tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

MINOR Formatting in Permission::checkMember()

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@66736 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2008-11-26 03:39:33 +00:00 committed by Sam Minnee
parent 18178c3e79
commit 61c58014c1
1 changed files with 66 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
security/Permission.php
View File

@ -124,76 +124,77 @@ class Permission extends DataObject {
$perms_list = self::get_declared_permissions_list(); $perms_list = self::get_declared_permissions_list();
$memberID = (is_object($member)) ? $member->ID : $member; $memberID = (is_object($member)) ? $member->ID : $member;
if(self::$declared_permissions && is_array($perms_list) && /*
!in_array($code, $perms_list)) { if(self::$declared_permissions && is_array($perms_list) && !in_array($code, $perms_list)) {
//user_error("Permission '$code' has not been declared. Use " . user_error(
// "Permission::declare_permissions() to add this permission", "Permission '$code' has not been declared. Use " .
// E_USER_WARNING); "Permission::declare_permissions() to add this permission",
E_USER_WARNING
);
} }
*/
$groupList = self::groupList($memberID); $groupList = self::groupList($memberID);
if($groupList) { if(!$groupList) return false;
$groupCSV = implode(", ", $groupList);
$groupCSV = implode(", ", $groupList);
// Arg component // Arg component
switch($arg) { switch($arg) {
case "any": case "any":
$argClause = ""; $argClause = "";
break; break;
case "all": case "all":
$argClause = " AND Arg = -1"; $argClause = " AND Arg = -1";
break; break;
default: default:
if(is_numeric($arg)) { if(is_numeric($arg)) {
$argClause = "AND Arg IN (-1, $arg) "; $argClause = "AND Arg IN (-1, $arg) ";
} else { } else {
user_error("Permission::checkMember: bad arg '$arg'", user_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
E_USER_ERROR);
}
}
if(is_array($code)) $SQL_codeList = "'" . implode("', '", Convert::raw2sql($code)) . "'";
else $SQL_codeList = "'" . Convert::raw2sql($code) . "'";
$SQL_code = Convert::raw2sql($code);
$adminFilter = (self::$admin_implies_all)
? ",'ADMIN'"
: '';
// Raw SQL for efficiency
$permission = DB::query("
SELECT ID
FROM Permission
WHERE (
Code IN ($SQL_codeList $adminFilter)
AND Type = " . self::GRANT_PERMISSION . "
AND GroupID IN ($groupCSV)
$argClause
)
")->value();
if($permission)
return $permission;
// Strict checking disabled?
if(!self::$strict_checking || !$strict) {
$hasPermission = DB::query("
SELECT COUNT(*)
FROM Permission
WHERE (
(Code IN '$SQL_code')'
AND (Type = " . self::GRANT_PERMISSION . ")
)
")->value();
if(!$hasPermission) {
return true;
} }
}
return false;
} }
if(is_array($code)) {
$SQL_codeList = "'" . implode("', '", Convert::raw2sql($code)) . "'";
} else {
$SQL_codeList = "'" . Convert::raw2sql($code) . "'";
}
$SQL_code = Convert::raw2sql($code);
$adminFilter = (self::$admin_implies_all) ? ",'ADMIN'" : '';
// Raw SQL for efficiency
$permission = DB::query("
SELECT ID
FROM Permission
WHERE (
Code IN ($SQL_codeList $adminFilter)
AND Type = " . self::GRANT_PERMISSION . "
AND GroupID IN ($groupCSV)
$argClause
)
")->value();
if($permission) return $permission;
// Strict checking disabled?
if(!self::$strict_checking || !$strict) {
$hasPermission = DB::query("
SELECT COUNT(*)
FROM Permission
WHERE (
(Code IN '$SQL_code')'
AND (Type = " . self::GRANT_PERMISSION . ")
)
")->value();
if(!$hasPermission) return true;
}
return false;
} }