tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

ENHANCEMENT: 2.4 tickets (#4670), new permission code to view draft stage w/o CMS access

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97895 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Carlos Barberis 2010-02-01 05:29:49 +00:00 committed by Sam Minnee
parent bf35a7bc48
commit 263e9acf61
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/control/ContentController.php
View File

@ -111,9 +111,12 @@ class ContentController extends Controller {
// Draft/Archive security check - only CMS users should be able to look at stage/archived content // Draft/Archive security check - only CMS users should be able to look at stage/archived content
if($this->URLSegment != 'Security' && !Session::get('unsecuredDraftSite') && (Versioned::current_archived_date() || (Versioned::current_stage() && Versioned::current_stage() != 'Live'))) { if($this->URLSegment != 'Security' && !Session::get('unsecuredDraftSite') && (Versioned::current_archived_date() || (Versioned::current_stage() && Versioned::current_stage() != 'Live'))) {
if(!Permission::check('CMS_ACCESS_CMSMain')) { if(!Permission::check('CMS_ACCESS_CMSMain') && !Permission::check('VIEW_DRAFT_CONTENT')) {
$link = $this->Link(); $link = $this->Link();
$message = _t("ContentController.DRAFT_SITE_ACCESS_RESTRICTION", 'You must log in with your CMS password in order to view the draft or archived content. <a href="%s">Click here to go back to the published site.</a>'); $message = _t("ContentController.DRAFT_SITE_ACCESS_RESTRICTION", 'You must log in with your CMS password in order to view the draft or archived content. <a href="%s">Click here to go back to the published site.</a>');
Session::clear('currentStage');
Session::clear('archiveDate');
return Security::permissionFailure($this, sprintf($message, "$link?stage=Live")); return Security::permissionFailure($this, sprintf($message, "$link?stage=Live"));
} }
} }
@ -286,7 +289,7 @@ class ContentController extends Controller {
public function SilverStripeNavigator() { public function SilverStripeNavigator() {
$member = Member::currentUser(); $member = Member::currentUser();
if(Director::isDev() || Permission::check('CMS_ACCESS_CMSMain')) { if(Director::isDev() || Permission::check('CMS_ACCESS_CMSMain') || Permission::check('VIEW_DRAFT_CONTENT')) {
Requirements::css(SAPPHIRE_DIR . '/css/SilverStripeNavigator.css'); Requirements::css(SAPPHIRE_DIR . '/css/SilverStripeNavigator.css');
Requirements::javascript(SAPPHIRE_DIR . '/thirdparty/jquery/jquery.js'); Requirements::javascript(SAPPHIRE_DIR . '/thirdparty/jquery/jquery.js');