $SQL_groupList = implode(", ", $groupIDs);
// Get the uninherited permissions $combinedStageResult = array();
$uninheritedPermissions = DataObject::get("SiteTree", "(CanEditType = 'LoggedInUsers' OR
(CanEditType = 'OnlyTheseUsers' AND \"SiteTree_EditorGroups\".SiteTreeID IS NOT NULL))
AND \"SiteTree\".ID IN ($SQL_idList)",
"",
"LEFT JOIN \"SiteTree_EditorGroups\"
ON \"SiteTree_EditorGroups\".\"SiteTreeID\" = \"SiteTree\".\"ID\"
AND \"SiteTree_EditorGroups\".\"GroupID\" IN ($SQL_groupList)");
if($uninheritedPermissions) { foreach(array('Stage', 'Live') as $stage) {
// Set all the relevant items in $result to true // Get the uninherited permissions
$result = array_fill_keys($uninheritedPermissions->column('ID'), true) + $result; $uninheritedPermissions = Versioned::get_by_stage("SiteTree", $stage, "(CanEditType = 'LoggedInUsers' OR
} (CanEditType = 'OnlyTheseUsers' AND \"SiteTree_EditorGroups\".SiteTreeID IS NOT NULL))
AND \"SiteTree\".ID IN ($SQL_idList)",
// Get permissions that are inherited "",
$potentiallyInherited = DataObject::get("SiteTree", "CanEditType = 'Inherit' "LEFT JOIN \"SiteTree_EditorGroups\"
AND \"SiteTree\".ID IN ($SQL_idList)"); ON \"SiteTree_EditorGroups\".\"SiteTreeID\" = \"SiteTree\".\"ID\"
AND \"SiteTree_EditorGroups\".\"GroupID\" IN ($SQL_groupList)");
if($potentiallyInherited) {
// Group $potentiallyInherited by ParentID; we'll look at the permission of all those if($uninheritedPermissions) {
// parents and then see which ones the user has permission on // Set all the relevant items in $result to true
foreach($potentiallyInherited as $item) { $result = array_fill_keys($uninheritedPermissions->column('ID'), true) + $result;
$groupedByParent[$item->ParentID][] = $item->ID;
} }
$actuallyInherited = self::can_edit_multiple(array_keys($groupedByParent), $memberID); // Get permissions that are inherited
if($actuallyInherited) { $potentiallyInherited = Versioned::get_by_stage("SiteTree", $stage, "CanEditType = 'Inherit'
$parentIDs = array_keys(array_filter($actuallyInherited)); AND \"SiteTree\".ID IN ($SQL_idList)");
foreach($parentIDs as $parentID) {
// Set all the relevant items in $result to true if($potentiallyInherited) {
$result = array_fill_keys($groupedByParent[$parentID], true) + $result; // Group $potentiallyInherited by ParentID; we'll look at the permission of all those
// parents and then see which ones the user has permission on
foreach($potentiallyInherited as $item) {
$groupedByParent[$item->ParentID][] = $item->ID;
}
$actuallyInherited = self::can_edit_multiple(array_keys($groupedByParent), $memberID);
if($actuallyInherited) {
$parentIDs = array_keys(array_filter($actuallyInherited));
foreach($parentIDs as $parentID) {
// Set all the relevant items in $result to true
$result = array_fill_keys($groupedByParent[$parentID], true) + $result;
}
} }
} }
} }
$combinedStageResult = $combinedStageResult + $result;
} }
return $result; return $combinedStageResult;
/* /*
@ -2063,7 +2069,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
$stageVersion = Versioned::get_versionnumber_by_stage('SiteTree', 'Stage', $this->ID); $stageVersion = Versioned::get_versionnumber_by_stage('SiteTree', 'Stage', $this->ID);
// Return true for both completely deleted pages and for pages just deleted from stage. // Return true for both completely deleted pages and for pages just deleted from stage.
return !$stageVersion; return !($stageVersion);
} }
/** /**
@ -2168,7 +2174,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
function getParentType() { function getParentType() {
return $this->ParentID == 0 ? 'root' : 'subpage'; return $this->ParentID == 0 ? 'root' : 'subpage';
} }
} }
?> ?>