mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Don't use session and FormSchema to manage server-side React validation responses
This commit is contained in:
parent
f39c4d94f2
commit
6650561dac
@ -24,552 +24,552 @@ use SilverStripe\Core\Convert;
|
|||||||
class DBFile extends DBComposite implements AssetContainer, Thumbnail
|
class DBFile extends DBComposite implements AssetContainer, Thumbnail
|
||||||
{
|
{
|
||||||
|
|
||||||
use ImageManipulation;
|
use ImageManipulation;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of allowed file categories.
|
* List of allowed file categories.
|
||||||
*
|
*
|
||||||
* {@see File::$app_categories}
|
* {@see File::$app_categories}
|
||||||
*
|
*
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $allowedCategories = array();
|
protected $allowedCategories = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of image mime types supported by the image manipulations API
|
* List of image mime types supported by the image manipulations API
|
||||||
*
|
*
|
||||||
* {@see File::app_categories} for matching extensions.
|
* {@see File::app_categories} for matching extensions.
|
||||||
*
|
*
|
||||||
* @config
|
* @config
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
private static $supported_images = array(
|
private static $supported_images = array(
|
||||||
'image/jpeg',
|
'image/jpeg',
|
||||||
'image/gif',
|
'image/gif',
|
||||||
'image/png'
|
'image/png'
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a new image manipulation
|
* Create a new image manipulation
|
||||||
*
|
*
|
||||||
* @param string $name
|
* @param string $name
|
||||||
* @param array|string $allowed List of allowed file categories (not extensions), as per File::$app_categories
|
* @param array|string $allowed List of allowed file categories (not extensions), as per File::$app_categories
|
||||||
*/
|
*/
|
||||||
public function __construct($name = null, $allowed = array())
|
public function __construct($name = null, $allowed = array())
|
||||||
{
|
{
|
||||||
parent::__construct($name);
|
parent::__construct($name);
|
||||||
$this->setAllowedCategories($allowed);
|
$this->setAllowedCategories($allowed);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Determine if a valid non-empty image exists behind this asset, which is a format
|
* Determine if a valid non-empty image exists behind this asset, which is a format
|
||||||
* compatible with image manipulations
|
* compatible with image manipulations
|
||||||
*
|
*
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function getIsImage()
|
public function getIsImage()
|
||||||
{
|
{
|
||||||
// Check file type
|
// Check file type
|
||||||
$mime = $this->getMimeType();
|
$mime = $this->getMimeType();
|
||||||
return $mime && in_array($mime, $this->config()->supported_images);
|
return $mime && in_array($mime, $this->config()->supported_images);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return AssetStore
|
* @return AssetStore
|
||||||
*/
|
*/
|
||||||
protected function getStore()
|
protected function getStore()
|
||||||
{
|
{
|
||||||
return Injector::inst()->get('AssetStore');
|
return Injector::inst()->get('AssetStore');
|
||||||
}
|
}
|
||||||
|
|
||||||
private static $composite_db = array(
|
private static $composite_db = array(
|
||||||
"Hash" => "Varchar(255)", // SHA of the base content
|
"Hash" => "Varchar(255)", // SHA of the base content
|
||||||
"Filename" => "Varchar(255)", // Path identifier of the base content
|
"Filename" => "Varchar(255)", // Path identifier of the base content
|
||||||
"Variant" => "Varchar(255)", // Identifier of the variant to the base, if given
|
"Variant" => "Varchar(255)", // Identifier of the variant to the base, if given
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $casting = array(
|
private static $casting = array(
|
||||||
'URL' => 'Varchar',
|
'URL' => 'Varchar',
|
||||||
'AbsoluteURL' => 'Varchar',
|
'AbsoluteURL' => 'Varchar',
|
||||||
'Basename' => 'Varchar',
|
'Basename' => 'Varchar',
|
||||||
'Title' => 'Varchar',
|
'Title' => 'Varchar',
|
||||||
'MimeType' => 'Varchar',
|
'MimeType' => 'Varchar',
|
||||||
'String' => 'Text',
|
'String' => 'Text',
|
||||||
'Tag' => 'HTMLFragment',
|
'Tag' => 'HTMLFragment',
|
||||||
'Size' => 'Varchar'
|
'Size' => 'Varchar'
|
||||||
);
|
);
|
||||||
|
|
||||||
public function scaffoldFormField($title = null, $params = null)
|
public function scaffoldFormField($title = null, $params = null)
|
||||||
{
|
{
|
||||||
return AssetField::create($this->getName(), $title);
|
return AssetField::create($this->getName(), $title);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a html5 tag of the appropriate for this file (normally img or a)
|
* Return a html5 tag of the appropriate for this file (normally img or a)
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function XML()
|
public function XML()
|
||||||
{
|
{
|
||||||
return $this->getTag() ?: '';
|
return $this->getTag() ?: '';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a html5 tag of the appropriate for this file (normally img or a)
|
* Return a html5 tag of the appropriate for this file (normally img or a)
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getTag()
|
public function getTag()
|
||||||
{
|
{
|
||||||
$template = $this->getFrontendTemplate();
|
$template = $this->getFrontendTemplate();
|
||||||
if (empty($template)) {
|
if(empty($template)) {
|
||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
return (string)$this->renderWith($template);
|
return (string)$this->renderWith($template);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Determine the template to render as on the frontend
|
* Determine the template to render as on the frontend
|
||||||
*
|
*
|
||||||
* @return string Name of template
|
* @return string Name of template
|
||||||
*/
|
*/
|
||||||
public function getFrontendTemplate()
|
public function getFrontendTemplate()
|
||||||
{
|
{
|
||||||
// Check that path is available
|
// Check that path is available
|
||||||
$url = $this->getURL();
|
$url = $this->getURL();
|
||||||
if (empty($url)) {
|
if(empty($url)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Image template for supported images
|
// Image template for supported images
|
||||||
if ($this->getIsImage()) {
|
if($this->getIsImage()) {
|
||||||
return 'DBFile_image';
|
return 'DBFile_image';
|
||||||
}
|
}
|
||||||
|
|
||||||
// Default download
|
// Default download
|
||||||
return 'DBFile_download';
|
return 'DBFile_download';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get trailing part of filename
|
* Get trailing part of filename
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getBasename()
|
public function getBasename()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return basename($this->getSourceURL());
|
return basename($this->getSourceURL());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get file extension
|
* Get file extension
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getExtension()
|
public function getExtension()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return pathinfo($this->Filename, PATHINFO_EXTENSION);
|
return pathinfo($this->Filename, PATHINFO_EXTENSION);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Alt title for this
|
* Alt title for this
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getTitle()
|
public function getTitle()
|
||||||
{
|
{
|
||||||
// If customised, use the customised title
|
// If customised, use the customised title
|
||||||
if ($this->failover && ($title = $this->failover->Title)) {
|
if($this->failover && ($title = $this->failover->Title)) {
|
||||||
return $title;
|
return $title;
|
||||||
}
|
}
|
||||||
// fallback to using base name
|
// fallback to using base name
|
||||||
return $this->getBasename();
|
return $this->getBasename();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setFromLocalFile($path, $filename = null, $hash = null, $variant = null, $config = array())
|
public function setFromLocalFile($path, $filename = null, $hash = null, $variant = null, $config = array())
|
||||||
{
|
{
|
||||||
$this->assertFilenameValid($filename ?: $path);
|
$this->assertFilenameValid($filename ?: $path);
|
||||||
$result = $this
|
$result = $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->setFromLocalFile($path, $filename, $hash, $variant, $config);
|
->setFromLocalFile($path, $filename, $hash, $variant, $config);
|
||||||
// Update from result
|
// Update from result
|
||||||
if ($result) {
|
if($result) {
|
||||||
$this->setValue($result);
|
$this->setValue($result);
|
||||||
}
|
}
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setFromStream($stream, $filename, $hash = null, $variant = null, $config = array())
|
public function setFromStream($stream, $filename, $hash = null, $variant = null, $config = array())
|
||||||
{
|
{
|
||||||
$this->assertFilenameValid($filename);
|
$this->assertFilenameValid($filename);
|
||||||
$result = $this
|
$result = $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->setFromStream($stream, $filename, $hash, $variant, $config);
|
->setFromStream($stream, $filename, $hash, $variant, $config);
|
||||||
// Update from result
|
// Update from result
|
||||||
if ($result) {
|
if($result) {
|
||||||
$this->setValue($result);
|
$this->setValue($result);
|
||||||
}
|
}
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setFromString($data, $filename, $hash = null, $variant = null, $config = array())
|
public function setFromString($data, $filename, $hash = null, $variant = null, $config = array())
|
||||||
{
|
{
|
||||||
$this->assertFilenameValid($filename);
|
$this->assertFilenameValid($filename);
|
||||||
$result = $this
|
$result = $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->setFromString($data, $filename, $hash, $variant, $config);
|
->setFromString($data, $filename, $hash, $variant, $config);
|
||||||
// Update from result
|
// Update from result
|
||||||
if ($result) {
|
if($result) {
|
||||||
$this->setValue($result);
|
$this->setValue($result);
|
||||||
}
|
}
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getStream()
|
public function getStream()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return $this
|
return $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->getAsStream($this->Filename, $this->Hash, $this->Variant);
|
->getAsStream($this->Filename, $this->Hash, $this->Variant);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getString()
|
public function getString()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return $this
|
return $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->getAsString($this->Filename, $this->Hash, $this->Variant);
|
->getAsString($this->Filename, $this->Hash, $this->Variant);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getURL($grant = true)
|
public function getURL($grant = true)
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
$url = $this->getSourceURL($grant);
|
$url = $this->getSourceURL($grant);
|
||||||
$this->updateURL($url);
|
$this->updateURL($url);
|
||||||
$this->extend('updateURL', $url);
|
$this->extend('updateURL', $url);
|
||||||
return $url;
|
return $url;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get URL, but without resampling.
|
* Get URL, but without resampling.
|
||||||
* Note that this will return the url even if the file does not exist.
|
* Note that this will return the url even if the file does not exist.
|
||||||
*
|
*
|
||||||
* @param bool $grant Ensures that the url for any protected assets is granted for the current user.
|
* @param bool $grant Ensures that the url for any protected assets is granted for the current user.
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getSourceURL($grant = true)
|
public function getSourceURL($grant = true)
|
||||||
{
|
{
|
||||||
return $this
|
return $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->getAsURL($this->Filename, $this->Hash, $this->Variant, $grant);
|
->getAsURL($this->Filename, $this->Hash, $this->Variant, $grant);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the absolute URL to this resource
|
* Get the absolute URL to this resource
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getAbsoluteURL()
|
public function getAbsoluteURL()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return Director::absoluteURL($this->getURL());
|
return Director::absoluteURL($this->getURL());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getMetaData()
|
public function getMetaData()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return $this
|
return $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->getMetadata($this->Filename, $this->Hash, $this->Variant);
|
->getMetadata($this->Filename, $this->Hash, $this->Variant);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getMimeType()
|
public function getMimeType()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return $this
|
return $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->getMimeType($this->Filename, $this->Hash, $this->Variant);
|
->getMimeType($this->Filename, $this->Hash, $this->Variant);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getValue()
|
public function getValue()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if(!$this->exists()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return array(
|
return array(
|
||||||
'Filename' => $this->Filename,
|
'Filename' => $this->Filename,
|
||||||
'Hash' => $this->Hash,
|
'Hash' => $this->Hash,
|
||||||
'Variant' => $this->Variant
|
'Variant' => $this->Variant
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getVisibility()
|
public function getVisibility()
|
||||||
{
|
{
|
||||||
if (empty($this->Filename)) {
|
if(empty($this->Filename)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return $this
|
return $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->getVisibility($this->Filename, $this->Hash);
|
->getVisibility($this->Filename, $this->Hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function exists()
|
public function exists()
|
||||||
{
|
{
|
||||||
if (empty($this->Filename)) {
|
if(empty($this->Filename)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
return $this
|
return $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->exists($this->Filename, $this->Hash, $this->Variant);
|
->exists($this->Filename, $this->Hash, $this->Variant);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getFilename()
|
public function getFilename()
|
||||||
{
|
{
|
||||||
return $this->getField('Filename');
|
return $this->getField('Filename');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getHash()
|
public function getHash()
|
||||||
{
|
{
|
||||||
return $this->getField('Hash');
|
return $this->getField('Hash');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getVariant()
|
public function getVariant()
|
||||||
{
|
{
|
||||||
return $this->getField('Variant');
|
return $this->getField('Variant');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return file size in bytes.
|
* Return file size in bytes.
|
||||||
*
|
*
|
||||||
* @return int
|
* @return int
|
||||||
*/
|
*/
|
||||||
public function getAbsoluteSize()
|
public function getAbsoluteSize()
|
||||||
{
|
{
|
||||||
$metadata = $this->getMetaData();
|
$metadata = $this->getMetaData();
|
||||||
if (isset($metadata['size'])) {
|
if(isset($metadata['size'])) {
|
||||||
return $metadata['size'];
|
return $metadata['size'];
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Customise this object with an "original" record for getting other customised fields
|
* Customise this object with an "original" record for getting other customised fields
|
||||||
*
|
*
|
||||||
* @param AssetContainer $original
|
* @param AssetContainer $original
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setOriginal($original)
|
public function setOriginal($original)
|
||||||
{
|
{
|
||||||
$this->failover = $original;
|
$this->failover = $original;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get list of allowed file categories
|
* Get list of allowed file categories
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getAllowedCategories()
|
public function getAllowedCategories()
|
||||||
{
|
{
|
||||||
return $this->allowedCategories;
|
return $this->allowedCategories;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Assign allowed categories
|
* Assign allowed categories
|
||||||
*
|
*
|
||||||
* @param array|string $categories
|
* @param array|string $categories
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setAllowedCategories($categories)
|
public function setAllowedCategories($categories)
|
||||||
{
|
{
|
||||||
if (is_string($categories)) {
|
if(is_string($categories)) {
|
||||||
$categories = preg_split('/\s*,\s*/', $categories);
|
$categories = preg_split('/\s*,\s*/', $categories);
|
||||||
}
|
}
|
||||||
$this->allowedCategories = (array)$categories;
|
$this->allowedCategories = (array)$categories;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets the list of extensions (if limited) for this field. Empty list
|
* Gets the list of extensions (if limited) for this field. Empty list
|
||||||
* means there is no restriction on allowed types.
|
* means there is no restriction on allowed types.
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
protected function getAllowedExtensions()
|
protected function getAllowedExtensions()
|
||||||
{
|
{
|
||||||
$categories = $this->getAllowedCategories();
|
$categories = $this->getAllowedCategories();
|
||||||
return File::get_category_extensions($categories);
|
return File::get_category_extensions($categories);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Validate that this DBFile accepts this filename as valid
|
* Validate that this DBFile accepts this filename as valid
|
||||||
*
|
*
|
||||||
* @param string $filename
|
* @param string $filename
|
||||||
* @throws ValidationException
|
* @throws ValidationException
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
protected function isValidFilename($filename)
|
protected function isValidFilename($filename)
|
||||||
{
|
{
|
||||||
$extension = strtolower(File::get_file_extension($filename));
|
$extension = strtolower(File::get_file_extension($filename));
|
||||||
|
|
||||||
// Validate true if within the list of allowed extensions
|
// Validate true if within the list of allowed extensions
|
||||||
$allowed = $this->getAllowedExtensions();
|
$allowed = $this->getAllowedExtensions();
|
||||||
if ($allowed) {
|
if($allowed) {
|
||||||
return in_array($extension, $allowed);
|
return in_array($extension, $allowed);
|
||||||
}
|
}
|
||||||
|
|
||||||
// If no extensions are configured, fallback to global list
|
// If no extensions are configured, fallback to global list
|
||||||
$globalList = File::config()->allowed_extensions;
|
$globalList = File::config()->allowed_extensions;
|
||||||
if (in_array($extension, $globalList)) {
|
if(in_array($extension, $globalList)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Only admins can bypass global rules
|
// Only admins can bypass global rules
|
||||||
return !File::config()->apply_restrictions_to_admin && Permission::check('ADMIN');
|
return !File::config()->apply_restrictions_to_admin && Permission::check('ADMIN');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check filename, and raise a ValidationException if invalid
|
* Check filename, and raise a ValidationException if invalid
|
||||||
*
|
*
|
||||||
* @param string $filename
|
* @param string $filename
|
||||||
* @throws ValidationException
|
* @throws ValidationException
|
||||||
*/
|
*/
|
||||||
protected function assertFilenameValid($filename)
|
protected function assertFilenameValid($filename)
|
||||||
{
|
{
|
||||||
$result = new ValidationResult();
|
$result = new ValidationResult();
|
||||||
$this->validate($result, $filename);
|
$this->validate($result, $filename);
|
||||||
if (!$result->valid()) {
|
if(!$result->valid()) {
|
||||||
throw new ValidationException($result);
|
throw new ValidationException($result);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Hook to validate this record against a validation result
|
* Hook to validate this record against a validation result
|
||||||
*
|
*
|
||||||
* @param ValidationResult $result
|
* @param ValidationResult $result
|
||||||
* @param string $filename Optional filename to validate. If omitted, the current value is validated.
|
* @param string $filename Optional filename to validate. If omitted, the current value is validated.
|
||||||
* @return bool Valid flag
|
* @return bool Valid flag
|
||||||
*/
|
*/
|
||||||
public function validate(ValidationResult $result, $filename = null)
|
public function validate(ValidationResult $result, $filename = null)
|
||||||
{
|
{
|
||||||
if (empty($filename)) {
|
if(empty($filename)) {
|
||||||
$filename = $this->getFilename();
|
$filename = $this->getFilename();
|
||||||
}
|
}
|
||||||
if (empty($filename) || $this->isValidFilename($filename)) {
|
if(empty($filename) || $this->isValidFilename($filename)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check allowed extensions
|
// Check allowed extensions
|
||||||
$extensions = $this->getAllowedExtensions();
|
$extensions = $this->getAllowedExtensions();
|
||||||
if (empty($extensions)) {
|
if(empty($extensions)) {
|
||||||
$extensions = File::config()->allowed_extensions;
|
$extensions = File::config()->allowed_extensions;
|
||||||
}
|
}
|
||||||
sort($extensions);
|
sort($extensions);
|
||||||
$message = _t(
|
$message = _t(
|
||||||
'File.INVALIDEXTENSION',
|
'File.INVALIDEXTENSION',
|
||||||
'Extension is not allowed (valid: {extensions})',
|
'Extension is not allowed (valid: {extensions})',
|
||||||
'Argument 1: Comma-separated list of valid extensions',
|
'Argument 1: Comma-separated list of valid extensions',
|
||||||
array('extensions' => wordwrap(implode(', ', $extensions)))
|
array('extensions' => wordwrap(implode(', ',$extensions)))
|
||||||
);
|
);
|
||||||
$result->error($message);
|
$result->addError($message);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setField($field, $value, $markChanged = true)
|
public function setField($field, $value, $markChanged = true)
|
||||||
{
|
{
|
||||||
// Catch filename validation on direct assignment
|
// Catch filename validation on direct assignment
|
||||||
if ($field === 'Filename' && $value) {
|
if($field === 'Filename' && $value) {
|
||||||
$this->assertFilenameValid($value);
|
$this->assertFilenameValid($value);
|
||||||
}
|
}
|
||||||
|
|
||||||
return parent::setField($field, $value, $markChanged);
|
return parent::setField($field, $value, $markChanged);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the size of the file type in an appropriate format.
|
* Returns the size of the file type in an appropriate format.
|
||||||
*
|
*
|
||||||
* @return string|false String value, or false if doesn't exist
|
* @return string|false String value, or false if doesn't exist
|
||||||
*/
|
*/
|
||||||
public function getSize()
|
public function getSize()
|
||||||
{
|
{
|
||||||
$size = $this->getAbsoluteSize();
|
$size = $this->getAbsoluteSize();
|
||||||
if ($size) {
|
if($size) {
|
||||||
return File::format_size($size);
|
return File::format_size($size);
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function deleteFile()
|
public function deleteFile()
|
||||||
{
|
{
|
||||||
if (!$this->Filename) {
|
if(!$this->Filename) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this
|
return $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->delete($this->Filename, $this->Hash);
|
->delete($this->Filename, $this->Hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function publishFile()
|
public function publishFile()
|
||||||
{
|
{
|
||||||
if ($this->Filename) {
|
if($this->Filename) {
|
||||||
$this
|
$this
|
||||||
->getStore()
|
->getStore()
|
||||||
->publish($this->Filename, $this->Hash);
|
->publish($this->Filename, $this->Hash);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function protectFile()
|
public function protectFile()
|
||||||
{
|
{
|
||||||
if ($this->Filename) {
|
if($this->Filename) {
|
||||||
$this
|
$this
|
||||||
->getStore()
|
->getStore()
|
||||||
->protect($this->Filename, $this->Hash);
|
->protect($this->Filename, $this->Hash);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function grantFile()
|
public function grantFile()
|
||||||
{
|
{
|
||||||
if ($this->Filename) {
|
if($this->Filename) {
|
||||||
$this
|
$this
|
||||||
->getStore()
|
->getStore()
|
||||||
->grant($this->Filename, $this->Hash);
|
->grant($this->Filename, $this->Hash);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function revokeFile()
|
public function revokeFile()
|
||||||
{
|
{
|
||||||
if ($this->Filename) {
|
if($this->Filename) {
|
||||||
$this
|
$this
|
||||||
->getStore()
|
->getStore()
|
||||||
->revoke($this->Filename, $this->Hash);
|
->revoke($this->Filename, $this->Hash);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function canViewFile()
|
public function canViewFile()
|
||||||
{
|
{
|
||||||
return $this->Filename
|
return $this->Filename
|
||||||
&& $this
|
&& $this
|
||||||
->getStore()
|
->getStore()
|
||||||
->canView($this->Filename, $this->Hash);
|
->canView($this->Filename, $this->Hash);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -33,378 +33,374 @@ use SimpleXMLElement;
|
|||||||
*/
|
*/
|
||||||
class FunctionalTest extends SapphireTest
|
class FunctionalTest extends SapphireTest
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Set this to true on your sub-class to disable the use of themes in this test.
|
* Set this to true on your sub-class to disable the use of themes in this test.
|
||||||
* This can be handy for functional testing of modules without having to worry about whether a user has changed
|
* This can be handy for functional testing of modules without having to worry about whether a user has changed
|
||||||
* behaviour by replacing the theme.
|
* behaviour by replacing the theme.
|
||||||
*
|
*
|
||||||
* @var bool
|
* @var bool
|
||||||
*/
|
*/
|
||||||
protected static $disable_themes = false;
|
protected static $disable_themes = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set this to true on your sub-class to use the draft site by default for every test in this class.
|
* Set this to true on your sub-class to use the draft site by default for every test in this class.
|
||||||
*
|
*
|
||||||
* @var bool
|
* @var bool
|
||||||
*/
|
*/
|
||||||
protected static $use_draft_site = false;
|
protected static $use_draft_site = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var TestSession
|
* @var TestSession
|
||||||
*/
|
*/
|
||||||
protected $mainSession = null;
|
protected $mainSession = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* CSSContentParser for the most recently requested page.
|
* CSSContentParser for the most recently requested page.
