tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

FIxed db/build authentification errors, merged from gsoc r39559 and r37162 

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@39609 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Andrew O'Neil 2007-08-06 00:47:31 +00:00
parent f545953c18
commit 4560135eb9
2 changed files with 190 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
core/model/DatabaseAdmin.php
View File

@ -1,27 +1,41 @@
<?php
/**
* Database Administration
*
* @package sapphire
* @subpackage core
*/
require_once("core/model/DB.php");
/**
* Utility functions for administrating the database. These can be accessed via URL,
* eg http://www,yourdomain.com/db/build.
* Include the DB class
*/
require_once("core/model/DB.php");
/**
* DatabaseAdmin class
*
* Utility functions for administrating the database. These can be accessed
* via URL, e.g. http://www.yourdomain.com/db/build.
*/
class DatabaseAdmin extends Controller {
/**
* Get the data classes, grouped by their root class
* @return array
*
* @return array Array of data classes, grouped by their root class
*/
function groupedDataClasses() {
// Get all root data objects
$allClasses = get_declared_classes();
foreach($allClasses as $class) {
if(get_parent_class($class) == "DataObject") $rootClasses[$class] = array();
if(get_parent_class($class) == "DataObject")
$rootClasses[$class] = array();
}
// Assign every other data object one of those
foreach($allClasses as $class) {
if(!isset($rootClasses[$class]) && is_subclass_of($class, "DataObject")) {
@ -36,6 +50,7 @@ class DatabaseAdmin extends Controller {
return $rootClasses;
}
/**
* Display a simple HTML menu of database admin helpers.
*/
@ -45,17 +60,26 @@ class DatabaseAdmin extends Controller {
echo "<p><a href=\"../images/flush\">Flush <b>all</b> of the generated images.</a></p>";
}
/**
* Updates the database schema, creating tables & fields as necessary.
*/
function build() {
if(Director::isLive() && ClassInfo::hasTable('Member') && ClassInfo::hasTable('Group') && ClassInfo::hasTable('Permission')) {
BasicAuth::requireLogin("SilverStripe developer access. Use your CMS login", "ADMIN");
if((Director::isLive() && ClassInfo::hasTable('Member') &&
ClassInfo::hasTable('Group') && ClassInfo::hasTable('Permission'))
&& (!Member::currentUser() || !Member::currentUser()->isAdmin())) {
Security::permissionFailure($this,
"This page is secured and you need administrator rights to access it. " .
"Enter your credentials below and we will send you right along.");
return;
}
$this->doBuild(isset($_REQUEST['quiet']) || isset($_REQUEST['from_installer']));
}
// The default time limit of 30 seconds is normally not enough
set_time_limit(600);
$this->doBuild(isset($_REQUEST['quiet']) ||
isset($_REQUEST['from_installer']));
}
/**
* Check if database needs to be built, and build it if it does.
@ -72,20 +96,27 @@ class DatabaseAdmin extends Controller {
}
}
/**
* Returns the timestamp of the time that the database was last built
* @return string
*
* @return string Returns the timestamp of the time that the database was
* last built
*/
static function lastBuilt() {
$file = TEMP_FOLDER . '/database-last-generated-' .str_replace(array('\\','/',':'),'.',Director::baseFolder());
$file = TEMP_FOLDER . '/database-last-generated-' .
str_replace(array('\\','/',':'), '.' , Director::baseFolder());
if(file_exists($file)) {
return filemtime($file);
}
}
/**
* Updates the database schema, creating tables & fields as necessary.
* @param boolean $quiet Don't show messages'
*
* @param boolean $quiet Don't show messages
*/
function doBuild($quiet = false) {
if($quiet) {
@ -151,6 +182,7 @@ class DatabaseAdmin extends Controller {
}
}
/**
* Method used to check mod_rewrite is working correctly in the installer.
*/
@ -158,9 +190,10 @@ class DatabaseAdmin extends Controller {
echo "OK";
}
/**
* Remove invalid records from tables - that is, records that
* don't have corresponding records in their parent class tables.
* Remove invalid records from tables - that is, records that don't have
* corresponding records in their parent class tables.
*/
function cleanup() {
$allClasses = get_declared_classes();
@ -185,13 +218,16 @@ class DatabaseAdmin extends Controller {
foreach($subclasses as $subclass) {
$recordExists[$subclass] = DB::query("SELECT ID FROM `$subclass")->keyedColumn();
$recordExists[$subclass] =
DB::query("SELECT ID FROM `$subclass")->keyedColumn();
}
foreach($records as $record) {
foreach($subclasses as $subclass) {
$id = $record['ID'];
if($record['ClassName'] != $subclass && !is_subclass_of($record['ClassName'], $subclass) && $recordExists[$subclass][$id]) {
if(($record['ClassName'] != $subclass) &&
(!is_subclass_of($record['ClassName'], $subclass)) &&
($recordExists[$subclass][$id])) {
$sql = "DELETE FROM `$subclass` WHERE ID = $record[ID]";
echo "<li>$sql";
DB::query($sql);
@ -202,12 +238,15 @@ class DatabaseAdmin extends Controller {
}
}
/**
* Imports objects based on a specified CSV file in $_GET['FileName']
*/
function import(){
$FileName = $_GET['FileName'];
