tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

MINOR show the permission/role inheritance chain on a group (from r89024)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89212 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Sam Minnee 2009-10-15 22:40:52 +00:00
parent c1fb483890
commit 3da29fb08d
1 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
security/Group.php
View File

@ -35,6 +35,20 @@ class Group extends DataObject {
"Hierarchy", "Hierarchy",
); );
function getAllParents() {
$doSet = new DataObjectSet();
$parentID = $this->ParentID;
while($parentID) {
$parent = DataObject::get_by_id('Group', $parentID);
$doSet->push($parent);
$parentID = $parent->ParentID;
}
return $doSet;
}
/** /**
* Caution: Only call on instances, not through a singleton. * Caution: Only call on instances, not through a singleton.
* *
@ -54,7 +68,7 @@ class Group extends DataObject {
) )
), ),
new Tab(_t('SecurityAdmin.PERMISSIONS', 'Permissions'), $permissionsTab = new Tab(_t('SecurityAdmin.PERMISSIONS', 'Permissions'),
new LiteralField( new LiteralField(
"", "",
"<p>" . "<p>" .
@ -109,9 +123,21 @@ class Group extends DataObject {
) )
); );
if(!Permission::check('EDIT_PERMISSIONS')) { if(!Permission::check('EDIT_PERMISSIONS')) {
$fields->removeFieldFromTab('Root', 'Permissions'); $fields->removeFieldFromTab('Root', 'Permissions');
$fields->removeFieldFromTab('Root', 'IP Addresses'); $fields->removeFieldFromTab('Root', 'IP Addresses');
} else {
$parentGroups = $this->getAllParents();
if ($parentGroups) {
foreach ($parentGroups as $parent) {
if ($parent->Permissions()->Count()) {
$permissionsTab->push(new HeaderField('PermissionHeader-'.$parent->ID, 'Permissions inherited from '.$parent->Title));
$permissionsTab->push(new LiteralField('PermissionList-'.$parent->ID, join(', ', $parent->Permissions()->column('Code'))));
}
}
}
} }
if(Permission::check('APPLY_ROLES') && DataObject::get('PermissionRole')) { if(Permission::check('APPLY_ROLES') && DataObject::get('PermissionRole')) {
@ -127,6 +153,17 @@ class Group extends DataObject {
); );
$roleData = Permission::check('ADMIN') ? DataObject::get('PermissionRole') : DataObject::get('PermissionRole', 'OnlyAdminCanApply = 0'); $roleData = Permission::check('ADMIN') ? DataObject::get('PermissionRole') : DataObject::get('PermissionRole', 'OnlyAdminCanApply = 0');
$fields->addFieldToTab('Root.' . _t('SecurityAdmin.ROLES', 'Roles'), new CheckboxSetField('Roles', 'Roles', $roleData)); $fields->addFieldToTab('Root.' . _t('SecurityAdmin.ROLES', 'Roles'), new CheckboxSetField('Roles', 'Roles', $roleData));
$parentGroups = $this->getAllParents();
if ($parentGroups) {
foreach ($parentGroups as $parent) {
if ($parent->Roles()->Count()) {
$fields->addFieldToTab('Root.' . _t('SecurityAdmin.ROLES', 'Roles'), new HeaderField('RolesHeader-'.$parent->ID, 'Roles inherited from '.$parent->Title));
$fields->addFieldToTab('Root.' . _t('SecurityAdmin.ROLES', 'Roles'), new LiteralField('RolesList-'.$parent->ID, join(', ', $parent->Roles()->column('Title'))));
}
}
}
} }
$memberList->setController($this); $memberList->setController($this);