|
||||||
*
|
*
|
||||||
* @var CSSContentParser
|
* @var CSSContentParser
|
||||||
*/
|
*/
|
||||||
protected $cssParser = null;
|
protected $cssParser = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If this is true, then 30x Location headers will be automatically followed.
|
* If this is true, then 30x Location headers will be automatically followed.
|
||||||
* If not, then you will have to manaully call $this->mainSession->followRedirection() to follow them.
|
* If not, then you will have to manaully call $this->mainSession->followRedirection() to follow them.
|
||||||
* However, this will let you inspect the intermediary headers
|
* However, this will let you inspect the intermediary headers
|
||||||
*
|
*
|
||||||
* @var bool
|
* @var bool
|
||||||
*/
|
*/
|
||||||
protected $autoFollowRedirection = true;
|
protected $autoFollowRedirection = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the {@link Session} object for this test
|
* Returns the {@link Session} object for this test
|
||||||
*
|
*
|
||||||
* @return Session
|
* @return Session
|
||||||
*/
|
*/
|
||||||
public function session()
|
public function session()
|
||||||
{
|
{
|
||||||
return $this->mainSession->session();
|
return $this->mainSession->session();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setUp()
|
public function setUp()
|
||||||
{
|
{
|
||||||
// Skip calling FunctionalTest directly.
|
// Skip calling FunctionalTest directly.
|
||||||
if (get_class($this) == __CLASS__) {
|
if(get_class($this) == __CLASS__) {
|
||||||
$this->markTestSkipped(sprintf('Skipping %s ', get_class($this)));
|
$this->markTestSkipped(sprintf('Skipping %s ', get_class($this)));
|
||||||
}
|
}
|
||||||
|
|
||||||
parent::setUp();
|
parent::setUp();
|
||||||
$this->mainSession = new TestSession();
|
$this->mainSession = new TestSession();
|
||||||
|
|
||||||
// Disable theme, if necessary
|
// Disable theme, if necessary
|
||||||
if (static::get_disable_themes()) {
|
if(static::get_disable_themes()) {
|
||||||
SSViewer::config()->update('theme_enabled', false);
|
SSViewer::config()->update('theme_enabled', false);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Switch to draft site, if necessary
|
// Switch to draft site, if necessary
|
||||||
if (static::get_use_draft_site()) {
|
if(static::get_use_draft_site()) {
|
||||||
$this->useDraftSite();
|
$this->useDraftSite();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Unprotect the site, tests are running with the assumption it's off. They will enable it on a case-by-case
|
// Unprotect the site, tests are running with the assumption it's off. They will enable it on a case-by-case
|
||||||
// basis.
|
// basis.
|
||||||
BasicAuth::protect_entire_site(false);
|
BasicAuth::protect_entire_site(false);
|
||||||
|
|
||||||
SecurityToken::disable();
|
SecurityToken::disable();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function tearDown()
|
public function tearDown()
|
||||||
{
|
{
|
||||||
SecurityToken::enable();
|
SecurityToken::enable();
|
||||||
|
|
||||||
parent::tearDown();
|
parent::tearDown();
|
||||||
unset($this->mainSession);
|
unset($this->mainSession);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Run a test while mocking the base url with the provided value
|
* Run a test while mocking the base url with the provided value
|
||||||
* @param string $url The base URL to use for this test
|
* @param string $url The base URL to use for this test
|
||||||
* @param callable $callback The test to run
|
* @param callable $callback The test to run
|
||||||
*/
|
*/
|
||||||
protected function withBaseURL($url, $callback)
|
protected function withBaseURL($url, $callback)
|
||||||
{
|
{
|
||||||
$oldBase = Config::inst()->get('SilverStripe\\Control\\Director', 'alternate_base_url');
|
$oldBase = Config::inst()->get('SilverStripe\\Control\\Director', 'alternate_base_url');
|
||||||
Config::inst()->update('SilverStripe\\Control\\Director', 'alternate_base_url', $url);
|
Config::inst()->update('SilverStripe\\Control\\Director', 'alternate_base_url', $url);
|
||||||
$callback($this);
|
$callback($this);
|
||||||
Config::inst()->update('SilverStripe\\Control\\Director', 'alternate_base_url', $oldBase);
|
Config::inst()->update('SilverStripe\\Control\\Director', 'alternate_base_url', $oldBase);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Run a test while mocking the base folder with the provided value
|
* Run a test while mocking the base folder with the provided value
|
||||||
* @param string $folder The base folder to use for this test
|
* @param string $folder The base folder to use for this test
|
||||||
* @param callable $callback The test to run
|
* @param callable $callback The test to run
|
||||||
*/
|
*/
|
||||||
protected function withBaseFolder($folder, $callback)
|
protected function withBaseFolder($folder, $callback)
|
||||||
{
|
{
|
||||||
$oldFolder = Config::inst()->get('SilverStripe\\Control\\Director', 'alternate_base_folder');
|
$oldFolder = Config::inst()->get('SilverStripe\\Control\\Director', 'alternate_base_folder');
|
||||||
Config::inst()->update('SilverStripe\\Control\\Director', 'alternate_base_folder', $folder);
|
Config::inst()->update('SilverStripe\\Control\\Director', 'alternate_base_folder', $folder);
|
||||||
$callback($this);
|
$callback($this);
|
||||||
Config::inst()->update('SilverStripe\\Control\\Director', 'alternate_base_folder', $oldFolder);
|
Config::inst()->update('SilverStripe\\Control\\Director', 'alternate_base_folder', $oldFolder);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Submit a get request
|
* Submit a get request
|
||||||
* @uses Director::test()
|
* @uses Director::test()
|
||||||
*
|
*
|
||||||
* @param string $url
|
* @param string $url
|
||||||
* @param Session $session
|
* @param Session $session
|
||||||
* @param array $headers
|
* @param array $headers
|
||||||
* @param array $cookies
|
* @param array $cookies
|
||||||
* @return HTTPResponse
|
* @return HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function get($url, $session = null, $headers = null, $cookies = null)
|
public function get($url, $session = null, $headers = null, $cookies = null)
|
||||||
{
|
{
|
||||||
$this->cssParser = null;
|
$this->cssParser = null;
|
||||||
$response = $this->mainSession->get($url, $session, $headers, $cookies);
|
$response = $this->mainSession->get($url, $session, $headers, $cookies);
|
||||||
if ($this->autoFollowRedirection && is_object($response) && $response->getHeader('Location')) {
|
if($this->autoFollowRedirection && is_object($response) && $response->getHeader('Location')) {
|
||||||
$response = $this->mainSession->followRedirection();
|
$response = $this->mainSession->followRedirection();
|
||||||
}
|
}
|
||||||
return $response;
|
return $response;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Submit a post request
|
* Submit a post request
|
||||||
*
|
*
|
||||||
* @uses Director::test()
|
* @uses Director::test()
|
||||||
* @param string $url
|
* @param string $url
|
||||||
* @param array $data
|
* @param array $data
|
||||||
* @param array $headers
|
* @param array $headers
|
||||||
* @param Session $session
|
* @param Session $session
|
||||||
* @param string $body
|
* @param string $body
|
||||||
* @param array $cookies
|
* @param array $cookies
|
||||||
* @return HTTPResponse
|
* @return HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function post($url, $data, $headers = null, $session = null, $body = null, $cookies = null)
|
public function post($url, $data, $headers = null, $session = null, $body = null, $cookies = null)
|
||||||
{
|
{
|
||||||
$this->cssParser = null;
|
$this->cssParser = null;
|
||||||
$response = $this->mainSession->post($url, $data, $headers, $session, $body, $cookies);
|
$response = $this->mainSession->post($url, $data, $headers, $session, $body, $cookies);
|
||||||
if ($this->autoFollowRedirection && is_object($response) && $response->getHeader('Location')) {
|
if($this->autoFollowRedirection && is_object($response) && $response->getHeader('Location')) {
|
||||||
$response = $this->mainSession->followRedirection();
|
$response = $this->mainSession->followRedirection();
|
||||||
}
|
}
|
||||||
return $response;
|
return $response;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Submit the form with the given HTML ID, filling it out with the given data.
|
* Submit the form with the given HTML ID, filling it out with the given data.
|
||||||
* Acts on the most recent response.
|
* Acts on the most recent response.
|
||||||
*
|
*
|
||||||
* Any data parameters have to be present in the form, with exact form field name
|
* Any data parameters have to be present in the form, with exact form field name
|
||||||
* and values, otherwise they are removed from the submission.
|
* and values, otherwise they are removed from the submission.
|
||||||
*
|
*
|
||||||
* Caution: Parameter names have to be formatted
|
* Caution: Parameter names have to be formatted
|
||||||
* as they are in the form submission, not as they are interpreted by PHP.
|
* as they are in the form submission, not as they are interpreted by PHP.
|
||||||
* Wrong: array('mycheckboxvalues' => array(1 => 'one', 2 => 'two'))
|
* Wrong: array('mycheckboxvalues' => array(1 => 'one', 2 => 'two'))
|
||||||
* Right: array('mycheckboxvalues[1]' => 'one', 'mycheckboxvalues[2]' => 'two')
|
* Right: array('mycheckboxvalues[1]' => 'one', 'mycheckboxvalues[2]' => 'two')
|
||||||
*
|
*
|
||||||
* @see http://www.simpletest.org/en/form_testing_documentation.html
|
* @see http://www.simpletest.org/en/form_testing_documentation.html
|
||||||
*
|
*
|
||||||
* @param string $formID HTML 'id' attribute of a form (loaded through a previous response)
|
* @param string $formID HTML 'id' attribute of a form (loaded through a previous response)
|
||||||
* @param string $button HTML 'name' attribute of the button (NOT the 'id' attribute)
|
* @param string $button HTML 'name' attribute of the button (NOT the 'id' attribute)
|
||||||
* @param array $data Map of GET/POST data.
|
* @param array $data Map of GET/POST data.
|
||||||
* @return HTTPResponse
|
* @return HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function submitForm($formID, $button = null, $data = array())
|
public function submitForm($formID, $button = null, $data = array())
|
||||||
{
|
{
|
||||||
$this->cssParser = null;
|
$this->cssParser = null;
|
||||||
$response = $this->mainSession->submitForm($formID, $button, $data);
|
$response = $this->mainSession->submitForm($formID, $button, $data);
|
||||||
if ($this->autoFollowRedirection && is_object($response) && $response->getHeader('Location')) {
|
if($this->autoFollowRedirection && is_object($response) && $response->getHeader('Location')) {
|
||||||
$response = $this->mainSession->followRedirection();
|
$response = $this->mainSession->followRedirection();
|
||||||
}
|
}
|
||||||
return $response;
|
return $response;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the most recent content
|
* Return the most recent content
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function content()
|
public function content()
|
||||||
{
|
{
|
||||||
return $this->mainSession->lastContent();
|
return $this->mainSession->lastContent();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Find an attribute in a SimpleXMLElement object by name.
|
* Find an attribute in a SimpleXMLElement object by name.
|
||||||
* @param SimpleXMLElement $object
|
* @param SimpleXMLElement $object
|
||||||
* @param string $attribute Name of attribute to find
|
* @param string $attribute Name of attribute to find
|
||||||
* @return SimpleXMLElement object of the attribute
|
* @return SimpleXMLElement object of the attribute
|
||||||
*/
|
*/
|
||||||
public function findAttribute($object, $attribute)
|
public function findAttribute($object, $attribute)
|
||||||
{
|
{
|
||||||
$found = false;
|
$found = false;
|
||||||
foreach ($object->attributes() as $a => $b) {
|
foreach($object->attributes() as $a => $b) {
|
||||||
if ($a == $attribute) {
|
if($a == $attribute) {
|
||||||
$found = $b;
|
$found = $b;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $found;
|
return $found;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a CSSContentParser for the most recent content.
|
* Return a CSSContentParser for the most recent content.
|
||||||
*
|
*
|
||||||
* @return CSSContentParser
|
* @return CSSContentParser
|
||||||
*/
|
*/
|
||||||
public function cssParser()
|
public function cssParser()
|
||||||
{
|
{
|
||||||
if (!$this->cssParser) {
|
if (!$this->cssParser) {
|
||||||
$this->cssParser = new CSSContentParser($this->mainSession->lastContent());
|
$this->cssParser = new CSSContentParser($this->mainSession->lastContent());
|
||||||
}
|
}
|
||||||
return $this->cssParser;
|
return $this->cssParser;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Assert that the most recently queried page contains a number of content tags specified by a CSS selector.
|
* Assert that the most recently queried page contains a number of content tags specified by a CSS selector.
|
||||||
* The given CSS selector will be applied to the HTML of the most recent page. The content of every matching tag
|
* The given CSS selector will be applied to the HTML of the most recent page. The content of every matching tag
|
||||||
* will be examined. The assertion fails if one of the expectedMatches fails to appear.
|
* will be examined. The assertion fails if one of the expectedMatches fails to appear.
|
||||||
*
|
*
|
||||||
* Note: characters are stripped from the content; make sure that your assertions take this into account.
|
* Note: characters are stripped from the content; make sure that your assertions take this into account.
|
||||||
*
|
*
|
||||||
* @param string $selector A basic CSS selector, e.g. 'li.jobs h3'
|
* @param string $selector A basic CSS selector, e.g. 'li.jobs h3'
|
||||||
* @param array|string $expectedMatches The content of at least one of the matched tags
|
* @param array|string $expectedMatches The content of at least one of the matched tags
|
||||||
* @throws PHPUnit_Framework_AssertionFailedError
|
* @throws PHPUnit_Framework_AssertionFailedError
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function assertPartialMatchBySelector($selector, $expectedMatches)
|
public function assertPartialMatchBySelector($selector, $expectedMatches)
|
||||||
{
|
{
|
||||||
if (is_string($expectedMatches)) {
|
if (is_string($expectedMatches)) {
|
||||||
$expectedMatches = array($expectedMatches);
|
$expectedMatches = array($expectedMatches);
|
||||||
}
|
}
|
||||||
|
|
||||||
$items = $this->cssParser()->getBySelector($selector);
|
$items = $this->cssParser()->getBySelector($selector);
|
||||||
|
|
||||||
$actuals = array();
|
$actuals = array();
|
||||||
if ($items) {
|
if($items) foreach($items as $item) $actuals[trim(preg_replace("/\s+/", " ", (string)$item))] = true;
|
||||||
foreach ($items as $item) {
|
|
||||||
$actuals[trim(preg_replace("/[ \n\r\t]+/", " ", $item. ''))] = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
foreach ($expectedMatches as $match) {
|
foreach($expectedMatches as $match) {
|
||||||
$this->assertTrue(
|
$this->assertTrue(
|
||||||
isset($actuals[$match]),
|
isset($actuals[$match]),
|
||||||
"Failed asserting the CSS selector '$selector' has a partial match to the expected elements:\n'"
|
"Failed asserting the CSS selector '$selector' has a partial match to the expected elements:\n'"
|
||||||
. implode("'\n'", $expectedMatches) . "'\n\n"
|
. implode("'\n'", $expectedMatches) . "'\n\n"
|
||||||
. "Instead the following elements were found:\n'" . implode("'\n'", array_keys($actuals)) . "'"
|
. "Instead the following elements were found:\n'" . implode("'\n'", array_keys($actuals)) . "'"
|
||||||
);
|
);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Assert that the most recently queried page contains a number of content tags specified by a CSS selector.
|
* Assert that the most recently queried page contains a number of content tags specified by a CSS selector.
|
||||||
* The given CSS selector will be applied to the HTML of the most recent page. The full HTML of every matching tag
|
* The given CSS selector will be applied to the HTML of the most recent page. The full HTML of every matching tag
|
||||||
* will be examined. The assertion fails if one of the expectedMatches fails to appear.
|
* will be examined. The assertion fails if one of the expectedMatches fails to appear.
|
||||||
*
|
*
|
||||||
* Note: characters are stripped from the content; make sure that your assertions take this into account.
|
* Note: characters are stripped from the content; make sure that your assertions take this into account.
|
||||||
*
|
*
|
||||||
* @param string $selector A basic CSS selector, e.g. 'li.jobs h3'
|
* @param string $selector A basic CSS selector, e.g. 'li.jobs h3'
|
||||||
* @param array|string $expectedMatches The content of *all* matching tags as an array
|
* @param array|string $expectedMatches The content of *all* matching tags as an array
|
||||||
* @throws PHPUnit_Framework_AssertionFailedError
|
* @throws PHPUnit_Framework_AssertionFailedError
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function assertExactMatchBySelector($selector, $expectedMatches)
|
public function assertExactMatchBySelector($selector, $expectedMatches)
|
||||||
{
|
{
|
||||||
if (is_string($expectedMatches)) {
|
if (is_string($expectedMatches)) {
|
||||||
$expectedMatches = array($expectedMatches);
|
$expectedMatches = array($expectedMatches);
|
||||||
}
|
}
|
||||||
|
|
||||||
$items = $this->cssParser()->getBySelector($selector);
|
$items = $this->cssParser()->getBySelector($selector);
|
||||||
|
|
||||||
$actuals = array();
|
$actuals = array();
|
||||||
if ($items) {
|
if ($items) {
|
||||||
foreach ($items as $item) {
|
foreach ($items as $item) {
|
||||||
$actuals[] = trim(preg_replace("/[ \n\r\t]+/", " ", $item. ''));
|
$actuals[] = trim(preg_replace("/[ \n\r\t]+/", " ", $item. ''));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->assertTrue(
|
$this->assertTrue(
|
||||||
$expectedMatches == $actuals,
|
$expectedMatches == $actuals,
|
||||||
"Failed asserting the CSS selector '$selector' has an exact match to the expected elements:\n'"
|
"Failed asserting the CSS selector '$selector' has an exact match to the expected elements:\n'"
|
||||||
. implode("'\n'", $expectedMatches) . "'\n\n"
|
. implode("'\n'", $expectedMatches) . "'\n\n"
|
||||||
. "Instead the following elements were found:\n'" . implode("'\n'", $actuals) . "'"
|
. "Instead the following elements were found:\n'" . implode("'\n'", $actuals) . "'"
|
||||||
);
|
);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Assert that the most recently queried page contains a number of content tags specified by a CSS selector.
|
* Assert that the most recently queried page contains a number of content tags specified by a CSS selector.
|
||||||
* The given CSS selector will be applied to the HTML of the most recent page. The content of every matching tag
|
* The given CSS selector will be applied to the HTML of the most recent page. The content of every matching tag
|
||||||
* will be examined. The assertion fails if one of the expectedMatches fails to appear.
|
* will be examined. The assertion fails if one of the expectedMatches fails to appear.
|
||||||
*
|
*
|
||||||
* Note: characters are stripped from the content; make sure that your assertions take this into account.
|
* Note: characters are stripped from the content; make sure that your assertions take this into account.
|
||||||
*
|
*
|
||||||
* @param string $selector A basic CSS selector, e.g. 'li.jobs h3'
|
* @param string $selector A basic CSS selector, e.g. 'li.jobs h3'
|
||||||
* @param array|string $expectedMatches The content of at least one of the matched tags
|
* @param array|string $expectedMatches The content of at least one of the matched tags
|
||||||
* @throws PHPUnit_Framework_AssertionFailedError
|
* @throws PHPUnit_Framework_AssertionFailedError
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function assertPartialHTMLMatchBySelector($selector, $expectedMatches)
|
public function assertPartialHTMLMatchBySelector($selector, $expectedMatches)
|
||||||
{
|
{
|
||||||
if (is_string($expectedMatches)) {
|
if (is_string($expectedMatches)) {
|
||||||
$expectedMatches = array($expectedMatches);
|
$expectedMatches = array($expectedMatches);
|
||||||
}
|
}
|
||||||
|
|
||||||
$items = $this->cssParser()->getBySelector($selector);
|
$items = $this->cssParser()->getBySelector($selector);
|
||||||
|
|
||||||
$actuals = array();
|
$actuals = array();
|
||||||
if ($items) {
|
if($items) {
|
||||||
/** @var SimpleXMLElement $item */
|
/** @var SimpleXMLElement $item */
|
||||||
foreach ($items as $item) {
|
foreach($items as $item) {
|
||||||
$actuals[$item->asXML()] = true;
|
$actuals[$item->asXML()] = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($expectedMatches as $match) {
|
foreach($expectedMatches as $match) {
|
||||||
$this->assertTrue(
|
$this->assertTrue(
|
||||||
isset($actuals[$match]),
|
isset($actuals[$match]),
|
||||||
"Failed asserting the CSS selector '$selector' has a partial match to the expected elements:\n'"
|
"Failed asserting the CSS selector '$selector' has a partial match to the expected elements:\n'"
|
||||||
. implode("'\n'", $expectedMatches) . "'\n\n"
|
. implode("'\n'", $expectedMatches) . "'\n\n"
|
||||||
. "Instead the following elements were found:\n'" . implode("'\n'", array_keys($actuals)) . "'"
|
. "Instead the following elements were found:\n'" . implode("'\n'", array_keys($actuals)) . "'"
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Assert that the most recently queried page contains a number of content tags specified by a CSS selector.
|
* Assert that the most recently queried page contains a number of content tags specified by a CSS selector.
|
||||||
* The given CSS selector will be applied to the HTML of the most recent page. The full HTML of every matching tag
|
* The given CSS selector will be applied to the HTML of the most recent page. The full HTML of every matching tag
|
||||||
* will be examined. The assertion fails if one of the expectedMatches fails to appear.
|
* will be examined. The assertion fails if one of the expectedMatches fails to appear.
|
||||||
*
|
*
|
||||||
* Note: characters are stripped from the content; make sure that your assertions take this into account.
|
* Note: characters are stripped from the content; make sure that your assertions take this into account.
|
||||||
*
|
*
|
||||||
* @param string $selector A basic CSS selector, e.g. 'li.jobs h3'
|
* @param string $selector A basic CSS selector, e.g. 'li.jobs h3'
|
||||||
* @param array|string $expectedMatches The content of *all* matched tags as an array
|
* @param array|string $expectedMatches The content of *all* matched tags as an array
|
||||||
* @throws PHPUnit_Framework_AssertionFailedError
|
* @throws PHPUnit_Framework_AssertionFailedError
|
||||||
*/
|
*/
|
||||||
public function assertExactHTMLMatchBySelector($selector, $expectedMatches)
|
public function assertExactHTMLMatchBySelector($selector, $expectedMatches)
|
||||||
{
|
{
|
||||||
$items = $this->cssParser()->getBySelector($selector);
|
$items = $this->cssParser()->getBySelector($selector);
|
||||||
|
|
||||||
$actuals = array();
|
$actuals = array();
|
||||||
if ($items) {
|
if($items) {
|
||||||
/** @var SimpleXMLElement $item */
|
/** @var SimpleXMLElement $item */
|
||||||
foreach ($items as $item) {
|
foreach($items as $item) {
|
||||||
$actuals[] = $item->asXML();
|
$actuals[] = $item->asXML();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->assertTrue(
|
$this->assertTrue(
|
||||||
$expectedMatches == $actuals,
|
$expectedMatches == $actuals,
|
||||||
"Failed asserting the CSS selector '$selector' has an exact match to the expected elements:\n'"
|
"Failed asserting the CSS selector '$selector' has an exact match to the expected elements:\n'"
|
||||||
. implode("'\n'", $expectedMatches) . "'\n\n"
|
. implode("'\n'", $expectedMatches) . "'\n\n"
|
||||||
. "Instead the following elements were found:\n'" . implode("'\n'", $actuals) . "'"
|
. "Instead the following elements were found:\n'" . implode("'\n'", $actuals) . "'"
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Log in as the given member
|
* Log in as the given member
|
||||||
*
|
*
|
||||||
* @param Member|int|string $member The ID, fixture codename, or Member object of the member that you want to log in
|
* @param Member|int|string $member The ID, fixture codename, or Member object of the member that you want to log in
|
||||||
*/
|
*/
|
||||||
public function logInAs($member)
|
public function logInAs($member)
|
||||||
{
|
{
|
||||||
if (is_object($member)) {
|
if (is_object($member)) {
|
||||||
@ -415,40 +411,40 @@ class FunctionalTest extends SapphireTest
|
|||||||
$memberID = $this->idFromFixture('SilverStripe\\Security\\Member', $member);
|
$memberID = $this->idFromFixture('SilverStripe\\Security\\Member', $member);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->session()->inst_set('loggedInAs', $memberID);
|
$this->session()->inst_set('loggedInAs', $memberID);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Use the draft (stage) site for testing.
