MINOR show the permission/role inheritance chain on a group (from r89024)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89212 467b73ca-7a2a-4603-9d3b-597d59a354a9
2024-10-22 14:05:37 +02:00 · 2009-10-15 22:40:52 +00:00 · 2009-10-15 22:40:52 +00:00 · 3da29fb08d
commit 3da29fb08d
parent c1fb483890
1 changed files with 38 additions and 1 deletions
--- a/security/Group.php
+++ b/security/Group.php
@ -35,6 +35,20 @@ class Group extends DataObject {
 		"Hierarchy",
 	);
 	
+	function getAllParents() {
+		$doSet = new DataObjectSet();
+
+		$parentID = $this->ParentID;
+		
+		while($parentID) {
+			$parent = DataObject::get_by_id('Group', $parentID);
+			$doSet->push($parent);
+			$parentID = $parent->ParentID;
+		}
+		
+		return $doSet;
+	}
+	
 	/**
 	 * Caution: Only call on instances, not through a singleton.
 	 *
@ -54,7 +68,7 @@ class Group extends DataObject {
 					)
 				),

-				new Tab(_t('SecurityAdmin.PERMISSIONS', 'Permissions'),
+				$permissionsTab = new Tab(_t('SecurityAdmin.PERMISSIONS', 'Permissions'),
 					new LiteralField(
 						"", 
 						"<p>" . 
@ -109,9 +123,21 @@ class Group extends DataObject {
 			)
 		);
 		
+		
+
 		if(!Permission::check('EDIT_PERMISSIONS')) {
 			$fields->removeFieldFromTab('Root', 'Permissions');
 			$fields->removeFieldFromTab('Root', 'IP Addresses');
+		} else {
+			$parentGroups = $this->getAllParents();
+			if ($parentGroups) {
+				foreach ($parentGroups as $parent) {
+					if ($parent->Permissions()->Count()) {
+						$permissionsTab->push(new HeaderField('PermissionHeader-'.$parent->ID, 'Permissions inherited from '.$parent->Title));
+						$permissionsTab->push(new LiteralField('PermissionList-'.$parent->ID, join(', ', $parent->Permissions()->column('Code'))));
+					}
+				}
+			}
 		}

 		if(Permission::check('APPLY_ROLES') && DataObject::get('PermissionRole')) { 
@ -127,6 +153,17 @@ class Group extends DataObject {
 			);
 			$roleData = Permission::check('ADMIN') ? DataObject::get('PermissionRole') : DataObject::get('PermissionRole', 'OnlyAdminCanApply = 0');
 			$fields->addFieldToTab('Root.' . _t('SecurityAdmin.ROLES', 'Roles'), new CheckboxSetField('Roles', 'Roles', $roleData)); 
+			
+			$parentGroups = $this->getAllParents();
+			if ($parentGroups) {
+				foreach ($parentGroups as $parent) {
+					if ($parent->Roles()->Count()) {
+						$fields->addFieldToTab('Root.' . _t('SecurityAdmin.ROLES', 'Roles'), new HeaderField('RolesHeader-'.$parent->ID, 'Roles inherited from '.$parent->Title));
+						$fields->addFieldToTab('Root.' . _t('SecurityAdmin.ROLES', 'Roles'), new LiteralField('RolesList-'.$parent->ID, join(', ', $parent->Roles()->column('Title'))));
+					}
+				}
+			}
+			
 		} 
 		
 		$memberList->setController($this);