$FileName = $_SERVER['DOCUMENT_ROOT'] . substr($_SERVER['PHP_SELF'],0,strlen($_SERVER['PHP_SELF'])-18) ."/assets/". $FileName;
$FileName = $_SERVER['DOCUMENT_ROOT'] .
substr($_SERVER['PHP_SELF'], 0, strlen($_SERVER['PHP_SELF'])-18) .
"/assets/" . $FileName;
if(file_exists($FileName)) {
$handle = fopen($FileName,'r');
@ -218,9 +257,10 @@ class DatabaseAdmin extends Controller {
$row++;
if($row == 1){
for ($c=0; $c < $num; $c++)
for ($c=0; $c < $num; $c++) {
$ColumnHeaders[] = str_replace(' ','',$data[$c]);
// Have to add code here to remove unsafe chars..
}
} else {
$Product = new Product();
@ -229,10 +269,13 @@ class DatabaseAdmin extends Controller {
$Product->$ColumnHeaders[$c] = trim($data[$c]);
}
$MainCategory = DataObject::get("ProductGroup", "URLSegment LIKE '". $Product->generateURLSegment($Product->Category) ."'");
$MainCategory = DataObject::get("ProductGroup",
"URLSegment LIKE '" . $Product->generateURLSegment(
$Product->Category) ."'");
if(!$MainCategory){
// if we cant find a main category, create all three sub categories, as they must be unique.
if(!$MainCategory) {
// if we can't find a main category, create all three sub
// categories, as they must be unique.
$ProductGroup = new ProductGroup();
$ProductGroup->Title = $Product->Category;
@ -241,7 +284,7 @@ class DatabaseAdmin extends Controller {
$index = $ProductGroup->write();
$ProductGroup->flushCache();
if($Product->SubCategory){
if($Product->SubCategory) {
$ChildProductGroup = new ProductGroup();
$ChildProductGroup->Title = $Product->SubCategory;
print_r("<ul><li>Created : $ChildProductGroup->Title</li>");
@ -265,7 +308,9 @@ class DatabaseAdmin extends Controller {
print_r("<ul><li>USING : $MainCategory->Title</li>");
$index = $MainCategory->ID;
$SubCategory = DataObject::get_one("ProductGroup","URLSegment LIKE '". $Product->generateURLSegment($Product->SubCategory) ."'");
$SubCategory = DataObject::get_one("ProductGroup",
"URLSegment LIKE '" . $Product->generateURLSegment(
$Product->SubCategory) ."'");
if(!$SubCategory && $Product->SubCategory) {
$ChildProductGroup = new ProductGroup();
@ -290,9 +335,11 @@ class DatabaseAdmin extends Controller {
print_r("<ul><li>USING : $SubCategory->Title</li>");
$index = $SubCategory->ID;
$SubCategory2 = DataObject::get_one("ProductGroup","URLSegment LIKE '". $Product->generateURLSegment($Product->SubCategory2) ."'");
$SubCategory2 = DataObject::get_one("ProductGroup",
"URLSegment LIKE '" . $Product->generateURLSegment(
$Product->SubCategory2) ."'");
if($Product->SubCategory2) {
if($Product->SubCategory2) {
$NestedProductGroup = new ProductGroup();
$NestedProductGroup->Title = $Product->SubCategory2;
print_r("<ul><li>$NestedProductGroup->Title</li>");
@ -301,11 +348,13 @@ class DatabaseAdmin extends Controller {
$index = $NestedProductGroup->write();
$NestedProductGroup->flushCache();
$index = $SubCategory2->ID;
}
}
}
}
$MatchedProduct = DataObject::get_one("Product","URLSegment LIKE '". $Product->generateURLSegment($Product->Title) . "'");
$MatchedProduct = DataObject::get_one("Product",
"URLSegment LIKE '" . $Product->generateURLSegment(
$Product->Title) . "'");
if($MatchedProduct) {
// create the new parents / assign many many
@ -335,17 +384,19 @@ class DatabaseAdmin extends Controller {
}
/**
/**
* Imports objects based on a specified CSV file in $_GET['FileName']
*/
function generateProductGroups() {
$FileName = $_GET['FileName'];
$FileName = $_SERVER['DOCUMENT_ROOT'] . substr($_SERVER['PHP_SELF'], 0, strlen($_SERVER['PHP_SELF']) - 18) ."/assets/". $FileName;
$FileName = $_SERVER['DOCUMENT_ROOT'] .
substr($_SERVER['PHP_SELF'], 0, strlen($_SERVER['PHP_SELF']) - 18) .
"/assets/" . $FileName;
if(file_exists($FileName)) {
$handle = fopen($FileName,'r');
if($handle){
if($handle) {
$i = 0;
while(($data = fgetcsv($handle, 1000, ",")) !== FALSE) {
$ProductGroup[$i] = $data[0];
@ -355,15 +406,21 @@ class DatabaseAdmin extends Controller {
if($data[2]) {
$ProductGroup[$i][][] = $data[2];
}
}
} else {
}
} else {
print_r("<h1>Error: Could not open file.</h1>");
}
} else{
print_r("<h1>Error: Could not open file.</h1>");
} else {
print_r("<h1>Error: Could not open file.</h1>");
}
}
}
function makeURL() {}
/**
* This method does nothing at the moment...
*/
function makeURL() {}
}
?>

20
security/Member.php
View File

@ -217,11 +217,31 @@ class Member extends DataObject {
/**
* Returns true if this user is an administrator.
* Administrators have access to everything. The lucky bastards! ;-)
*
* @todo Should this function really exists? Is not {@link isAdmin()} the
* only right name for this?
* @todo Is {@link Group}::CanCMSAdmin not deprecated?
*/
function _isAdmin() {
if($groups = $this->Groups()) {
foreach($groups as $group) if($group->CanCMSAdmin) return true;
}
return Permission::check('ADMIN');
}
/**
* Check if the user is an administrator
*
* Alias for {@link _isAdmin()} because the method is used in both ways
* all over the framework.
*
* @return Returns TRUE if this user is an administrator.
* @see _isAdmin()
*/
public function isAdmin() {
return $this->_isAdmin();
}
function _isCMSUser() {
if($groups = $this->Groups()) {