|
* Use the draft (stage) site for testing.
|
||||||
* This is helpful if you're not testing publication functionality and don't want "stage management" cluttering
|
* This is helpful if you're not testing publication functionality and don't want "stage management" cluttering
|
||||||
* your test.
|
* your test.
|
||||||
*
|
*
|
||||||
* @param bool $enabled toggle the use of the draft site
|
* @param bool $enabled toggle the use of the draft site
|
||||||
*/
|
*/
|
||||||
public function useDraftSite($enabled = true)
|
public function useDraftSite($enabled = true)
|
||||||
{
|
{
|
||||||
if ($enabled) {
|
if($enabled) {
|
||||||
$this->session()->inst_set('readingMode', 'Stage.Stage');
|
$this->session()->inst_set('readingMode', 'Stage.Stage');
|
||||||
$this->session()->inst_set('unsecuredDraftSite', true);
|
$this->session()->inst_set('unsecuredDraftSite', true);
|
||||||
} else {
|
} else {
|
||||||
$this->session()->inst_set('readingMode', 'Stage.Live');
|
$this->session()->inst_set('readingMode', 'Stage.Live');
|
||||||
$this->session()->inst_set('unsecuredDraftSite', false);
|
$this->session()->inst_set('unsecuredDraftSite', false);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public static function get_disable_themes()
|
public static function get_disable_themes()
|
||||||
{
|
{
|
||||||
return static::$disable_themes;
|
return static::$disable_themes;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public static function get_use_draft_site()
|
public static function get_use_draft_site()
|
||||||
{
|
{
|
||||||
return static::$use_draft_site;
|
return static::$use_draft_site;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
2994
src/Forms/Form.php
2994
src/Forms/Form.php
@ -67,409 +67,405 @@ use SilverStripe\View\SSViewer;
|
|||||||
class Form extends RequestHandler
|
class Form extends RequestHandler
|
||||||
{
|
{
|
||||||
|
|
||||||
const ENC_TYPE_URLENCODED = 'application/x-www-form-urlencoded';
|
const ENC_TYPE_URLENCODED = 'application/x-www-form-urlencoded';
|
||||||
const ENC_TYPE_MULTIPART = 'multipart/form-data';
|
const ENC_TYPE_MULTIPART = 'multipart/form-data';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Accessed by Form.ss; modified by {@link formHtmlContent()}.
|
* Accessed by Form.ss; modified by {@link formHtmlContent()}.
|
||||||
* A performance enhancement over the generate-the-form-tag-and-then-remove-it code that was there previously
|
* A performance enhancement over the generate-the-form-tag-and-then-remove-it code that was there previously
|
||||||
*
|
*
|
||||||
* @var bool
|
* @var bool
|
||||||
*/
|
*/
|
||||||
public $IncludeFormTag = true;
|
public $IncludeFormTag = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var FieldList
|
* @var FieldList
|
||||||
*/
|
*/
|
||||||
protected $fields;
|
protected $fields;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var FieldList
|
* @var FieldList
|
||||||
*/
|
*/
|
||||||
protected $actions;
|
protected $actions;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var Controller
|
* @var Controller
|
||||||
*/
|
*/
|
||||||
protected $controller;
|
protected $controller;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string
|
* @var string
|
||||||
*/
|
*/
|
||||||
protected $name;
|
protected $name;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var Validator
|
* @var Validator
|
||||||
*/
|
*/
|
||||||
protected $validator;
|
protected $validator;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var callable {@see setValidationResponseCallback()}
|
* @var callable {@see setValidationResponseCallback()}
|
||||||
*/
|
*/
|
||||||
protected $validationResponseCallback;
|
protected $validationResponseCallback;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string
|
* @var string
|
||||||
*/
|
*/
|
||||||
protected $formMethod = "POST";
|
protected $formMethod = "POST";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var boolean
|
* @var boolean
|
||||||
*/
|
*/
|
||||||
protected $strictFormMethodCheck = false;
|
protected $strictFormMethodCheck = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var DataObject|null $record Populated by {@link loadDataFrom()}.
|
* @var DataObject|null $record Populated by {@link loadDataFrom()}.
|
||||||
*/
|
*/
|
||||||
protected $record;
|
protected $record;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Keeps track of whether this form has a default action or not.
|
* Keeps track of whether this form has a default action or not.
|
||||||
* Set to false by $this->disableDefaultAction();
|
* Set to false by $this->disableDefaultAction();
|
||||||
*
|
*
|
||||||
* @var boolean
|
* @var boolean
|
||||||
*/
|
*/
|
||||||
protected $hasDefaultAction = true;
|
protected $hasDefaultAction = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Target attribute of form-tag.
|
* Target attribute of form-tag.
|
||||||
* Useful to open a new window upon
|
* Useful to open a new window upon
|
||||||
* form submission.
|
* form submission.
|
||||||
*
|
*
|
||||||
* @var string|null
|
* @var string|null
|
||||||
*/
|
*/
|
||||||
protected $target;
|
protected $target;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Legend value, to be inserted into the
|
* Legend value, to be inserted into the
|
||||||
* <legend> element before the <fieldset>
|
* <legend> element before the <fieldset>
|
||||||
* in Form.ss template.
|
* in Form.ss template.
|
||||||
*
|
*
|
||||||
* @var string|null
|
* @var string|null
|
||||||
*/
|
*/
|
||||||
protected $legend;
|
protected $legend;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The SS template to render this form HTML into.
|
* The SS template to render this form HTML into.
|
||||||
* Default is "Form", but this can be changed to
|
* Default is "Form", but this can be changed to
|
||||||
* another template for customisation.
|
* another template for customisation.
|
||||||
*
|
*
|
||||||
* @see Form->setTemplate()
|
* @see Form->setTemplate()
|
||||||
* @var string|null
|
* @var string|null
|
||||||
*/
|
*/
|
||||||
protected $template;
|
protected $template;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var callable|null
|
* @var callable|null
|
||||||
*/
|
*/
|
||||||
protected $buttonClickedFunc;
|
protected $buttonClickedFunc;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string|null
|
* @var string|null
|
||||||
*/
|
*/
|
||||||
protected $message;
|
protected $message;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string|null
|
* @var string|null
|
||||||
*/
|
*/
|
||||||
protected $messageType;
|
protected $messageType;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Should we redirect the user back down to the
|
* Should we redirect the user back down to the
|
||||||
* the form on validation errors rather then just the page
|
* the form on validation errors rather then just the page
|
||||||
*
|
*
|
||||||
* @var bool
|
* @var bool
|
||||||
*/
|
*/
|
||||||
protected $redirectToFormOnValidationError = false;
|
protected $redirectToFormOnValidationError = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var bool
|
* @var bool
|
||||||
*/
|
*/
|
||||||
protected $security = true;
|
protected $security = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var SecurityToken|null
|
* @var SecurityToken|null
|
||||||
*/
|
*/
|
||||||
protected $securityToken = null;
|
protected $securityToken = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var array $extraClasses List of additional CSS classes for the form tag.
|
* @var array $extraClasses List of additional CSS classes for the form tag.
|
||||||
*/
|
*/
|
||||||
protected $extraClasses = array();
|
protected $extraClasses = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var array $default_classes The default classes to apply to the Form
|
* @var array $default_classes The default classes to apply to the Form
|
||||||
*/
|
*/
|
||||||
private static $default_classes = array();
|
private static $default_classes = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string|null
|
* @var string|null
|
||||||
*/
|
*/
|
||||||
protected $encType;
|
protected $encType;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var array Any custom form attributes set through {@link setAttributes()}.
|
* @var array Any custom form attributes set through {@link setAttributes()}.
|
||||||
* Some attributes are calculated on the fly, so please use {@link getAttributes()} to access them.
|
* Some attributes are calculated on the fly, so please use {@link getAttributes()} to access them.
|
||||||
*/
|
*/
|
||||||
protected $attributes = array();
|
protected $attributes = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $validationExemptActions = array();
|
protected $validationExemptActions = array();
|
||||||
|
|
||||||
private static $allowed_actions = array(
|
private static $allowed_actions = array(
|
||||||
'handleField',
|
'handleField',
|
||||||
'httpSubmission',
|
'httpSubmission',
|
||||||
'forTemplate',
|
'forTemplate',
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $casting = array(
|
private static $casting = array(
|
||||||
'AttributesHTML' => 'HTMLFragment',
|
'AttributesHTML' => 'HTMLFragment',
|
||||||
'FormAttributes' => 'HTMLFragment',
|
'FormAttributes' => 'HTMLFragment',
|
||||||
'MessageType' => 'Text',
|
'MessageType' => 'Text',
|
||||||
'Message' => 'HTMLFragment',
|
'Message' => 'HTMLFragment',
|
||||||
'FormName' => 'Text',
|
'FormName' => 'Text',
|
||||||
'Legend' => 'HTMLFragment',
|
'Legend' => 'HTMLFragment',
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var FormTemplateHelper
|
* @var FormTemplateHelper
|
||||||
*/
|
*/
|
||||||
private $templateHelper = null;
|
private $templateHelper = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @ignore
|
* @ignore
|
||||||
*/
|
*/
|
||||||
private $htmlID = null;
|
private $htmlID = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @ignore
|
* @ignore
|
||||||
*/
|
*/
|
||||||
private $formActionPath = false;
|
private $formActionPath = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var bool
|
* @var bool
|
||||||
*/
|
*/
|
||||||
protected $securityTokenAdded = false;
|
protected $securityTokenAdded = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a new form, with the given fields an action buttons.
|
* Create a new form, with the given fields an action buttons.
|
||||||
*
|
*
|
||||||
* @param Controller $controller The parent controller, necessary to create the appropriate form action tag.
|
* @param Controller $controller The parent controller, necessary to create the appropriate form action tag.
|
||||||
* @param string $name The method on the controller that will return this form object.
|
* @param string $name The method on the controller that will return this form object.
|
||||||
* @param FieldList $fields All of the fields in the form - a {@link FieldList} of {@link FormField} objects.
|
* @param FieldList $fields All of the fields in the form - a {@link FieldList} of {@link FormField} objects.
|
||||||
* @param FieldList $actions All of the action buttons in the form - a {@link FieldLis} of
|
* @param FieldList $actions All of the action buttons in the form - a {@link FieldLis} of
|
||||||
* {@link FormAction} objects
|
* {@link FormAction} objects
|
||||||
* @param Validator|null $validator Override the default validator instance (Default: {@link RequiredFields})
|
* @param Validator|null $validator Override the default validator instance (Default: {@link RequiredFields})
|
||||||
*/
|
*/
|
||||||
public function __construct($controller, $name, FieldList $fields, FieldList $actions, Validator $validator = null)
|
public function __construct($controller, $name, FieldList $fields, FieldList $actions, Validator $validator = null)
|
||||||
{
|
{
|
||||||
parent::__construct();
|
parent::__construct();
|
||||||
|
|
||||||
$fields->setForm($this);
|
$fields->setForm($this);
|
||||||
$actions->setForm($this);
|
$actions->setForm($this);
|
||||||
|
|
||||||
$this->fields = $fields;
|
$this->fields = $fields;
|
||||||
$this->actions = $actions;
|
$this->actions = $actions;
|
||||||
$this->controller = $controller;
|
$this->controller = $controller;
|
||||||
$this->setName($name);
|
$this->setName($name);
|
||||||
|
|
||||||
if (!$this->controller) {
|
if (!$this->controller) {
|
||||||
user_error("$this->class form created without a controller", E_USER_ERROR);
|
user_error("$this->class form created without a controller", E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Form validation
|
// Form validation
|
||||||
$this->validator = ($validator) ? $validator : new RequiredFields();
|
$this->validator = ($validator) ? $validator : new RequiredFields();
|
||||||
$this->validator->setForm($this);
|
$this->validator->setForm($this);
|
||||||
|
|
||||||
// Form error controls
|
// Form error controls
|
||||||
$this->setupFormErrors();
|
$this->setupFormErrors();
|
||||||
|
|
||||||
// Check if CSRF protection is enabled, either on the parent controller or from the default setting. Note that
|
// Check if CSRF protection is enabled, either on the parent controller or from the default setting. Note that
|
||||||
// method_exists() is used as some controllers (e.g. GroupTest) do not always extend from Object.
|
// method_exists() is used as some controllers (e.g. GroupTest) do not always extend from Object.
|
||||||
if (method_exists($controller, 'securityTokenEnabled') || (method_exists($controller, 'hasMethod')
|
if(method_exists($controller, 'securityTokenEnabled') || (method_exists($controller, 'hasMethod')
|
||||||
&& $controller->hasMethod('securityTokenEnabled'))) {
|
&& $controller->hasMethod('securityTokenEnabled'))) {
|
||||||
$securityEnabled = $controller->securityTokenEnabled();
|
$securityEnabled = $controller->securityTokenEnabled();
|
||||||
} else {
|
} else {
|
||||||
$securityEnabled = SecurityToken::is_enabled();
|
$securityEnabled = SecurityToken::is_enabled();
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->securityToken = ($securityEnabled) ? new SecurityToken() : new NullSecurityToken();
|
$this->securityToken = ($securityEnabled) ? new SecurityToken() : new NullSecurityToken();
|
||||||
|
|
||||||
$this->setupDefaultClasses();
|
$this->setupDefaultClasses();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
private static $url_handlers = array(
|
private static $url_handlers = array(
|
||||||
'field/$FieldName!' => 'handleField',
|
'field/$FieldName!' => 'handleField',
|
||||||
'POST ' => 'httpSubmission',
|
'POST ' => 'httpSubmission',
|
||||||
'GET ' => 'httpSubmission',
|
'GET ' => 'httpSubmission',
|
||||||
'HEAD ' => 'httpSubmission',
|
'HEAD ' => 'httpSubmission',
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set up current form errors in session to
|
* Take errors from a ValidationResult and populate the form with the appropriate message.
|
||||||
* the current form if appropriate.
|
*
|
||||||
*
|
* @param ValidationResult $result The erroneous ValidationResult. If none passed, this will be atken
|
||||||
* @return $this
|
* from the session
|
||||||
*/
|
*/
|
||||||
public function setupFormErrors()
|
public function setupFormErrors($result = null, $data = null) {
|
||||||
{
|
if(!$result) $result = Session::get("FormInfo.{$this->FormName()}.result");
|
||||||
$errorInfo = Session::get("FormInfo.{$this->FormName()}");
|
if(!$result) return;
|
||||||
|
|
||||||
if (isset($errorInfo['errors']) && is_array($errorInfo['errors'])) {
|
foreach($result->fieldErrors() as $fieldName => $fieldError) {
|
||||||
foreach ($errorInfo['errors'] as $error) {
|
$field = $this->fields->dataFieldByName($fieldName);
|
||||||
$field = $this->fields->dataFieldByName($error['fieldName']);
|
$field->setError($fieldError['message'], $fieldError['messageType']);
|
||||||
|
}
|
||||||
|
|
||||||
if (!$field) {
|
//don't escape the HTML as it should have been escaped when adding it to the validation result
|
||||||
$errorInfo['message'] = $error['message'];
|
$this->setMessage($result->overallMessage(), $result->valid() ? 'good' : 'bad', false);
|
||||||
$errorInfo['type'] = $error['messageType'];
|
|
||||||
} else {
|
|
||||||
$field->setError($error['message'], $error['messageType']);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// load data in from previous submission upon error
|
// load data in from previous submission upon error
|
||||||
if (isset($errorInfo['data'])) {
|
if(!$data) $data = Session::get("FormInfo.{$this->FormName()}.data");
|
||||||
$this->loadDataFrom($errorInfo['data']);
|
if($data) $this->loadDataFrom($data);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
if (isset($errorInfo['message']) && isset($errorInfo['type'])) {
|
/**
|
||||||
$this->setMessage($errorInfo['message'], $errorInfo['type']);
|
* Save information to the session to be picked up by {@link setUpFormErrors()}
|
||||||
}
|
*/
|
||||||
|
public function saveFormErrorsToSession($result = null, $data = null) {
|
||||||
|
Session::set("FormInfo.{$this->FormName()}.result", $result);
|
||||||
|
Session::set("FormInfo.{$this->FormName()}.data", $data);
|
||||||
|
}
|
||||||
|
|
||||||
return $this;
|
/**
|
||||||
}
|
* set up the default classes for the form. This is done on construct so that the default classes can be removed
|
||||||
|
* after instantiation
|
||||||
/**
|
*/
|
||||||
* set up the default classes for the form. This is done on construct so that the default classes can be removed
|
|
||||||
* after instantiation
|
|
||||||
*/
|
|
||||||
protected function setupDefaultClasses()
|
protected function setupDefaultClasses()
|
||||||
{
|
{
|
||||||
$defaultClasses = self::config()->get('default_classes');
|
$defaultClasses = self::config()->get('default_classes');
|
||||||
if ($defaultClasses) {
|
if ($defaultClasses) {
|
||||||
foreach ($defaultClasses as $class) {
|
foreach ($defaultClasses as $class) {
|
||||||
$this->addExtraClass($class);
|
$this->addExtraClass($class);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Handle a form submission. GET and POST requests behave identically.
|
* Handle a form submission. GET and POST requests behave identically.
|
||||||
* Populates the form with {@link loadDataFrom()}, calls {@link validate()},
|
* Populates the form with {@link loadDataFrom()}, calls {@link validate()},
|
||||||
* and only triggers the requested form action/method
|
* and only triggers the requested form action/method
|
||||||
* if the form is valid.
|
* if the form is valid.
|
||||||
*
|
*
|
||||||
* @param HTTPRequest $request
|
* @param HTTPRequest $request
|
||||||
* @throws HTTPResponse_Exception
|
* @throws HTTPResponse_Exception
|
||||||
*/
|
*/
|
||||||
public function httpSubmission($request)
|
public function httpSubmission($request)
|
||||||
{
|
{
|
||||||
// Strict method check
|
// Strict method check
|
||||||
if ($this->strictFormMethodCheck) {
|
if($this->strictFormMethodCheck) {
|
||||||
// Throws an error if the method is bad...
|
// Throws an error if the method is bad...
|
||||||
if ($this->formMethod != $request->httpMethod()) {
|
if($this->formMethod != $request->httpMethod()) {
|
||||||
$response = Controller::curr()->getResponse();
|
$response = Controller::curr()->getResponse();
|
||||||
$response->addHeader('Allow', $this->formMethod);
|
$response->addHeader('Allow', $this->formMethod);
|
||||||
$this->httpError(405, _t("Form.BAD_METHOD", "This form requires a ".$this->formMethod." submission"));
|
$this->httpError(405, _t("Form.BAD_METHOD", "This form requires a ".$this->formMethod." submission"));
|
||||||
}
|
}
|
||||||
|
|
||||||
// ...and only uses the variables corresponding to that method type
|
// ...and only uses the variables corresponding to that method type
|
||||||
$vars = $this->formMethod == 'GET' ? $request->getVars() : $request->postVars();
|
$vars = $this->formMethod == 'GET' ? $request->getVars() : $request->postVars();
|
||||||
} else {
|
} else {
|
||||||
$vars = $request->requestVars();
|
$vars = $request->requestVars();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Ensure we only process saveable fields (non structural, readonly, or disabled)
|
// Ensure we only process saveable fields (non structural, readonly, or disabled)
|
||||||
$allowedFields = array_keys($this->Fields()->saveableFields());
|
$allowedFields = array_keys($this->Fields()->saveableFields());
|
||||||
|
|
||||||
// Populate the form
|
// Populate the form
|
||||||
$this->loadDataFrom($vars, true, $allowedFields);
|
$this->loadDataFrom($vars, true, $allowedFields);
|
||||||
|
|
||||||
// Protection against CSRF attacks
|
// Protection against CSRF attacks
|
||||||
$token = $this->getSecurityToken();
|
$token = $this->getSecurityToken();
|
||||||
if (! $token->checkRequest($request)) {
|
if( ! $token->checkRequest($request)) {
|
||||||
$securityID = $token->getName();
|
$securityID = $token->getName();
|
||||||
if (empty($vars[$securityID])) {
|
if (empty($vars[$securityID])) {
|
||||||
$this->httpError(400, _t(
|
$this->httpError(400, _t(
|
||||||
"Form.CSRF_FAILED_MESSAGE",
|
"Form.CSRF_FAILED_MESSAGE",
|
||||||
"There seems to have been a technical problem. Please click the back button, ".
|
"There seems to have been a technical problem. Please click the back button, ".
|
||||||
"refresh your browser, and try again."
|
"refresh your browser, and try again."
|
||||||
));
|
));
|
||||||
} else {
|
} else {
|
||||||
// Clear invalid token on refresh
|
// Clear invalid token on refresh
|
||||||
$data = $this->getData();
|
$data = $this->getData();
|
||||||
unset($data[$securityID]);
|
unset($data[$securityID]);
|
||||||
Session::set("FormInfo.{$this->FormName()}.data", $data);
|
Session::set("FormInfo.{$this->FormName()}.data", $data);
|
||||||
Session::set("FormInfo.{$this->FormName()}.errors", array());
|
Session::set("FormInfo.{$this->FormName()}.errors", array());
|
||||||
$this->sessionMessage(
|
$this->sessionMessage(
|
||||||
_t("Form.CSRF_EXPIRED_MESSAGE", "Your session has expired. Please re-submit the form."),
|
_t("Form.CSRF_EXPIRED_MESSAGE", "Your session has expired. Please re-submit the form."),
|
||||||
"warning"
|
"warning"
|
||||||
);
|
);
|
||||||
return $this->controller->redirectBack();
|
return $this->controller->redirectBack();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Determine the action button clicked
|
// Determine the action button clicked
|
||||||
$funcName = null;
|
$funcName = null;
|
||||||
foreach ($vars as $paramName => $paramVal) {
|
foreach($vars as $paramName => $paramVal) {
|
||||||
if (substr($paramName, 0, 7) == 'action_') {
|
if(substr($paramName,0,7) == 'action_') {
|
||||||
// Break off querystring arguments included in the action
|
// Break off querystring arguments included in the action
|
||||||
if (strpos($paramName, '?') !== false) {
|
if(strpos($paramName,'?') !== false) {
|
||||||
list($paramName, $paramVars) = explode('?', $paramName, 2);
|
list($paramName, $paramVars) = explode('?', $paramName, 2);
|
||||||
$newRequestParams = array();
|
$newRequestParams = array();
|
||||||
parse_str($paramVars, $newRequestParams);
|
parse_str($paramVars, $newRequestParams);
|
||||||
$vars = array_merge((array)$vars, (array)$newRequestParams);
|
$vars = array_merge((array)$vars, (array)$newRequestParams);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Cleanup action_, _x and _y from image fields
|
// Cleanup action_, _x and _y from image fields
|
||||||
$funcName = preg_replace(array('/^action_/','/_x$|_y$/'), '', $paramName);
|
$funcName = preg_replace(array('/^action_/','/_x$|_y$/'),'',$paramName);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// If the action wasn't set, choose the default on the form.
