mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 12:05:37 +00:00
Merge pull request #4618 from dhensby/pulls/permission-check-empty-admin
Members with no ID have no permissions
This commit is contained in:
Damian Mooyman
commit
63a1739493
@ -163,6 +163,10 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
$memberID = (is_object($member)) ? $member->ID : $member;
|
$memberID = (is_object($member)) ? $member->ID : $member;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!$memberID) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
// Turn the code into an array as we may need to add other permsissions to the set we check
|
// Turn the code into an array as we may need to add other permsissions to the set we check
|
||||||
if(!is_array($code)) $code = array($code);
|
if(!is_array($code)) $code = array($code);
|
||||||
|
|
||||||
|
|||||||
@ -124,4 +124,14 @@ class PermissionTest extends SapphireTest {
|
|||||||
Config::inst()->remove('Permission', 'hidden_permissions');
|
Config::inst()->remove('Permission', 'hidden_permissions');
|
||||||
$this->assertContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
$this->assertContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testEmptyMemberFails() {
|
||||||
|
$member = new Member();
|
||||||
|
$this->assertFalse($member->exists());
|
||||||
|
|
||||||
|
$this->logInWithPermission('ADMIN');
|
||||||
|
|
||||||
|
$this->assertFalse(Permission::checkMember($member, 'ADMIN'));
|
||||||
|
$this->assertFalse(Permission::checkMember($member, 'CMS_ACCESS_LeftAndMain'));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user