|
// If the action wasn't set, choose the default on the form.
|
||||||
if (!isset($funcName) && $defaultAction = $this->defaultAction()) {
|
if(!isset($funcName) && $defaultAction = $this->defaultAction()){
|
||||||
$funcName = $defaultAction->actionName();
|
$funcName = $defaultAction->actionName();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($funcName)) {
|
if(isset($funcName)) {
|
||||||
$this->setButtonClicked($funcName);
|
$this->setButtonClicked($funcName);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Permission checks (first on controller, then falling back to form)
|
// Permission checks (first on controller, then falling back to form)
|
||||||
if (// Ensure that the action is actually a button or method on the form,
|
if (// Ensure that the action is actually a button or method on the form,
|
||||||
// and not just a method on the controller.
|
// and not just a method on the controller.
|
||||||
$this->controller->hasMethod($funcName)
|
$this->controller->hasMethod($funcName)
|
||||||
&& !$this->controller->checkAccessAction($funcName)
|
&& !$this->controller->checkAccessAction($funcName)
|
||||||
// If a button exists, allow it on the controller
|
// If a button exists, allow it on the controller
|
||||||
// buttonClicked() validates that the action set above is valid
|
// buttonClicked() validates that the action set above is valid
|
||||||
&& !$this->buttonClicked()
|
&& !$this->buttonClicked()
|
||||||
) {
|
) {
|
||||||
return $this->httpError(
|
return $this->httpError(
|
||||||
403,
|
403,
|
||||||
sprintf('Action "%s" not allowed on controller (Class: %s)', $funcName, get_class($this->controller))
|
sprintf('Action "%s" not allowed on controller (Class: %s)', $funcName, get_class($this->controller))
|
||||||
);
|
);
|
||||||
} elseif ($this->hasMethod($funcName)
|
} elseif ($this->hasMethod($funcName)
|
||||||
&& !$this->checkAccessAction($funcName)
|
&& !$this->checkAccessAction($funcName)
|
||||||
// No checks for button existence or $allowed_actions is performed -
|
// No checks for button existence or $allowed_actions is performed -
|
||||||
// all form methods are callable (e.g. the legacy "callfieldmethod()")
|
// all form methods are callable (e.g. the legacy "callfieldmethod()")
|
||||||
) {
|
) {
|
||||||
return $this->httpError(
|
return $this->httpError(
|
||||||
403,
|
403,
|
||||||
sprintf('Action "%s" not allowed on form (Name: "%s")', $funcName, $this->name)
|
sprintf('Action "%s" not allowed on form (Name: "%s")', $funcName, $this->name)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
// TODO : Once we switch to a stricter policy regarding allowed_actions (meaning actions must be set
|
// TODO : Once we switch to a stricter policy regarding allowed_actions (meaning actions must be set
|
||||||
// explicitly in allowed_actions in order to run)
|
// explicitly in allowed_actions in order to run)
|
||||||
// Uncomment the following for checking security against running actions on form fields
|
// Uncomment the following for checking security against running actions on form fields
|
||||||
/* else {
|
/* else {
|
||||||
// Try to find a field that has the action, and allows it
|
// Try to find a field that has the action, and allows it
|
||||||
$fieldsHaveMethod = false;
|
$fieldsHaveMethod = false;
|
||||||
foreach ($this->Fields() as $field){
|
foreach ($this->Fields() as $field){
|
||||||
@ -485,1527 +481,1567 @@ class Form extends RequestHandler
|
|||||||
}
|
}
|
||||||
}*/
|
}*/
|
||||||
|
|
||||||
// Validate the form
|
// Action handlers may throw ValidationExceptions.
|
||||||
if (!$this->validate()) {
|
try {
|
||||||
return $this->getValidationErrorResponse();
|
// Or we can use the Valiator attached to the form
|
||||||
}
|
$result = $this->validationResult();
|
||||||
|
if(!$result->valid()) {
|
||||||
|
return $this->getValidationErrorResponse($result);
|
||||||
|
}
|
||||||
|
|
||||||
// First, try a handler method on the controller (has been checked for allowed_actions above already)
|
// First, try a handler method on the controller (has been checked for allowed_actions above already)
|
||||||
if ($this->controller->hasMethod($funcName)) {
|
if($this->controller->hasMethod($funcName)) {
|
||||||
return $this->controller->$funcName($vars, $this, $request);
|
return $this->controller->$funcName($vars, $this, $request);
|
||||||
// Otherwise, try a handler method on the form object.
|
// Otherwise, try a handler method on the form object.
|
||||||
} elseif ($this->hasMethod($funcName)) {
|
} elseif($this->hasMethod($funcName)) {
|
||||||
return $this->$funcName($vars, $this, $request);
|
return $this->$funcName($vars, $this, $request);
|
||||||
} elseif ($field = $this->checkFieldsForAction($this->Fields(), $funcName)) {
|
} elseif($field = $this->checkFieldsForAction($this->Fields(), $funcName)) {
|
||||||
return $field->$funcName($vars, $this, $request);
|
return $field->$funcName($vars, $this, $request);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->httpError(404);
|
} catch(ValidationException $e) {
|
||||||
}
|
// The ValdiationResult contains all the relevant metadata
|
||||||
|
$result = $e->getResult();
|
||||||
|
return $this->getValidationErrorResponse($result);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
// First, try a handler method on the controller (has been checked for allowed_actions above already)
|
||||||
* @param string $action
|
if($this->controller->hasMethod($funcName)) {
|
||||||
* @return bool
|
return $this->controller->$funcName($vars, $this, $request);
|
||||||
*/
|
// Otherwise, try a handler method on the form object.
|
||||||
|
} elseif($this->hasMethod($funcName)) {
|
||||||
|
return $this->$funcName($vars, $this, $request);
|
||||||
|
} elseif($field = $this->checkFieldsForAction($this->Fields(), $funcName)) {
|
||||||
|
return $field->$funcName($vars, $this, $request);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->httpError(404);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $action
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
public function checkAccessAction($action)
|
public function checkAccessAction($action)
|
||||||
{
|
{
|
||||||
if (parent::checkAccessAction($action)) {
|
if (parent::checkAccessAction($action)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
$actions = $this->getAllActions();
|
$actions = $this->getAllActions();
|
||||||
foreach ($actions as $formAction) {
|
foreach ($actions as $formAction) {
|
||||||
if ($formAction->actionName() === $action) {
|
if ($formAction->actionName() === $action) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Always allow actions on fields
|
// Always allow actions on fields
|
||||||
$field = $this->checkFieldsForAction($this->Fields(), $action);
|
$field = $this->checkFieldsForAction($this->Fields(), $action);
|
||||||
if ($field && $field->checkAccessAction($action)) {
|
if ($field && $field->checkAccessAction($action)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return callable
|
* @return callable
|
||||||
*/
|
*/
|
||||||
public function getValidationResponseCallback()
|
public function getValidationResponseCallback()
|
||||||
{
|
{
|
||||||
return $this->validationResponseCallback;
|
return $this->validationResponseCallback;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Overrules validation error behaviour in {@link httpSubmission()}
|
* Overrules validation error behaviour in {@link httpSubmission()}
|
||||||
* when validation has failed. Useful for optional handling of a certain accepted content type.
|
* when validation has failed. Useful for optional handling of a certain accepted content type.
|
||||||
*
|
*
|
||||||
* The callback can opt out of handling specific responses by returning NULL,
|
* The callback can opt out of handling specific responses by returning NULL,
|
||||||
* in which case the default form behaviour will kick in.
|
* in which case the default form behaviour will kick in.
|
||||||
*
|
*
|
||||||
* @param $callback
|
* @param $callback
|
||||||
* @return self
|
* @return self
|
||||||
*/
|
*/
|
||||||
public function setValidationResponseCallback($callback)
|
public function setValidationResponseCallback($callback)
|
||||||
{
|
{
|
||||||
$this->validationResponseCallback = $callback;
|
$this->validationResponseCallback = $callback;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the appropriate response up the controller chain
|
* Returns the appropriate response up the controller chain
|
||||||
* if {@link validate()} fails (which is checked prior to executing any form actions).
|
* if {@link validate()} fails (which is checked prior to executing any form actions).
|
||||||
* By default, returns different views for ajax/non-ajax request, and
|
* By default, returns different views for ajax/non-ajax request, and
|
||||||
* handles 'application/json' requests with a JSON object containing the error messages.
|
* handles 'application/json' requests with a JSON object containing the error messages.
|
||||||
* Behaviour can be influenced by setting {@link $redirectToFormOnValidationError},
|
* Behaviour can be influenced by setting {@link $redirectToFormOnValidationError},
|
||||||
* and can be overruled by setting {@link $validationResponseCallback}.
|
* and can be overruled by setting {@link $validationResponseCallback}.
|
||||||
*
|
*
|
||||||
* @return HTTPResponse|string
|
* @param ValidationResult $result
|
||||||
*/
|
* @return HTTPResponse|string
|
||||||
protected function getValidationErrorResponse()
|
*/
|
||||||
{
|
protected function getValidationErrorResponse(ValidationResult $result) {
|
||||||
$callback = $this->getValidationResponseCallback();
|
$callback = $this->getValidationResponseCallback();
|
||||||
if ($callback && $callbackResponse = $callback()) {
|
if($callback && $callbackResponse = $callback($result)) {
|
||||||
return $callbackResponse;
|
return $callbackResponse;
|
||||||
}
|
}
|
||||||
|
|
||||||
$request = $this->getRequest();
|
$request = $this->getRequest();
|
||||||
if ($request->isAjax()) {
|
if($request->isAjax()) {
|
||||||
// Special case for legacy Validator.js implementation
|
// Special case for legacy Validator.js implementation
|
||||||
// (assumes eval'ed javascript collected through FormResponse)
|
// (assumes eval'ed javascript collected through FormResponse)
|
||||||
$acceptType = $request->getHeader('Accept');
|
$acceptType = $request->getHeader('Accept');
|
||||||
if (strpos($acceptType, 'application/json') !== false) {
|
if (strpos($acceptType, 'application/json') !== false) {
|
||||||
// Send validation errors back as JSON with a flag at the start
|
// Send validation errors back as JSON with a flag at the start
|
||||||
$response = new HTTPResponse(Convert::array2json($this->validator->getErrors()));
|
$response = new HTTPResponse(Convert::array2json($result->getErrorMetaData()));
|
||||||
$response->addHeader('Content-Type', 'application/json');
|
$response->addHeader('Content-Type', 'application/json');
|
||||||
} else {
|
|
||||||
$this->setupFormErrors();
|
|
||||||
// Send the newly rendered form tag as HTML
|
|
||||||
$response = new HTTPResponse($this->forTemplate());
|
|
||||||
$response->addHeader('Content-Type', 'text/html');
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response;
|
} else {
|
||||||
} else {
|
$this->setupFormErrors($result, $this->getData());
|
||||||
if ($this->getRedirectToFormOnValidationError()) {
|
// Send the newly rendered form tag as HTML
|
||||||
if ($pageURL = $request->getHeader('Referer')) {
|
$response = new HTTPResponse($this->forTemplate());
|
||||||
if (Director::is_site_url($pageURL)) {
|
$response->addHeader('Content-Type', 'text/html');
|
||||||
// Remove existing pragmas
|
}
|
||||||
$pageURL = preg_replace('/(#.*)/', '', $pageURL);
|
|
||||||
$pageURL = Director::absoluteURL($pageURL, true);
|
|
||||||
return $this->controller->redirect($pageURL . '#' . $this->FormName());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return $this->controller->redirectBack();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
return $response;
|
||||||
* Fields can have action to, let's check if anyone of the responds to $funcname them
|
|
||||||
*
|
} else {
|
||||||
* @param SS_List|array $fields
|
// Save the relevant information in the session
|
||||||
* @param callable $funcName
|
$this->saveFormErrorsToSession($result, $this->getData());
|
||||||
* @return FormField
|
|
||||||
*/
|
// Redirect back to the form
|
||||||
|
if($this->getRedirectToFormOnValidationError()) {
|
||||||
|
if($pageURL = $request->getHeader('Referer')) {
|
||||||
|
if(Director::is_site_url($pageURL)) {
|
||||||
|
// Remove existing pragmas
|
||||||
|
$pageURL = preg_replace('/(#.*)/', '', $pageURL);
|
||||||
|
$pageURL = Director::absoluteURL($pageURL, true);
|
||||||
|
return $this->controller->redirect($pageURL . '#' . $this->FormName());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $this->controller->redirectBack();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fields can have action to, let's check if anyone of the responds to $funcname them
|
||||||
|
*
|
||||||
|
* @param SS_List|array $fields
|
||||||
|
* @param callable $funcName
|
||||||
|
* @return FormField
|
||||||
|
*/
|
||||||
protected function checkFieldsForAction($fields, $funcName)
|
protected function checkFieldsForAction($fields, $funcName)
|
||||||
{
|
{
|
||||||
foreach ($fields as $field) {
|
foreach($fields as $field){
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
if (method_exists($field, 'FieldList')) {
|
if(method_exists($field, 'FieldList')) {
|
||||||
if ($field = $this->checkFieldsForAction($field->FieldList(), $funcName)) {
|
if($field = $this->checkFieldsForAction($field->FieldList(), $funcName)) {
|
||||||
return $field;
|
return $field;
|
||||||
}
|
}
|
||||||
} elseif ($field->hasMethod($funcName) && $field->checkAccessAction($funcName)) {
|
} elseif ($field->hasMethod($funcName) && $field->checkAccessAction($funcName)) {
|
||||||
return $field;
|
return $field;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Handle a field request.
|
* Handle a field request.
|
||||||
* Uses {@link Form->dataFieldByName()} to find a matching field,
|
* Uses {@link Form->dataFieldByName()} to find a matching field,
|
||||||
* and falls back to {@link FieldList->fieldByName()} to look
|
* and falls back to {@link FieldList->fieldByName()} to look
|
||||||
* for tabs instead. This means that if you have a tab and a
|
* for tabs instead. This means that if you have a tab and a
|
||||||
* formfield with the same name, this method gives priority
|
* formfield with the same name, this method gives priority
|
||||||
* to the formfield.
|
* to the formfield.
|
||||||
*
|
*
|
||||||
* @param HTTPRequest $request
|
* @param HTTPRequest $request
|
||||||
* @return FormField
|
* @return FormField
|
||||||
*/
|
*/
|
||||||
public function handleField($request)
|
public function handleField($request)
|
||||||
{
|
{
|
||||||
$field = $this->Fields()->dataFieldByName($request->param('FieldName'));
|
$field = $this->Fields()->dataFieldByName($request->param('FieldName'));
|
||||||
|
|
||||||
if ($field) {
|
if($field) {
|
||||||
return $field;
|
return $field;
|
||||||
} else {
|
} else {
|
||||||
// falling back to fieldByName, e.g. for getting tabs
|
// falling back to fieldByName, e.g. for getting tabs
|
||||||
return $this->Fields()->fieldByName($request->param('FieldName'));
|
return $this->Fields()->fieldByName($request->param('FieldName'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Convert this form into a readonly form
|
* Convert this form into a readonly form
|
||||||
*/
|
*/
|
||||||
public function makeReadonly()
|
public function makeReadonly()
|
||||||
{
|
{
|
||||||
$this->transform(new ReadonlyTransformation());
|
$this->transform(new ReadonlyTransformation());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set whether the user should be redirected back down to the
|
* Set whether the user should be redirected back down to the
|
||||||
* form on the page upon validation errors in the form or if
|
* form on the page upon validation errors in the form or if
|
||||||
* they just need to redirect back to the page
|
* they just need to redirect back to the page
|
||||||
*
|
*
|
||||||
* @param bool $bool Redirect to form on error?
|
* @param bool $bool Redirect to form on error?
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setRedirectToFormOnValidationError($bool)
|
public function setRedirectToFormOnValidationError($bool)
|
||||||
{
|
{
|
||||||
$this->redirectToFormOnValidationError = $bool;
|
$this->redirectToFormOnValidationError = $bool;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get whether the user should be redirected back down to the
|
* Get whether the user should be redirected back down to the
|
||||||
* form on the page upon validation errors
|
* form on the page upon validation errors
|
||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function getRedirectToFormOnValidationError()
|
public function getRedirectToFormOnValidationError()
|
||||||
{
|
{
|
||||||
return $this->redirectToFormOnValidationError;
|
return $this->redirectToFormOnValidationError;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add a plain text error message to a field on this form. It will be saved into the session
|
* Add a plain text error message to a field on this form. It will be saved into the session
|
||||||
* and used the next time this form is displayed.
|
* and used the next time this form is displayed.
|
||||||
* @param string $fieldName
|
*
|
||||||
* @param string $message
|
* @deprecated 3.2
|
||||||
* @param string $messageType
|
*/
|
||||||
* @param bool $escapeHtml
|
public function addErrorMessage($fieldName, $message, $messageType) {
|
||||||
*/
|
Deprecation::notice('3.2', 'Throw a ValidationException instead.');
|
||||||
public function addErrorMessage($fieldName, $message, $messageType, $escapeHtml = true)
|
|
||||||
{
|
|
||||||
Session::add_to_array("FormInfo.{$this->FormName()}.errors", array(
|
|
||||||
'fieldName' => $fieldName,
|
|
||||||
'message' => $escapeHtml ? Convert::raw2xml($message) : $message,
|
|
||||||
'messageType' => $messageType,
|
|
||||||
));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
$this->getSessionValidationResult()->addFieldError($fieldName, $message, $messageType);
|
||||||
* @param FormTransformation $trans
|
}
|
||||||
*/
|
|
||||||
|
/**
|
||||||
|
* @param FormTransformation $trans
|
||||||
|
*/
|
||||||
public function transform(FormTransformation $trans)
|
public function transform(FormTransformation $trans)
|
||||||
{
|
{
|
||||||
$newFields = new FieldList();
|
$newFields = new FieldList();
|
||||||
foreach ($this->fields as $field) {
|
foreach($this->fields as $field) {
|
||||||
$newFields->push($field->transform($trans));
|
$newFields->push($field->transform($trans));
|
||||||
}
|
}
|
||||||
$this->fields = $newFields;
|
$this->fields = $newFields;
|
||||||
|
|
||||||
$newActions = new FieldList();
|
$newActions = new FieldList();
|
||||||
foreach ($this->actions as $action) {
|
foreach($this->actions as $action) {
|
||||||
$newActions->push($action->transform($trans));
|
$newActions->push($action->transform($trans));
|
||||||
}
|
}
|
||||||
$this->actions = $newActions;
|
$this->actions = $newActions;
|
||||||
|
|
||||||
|
|
||||||
// We have to remove validation, if the fields are not editable ;-)
|
// We have to remove validation, if the fields are not editable ;-)
|
||||||
if ($this->validator) {
|
if ($this->validator) {
|
||||||
$this->validator->removeValidation();
|
$this->validator->removeValidation();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the {@link Validator} attached to this form.
|
* Get the {@link Validator} attached to this form.
|
||||||
* @return Validator
|
* @return Validator
|
||||||
*/
|
*/
|
||||||
public function getValidator()
|
public function getValidator()
|
||||||
{
|
{
|
||||||
return $this->validator;
|
return $this->validator;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the {@link Validator} on this form.
|
* Set the {@link Validator} on this form.
|
||||||
* @param Validator $validator
|
* @param Validator $validator
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setValidator(Validator $validator)
|
public function setValidator(Validator $validator)
|
||||||
{
|
{
|
||||||
if ($validator) {
|
if($validator) {
|
||||||
$this->validator = $validator;
|
$this->validator = $validator;
|
||||||
$this->validator->setForm($this);
|
$this->validator->setForm($this);
|
||||||
}
|
}
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Remove the {@link Validator} from this from.
|
* Remove the {@link Validator} from this from.
|
||||||
*/
|
*/
|
||||||
public function unsetValidator()
|
public function unsetValidator()
|
||||||
{
|
{
|
||||||
$this->validator = null;
|
$this->validator = null;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set actions that are exempt from validation
|
* Set actions that are exempt from validation
|
||||||
*
|
*
|
||||||
* @param array
|
* @param array
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setValidationExemptActions($actions)
|
public function setValidationExemptActions($actions)
|
||||||
{
|
{
|
||||||
$this->validationExemptActions = $actions;
|
$this->validationExemptActions = $actions;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a list of actions that are exempt from validation
|
* Get a list of actions that are exempt from validation
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getValidationExemptActions()
|
public function getValidationExemptActions()
|
||||||
{
|
{
|
||||||
return $this->validationExemptActions;
|
return $this->validationExemptActions;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Passed a FormAction, returns true if that action is exempt from Form validation
|
* Passed a FormAction, returns true if that action is exempt from Form validation
|
||||||
*
|
*
|
||||||
* @param FormAction $action
|
* @param FormAction $action
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function actionIsValidationExempt($action)
|
public function actionIsValidationExempt($action)
|
||||||
{
|
{
|
||||||
if ($action->getValidationExempt()) {
|
if ($action->getValidationExempt()) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
if (in_array($action->actionName(), $this->getValidationExemptActions())) {
|
if (in_array($action->actionName(), $this->getValidationExemptActions())) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generate extra special fields - namely the security token field (if required).
|
* Generate extra special fields - namely the security token field (if required).
|
||||||
*
|
*
|
||||||
* @return FieldList
|
* @return FieldList
|
||||||
*/
|
*/
|
||||||
public function getExtraFields()
|
public function getExtraFields()
|
||||||
{
|
{
|
||||||
$extraFields = new FieldList();
|
$extraFields = new FieldList();
|
||||||
|
|
||||||
$token = $this->getSecurityToken();
|
$token = $this->getSecurityToken();
|
||||||
if ($token) {
|
if ($token) {
|
||||||
$tokenField = $token->updateFieldSet($this->fields);
|
$tokenField = $token->updateFieldSet($this->fields);
|
||||||
if ($tokenField) {
|
if ($tokenField) {
|
||||||
$tokenField->setForm($this);
|
$tokenField->setForm($this);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$this->securityTokenAdded = true;
|
$this->securityTokenAdded = true;
|
||||||
|
|
||||||
// add the "real" HTTP method if necessary (for PUT, DELETE and HEAD)
|
// add the "real" HTTP method if necessary (for PUT, DELETE and HEAD)
|
||||||
if (strtoupper($this->FormMethod()) != $this->FormHttpMethod()) {
|
if (strtoupper($this->FormMethod()) != $this->FormHttpMethod()) {
|
||||||
$methodField = new HiddenField('_method', '', $this->FormHttpMethod());
|
$methodField = new HiddenField('_method', '', $this->FormHttpMethod());
|
||||||
$methodField->setForm($this);
|
$methodField->setForm($this);
|
||||||
$extraFields->push($methodField);
|
$extraFields->push($methodField);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $extraFields;
|
return $extraFields;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the form's fields - used by the templates
|
* Return the form's fields - used by the templates
|
||||||
*
|
*
|
||||||
* @return FieldList The form fields
|
* @return FieldList The form fields
|
||||||
*/
|
*/
|
||||||
public function Fields()
|
public function Fields()
|
||||||
{
|
{
|
||||||
foreach ($this->getExtraFields() as $field) {
|
foreach($this->getExtraFields() as $field) {
|
||||||
if (!$this->fields->fieldByName($field->getName())) {
|
if (!$this->fields->fieldByName($field->getName())) {
|
||||||
$this->fields->push($field);
|
$this->fields->push($field);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->fields;
|
return $this->fields;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return all <input type="hidden"> fields
|
* Return all <input type="hidden"> fields
|
||||||
* in a form - including fields nested in {@link CompositeFields}.
|
* in a form - including fields nested in {@link CompositeFields}.
|
||||||
* Useful when doing custom field layouts.
|
* Useful when doing custom field layouts.
|
||||||
*
|
*
|
||||||
* @return FieldList
|
* @return FieldList
|
||||||
*/
|
*/
|
||||||
public function HiddenFields()
|
public function HiddenFields()
|
||||||
{
|
{
|
||||||
return $this->Fields()->HiddenFields();
|
return $this->Fields()->HiddenFields();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return all fields except for the hidden fields.
|
* Return all fields except for the hidden fields.
|
||||||
* Useful when making your own simplified form layouts.
|
* Useful when making your own simplified form layouts.
|
||||||
*/
|
*/
|
||||||
public function VisibleFields()
|
public function VisibleFields()
|
||||||
{
|
{
|
||||||
return $this->Fields()->VisibleFields();
|
return $this->Fields()->VisibleFields();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Setter for the form fields.
|
* Setter for the form fields.
|
||||||
*
|
*
|
||||||
* @param FieldList $fields
|
* @param FieldList $fields
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setFields($fields)
|
public function setFields($fields)
|
||||||
{
|
{
|
||||||
$this->fields = $fields;
|
$this->fields = $fields;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the form's action buttons - used by the templates
|
* Return the form's action buttons - used by the templates
|
||||||
*
|
*
|
||||||
* @return FieldList The action list
|
* @return FieldList The action list
|
||||||
*/
|
*/
|
||||||
public function Actions()
|
public function Actions()
|
||||||
{
|
{
|
||||||
return $this->actions;
|
return $this->actions;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Setter for the form actions.
|
* Setter for the form actions.
|
||||||
*
|
*
|
||||||
* @param FieldList $actions
|
* @param FieldList $actions
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setActions($actions)
|
public function setActions($actions)
|
||||||
{
|
{
|
||||||
$this->actions = $actions;
|
$this->actions = $actions;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Unset all form actions
|
* Unset all form actions
|
||||||
*/
|
*/
|
||||||
public function unsetAllActions()
|
public function unsetAllActions()
|
||||||
{
|
{
|
||||||
$this->actions = new FieldList();
|
$this->actions = new FieldList();
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param string $name
|
* @param string $name
|
||||||
* @param string $value
|
* @param string $value
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setAttribute($name, $value)
|
public function setAttribute($name, $value)
|
||||||
{
|
{
|
||||||
$this->attributes[$name] = $value;
|
$this->attributes[$name] = $value;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param string $name
|
* @param string $name
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getAttribute($name)
|
public function getAttribute($name)
|
||||||
{
|
{
|
||||||
if (isset($this->attributes[$name])) {
|
if(isset($this->attributes[$name])) {
|
||||||
return $this->attributes[$name];
|
return $this->attributes[$name];
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getAttributes()
|
public function getAttributes()
|
||||||
{
|
{
|
||||||
$attrs = array(
|
$attrs = array(
|
||||||
'id' => $this->FormName(),
|
'id' => $this->FormName(),
|
||||||
'action' => $this->FormAction(),
|
'action' => $this->FormAction(),
|
||||||
'method' => $this->FormMethod(),
|
'method' => $this->FormMethod(),
|
||||||
'enctype' => $this->getEncType(),
|
'enctype' => $this->getEncType(),
|
||||||
'target' => $this->target,
|
'target' => $this->target,
|
||||||
'class' => $this->extraClass(),
|
'class' => $this->extraClass(),
|
||||||
);
|
);
|
||||||
|
|
||||||
if ($this->validator && $this->validator->getErrors()) {
|
if($this->validator && $this->validator->getErrors()) {
|
||||||
if (!isset($attrs['class'])) {
|
if (!isset($attrs['class'])) {
|
||||||
$attrs['class'] = '';
|
$attrs['class'] = '';
|
||||||
}
|
}
|
||||||
$attrs['class'] .= ' validationerror';
|
$attrs['class'] .= ' validationerror';
|
||||||
}
|
}
|
||||||
|
|
||||||
$attrs = array_merge($attrs, $this->attributes);
|
$attrs = array_merge($attrs, $this->attributes);
|
||||||
|
|
||||||
return $attrs;
|
return $attrs;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the attributes of the form tag - used by the templates.
|
* Return the attributes of the form tag - used by the templates.
|
||||||
*
|
*
|
||||||
* @param array $attrs Custom attributes to process. Falls back to {@link getAttributes()}.
|
* @param array $attrs Custom attributes to process. Falls back to {@link getAttributes()}.
|
||||||
* If at least one argument is passed as a string, all arguments act as excludes by name.
|
* If at least one argument is passed as a string, all arguments act as excludes by name.
|
||||||
*
|
*
|
||||||
* @return string HTML attributes, ready for insertion into an HTML tag
|
* @return string HTML attributes, ready for insertion into an HTML tag
|
||||||
*/
|
*/
|
||||||
public function getAttributesHTML($attrs = null)
|
public function getAttributesHTML($attrs = null)
|
||||||
{
|
{
|
||||||
$exclude = (is_string($attrs)) ? func_get_args() : null;
|
$exclude = (is_string($attrs)) ? func_get_args() : null;
|
||||||
|
|
||||||
// Figure out if we can cache this form
|
// Figure out if we can cache this form
|
||||||
// - forms with validation shouldn't be cached, cos their error messages won't be shown
|
// - forms with validation shouldn't be cached, cos their error messages won't be shown
|
||||||
// - forms with security tokens shouldn't be cached because security tokens expire
|
// - forms with security tokens shouldn't be cached because security tokens expire
|
||||||
$needsCacheDisabled = false;
|
$needsCacheDisabled = false;
|
||||||
if ($this->getSecurityToken()->isEnabled()) {
|
if ($this->getSecurityToken()->isEnabled()) {
|
||||||
$needsCacheDisabled = true;
|
$needsCacheDisabled = true;
|
||||||
}
|
}
|
||||||
if ($this->FormMethod() != 'GET') {
|
if ($this->FormMethod() != 'GET') {
|
||||||
$needsCacheDisabled = true;
|
$needsCacheDisabled = true;
|
||||||
}
|
}
|
||||||
if (!($this->validator instanceof RequiredFields) || count($this->validator->getRequired())) {
|
if (!($this->validator instanceof RequiredFields) || count($this->validator->getRequired())) {
|
||||||
$needsCacheDisabled = true;
|
$needsCacheDisabled = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// If we need to disable cache, do it
|
// If we need to disable cache, do it
|
||||||
if ($needsCacheDisabled) {
|
if ($needsCacheDisabled) {
|
||||||
HTTP::set_cache_age(0);
|
HTTP::set_cache_age(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
$attrs = $this->getAttributes();
|
$attrs = $this->getAttributes();
|
||||||
|
|
||||||
// Remove empty
|
// Remove empty
|
||||||
$attrs = array_filter((array)$attrs, create_function('$v', 'return ($v || $v === 0);'));
|
$attrs = array_filter((array)$attrs, create_function('$v', 'return ($v || $v === 0);'));
|
||||||
|
|
||||||
// Remove excluded
|
// Remove excluded
|
||||||
if ($exclude) {
|
if ($exclude) {
|
||||||
$attrs = array_diff_key($attrs, array_flip($exclude));
|
$attrs = array_diff_key($attrs, array_flip($exclude));
|
||||||
}
|
}
|
||||||
|
|
||||||
// Prepare HTML-friendly 'method' attribute (lower-case)
|
// Prepare HTML-friendly 'method' attribute (lower-case)
|
||||||
if (isset($attrs['method'])) {
|
if (isset($attrs['method'])) {
|
||||||
$attrs['method'] = strtolower($attrs['method']);
|
$attrs['method'] = strtolower($attrs['method']);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create markup
|
// Create markup
|
||||||
$parts = array();
|
$parts = array();
|
||||||
foreach ($attrs as $name => $value) {
|
foreach($attrs as $name => $value) {
|
||||||
$parts[] = ($value === true) ? "{$name}=\"{$name}\"" : "{$name}=\"" . Convert::raw2att($value) . "\"";
|
$parts[] = ($value === true) ? "{$name}=\"{$name}\"" : "{$name}=\"" . Convert::raw2att($value) . "\"";
|
||||||
}
|
}
|
||||||
|
|
||||||
return implode(' ', $parts);
|
return implode(' ', $parts);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function FormAttributes()
|
public function FormAttributes()
|
||||||
{
|
{
|
||||||
return $this->getAttributesHTML();
|
return $this->getAttributesHTML();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the target of this form to any value - useful for opening the form contents in a new window or refreshing
|
* Set the target of this form to any value - useful for opening the form contents in a new window or refreshing
|
||||||
* another frame
|
* another frame
|
||||||
*
|
*
|
||||||
* @param string|FormTemplateHelper
|
* @param string|FormTemplateHelper
|
||||||
*/
|
*/
|
||||||
public function setTemplateHelper($helper)
|
public function setTemplateHelper($helper)
|
||||||
{
|
{
|
||||||
$this->templateHelper = $helper;
|
$this->templateHelper = $helper;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a {@link FormTemplateHelper} for this form. If one has not been
|
* Return a {@link FormTemplateHelper} for this form. If one has not been
|
||||||
* set, return the default helper.
|
* set, return the default helper.
|
||||||
*
|
*
|
||||||
* @return FormTemplateHelper
|
* @return FormTemplateHelper
|
||||||
*/
|
*/
|
||||||
public function getTemplateHelper()
|
public function getTemplateHelper()
|
||||||
{
|
{
|
||||||
if ($this->templateHelper) {
|
if($this->templateHelper) {
|
||||||
if (is_string($this->templateHelper)) {
|
if(is_string($this->templateHelper)) {
|
||||||
return Injector::inst()->get($this->templateHelper);
|
return Injector::inst()->get($this->templateHelper);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->templateHelper;
|
return $this->templateHelper;
|
||||||
}
|
}
|
||||||
|
|
||||||
return FormTemplateHelper::singleton();
|
return FormTemplateHelper::singleton();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the target of this form to any value - useful for opening the form
|
* Set the target of this form to any value - useful for opening the form
|
||||||
* contents in a new window or refreshing another frame.
|
* contents in a new window or refreshing another frame.
|
||||||
*
|
*
|
||||||
* @param string $target The value of the target
|
* @param string $target The value of the target
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setTarget($target)
|
public function setTarget($target)
|
||||||
{
|
{
|
||||||
$this->target = $target;
|
$this->target = $target;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the legend value to be inserted into
|
* Set the legend value to be inserted into
|
||||||
* the <legend> element in the Form.ss template.
|
* the <legend> element in the Form.ss template.
|
||||||
* @param string $legend
|
* @param string $legend
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setLegend($legend)
|
public function setLegend($legend)
|
||||||
{
|
{
|
||||||
$this->legend = $legend;
|
$this->legend = $legend;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the SS template that this form should use
|
* Set the SS template that this form should use
|
||||||
* to render with. The default is "Form".
|
* to render with. The default is "Form".
|
||||||
*
|
*
|
||||||
* @param string $template The name of the template (without the .ss extension)
|
* @param string $template The name of the template (without the .ss extension)
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setTemplate($template)
|
public function setTemplate($template)
|
||||||
{
|
{
|
||||||
$this->template = $template;
|
$this->template = $template;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the template to render this form with.
|
* Return the template to render this form with.
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getTemplate()
|
public function getTemplate()
|
||||||
{
|
{
|
||||||
return $this->template;
|
return $this->template;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returs the ordered list of preferred templates for rendering this form
|
* Returs the ordered list of preferred templates for rendering this form
|
||||||
* If the template isn't set, then default to the
|
* If the template isn't set, then default to the
|
||||||
* form class name e.g "Form".
|
* form class name e.g "Form".
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getTemplates()
|
public function getTemplates()
|
||||||
{
|
{
|
||||||
$templates = SSViewer::get_templates_by_class(get_class($this), '', __CLASS__);
|
$templates = SSViewer::get_templates_by_class(get_class($this), '', __CLASS__);
|
||||||
// Prefer any custom template
|
// Prefer any custom template
|
||||||
if ($this->getTemplate()) {
|
if($this->getTemplate()) {
|
||||||
array_unshift($templates, $this->getTemplate());
|
array_unshift($templates, $this->getTemplate());
|
||||||
}
|
}
|
||||||
return $templates;
|
return $templates;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the encoding type for the form.
|
* Returns the encoding type for the form.
|
||||||
*
|
*
|
||||||
* By default this will be URL encoded, unless there is a file field present
|
* By default this will be URL encoded, unless there is a file field present
|
||||||
* in which case multipart is used. You can also set the enc type using
|
* in which case multipart is used. You can also set the enc type using
|
||||||
* {@link setEncType}.
|
* {@link setEncType}.
|
||||||
*/
|
*/
|
||||||
public function getEncType()
|
public function getEncType()
|
||||||
{
|
{
|
||||||
if ($this->encType) {
|
if ($this->encType) {
|
||||||
return $this->encType;
|
return $this->encType;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($fields = $this->fields->dataFields()) {
|
if ($fields = $this->fields->dataFields()) {
|
||||||
foreach ($fields as $field) {
|
foreach ($fields as $field) {
|
||||||
if ($field instanceof FileField) {
|
if ($field instanceof FileField) {
|
||||||
return self::ENC_TYPE_MULTIPART;
|
return self::ENC_TYPE_MULTIPART;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return self::ENC_TYPE_URLENCODED;
|
return self::ENC_TYPE_URLENCODED;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the form encoding type. The most common encoding types are defined
|
* Sets the form encoding type. The most common encoding types are defined
|
||||||
* in {@link ENC_TYPE_URLENCODED} and {@link ENC_TYPE_MULTIPART}.
|
* in {@link ENC_TYPE_URLENCODED} and {@link ENC_TYPE_MULTIPART}.
|
||||||
*
|
*
|
||||||
* @param string $encType
|
* @param string $encType
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setEncType($encType)
|
public function setEncType($encType)
|
||||||
{
|
{
|
||||||
$this->encType = $encType;
|
$this->encType = $encType;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the real HTTP method for the form:
|
* Returns the real HTTP method for the form:
|
||||||
* GET, POST, PUT, DELETE or HEAD.
|
* GET, POST, PUT, DELETE or HEAD.
|
||||||
* As most browsers only support GET and POST in
|
* As most browsers only support GET and POST in
|
||||||
* form submissions, all other HTTP methods are
|
* form submissions, all other HTTP methods are
|
||||||
* added as a hidden field "_method" that
|
* added as a hidden field "_method" that
|
||||||
* gets evaluated in {@link Director::direct()}.
|
* gets evaluated in {@link Director::direct()}.
|
||||||
* See {@link FormMethod()} to get a HTTP method
|
* See {@link FormMethod()} to get a HTTP method
|
||||||
* for safe insertion into a <form> tag.
|
* for safe insertion into a <form> tag.
|
||||||
*
|
*
|
||||||
* @return string HTTP method
|
* @return string HTTP method
|
||||||
*/
|
*/
|
||||||
public function FormHttpMethod()
|
public function FormHttpMethod()
|
||||||
{
|
{
|
||||||
return $this->formMethod;
|
return $this->formMethod;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the form method to be used in the <form> tag.
|
* Returns the form method to be used in the <form> tag.
|
||||||
* See {@link FormHttpMethod()} to get the "real" method.
|
* See {@link FormHttpMethod()} to get the "real" method.
|
||||||
*
|
*
|
||||||
* @return string Form HTTP method restricted to 'GET' or 'POST'
|
* @return string Form HTTP method restricted to 'GET' or 'POST'
|
||||||
*/
|
*/
|
||||||
public function FormMethod()
|
public function FormMethod()
|
||||||
{
|
{
|
||||||
if (in_array($this->formMethod, array('GET','POST'))) {
|
if(in_array($this->formMethod,array('GET','POST'))) {
|
||||||
return $this->formMethod;
|
return $this->formMethod;
|
||||||
} else {
|
} else {
|
||||||
return 'POST';
|
return 'POST';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the form method: GET, POST, PUT, DELETE.
|
* Set the form method: GET, POST, PUT, DELETE.
|
||||||
*
|
*
|
||||||
* @param string $method
|
* @param string $method
|
||||||
* @param bool $strict If non-null, pass value to {@link setStrictFormMethodCheck()}.
|
* @param bool $strict If non-null, pass value to {@link setStrictFormMethodCheck()}.
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setFormMethod($method, $strict = null)
|
public function setFormMethod($method, $strict = null)
|
||||||
{
|
{
|
||||||
$this->formMethod = strtoupper($method);
|
$this->formMethod = strtoupper($method);
|
||||||
if ($strict !== null) {
|
if ($strict !== null) {
|
||||||
$this->setStrictFormMethodCheck($strict);
|
$this->setStrictFormMethodCheck($strict);
|
||||||
}
|
}
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If set to true, enforce the matching of the form method.
|
* If set to true, enforce the matching of the form method.
|
||||||
*
|
*
|
||||||
* This will mean two things:
|
* This will mean two things:
|
||||||
* - GET vars will be ignored by a POST form, and vice versa
|
* - GET vars will be ignored by a POST form, and vice versa
|
||||||
* - A submission where the HTTP method used doesn't match the form will return a 400 error.
|
* - A submission where the HTTP method used doesn't match the form will return a 400 error.
|
||||||
*
|
*
|
||||||
* If set to false (the default), then the form method is only used to construct the default
|
* If set to false (the default), then the form method is only used to construct the default
|
||||||
* form.
|
* form.
|
||||||
*
|
*
|
||||||
* @param $bool boolean
|
* @param $bool boolean
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setStrictFormMethodCheck($bool)
|
public function setStrictFormMethodCheck($bool)
|
||||||
{
|
{
|
||||||
$this->strictFormMethodCheck = (bool)$bool;
|
$this->strictFormMethodCheck = (bool)$bool;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function getStrictFormMethodCheck()
|
public function getStrictFormMethodCheck()
|
||||||
{
|
{
|
||||||
return $this->strictFormMethodCheck;
|
return $this->strictFormMethodCheck;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the form's action attribute.
|
* Return the form's action attribute.
|
||||||
* This is build by adding an executeForm get variable to the parent controller's Link() value
|
* This is build by adding an executeForm get variable to the parent controller's Link() value
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function FormAction()
|
public function FormAction()
|
||||||
{
|
{
|
||||||
if ($this->formActionPath) {
|
if ($this->formActionPath) {
|
||||||
return $this->formActionPath;
|
return $this->formActionPath;
|
||||||
} elseif ($this->controller->hasMethod("FormObjectLink")) {
|
} elseif($this->controller->hasMethod("FormObjectLink")) {
|
||||||
return $this->controller->FormObjectLink($this->name);
|
return $this->controller->FormObjectLink($this->name);
|
||||||
} else {
|
} else {
|
||||||
return Controller::join_links($this->controller->Link(), $this->name);
|
return Controller::join_links($this->controller->Link(), $this->name);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the form action attribute to a custom URL.
|
* Set the form action attribute to a custom URL.
|
||||||
*
|
*
|
||||||
* Note: For "normal" forms, you shouldn't need to use this method. It is
|
* Note: For "normal" forms, you shouldn't need to use this method. It is
|
||||||
* recommended only for situations where you have two relatively distinct
|
* recommended only for situations where you have two relatively distinct
|
||||||
* parts of the system trying to communicate via a form post.
|
* parts of the system trying to communicate via a form post.
|
||||||
*
|
*
|
||||||
* @param string $path
|
* @param string $path
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setFormAction($path)
|
public function setFormAction($path)
|
||||||
{
|
{
|
||||||
$this->formActionPath = $path;
|
$this->formActionPath = $path;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the name of the form.
|
* Returns the name of the form.
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function FormName()
|
public function FormName()
|
||||||
{
|
{
|
||||||
return $this->getTemplateHelper()->generateFormID($this);
|
return $this->getTemplateHelper()->generateFormID($this);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the HTML ID attribute of the form.
|
* Set the HTML ID attribute of the form.
|
||||||
*
|
*
|
||||||
* @param string $id
|
* @param string $id
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setHTMLID($id)
|
public function setHTMLID($id)
|
||||||
{
|
{
|
||||||
$this->htmlID = $id;
|
$this->htmlID = $id;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getHTMLID()
|
public function getHTMLID()
|
||||||
{
|
{
|
||||||
return $this->htmlID;
|
return $this->htmlID;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the controller.
|
* Get the controller.
|
||||||
*
|
*
|
||||||
* @return Controller
|
* @return Controller
|
||||||
*/
|
*/
|
||||||
public function getController()
|
public function getController()
|
||||||
{
|
{
|
||||||
return $this->controller;
|
return $this->controller;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the controller.
|
* Set the controller.
|
||||||
*
|
*
|
||||||
* @param Controller $controller
|
* @param Controller $controller
|
||||||
* @return Form
|
* @return Form
|
||||||
*/
|
*/
|
||||||
public function setController($controller)
|
public function setController($controller)
|
||||||
{
|
{
|
||||||
$this->controller = $controller;
|
$this->controller = $controller;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the name of the form.
|
* Get the name of the form.
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getName()
|
public function getName()
|
||||||
{
|
{
|
||||||
return $this->name;
|
return $this->name;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the name of the form.
|
* Set the name of the form.
|
||||||
*
|
*
|
||||||
* @param string $name
|
* @param string $name
|
||||||
* @return Form
|
* @return Form
|
||||||
*/
|
*/
|
||||||
public function setName($name)
|
public function setName($name)
|
||||||
{
|
{
|
||||||
$this->name = $name;
|
$this->name = $name;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns an object where there is a method with the same name as each data
|
* Returns an object where there is a method with the same name as each data
|
||||||
* field on the form.
|
* field on the form.
|
||||||
*
|
*
|
||||||
* That method will return the field itself.
|
* That method will return the field itself.
|
||||||
*
|
*
|
||||||
* It means that you can execute $firstName = $form->FieldMap()->FirstName()
|
* It means that you can execute $firstName = $form->FieldMap()->FirstName()
|
||||||
*/
|
*/
|
||||||
public function FieldMap()
|
public function FieldMap()
|
||||||
{
|
{
|
||||||
return new Form_FieldMap($this);
|
return new Form_FieldMap($this);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The next functions store and modify the forms
|
* The next functions store and modify the forms
|
||||||
* message attributes. messages are stored in session under
|
* message attributes. messages are stored in session under
|
||||||
* $_SESSION[formname][message];
|
* $_SESSION[formname][message];
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function Message()
|
public function Message() {
|
||||||
{
|
return $this->message;
|
||||||
$this->getMessageFromSession();
|
}
|
||||||
|
|
||||||
return $this->message;
|
/**
|
||||||
}
|
* @return string
|
||||||
|
*/
|
||||||
|
public function MessageType() {
|
||||||
|
return $this->messageType;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return string
|
* Set a status message for the form.
|
||||||
*/
|
*
|
||||||
public function MessageType()
|
* @param string $message the text of the message
|
||||||
{
|
* @param string $type Should be set to good, bad, or warning.
|
||||||
$this->getMessageFromSession();
|
* @param boolean $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
||||||
|
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
||||||
return $this->messageType;
|
* user supplied data in the message.
|
||||||
}
|
* @return $this
|
||||||
|
*/
|
||||||
/**
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
protected function getMessageFromSession()
|
|
||||||
{
|
|
||||||
if ($this->message || $this->messageType) {
|
|
||||||
return $this->message;
|
|
||||||
} else {
|
|
||||||
$this->message = Session::get("FormInfo.{$this->FormName()}.formError.message");
|
|
||||||
$this->messageType = Session::get("FormInfo.{$this->FormName()}.formError.type");
|
|
||||||
|
|
||||||
return $this->message;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Set a status message for the form.
|
|
||||||
*
|
|
||||||
* @param string $message the text of the message
|
|
||||||
* @param string $type Should be set to good, bad, or warning.
|
|
||||||
* @param boolean $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
|
||||||
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
|
||||||
* user supplied data in the message.
|
|
||||||
* @return $this
|
|
||||||
*/
|
|
||||||
public function setMessage($message, $type, $escapeHtml = true)
|
public function setMessage($message, $type, $escapeHtml = true)
|
||||||
{
|
{
|
||||||
$this->message = ($escapeHtml) ? Convert::raw2xml($message) : $message;
|
$this->message = ($escapeHtml) ? Convert::raw2xml($message) : $message;
|
||||||
$this->messageType = $type;
|
$this->messageType = $type;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set a message to the session, for display next time this form is shown.
|
* Set a message to the session, for display next time this form is shown.
|
||||||
*
|
*
|
||||||
* @param string $message the text of the message
|
* @param string $message the text of the message
|
||||||
* @param string $type Should be set to good, bad, or warning.
|
* @param string $type Should be set to good, bad, or warning.
|
||||||
* @param boolean $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
* @param boolean $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
||||||
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
||||||
* user supplied data in the message.
|
* user supplied data in the message.
|
||||||
*/
|
*/
|
||||||
public function sessionMessage($message, $type, $escapeHtml = true)
|
public function sessionMessage($message, $type, $escapeHtml = true)
|
||||||
{
|
{
|
||||||
Session::set(
|
// Benign message
|
||||||
"FormInfo.{$this->FormName()}.formError.message",
|
if($type == "good") {
|
||||||
$escapeHtml ? Convert::raw2xml($message) : $message
|
$this->getSessionValidationResult()->addMessage($message, $type, null, $escapeHtml);
|
||||||
);
|
|
||||||
Session::set("FormInfo.{$this->FormName()}.formError.type", $type);
|
|
||||||
}
|
|
||||||
|
|
||||||
public static function messageForForm($formName, $message, $type, $escapeHtml = true)
|
// Bad message causing a validation error
|
||||||
{
|
} else {
|
||||||
Session::set(
|
$this->getSessionValidationResult()->addError($message, $type, null, $escapeHtml
|
||||||
"FormInfo.{$formName}.formError.message",
|
);
|
||||||
$escapeHtml ? Convert::raw2xml($message) : $message
|
}
|
||||||
);
|
}
|
||||||
Session::set("FormInfo.{$formName}.formError.type", $type);
|
|
||||||
}
|
/**
|
||||||
|
* @deprecated 3.1
|
||||||
|
*/
|
||||||
|
public static function messageForForm($formName, $message, $type) {
|
||||||
|
Deprecation::notice('3.1', 'Create an instance of the form you wish to attach a message to.');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the ValidationResult stored in the session.
|
||||||
|
* You can use this to modify messages without throwing a ValidationException.
|
||||||
|
* If a ValidationResult doesn't yet exist, a new one will be created
|
||||||
|
*
|
||||||
|
* @return ValidationResult The ValidationResult object stored in the session
|
||||||
|
*/
|
||||||
|
public function getSessionValidationResult() {
|
||||||
|
$result = Session::get("FormInfo.{$this->FormName()}.result");
|
||||||
|
|
||||||
|
if(!$result || !($result instanceof ValidationResult)) {
|
||||||
|
$result = new ValidationResult;
|
||||||
|
Session::set("FormInfo.{$this->FormName()}.result", $result);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the ValidationResult in the session to be used with the next view of this form.
|
||||||
|
* @param ValidationResult $result The result to save
|
||||||
|
* @param boolean $combineWithExisting If true, then this will be added to the existing result.
|
||||||
|
*/
|
||||||
|
public function setSessionValidationResult(ValidationResult $result, $combineWithExisting = false) {
|
||||||
|
if($combineWithExisting) {
|
||||||
|
$existingResult = $this->getSessionValidationResult();
|
||||||
|
$existingResult->combineAnd($result);
|
||||||
|
|
||||||
|
} else {
|
||||||
|
Session::set("FormInfo.{$this->FormName()}.result", $result);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public function clearMessage()
|
public function clearMessage()
|
||||||
{
|
{
|
||||||
$this->message = null;
|
$this->message = null;
|
||||||
Session::clear("FormInfo.{$this->FormName()}.errors");
|
Session::clear("FormInfo.{$this->FormName()}.result");
|
||||||
Session::clear("FormInfo.{$this->FormName()}.formError");
|
Session::clear("FormInfo.{$this->FormName()}.data");
|
||||||
Session::clear("FormInfo.{$this->FormName()}.data");
|
}
|
||||||
}
|
|
||||||
|
|
||||||
public function resetValidation()
|
public function resetValidation() {
|
||||||
{
|
Session::clear("FormInfo.{$this->FormName()}.data");
|
||||||
Session::clear("FormInfo.{$this->FormName()}.errors");
|
Session::clear("FormInfo.{$this->FormName()}.result");
|
||||||
Session::clear("FormInfo.{$this->FormName()}.data");
|
}
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the DataObject that has given this form its data
|
* Returns the DataObject that has given this form its data
|
||||||
* through {@link loadDataFrom()}.
|
* through {@link loadDataFrom()}.
|
||||||
*
|
*
|
||||||
* @return DataObject
|
* @return DataObject
|
||||||
*/
|
*/
|
||||||
public function getRecord()
|
public function getRecord()
|
||||||
{
|
{
|
||||||
return $this->record;
|
return $this->record;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the legend value to be inserted into the
|
* Get the legend value to be inserted into the
|
||||||
* <legend> element in Form.ss
|
* <legend> element in Form.ss
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getLegend()
|
public function getLegend()
|
||||||
{
|
{
|
||||||
return $this->legend;
|
return $this->legend;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Processing that occurs before a form is executed.
|
* Processing that occurs before a form is executed.
|
||||||
*
|
*
|
||||||
* This includes form validation, if it fails, we redirect back
|
* This includes form validation, if it fails, we throw a ValidationException
|
||||||
* to the form with appropriate error messages.
|
*
|
||||||
* Always return true if the current form action is exempt from validation
|
* This includes form validation, if it fails, we redirect back
|
||||||
*
|
* to the form with appropriate error messages.
|
||||||
* Triggered through {@link httpSubmission()}.
|
* Always return true if the current form action is exempt from validation
|
||||||
*
|
*
|
||||||
* Note that CSRF protection takes place in {@link httpSubmission()},
|
* Triggered through {@link httpSubmission()}.
|
||||||
* if it fails the form data will never reach this method.
|
*
|
||||||
*
|
*
|
||||||
* @return boolean
|
* Note that CSRF protection takes place in {@link httpSubmission()},
|
||||||
*/
|
* if it fails the form data will never reach this method.
|
||||||
public function validate()
|
*
|
||||||
{
|
* @return boolean
|
||||||
$action = $this->buttonClicked();
|
*/
|
||||||
if ($action && $this->actionIsValidationExempt($action)) {
|
public function validate(){
|
||||||
return true;
|
$result = $this->validationResult();
|
||||||
}
|
|
||||||
|
|
||||||
if ($this->validator) {
|
// Valid
|
||||||
$errors = $this->validator->validate();
|
if($result->valid()) {
|
||||||
|
return true;
|
||||||
|
|
||||||
if ($errors) {
|
// Invalid
|
||||||
// Load errors into session and post back
|
} else {
|
||||||
$data = $this->getData();
|
$this->saveFormErrorsToSession($result, $this->getData());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Encode validation messages as XML before saving into session state
|
/**
|
||||||
// As per Form::addErrorMessage()
|
* Experimental method - return a ValidationResult for the validator
|
||||||
$errors = array_map(function ($error) {
|
* @return [type] [description]
|
||||||
// Encode message as XML by default
|
*/
|
||||||
if ($error['message'] instanceof DBField) {
|
private function validationResult() {
|
||||||
$error['message'] = $error['message']->forTemplate();
|
// Start with a "valid" validation result
|
||||||
;
|
$result = ValidationResult::create();
|
||||||
} else {
|
|
||||||
$error['message'] = Convert::raw2xml($error['message']);
|
|
||||||
}
|
|
||||||
return $error;
|
|
||||||
}, $errors);
|
|
||||||
|
|
||||||
Session::set("FormInfo.{$this->FormName()}.errors", $errors);
|
// Opportunity to invalidate via validator
|
||||||
Session::set("FormInfo.{$this->FormName()}.data", $data);
|
$action = $this->buttonClicked();
|
||||||
|
if($action && $this->actionIsValidationExempt($action)) {
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
return false;
|
if($this->validator){
|
||||||
}
|
$errors = $this->validator->validate();
|
||||||
}
|
|
||||||
|
|
||||||
return true;
|
// Convert the old-style Validator result into a ValidationResult
|
||||||
}
|
if($errors){
|
||||||
|
foreach($errors as $error) {
|
||||||
|
$result->addFieldError($error['fieldName'], $error['message'], $error['messageType']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const MERGE_DEFAULT = 0;
|
return $result;
|
||||||
const MERGE_CLEAR_MISSING = 1;
|
}
|
||||||
const MERGE_IGNORE_FALSEISH = 2;
|
|
||||||
|
|
||||||
/**
|
const MERGE_DEFAULT = 0;
|
||||||
* Load data from the given DataObject or array.
|
const MERGE_CLEAR_MISSING = 1;
|
||||||
*
|
const MERGE_IGNORE_FALSEISH = 2;
|
||||||
* It will call $object->MyField to get the value of MyField.
|
|
||||||
* If you passed an array, it will call $object[MyField].
|
/**
|
||||||
* Doesn't save into dataless FormFields ({@link DatalessField}),
|
* Load data from the given DataObject or array.
|
||||||
* as determined by {@link FieldList->dataFields()}.
|
*
|
||||||
*
|
* It will call $object->MyField to get the value of MyField.
|
||||||
* By default, if a field isn't set (as determined by isset()),
|
* If you passed an array, it will call $object[MyField].
|
||||||
* its value will not be saved to the field, retaining
|
* Doesn't save into dataless FormFields ({@link DatalessField}),
|
||||||
* potential existing values.
|
* as determined by {@link FieldList->dataFields()}.
|
||||||
*
|
*
|
||||||
* Passed data should not be escaped, and is saved to the FormField instances unescaped.
|
* By default, if a field isn't set (as determined by isset()),
|
||||||
* Escaping happens automatically on saving the data through {@link saveInto()}.
|
* its value will not be saved to the field, retaining
|
||||||
*
|
* potential existing values.
|
||||||
* Escaping happens automatically on saving the data through
|
*
|
||||||
* {@link saveInto()}.
|
* Passed data should not be escaped, and is saved to the FormField instances unescaped.
|
||||||
*
|
* Escaping happens automatically on saving the data through {@link saveInto()}.
|
||||||
* @uses FieldList->dataFields()
|
*
|
||||||
* @uses FormField->setValue()
|
* Escaping happens automatically on saving the data through
|
||||||
*
|
* {@link saveInto()}.
|
||||||
* @param array|DataObject $data
|
*
|
||||||
* @param int $mergeStrategy
|
* @uses FieldList->dataFields()
|
||||||
* For every field, {@link $data} is interrogated whether it contains a relevant property/key, and
|
* @uses FormField->setValue()
|
||||||
* what that property/key's value is.
|
*
|
||||||
*
|
* @param array|DataObject $data
|
||||||
* By default, if {@link $data} does contain a property/key, the fields value is always replaced by {@link $data}'s
|
* @param int $mergeStrategy
|
||||||
* value, even if that value is null/false/etc. Fields which don't match any property/key in {@link $data} are
|
* For every field, {@link $data} is interrogated whether it contains a relevant property/key, and
|
||||||
* "left alone", meaning they retain any previous value.
|
* what that property/key's value is.
|
||||||
*
|
*
|
||||||
* You can pass a bitmask here to change this behaviour.
|
* By default, if {@link $data} does contain a property/key, the fields value is always replaced by {@link $data}'s
|
||||||
*
|
* value, even if that value is null/false/etc. Fields which don't match any property/key in {@link $data} are
|
||||||
* Passing CLEAR_MISSING means that any fields that don't match any property/key in
|
* "left alone", meaning they retain any previous value.
|
||||||
* {@link $data} are cleared.
|
*
|
||||||
*
|
* You can pass a bitmask here to change this behaviour.
|
||||||
* Passing IGNORE_FALSEISH means that any false-ish value in {@link $data} won't replace
|
*
|
||||||
* a field's value.
|
* Passing CLEAR_MISSING means that any fields that don't match any property/key in
|
||||||
*
|
* {@link $data} are cleared.
|
||||||
* For backwards compatibility reasons, this parameter can also be set to === true, which is the same as passing
|
*
|
||||||
* CLEAR_MISSING
|
* Passing IGNORE_FALSEISH means that any false-ish value in {@link $data} won't replace
|
||||||
*
|
* a field's value.
|
||||||
* @param array $fieldList An optional list of fields to process. This can be useful when you have a
|
*
|
||||||
* form that has some fields that save to one object, and some that save to another.
|
* For backwards compatibility reasons, this parameter can also be set to === true, which is the same as passing
|
||||||
* @return Form
|
* CLEAR_MISSING
|
||||||
*/
|
*
|
||||||
|
* @param array $fieldList An optional list of fields to process. This can be useful when you have a
|
||||||
|
* form that has some fields that save to one object, and some that save to another.
|
||||||
|
* @return Form
|
||||||
|
*/
|
||||||
public function loadDataFrom($data, $mergeStrategy = 0, $fieldList = null)
|
public function loadDataFrom($data, $mergeStrategy = 0, $fieldList = null)
|
||||||
{
|
{
|
||||||
if (!is_object($data) && !is_array($data)) {
|
if(!is_object($data) && !is_array($data)) {
|
||||||
user_error("Form::loadDataFrom() not passed an array or an object", E_USER_WARNING);
|
user_error("Form::loadDataFrom() not passed an array or an object", E_USER_WARNING);
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Handle the backwards compatible case of passing "true" as the second argument
|
// Handle the backwards compatible case of passing "true" as the second argument
|
||||||
if ($mergeStrategy === true) {
|
if ($mergeStrategy === true) {
|
||||||
$mergeStrategy = self::MERGE_CLEAR_MISSING;
|
$mergeStrategy = self::MERGE_CLEAR_MISSING;
|
||||||
} elseif ($mergeStrategy === false) {
|
} elseif ($mergeStrategy === false) {
|
||||||
$mergeStrategy = 0;
|
$mergeStrategy = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
// if an object is passed, save it for historical reference through {@link getRecord()}
|
// if an object is passed, save it for historical reference through {@link getRecord()}
|
||||||
if (is_object($data)) {
|
if (is_object($data)) {
|
||||||
$this->record = $data;
|
$this->record = $data;
|
||||||
}
|
}
|
||||||
|
|
||||||
// dont include fields without data
|
// dont include fields without data
|
||||||
$dataFields = $this->Fields()->dataFields();
|
$dataFields = $this->Fields()->dataFields();
|
||||||
if ($dataFields) {
|
if ($dataFields) {
|
||||||
foreach ($dataFields as $field) {
|
foreach ($dataFields as $field) {
|
||||||
$name = $field->getName();
|
$name = $field->getName();
|
||||||
|
|
||||||
// Skip fields that have been excluded
|
// Skip fields that have been excluded
|
||||||
if ($fieldList && !in_array($name, $fieldList)) {
|
if($fieldList && !in_array($name, $fieldList)) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
// First check looks for (fieldname)_unchanged, an indicator that we shouldn't overwrite the field value
|
// First check looks for (fieldname)_unchanged, an indicator that we shouldn't overwrite the field value
|
||||||
if (is_array($data) && isset($data[$name . '_unchanged'])) {
|
if (is_array($data) && isset($data[$name . '_unchanged'])) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Does this property exist on $data?
|
// Does this property exist on $data?
|
||||||
$exists = false;
|
$exists = false;
|
||||||
// The value from $data for this field
|
// The value from $data for this field
|
||||||
$val = null;
|
$val = null;
|
||||||
|
|
||||||
if (is_object($data)) {
|
if(is_object($data)) {
|
||||||
$exists = (
|
$exists = (
|
||||||
isset($data->$name) ||
|
isset($data->$name) ||
|
||||||
$data->hasMethod($name) ||
|
$data->hasMethod($name) ||
|
||||||
($data->hasMethod('hasField') && $data->hasField($name))
|
($data->hasMethod('hasField') && $data->hasField($name))
|
||||||
);
|
);
|
||||||
|
|
||||||
if ($exists) {
|
if ($exists) {
|
||||||
$val = $data->__get($name);
|
$val = $data->__get($name);
|
||||||
}
|
}
|
||||||
} elseif (is_array($data)) {
|
} elseif (is_array($data)) {
|
||||||
if (array_key_exists($name, $data)) {
|
if(array_key_exists($name, $data)) {
|
||||||
$exists = true;
|
$exists = true;
|
||||||
$val = $data[$name];
|
$val = $data[$name];
|
||||||
} // If field is in array-notation we need to access nested data
|
} // If field is in array-notation we need to access nested data
|
||||||
elseif (strpos($name, '[')) {
|
else if(strpos($name,'[')) {
|
||||||
// First encode data using PHP's method of converting nested arrays to form data
|
// First encode data using PHP's method of converting nested arrays to form data
|
||||||
$flatData = urldecode(http_build_query($data));
|
$flatData = urldecode(http_build_query($data));
|
||||||
// Then pull the value out from that flattened string
|
// Then pull the value out from that flattened string
|
||||||
preg_match('/' . addcslashes($name, '[]') . '=([^&]*)/', $flatData, $matches);
|
preg_match('/' . addcslashes($name,'[]') . '=([^&]*)/', $flatData, $matches);
|
||||||
|
|
||||||
if (isset($matches[1])) {
|
if (isset($matches[1])) {
|
||||||
$exists = true;
|
$exists = true;
|
||||||
$val = $matches[1];
|
$val = $matches[1];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// save to the field if either a value is given, or loading of blank/undefined values is forced
|
// save to the field if either a value is given, or loading of blank/undefined values is forced
|
||||||
if ($exists) {
|
if($exists){
|
||||||
if ($val != false || ($mergeStrategy & self::MERGE_IGNORE_FALSEISH) != self::MERGE_IGNORE_FALSEISH) {
|
if ($val != false || ($mergeStrategy & self::MERGE_IGNORE_FALSEISH) != self::MERGE_IGNORE_FALSEISH){
|
||||||
// pass original data as well so composite fields can act on the additional information
|
// pass original data as well so composite fields can act on the additional information
|
||||||
$field->setValue($val, $data);
|
$field->setValue($val, $data);
|
||||||
}
|
}
|
||||||
} elseif (($mergeStrategy & self::MERGE_CLEAR_MISSING) == self::MERGE_CLEAR_MISSING) {
|
} elseif (($mergeStrategy & self::MERGE_CLEAR_MISSING) == self::MERGE_CLEAR_MISSING) {
|
||||||
$field->setValue($val, $data);
|
$field->setValue($val, $data);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Save the contents of this form into the given data object.
|
* Save the contents of this form into the given data object.
|
||||||
* It will make use of setCastedField() to do this.
|
* It will make use of setCastedField() to do this.
|
||||||
*
|
*
|
||||||
* @param DataObjectInterface $dataObject The object to save data into
|
* @param DataObjectInterface $dataObject The object to save data into
|
||||||
* @param FieldList $fieldList An optional list of fields to process. This can be useful when you have a
|
* @param FieldList $fieldList An optional list of fields to process. This can be useful when you have a
|
||||||
* form that has some fields that save to one object, and some that save to another.
|
* form that has some fields that save to one object, and some that save to another.
|
||||||
*/
|
*/
|
||||||
public function saveInto(DataObjectInterface $dataObject, $fieldList = null)
|
public function saveInto(DataObjectInterface $dataObject, $fieldList = null)
|
||||||
{
|
{
|
||||||
$dataFields = $this->fields->saveableFields();
|
$dataFields = $this->fields->saveableFields();
|
||||||
$lastField = null;
|
$lastField = null;
|
||||||
if ($dataFields) {
|
if ($dataFields) {
|
||||||
foreach ($dataFields as $field) {
|
foreach ($dataFields as $field) {
|
||||||
// Skip fields that have been excluded
|
// Skip fields that have been excluded
|
||||||
if ($fieldList && is_array($fieldList) && !in_array($field->getName(), $fieldList)) {
|
if ($fieldList && is_array($fieldList) && !in_array($field->getName(), $fieldList)) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
$saveMethod = "save{$field->getName()}";
|
$saveMethod = "save{$field->getName()}";
|
||||||
|
|
||||||
if ($field->getName() == "ClassName") {
|
if($field->getName() == "ClassName"){
|
||||||
$lastField = $field;
|
$lastField = $field;
|
||||||
} elseif ($dataObject->hasMethod($saveMethod)) {
|
}else if( $dataObject->hasMethod( $saveMethod ) ){
|
||||||
$dataObject->$saveMethod( $field->dataValue());
|
$dataObject->$saveMethod( $field->dataValue());
|
||||||
} elseif ($field->getName() != "ID") {
|
} else if($field->getName() != "ID"){
|
||||||
$field->saveInto($dataObject);
|
$field->saveInto($dataObject);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($lastField) {
|
if ($lastField) {
|
||||||
$lastField->saveInto($dataObject);
|
$lastField->saveInto($dataObject);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the submitted data from this form through
|
* Get the submitted data from this form through
|
||||||
* {@link FieldList->dataFields()}, which filters out
|
* {@link FieldList->dataFields()}, which filters out
|
||||||
* any form-specific data like form-actions.
|
* any form-specific data like form-actions.
|
||||||
* Calls {@link FormField->dataValue()} on each field,
|
* Calls {@link FormField->dataValue()} on each field,
|
||||||
* which returns a value suitable for insertion into a DataObject
|
* which returns a value suitable for insertion into a DataObject
|
||||||
* property.
|
* property.
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getData()
|
public function getData()
|
||||||
{
|
{
|
||||||
$dataFields = $this->fields->dataFields();
|
$dataFields = $this->fields->dataFields();
|
||||||
$data = array();
|
$data = array();
|
||||||
|
|
||||||
if ($dataFields) {
|
if($dataFields){
|
||||||
foreach ($dataFields as $field) {
|
foreach($dataFields as $field) {
|
||||||
if ($field->getName()) {
|
if($field->getName()) {
|
||||||
$data[$field->getName()] = $field->dataValue();
|
$data[$field->getName()] = $field->dataValue();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $data;
|
return $data;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a rendered version of this form.
|
* Return a rendered version of this form.
|
||||||
*
|
*
|
||||||
* This is returned when you access a form as $FormObject rather
|
* This is returned when you access a form as $FormObject rather
|
||||||
* than <% with FormObject %>
|
* than <% with FormObject %>
|
||||||
*
|
*
|
||||||
* @return DBHTMLText
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function forTemplate()
|
public function forTemplate()
|
||||||
{
|
{
|
||||||
$return = $this->renderWith($this->getTemplates());
|
$return = $this->renderWith($this->getTemplates());
|
||||||
|
|
||||||
// Now that we're rendered, clear message
|
// Now that we're rendered, clear message
|
||||||
$this->clearMessage();
|
$this->clearMessage();
|
||||||
|
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a rendered version of this form, suitable for ajax post-back.
|
* Return a rendered version of this form, suitable for ajax post-back.
|
||||||
*
|
*
|
||||||
* It triggers slightly different behaviour, such as disabling the rewriting
|
* It triggers slightly different behaviour, such as disabling the rewriting
|
||||||
* of # links.
|
* of # links.
|
||||||
*
|
*
|
||||||
* @return DBHTMLText
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function forAjaxTemplate()
|
public function forAjaxTemplate()
|
||||||
{
|
{
|
||||||
$view = new SSViewer($this->getTemplates());
|
$view = new SSViewer($this->getTemplates());
|
||||||
|
|
||||||
$return = $view->dontRewriteHashlinks()->process($this);
|
$return = $view->dontRewriteHashlinks()->process($this);
|
||||||
|
|
||||||
// Now that we're rendered, clear message
|
// Now that we're rendered, clear message
|
||||||
$this->clearMessage();
|
$this->clearMessage();
|
||||||
|
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns an HTML rendition of this form, without the <form> tag itself.
|
* Returns an HTML rendition of this form, without the <form> tag itself.
|
||||||
*
|
*
|
||||||
* Attaches 3 extra hidden files, _form_action, _form_name, _form_method,
|
* Attaches 3 extra hidden files, _form_action, _form_name, _form_method,
|
||||||
* and _form_enctype. These are the attributes of the form. These fields
|
* and _form_enctype. These are the attributes of the form. These fields
|
||||||
* can be used to send the form to Ajax.
|
* can be used to send the form to Ajax.
|
||||||
*
|
*
|
||||||
* @deprecated 5.0
|
* @deprecated 5.0
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function formHtmlContent()
|
public function formHtmlContent()
|
||||||
{
|
{
|
||||||
Deprecation::notice('5.0');
|
Deprecation::notice('5.0');
|
||||||
$this->IncludeFormTag = false;
|
$this->IncludeFormTag = false;
|
||||||
$content = $this->forTemplate();
|
$content = $this->forTemplate();
|
||||||
$this->IncludeFormTag = true;
|
$this->IncludeFormTag = true;
|
||||||
|
|
||||||
$content .= "<input type=\"hidden\" name=\"_form_action\" id=\"" . $this->FormName . "_form_action\""
|
$content .= "<input type=\"hidden\" name=\"_form_action\" id=\"" . $this->FormName . "_form_action\""
|
||||||
. " value=\"" . $this->FormAction() . "\" />\n";
|
. " value=\"" . $this->FormAction() . "\" />\n";
|
||||||
$content .= "<input type=\"hidden\" name=\"_form_name\" value=\"" . $this->FormName() . "\" />\n";
|
$content .= "<input type=\"hidden\" name=\"_form_name\" value=\"" . $this->FormName() . "\" />\n";
|
||||||
$content .= "<input type=\"hidden\" name=\"_form_method\" value=\"" . $this->FormMethod() . "\" />\n";
|
$content .= "<input type=\"hidden\" name=\"_form_method\" value=\"" . $this->FormMethod() . "\" />\n";
|
||||||
$content .= "<input type=\"hidden\" name=\"_form_enctype\" value=\"" . $this->getEncType() . "\" />\n";
|
$content .= "<input type=\"hidden\" name=\"_form_enctype\" value=\"" . $this->getEncType() . "\" />\n";
|
||||||
|
|
||||||
return $content;
|
return $content;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Render this form using the given template, and return the result as a string
|
* Render this form using the given template, and return the result as a string
|
||||||
* You can pass either an SSViewer or a template name
|
* You can pass either an SSViewer or a template name
|
||||||
* @param string|array $template
|
* @param string|array $template
|
||||||
* @return DBHTMLText
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function renderWithoutActionButton($template)
|
public function renderWithoutActionButton($template)
|
||||||
{
|
{
|
||||||
$custom = $this->customise(array(
|
$custom = $this->customise(array(
|
||||||
"Actions" => "",
|
"Actions" => "",
|
||||||
));
|
));
|
||||||
|
|
||||||
if (is_string($template)) {
|
if(is_string($template)) {
|
||||||
$template = new SSViewer($template);
|
$template = new SSViewer($template);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $template->process($custom);
|
return $template->process($custom);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the button that was clicked. This should only be called by the Controller.
|
* Sets the button that was clicked. This should only be called by the Controller.
|
||||||
*
|
*
|
||||||
* @param callable $funcName The name of the action method that will be called.
|
* @param callable $funcName The name of the action method that will be called.
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setButtonClicked($funcName)
|
public function setButtonClicked($funcName)
|
||||||
{
|
{
|
||||||
$this->buttonClickedFunc = $funcName;
|
$this->buttonClickedFunc = $funcName;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return FormAction
|
* @return FormAction
|
||||||
*/
|
*/
|
||||||
public function buttonClicked()
|
public function buttonClicked()
|
||||||
{
|
{
|
||||||
$actions = $this->getAllActions();
|
$actions = $this->getAllActions();
|
||||||
foreach ($actions as $action) {
|
foreach ($actions as $action) {
|
||||||
if ($this->buttonClickedFunc === $action->actionName()) {
|
if ($this->buttonClickedFunc === $action->actionName()) {
|
||||||
return $action;
|
return $action;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a list of all actions, including those in the main "fields" FieldList
|
* Get a list of all actions, including those in the main "fields" FieldList
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
protected function getAllActions()
|
protected function getAllActions()
|
||||||
{
|
{
|
||||||
$fields = $this->fields->dataFields() ?: array();
|
$fields = $this->fields->dataFields() ?: array();
|
||||||
$actions = $this->actions->dataFields() ?: array();
|
$actions = $this->actions->dataFields() ?: array();
|
||||||
|
|
||||||
$fieldsAndActions = array_merge($fields, $actions);
|
$fieldsAndActions = array_merge($fields, $actions);
|
||||||
$actions = array_filter($fieldsAndActions, function ($fieldOrAction) {
|
$actions = array_filter($fieldsAndActions, function($fieldOrAction) {
|
||||||
return $fieldOrAction instanceof FormAction;
|
return $fieldOrAction instanceof FormAction;
|
||||||
});
|
});
|
||||||
|
|
||||||
return $actions;
|
return $actions;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the default button that should be clicked when another one isn't
|
* Return the default button that should be clicked when another one isn't
|
||||||
* available.
|
* available.
|
||||||
*
|
*
|
||||||
* @return FormAction
|
* @return FormAction
|
||||||
*/
|
*/
|
||||||
public function defaultAction()
|
public function defaultAction()
|
||||||
{
|
{
|
||||||
if ($this->hasDefaultAction && $this->actions) {
|
if($this->hasDefaultAction && $this->actions) {
|
||||||
return $this->actions->first();
|
return $this->actions->first();
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Disable the default button.
|
* Disable the default button.
|
||||||
*
|
*
|
||||||
* Ordinarily, when a form is processed and no action_XXX button is
|
* Ordinarily, when a form is processed and no action_XXX button is
|
||||||
* available, then the first button in the actions list will be pressed.
|
* available, then the first button in the actions list will be pressed.
|
||||||
* However, if this is "delete", for example, this isn't such a good idea.
|
* However, if this is "delete", for example, this isn't such a good idea.
|
||||||
*
|
*
|
||||||
* @return Form
|
* @return Form
|
||||||
*/
|
*/
|
||||||
public function disableDefaultAction()
|
public function disableDefaultAction()
|
||||||
{
|
{
|
||||||
$this->hasDefaultAction = false;
|
$this->hasDefaultAction = false;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Disable the requirement of a security token on this form instance. This
|
* Disable the requirement of a security token on this form instance. This
|
||||||
* security protects against CSRF attacks, but you should disable this if
|
* security protects against CSRF attacks, but you should disable this if
|
||||||
* you don't want to tie a form to a session - eg a search form.
|
* you don't want to tie a form to a session - eg a search form.
|
||||||
*
|
*
|
||||||
* Check for token state with {@link getSecurityToken()} and
|
* Check for token state with {@link getSecurityToken()} and
|
||||||
* {@link SecurityToken->isEnabled()}.
|
* {@link SecurityToken->isEnabled()}.
|
||||||
*
|
*
|
||||||
* @return Form
|
* @return Form
|
||||||
*/
|
*/
|
||||||
public function disableSecurityToken()
|
public function disableSecurityToken()
|
||||||
{
|
{
|
||||||
$this->securityToken = new NullSecurityToken();
|
$this->securityToken = new NullSecurityToken();
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Enable {@link SecurityToken} protection for this form instance.
|
* Enable {@link SecurityToken} protection for this form instance.
|
||||||
*
|
*
|
||||||
* Check for token state with {@link getSecurityToken()} and
|
* Check for token state with {@link getSecurityToken()} and
|
||||||
* {@link SecurityToken->isEnabled()}.
|
* {@link SecurityToken->isEnabled()}.
|
||||||
*
|
*
|
||||||
* @return Form
|
* @return Form
|
||||||
*/
|
*/
|
||||||
public function enableSecurityToken()
|
public function enableSecurityToken()
|
||||||
{
|
{
|
||||||
$this->securityToken = new SecurityToken();
|
$this->securityToken = new SecurityToken();
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the security token for this form (if any exists).
|
* Returns the security token for this form (if any exists).
|
||||||
*
|
*
|
||||||
* Doesn't check for {@link securityTokenEnabled()}.
|
* Doesn't check for {@link securityTokenEnabled()}.
|
||||||
*
|
*
|
||||||
* Use {@link SecurityToken::inst()} to get a global token.
|
* Use {@link SecurityToken::inst()} to get a global token.
|
||||||
*
|
*
|
||||||
* @return SecurityToken|null
|
* @return SecurityToken|null
|
||||||
*/
|
*/
|
||||||
public function getSecurityToken()
|
public function getSecurityToken()
|
||||||
{
|
{
|
||||||
return $this->securityToken;
|
return $this->securityToken;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Compiles all CSS-classes.
|
* Compiles all CSS-classes.
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function extraClass()
|
public function extraClass()
|
||||||
{
|
{
|
||||||
return implode(array_unique($this->extraClasses), ' ');
|
return implode(array_unique($this->extraClasses), ' ');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add a CSS-class to the form-container. If needed, multiple classes can
|
* Add a CSS-class to the form-container. If needed, multiple classes can
|
||||||
* be added by delimiting a string with spaces.
|
* be added by delimiting a string with spaces.
|
||||||
*
|
*
|
||||||
* @param string $class A string containing a classname or several class
|
* @param string $class A string containing a classname or several class
|
||||||
* names delimited by a single space.
|
* names delimited by a single space.
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function addExtraClass($class)
|
public function addExtraClass($class)
|
||||||
{
|
{
|
||||||
//split at white space
|
//split at white space
|
||||||
$classes = preg_split('/\s+/', $class);
|
$classes = preg_split('/\s+/', $class);
|
||||||
foreach ($classes as $class) {
|
foreach($classes as $class) {
|
||||||
//add classes one by one
|
//add classes one by one
|
||||||
$this->extraClasses[$class] = $class;
|
$this->extraClasses[$class] = $class;
|
||||||
}
|
}
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Remove a CSS-class from the form-container. Multiple class names can
|
* Remove a CSS-class from the form-container. Multiple class names can
|
||||||
* be passed through as a space delimited string
|
* be passed through as a space delimited string
|
||||||
*
|
*
|
||||||
* @param string $class
|
* @param string $class
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function removeExtraClass($class)
|
public function removeExtraClass($class)
|
||||||
{
|
{
|
||||||
//split at white space
|
//split at white space
|
||||||
$classes = preg_split('/\s+/', $class);
|
$classes = preg_split('/\s+/', $class);
|
||||||
foreach ($classes as $class) {
|
foreach ($classes as $class) {
|
||||||
//unset one by one
|
//unset one by one
|
||||||
unset($this->extraClasses[$class]);
|
unset($this->extraClasses[$class]);
|
||||||
}
|
}
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function debug()
|
public function debug()
|
||||||
{
|
{
|
||||||
$result = "<h3>$this->class</h3><ul>";
|
$result = "<h3>$this->class</h3><ul>";
|
||||||
foreach ($this->fields as $field) {
|
foreach($this->fields as $field) {
|
||||||
$result .= "<li>$field" . $field->debug() . "</li>";
|
$result .= "<li>$field" . $field->debug() . "</li>";
|
||||||
}
|
}
|
||||||
$result .= "</ul>";
|
$result .= "</ul>";
|
||||||
|
|
||||||
if ($this->validator) {
|
if( $this->validator ) {
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
$result .= '<h3>' . _t('Form.VALIDATOR', 'Validator') . '</h3>' . $this->validator->debug();
|
$result .= '<h3>' . _t('Form.VALIDATOR', 'Validator') . '</h3>' . $this->validator->debug();
|
||||||
}
|
}
|
||||||
|
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
||||||
// TESTING HELPERS
|
// TESTING HELPERS
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test a submission of this form.
|
* Test a submission of this form.
|
||||||
* @param string $action
|
* @param string $action
|
||||||
* @param array $data
|
* @param array $data
|
||||||
* @return HTTPResponse the response object that the handling controller produces. You can interrogate this in
|
* @return HTTPResponse the response object that the handling controller produces. You can interrogate this in
|
||||||
* your unit test.
|
* your unit test.
|
||||||
* @throws HTTPResponse_Exception
|
* @throws HTTPResponse_Exception
|
||||||
*/
|
*/
|
||||||
public function testSubmission($action, $data)
|
public function testSubmission($action, $data)
|
||||||
{
|
{
|
||||||
$data['action_' . $action] = true;
|
$data['action_' . $action] = true;
|
||||||
|
|
||||||
return Director::test($this->FormAction(), $data, Controller::curr()->getSession());
|
return Director::test($this->FormAction(), $data, Controller::curr()->getSession());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test an ajax submission of this form.
|
* Test an ajax submission of this form.
|
||||||
*
|
*
|
||||||
* @param string $action
|
* @param string $action
|
||||||
* @param array $data
|
* @param array $data
|
||||||
* @return HTTPResponse the response object that the handling controller produces. You can interrogate this in
|
* @return HTTPResponse the response object that the handling controller produces. You can interrogate this in
|
||||||
* your unit test.
|
* your unit test.
|
||||||
*/
|
*/
|
||||||
public function testAjaxSubmission($action, $data)
|
public function testAjaxSubmission($action, $data)
|
||||||
{
|
{
|
||||||
$data['ajax'] = 1;
|
$data['ajax'] = 1;
|
||||||
return $this->testSubmission($action, $data);
|
return $this->testSubmission($action, $data);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -24,101 +24,101 @@ use SilverStripe\ORM\ValidationException;
|
|||||||
class GridFieldDeleteAction implements GridField_ColumnProvider, GridField_ActionProvider
|
class GridFieldDeleteAction implements GridField_ColumnProvider, GridField_ActionProvider
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If this is set to true, this {@link GridField_ActionProvider} will
|
* If this is set to true, this {@link GridField_ActionProvider} will
|
||||||
* remove the object from the list, instead of deleting.
|
* remove the object from the list, instead of deleting.
|
||||||
*
|
*
|
||||||
* In the case of a has one, has many or many many list it will uncouple
|
* In the case of a has one, has many or many many list it will uncouple
|
||||||
* the item from the list.
|
* the item from the list.
|
||||||
*
|
*
|
||||||
* @var boolean
|
* @var boolean
|
||||||
*/
|
*/
|
||||||
protected $removeRelation = false;
|
protected $removeRelation = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @param boolean $removeRelation - true if removing the item from the list, but not deleting it
|
* @param boolean $removeRelation - true if removing the item from the list, but not deleting it
|
||||||
*/
|
*/
|
||||||
public function __construct($removeRelation = false)
|
public function __construct($removeRelation = false)
|
||||||
{
|
{
|
||||||
$this->removeRelation = $removeRelation;
|
$this->removeRelation = $removeRelation;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add a column 'Delete'
|
* Add a column 'Delete'
|
||||||
*
|
*
|
||||||
* @param GridField $gridField
|
* @param GridField $gridField
|
||||||
* @param array $columns
|
* @param array $columns
|
||||||
*/
|
*/
|
||||||
public function augmentColumns($gridField, &$columns)
|
public function augmentColumns($gridField, &$columns)
|
||||||
{
|
{
|
||||||
if (!in_array('Actions', $columns)) {
|
if(!in_array('Actions', $columns)) {
|
||||||
$columns[] = 'Actions';
|
$columns[] = 'Actions';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return any special attributes that will be used for FormField::create_tag()
|
* Return any special attributes that will be used for FormField::create_tag()
|
||||||
*
|
*
|
||||||
* @param GridField $gridField
|
* @param GridField $gridField
|
||||||
* @param DataObject $record
|
* @param DataObject $record
|
||||||
* @param string $columnName
|
* @param string $columnName
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getColumnAttributes($gridField, $record, $columnName)
|
public function getColumnAttributes($gridField, $record, $columnName)
|
||||||
{
|
{
|
||||||
return array('class' => 'grid-field__col-compact');
|
return array('class' => 'grid-field__col-compact');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add the title
|
* Add the title
|
||||||
*
|
*
|
||||||
* @param GridField $gridField
|
* @param GridField $gridField
|
||||||
* @param string $columnName
|
* @param string $columnName
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getColumnMetadata($gridField, $columnName)
|
public function getColumnMetadata($gridField, $columnName)
|
||||||
{
|
{
|
||||||
if ($columnName == 'Actions') {
|
if($columnName == 'Actions') {
|
||||||
return array('title' => '');
|
return array('title' => '');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Which columns are handled by this component
|
* Which columns are handled by this component
|
||||||
*
|
*
|
||||||
* @param GridField $gridField
|
* @param GridField $gridField
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getColumnsHandled($gridField)
|
public function getColumnsHandled($gridField)
|
||||||
{
|
{
|
||||||
return array('Actions');
|
return array('Actions');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Which GridField actions are this component handling
|
* Which GridField actions are this component handling
|
||||||
*
|
*
|
||||||
* @param GridField $gridField
|
* @param GridField $gridField
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getActions($gridField)
|
public function getActions($gridField)
|
||||||
{
|
{
|
||||||
return array('deleterecord', 'unlinkrelation');
|
return array('deleterecord', 'unlinkrelation');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @param GridField $gridField
|
* @param GridField $gridField
|
||||||
* @param DataObject $record
|
* @param DataObject $record
|
||||||
* @param string $columnName
|
* @param string $columnName
|
||||||
* @return string the HTML for the column
|
* @return string the HTML for the column
|
||||||
*/
|
*/
|
||||||
public function getColumnContent($gridField, $record, $columnName)
|
public function getColumnContent($gridField, $record, $columnName)
|
||||||
{
|
{
|
||||||
if ($this->removeRelation) {
|
if($this->removeRelation) {
|
||||||
if (!$record->canEdit()) {
|
if(!$record->canEdit()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
$field = GridField_FormAction::create(
|
$field = GridField_FormAction::create(
|
||||||
$gridField,
|
$gridField,
|
||||||
@ -127,12 +127,12 @@ class GridFieldDeleteAction implements GridField_ColumnProvider, GridField_Actio
|
|||||||
"unlinkrelation",
|
"unlinkrelation",
|
||||||
array('RecordID' => $record->ID)
|
array('RecordID' => $record->ID)
|
||||||
)
|
)
|
||||||
->addExtraClass('btn btn--no-text btn--icon-md font-icon-link-broken grid-field__icon-action gridfield-button-unlink')
|
->addExtraClass('btn btn--no-text btn--icon-md font-icon-link-broken grid-field__icon-action gridfield-button-unlink')
|
||||||
->setAttribute('title', _t('GridAction.UnlinkRelation', "Unlink"));
|
->setAttribute('title', _t('GridAction.UnlinkRelation', "Unlink"));
|
||||||
} else {
|
} else {
|
||||||
if (!$record->canDelete()) {
|
if(!$record->canDelete()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
$field = GridField_FormAction::create(
|
$field = GridField_FormAction::create(
|
||||||
$gridField,
|
$gridField,
|
||||||
@ -141,50 +141,46 @@ class GridFieldDeleteAction implements GridField_ColumnProvider, GridField_Actio
|
|||||||
"deleterecord",
|
"deleterecord",
|
||||||
array('RecordID' => $record->ID)
|
array('RecordID' => $record->ID)
|
||||||
)
|
)
|
||||||
->addExtraClass('gridfield-button-delete btn--icon-md font-icon-trash-bin btn--no-text grid-field__icon-action')
|
->addExtraClass('gridfield-button-delete btn--icon-md font-icon-trash-bin btn--no-text grid-field__icon-action')
|
||||||
->setAttribute('title', _t('GridAction.Delete', "Delete"))
|
->setAttribute('title', _t('GridAction.Delete', "Delete"))
|
||||||
->setDescription(_t('GridAction.DELETE_DESCRIPTION', 'Delete'));
|
->setDescription(_t('GridAction.DELETE_DESCRIPTION','Delete'));
|
||||||
}
|
}
|
||||||
return $field->Field();
|
return $field->Field();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Handle the actions and apply any changes to the GridField
|
* Handle the actions and apply any changes to the GridField
|
||||||
*
|
*
|
||||||
* @param GridField $gridField
|
* @param GridField $gridField
|
||||||
* @param string $actionName
|
* @param string $actionName
|
||||||
* @param mixed $arguments
|
* @param mixed $arguments
|
||||||
* @param array $data - form data
|
* @param array $data - form data
|
||||||
* @throws ValidationException
|
* @throws ValidationException
|
||||||
*/
|
*/
|
||||||
public function handleAction(GridField $gridField, $actionName, $arguments, $data)
|
public function handleAction(GridField $gridField, $actionName, $arguments, $data)
|
||||||
{
|
{
|
||||||
if ($actionName == 'deleterecord' || $actionName == 'unlinkrelation') {
|
if($actionName == 'deleterecord' || $actionName == 'unlinkrelation') {
|
||||||
/** @var DataObject $item */
|
/** @var DataObject $item */
|
||||||
$item = $gridField->getList()->byID($arguments['RecordID']);
|
$item = $gridField->getList()->byID($arguments['RecordID']);
|
||||||
if (!$item) {
|
if(!$item) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($actionName == 'deleterecord') {
|
if($actionName == 'deleterecord') {
|
||||||
if (!$item->canDelete()) {
|
if(!$item->canDelete()) {
|
||||||
throw new ValidationException(
|
throw new ValidationException(
|
||||||
_t('GridFieldAction_Delete.DeletePermissionsFailure', "No delete permissions"),
|
_t('GridFieldAction_Delete.DeletePermissionsFailure',"No delete permissions"));
|
||||||
0
|
}
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
$item->delete();
|
$item->delete();
|
||||||
} else {
|
} else {
|
||||||
if (!$item->canEdit()) {
|
if(!$item->canEdit()) {
|
||||||
throw new ValidationException(
|
throw new ValidationException(
|
||||||
_t('GridFieldAction_Delete.EditPermissionsFailure', "No permission to unlink record"),
|
_t('GridFieldAction_Delete.EditPermissionsFailure',"No permission to unlink record"));
|
||||||
0
|
}
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
$gridField->getList()->remove($item);
|
$gridField->getList()->remove($item);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -26,622 +26,620 @@ use SilverStripe\View\SSViewer;
|
|||||||
class GridFieldDetailForm_ItemRequest extends RequestHandler
|
class GridFieldDetailForm_ItemRequest extends RequestHandler
|
||||||
{
|
{
|
||||||
|
|
||||||
private static $allowed_actions = array(
|
private static $allowed_actions = array(
|
||||||
'edit',
|
'edit',
|
||||||
'view',
|
'view',
|
||||||
'ItemEditForm'
|
'ItemEditForm'
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @var GridField
|
* @var GridField
|
||||||
*/
|
*/
|
||||||
protected $gridField;
|
protected $gridField;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @var GridFieldDetailForm
|
* @var GridFieldDetailForm
|
||||||
*/
|
*/
|
||||||
protected $component;
|
protected $component;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @var DataObject
|
* @var DataObject
|
||||||
*/
|
*/
|
||||||
protected $record;
|
protected $record;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This represents the current parent RequestHandler (which does not necessarily need to be a Controller).
|
* This represents the current parent RequestHandler (which does not necessarily need to be a Controller).
|
||||||
* It allows us to traverse the RequestHandler chain upwards to reach the Controller stack.
|
* It allows us to traverse the RequestHandler chain upwards to reach the Controller stack.
|
||||||
*
|
*
|
||||||
* @var RequestHandler
|
* @var RequestHandler
|
||||||
*/
|
*/
|
||||||
protected $popupController;
|
protected $popupController;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @var string
|
* @var string
|
||||||
*/
|
*/
|
||||||
protected $popupFormName;
|
protected $popupFormName;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var String
|
* @var String
|
||||||
*/
|
*/
|
||||||
protected $template = null;
|
protected $template = null;
|
||||||
|
|
||||||
private static $url_handlers = array(
|
private static $url_handlers = array(
|
||||||
'$Action!' => '$Action',
|
'$Action!' => '$Action',
|
||||||
'' => 'edit',
|
'' => 'edit',
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @param GridField $gridField
|
* @param GridField $gridField
|
||||||
* @param GridFieldDetailForm $component
|
* @param GridFieldDetailForm $component
|
||||||
* @param DataObject $record
|
* @param DataObject $record
|
||||||
* @param RequestHandler $requestHandler
|
* @param RequestHandler $requestHandler
|
||||||
* @param string $popupFormName
|
* @param string $popupFormName
|
||||||
*/
|
*/
|
||||||
public function __construct($gridField, $component, $record, $requestHandler, $popupFormName)
|
public function __construct($gridField, $component, $record, $requestHandler, $popupFormName)
|
||||||
{
|
{
|
||||||
$this->gridField = $gridField;
|
$this->gridField = $gridField;
|
||||||
$this->component = $component;
|
$this->component = $component;
|
||||||
$this->record = $record;
|
$this->record = $record;
|
||||||
$this->popupController = $requestHandler;
|
$this->popupController = $requestHandler;
|
||||||
$this->popupFormName = $popupFormName;
|
$this->popupFormName = $popupFormName;
|
||||||
parent::__construct();
|
parent::__construct();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function Link($action = null)
|
public function Link($action = null)
|
||||||
{
|
{
|
||||||
return Controller::join_links(
|
return Controller::join_links(
|
||||||
$this->gridField->Link('item'),
|
$this->gridField->Link('item'),
|
||||||
$this->record->ID ? $this->record->ID : 'new',
|
$this->record->ID ? $this->record->ID : 'new',
|
||||||
$action
|
$action
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param HTTPRequest $request
|
* @param HTTPRequest $request
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function view($request)
|
public function view($request)
|
||||||
{
|
{
|
||||||
if (!$this->record->canView()) {
|
if (!$this->record->canView()) {
|
||||||
$this->httpError(403);
|
$this->httpError(403);
|
||||||
}
|
}
|
||||||
|
|
||||||
$controller = $this->getToplevelController();
|
$controller = $this->getToplevelController();
|
||||||
|
|
||||||
$form = $this->ItemEditForm();
|
$form = $this->ItemEditForm();
|
||||||
$form->makeReadonly();
|
$form->makeReadonly();
|
||||||
|
|
||||||
$data = new ArrayData(array(
|
$data = new ArrayData(array(
|
||||||
'Backlink' => $controller->Link(),
|
'Backlink' => $controller->Link(),
|
||||||
'ItemEditForm' => $form
|
'ItemEditForm' => $form
|
||||||
));
|
));
|
||||||
$return = $data->renderWith($this->getTemplates());
|
$return = $data->renderWith($this->getTemplates());
|
||||||
|
|
||||||
if ($request->isAjax()) {
|
if ($request->isAjax()) {
|
||||||
return $return;
|
return $return;
|
||||||
} else {
|
} else {
|
||||||
return $controller->customise(array('Content' => $return));
|
return $controller->customise(array('Content' => $return));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param HTTPRequest $request
|
* @param HTTPRequest $request
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function edit($request)
|
public function edit($request)
|
||||||
{
|
{
|
||||||
$controller = $this->getToplevelController();
|
$controller = $this->getToplevelController();
|
||||||
$form = $this->ItemEditForm();
|
$form = $this->ItemEditForm();
|
||||||
|
|
||||||
$return = $this->customise(array(
|
$return = $this->customise(array(
|
||||||
'Backlink' => $controller->hasMethod('Backlink') ? $controller->Backlink() : $controller->Link(),
|
'Backlink' => $controller->hasMethod('Backlink') ? $controller->Backlink() : $controller->Link(),
|
||||||
'ItemEditForm' => $form,
|
'ItemEditForm' => $form,
|
||||||
))->renderWith($this->getTemplates());
|
))->renderWith($this->getTemplates());
|
||||||
|
|
||||||
if ($request->isAjax()) {
|
if ($request->isAjax()) {
|
||||||
return $return;
|
return $return;
|
||||||
} else {
|
} else {
|
||||||
// If not requested by ajax, we need to render it within the controller context+template
|
// If not requested by ajax, we need to render it within the controller context+template
|
||||||
return $controller->customise(array(
|
return $controller->customise(array(
|
||||||
// TODO CMS coupling
|
// TODO CMS coupling
|
||||||
'Content' => $return,
|
'Content' => $return,
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Builds an item edit form. The arguments to getCMSFields() are the popupController and
|
* Builds an item edit form. The arguments to getCMSFields() are the popupController and
|
||||||
* popupFormName, however this is an experimental API and may change.
|
* popupFormName, however this is an experimental API and may change.
|
||||||
*
|
*
|
||||||
* @todo In the future, we will probably need to come up with a tigher object representing a partially
|
* @todo In the future, we will probably need to come up with a tigher object representing a partially
|
||||||
* complete controller with gaps for extra functionality. This, for example, would be a better way
|
* complete controller with gaps for extra functionality. This, for example, would be a better way
|
||||||
* of letting Security/login put its log-in form inside a UI specified elsewhere.
|
* of letting Security/login put its log-in form inside a UI specified elsewhere.
|
||||||
*
|
*
|
||||||
* @return Form
|
* @return Form
|
||||||
*/
|
*/
|
||||||
public function ItemEditForm()
|
public function ItemEditForm()
|
||||||
{
|
{
|
||||||
$list = $this->gridField->getList();
|
$list = $this->gridField->getList();
|
||||||
|
|
||||||
if (empty($this->record)) {
|
if (empty($this->record)) {
|
||||||
$controller = $this->getToplevelController();
|
$controller = $this->getToplevelController();
|
||||||
$url = $controller->getRequest()->getURL();
|
$url = $controller->getRequest()->getURL();
|
||||||
$noActionURL = $controller->removeAction($url);
|
$noActionURL = $controller->removeAction($url);
|
||||||
$controller->getResponse()->removeHeader('Location'); //clear the existing redirect
|
$controller->getResponse()->removeHeader('Location'); //clear the existing redirect
|
||||||
return $controller->redirect($noActionURL, 302);
|
return $controller->redirect($noActionURL, 302);
|
||||||
}
|
}
|
||||||
|
|
||||||
$canView = $this->record->canView();
|
$canView = $this->record->canView();
|
||||||
$canEdit = $this->record->canEdit();
|
$canEdit = $this->record->canEdit();
|
||||||
$canDelete = $this->record->canDelete();
|
$canDelete = $this->record->canDelete();
|
||||||
$canCreate = $this->record->canCreate();
|
$canCreate = $this->record->canCreate();
|
||||||
|
|
||||||
if (!$canView) {
|
if (!$canView) {
|
||||||
$controller = $this->getToplevelController();
|
$controller = $this->getToplevelController();
|
||||||
// TODO More friendly error
|
// TODO More friendly error
|
||||||
return $controller->httpError(403);
|
return $controller->httpError(403);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Build actions
|
// Build actions
|
||||||
$actions = $this->getFormActions();
|
$actions = $this->getFormActions();
|
||||||
|
|
||||||
// If we are creating a new record in a has-many list, then
|
// If we are creating a new record in a has-many list, then
|
||||||
// pre-populate the record's foreign key.
|
// pre-populate the record's foreign key.
|
||||||
if ($list instanceof HasManyList && !$this->record->isInDB()) {
|
if ($list instanceof HasManyList && !$this->record->isInDB()) {
|
||||||
$key = $list->getForeignKey();
|
$key = $list->getForeignKey();
|
||||||
$id = $list->getForeignID();
|
$id = $list->getForeignID();
|
||||||
$this->record->$key = $id;
|
$this->record->$key = $id;
|
||||||
}
|
}
|
||||||
|
|
||||||
$fields = $this->component->getFields();
|
$fields = $this->component->getFields();
|
||||||
if (!$fields) {
|
if (!$fields) {
|
||||||
$fields = $this->record->getCMSFields();
|
$fields = $this->record->getCMSFields();
|
||||||
}
|
}
|
||||||
|
|
||||||
// If we are creating a new record in a has-many list, then
|
// If we are creating a new record in a has-many list, then
|
||||||
// Disable the form field as it has no effect.
|
// Disable the form field as it has no effect.
|
||||||
if ($list instanceof HasManyList) {
|
if ($list instanceof HasManyList) {
|
||||||
$key = $list->getForeignKey();
|
$key = $list->getForeignKey();
|
||||||
|
|
||||||
if ($field = $fields->dataFieldByName($key)) {
|
if ($field = $fields->dataFieldByName($key)) {
|
||||||
$fields->makeFieldReadonly($field);
|
$fields->makeFieldReadonly($field);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// Caution: API violation. Form expects a Controller, but we are giving it a RequestHandler instead.
|
// Caution: API violation. Form expects a Controller, but we are giving it a RequestHandler instead.
|
||||||
// Thanks to this however, we are able to nest GridFields, and also access the initial Controller by
|
// Thanks to this however, we are able to nest GridFields, and also access the initial Controller by
|
||||||
// dereferencing GridFieldDetailForm_ItemRequest->getController() multiple times. See getToplevelController
|
// dereferencing GridFieldDetailForm_ItemRequest->getController() multiple times. See getToplevelController
|
||||||
// below.
|
// below.
|
||||||
$form = new Form(
|
$form = new Form(
|
||||||
$this,
|
$this,
|
||||||
'ItemEditForm',
|
'ItemEditForm',
|
||||||
$fields,
|
$fields,
|
||||||
$actions,
|
$actions,
|
||||||
$this->component->getValidator()
|
$this->component->getValidator()
|
||||||
);
|
);
|
||||||
|
|
||||||
$form->loadDataFrom($this->record, $this->record->ID == 0 ? Form::MERGE_IGNORE_FALSEISH : Form::MERGE_DEFAULT);
|
$form->loadDataFrom($this->record, $this->record->ID == 0 ? Form::MERGE_IGNORE_FALSEISH : Form::MERGE_DEFAULT);
|
||||||
|
|
||||||
if ($this->record->ID && !$canEdit) {
|
if ($this->record->ID && !$canEdit) {
|
||||||
// Restrict editing of existing records
|
// Restrict editing of existing records
|
||||||
$form->makeReadonly();
|
$form->makeReadonly();
|
||||||
// Hack to re-enable delete button if user can delete
|
// Hack to re-enable delete button if user can delete
|
||||||
if ($canDelete) {
|
if ($canDelete) {
|
||||||
$form->Actions()->fieldByName('action_doDelete')->setReadonly(false);
|
$form->Actions()->fieldByName('action_doDelete')->setReadonly(false);
|
||||||
}
|
}
|
||||||
} elseif (!$this->record->ID && !$canCreate) {
|
} elseif (!$this->record->ID && !$canCreate) {
|
||||||
// Restrict creation of new records
|
// Restrict creation of new records
|
||||||
$form->makeReadonly();
|
$form->makeReadonly();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Load many_many extraData for record.
|
// Load many_many extraData for record.
|
||||||
// Fields with the correct 'ManyMany' namespace need to be added manually through getCMSFields().
|
// Fields with the correct 'ManyMany' namespace need to be added manually through getCMSFields().
|
||||||
if ($list instanceof ManyManyList) {
|
if ($list instanceof ManyManyList) {
|
||||||
$extraData = $list->getExtraData('', $this->record->ID);
|
$extraData = $list->getExtraData('', $this->record->ID);
|
||||||
$form->loadDataFrom(array('ManyMany' => $extraData));
|
$form->loadDataFrom(array('ManyMany' => $extraData));
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO Coupling with CMS
|
// TODO Coupling with CMS
|
||||||
$toplevelController = $this->getToplevelController();
|
$toplevelController = $this->getToplevelController();
|
||||||
if ($toplevelController && $toplevelController instanceof LeftAndMain) {
|
if ($toplevelController && $toplevelController instanceof LeftAndMain) {
|
||||||
// Always show with base template (full width, no other panels),
|
// Always show with base template (full width, no other panels),
|
||||||
// regardless of overloaded CMS controller templates.
|
// regardless of overloaded CMS controller templates.
|
||||||
// TODO Allow customization, e.g. to display an edit form alongside a search form from the CMS controller
|
// TODO Allow customization, e.g. to display an edit form alongside a search form from the CMS controller
|
||||||
$form->setTemplate([
|
$form->setTemplate([
|
||||||
'type' => 'Includes',
|
'type' => 'Includes',
|
||||||
'SilverStripe\\Admin\\LeftAndMain_EditForm',
|
'SilverStripe\\Admin\\LeftAndMain_EditForm',
|
||||||
]);
|
]);
|
||||||
$form->addExtraClass('cms-content cms-edit-form center fill-height flexbox-area-grow');
|
$form->addExtraClass('cms-content cms-edit-form center fill-height flexbox-area-grow');
|
||||||
$form->setAttribute('data-pjax-fragment', 'CurrentForm Content');
|
$form->setAttribute('data-pjax-fragment', 'CurrentForm Content');
|
||||||
if ($form->Fields()->hasTabSet()) {
|
if ($form->Fields()->hasTabSet()) {
|
||||||
$form->Fields()->findOrMakeTab('Root')->setTemplate('SilverStripe\\Forms\\CMSTabSet');
|
$form->Fields()->findOrMakeTab('Root')->setTemplate('SilverStripe\\Forms\\CMSTabSet');
|
||||||
$form->addExtraClass('cms-tabset');
|
$form->addExtraClass('cms-tabset');
|
||||||
}
|
}
|
||||||
|
|
||||||
$form->Backlink = $this->getBackLink();
|
$form->Backlink = $this->getBackLink();
|
||||||
}
|
}
|
||||||
|
|
||||||
$cb = $this->component->getItemEditFormCallback();
|
$cb = $this->component->getItemEditFormCallback();
|
||||||
if ($cb) {
|
if ($cb) {
|
||||||
$cb($form, $this);
|
$cb($form, $this);
|
||||||
}
|
}
|
||||||
$this->extend("updateItemEditForm", $form);
|
$this->extend("updateItemEditForm", $form);
|
||||||
return $form;
|
return $form;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Build the set of form field actions for this DataObject
|
* Build the set of form field actions for this DataObject
|
||||||
*
|
*
|
||||||
* @return FieldList
|
* @return FieldList
|
||||||
*/
|
*/
|
||||||
protected function getFormActions()
|
protected function getFormActions()
|
||||||
{
|
{
|
||||||
$canEdit = $this->record->canEdit();
|
$canEdit = $this->record->canEdit();
|
||||||
$canDelete = $this->record->canDelete();
|
$canDelete = $this->record->canDelete();
|
||||||
$actions = new FieldList();
|
$actions = new FieldList();
|
||||||
if ($this->record->ID !== 0) {
|
if ($this->record->ID !== 0) {
|
||||||
if ($canEdit) {
|
if ($canEdit) {
|
||||||
$actions->push(FormAction::create('doSave', _t('GridFieldDetailForm.Save', 'Save'))
|
$actions->push(FormAction::create('doSave', _t('GridFieldDetailForm.Save', 'Save'))
|
||||||
->setUseButtonTag(true)
|
->setUseButtonTag(true)
|
||||||
->addExtraClass('ss-ui-action-constructive')
|
->addExtraClass('ss-ui-action-constructive')
|
||||||
->setAttribute('data-icon', 'accept'));
|
->setAttribute('data-icon', 'accept'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($canDelete) {
|
if ($canDelete) {
|
||||||
$actions->push(FormAction::create('doDelete', _t('GridFieldDetailForm.Delete', 'Delete'))
|
$actions->push(FormAction::create('doDelete', _t('GridFieldDetailForm.Delete', 'Delete'))
|
||||||
->setUseButtonTag(true)
|
->setUseButtonTag(true)
|
||||||
->addExtraClass('ss-ui-action-destructive action-delete'));
|
->addExtraClass('ss-ui-action-destructive action-delete'));
|
||||||
}
|
}
|
||||||
} else { // adding new record
|
} else { // adding new record
|
||||||
//Change the Save label to 'Create'
|
//Change the Save label to 'Create'
|
||||||
$actions->push(FormAction::create('doSave', _t('GridFieldDetailForm.Create', 'Create'))
|
$actions->push(FormAction::create('doSave', _t('GridFieldDetailForm.Create', 'Create'))
|
||||||
->setUseButtonTag(true)
|
->setUseButtonTag(true)
|
||||||
->addExtraClass('ss-ui-action-constructive')
|
->addExtraClass('ss-ui-action-constructive')
|
||||||
->setAttribute('data-icon', 'add'));
|
->setAttribute('data-icon', 'add'));
|
||||||
|
|
||||||
// Add a Cancel link which is a button-like link and link back to one level up.
|
// Add a Cancel link which is a button-like link and link back to one level up.
|
||||||
$crumbs = $this->Breadcrumbs();
|
$crumbs = $this->Breadcrumbs();
|
||||||
if ($crumbs && $crumbs->count() >= 2) {
|
if ($crumbs && $crumbs->count() >= 2) {
|
||||||
$oneLevelUp = $crumbs->offsetGet($crumbs->count() - 2);
|
$oneLevelUp = $crumbs->offsetGet($crumbs->count() - 2);
|
||||||
$text = sprintf(
|
$text = sprintf(
|
||||||
"<a class=\"%s\" href=\"%s\">%s</a>",
|
"<a class=\"%s\" href=\"%s\">%s</a>",
|
||||||
"crumb ss-ui-button ss-ui-action-destructive cms-panel-link ui-corner-all", // CSS classes
|
"crumb ss-ui-button ss-ui-action-destructive cms-panel-link ui-corner-all", // CSS classes
|
||||||
$oneLevelUp->Link, // url
|
$oneLevelUp->Link, // url
|
||||||
_t('GridFieldDetailForm.CancelBtn', 'Cancel') // label
|
_t('GridFieldDetailForm.CancelBtn', 'Cancel') // label
|
||||||
);
|
);
|
||||||
$actions->push(new LiteralField('cancelbutton', $text));
|
$actions->push(new LiteralField('cancelbutton', $text));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$this->extend('updateFormActions', $actions);
|
$this->extend('updateFormActions', $actions);
|
||||||
return $actions;
|
return $actions;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Traverse the nested RequestHandlers until we reach something that's not GridFieldDetailForm_ItemRequest.
|
* Traverse the nested RequestHandlers until we reach something that's not GridFieldDetailForm_ItemRequest.
|
||||||
* This allows us to access the Controller responsible for invoking the top-level GridField.
|
* This allows us to access the Controller responsible for invoking the top-level GridField.
|
||||||
* This should be equivalent to getting the controller off the top of the controller stack via Controller::curr(),
|
* This should be equivalent to getting the controller off the top of the controller stack via Controller::curr(),
|
||||||
* but allows us to avoid accessing the global state.
|
* but allows us to avoid accessing the global state.
|
||||||
*
|
*
|
||||||
* GridFieldDetailForm_ItemRequests are RequestHandlers, and as such they are not part of the controller stack.
|
* GridFieldDetailForm_ItemRequests are RequestHandlers, and as such they are not part of the controller stack.
|
||||||
*
|
*
|
||||||
* @return Controller
|
* @return Controller
|
||||||
*/
|
*/
|
||||||
protected function getToplevelController()
|
protected function getToplevelController()
|
||||||
{
|
{
|
||||||
$c = $this->popupController;
|
$c = $this->popupController;
|
||||||
while ($c && $c instanceof GridFieldDetailForm_ItemRequest) {
|
while ($c && $c instanceof GridFieldDetailForm_ItemRequest) {
|
||||||
$c = $c->getController();
|
$c = $c->getController();
|
||||||
}
|
}
|
||||||
return $c;
|
return $c;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function getBackLink()
|
protected function getBackLink()
|
||||||
{
|
{
|
||||||
// TODO Coupling with CMS
|
// TODO Coupling with CMS
|
||||||
$backlink = '';
|
$backlink = '';
|
||||||
$toplevelController = $this->getToplevelController();
|
$toplevelController = $this->getToplevelController();
|
||||||
if ($toplevelController && $toplevelController instanceof LeftAndMain) {
|
if ($toplevelController && $toplevelController instanceof LeftAndMain) {
|
||||||
if ($toplevelController->hasMethod('Backlink')) {
|
if ($toplevelController->hasMethod('Backlink')) {
|
||||||
$backlink = $toplevelController->Backlink();
|
$backlink = $toplevelController->Backlink();
|
||||||
} elseif ($this->popupController->hasMethod('Breadcrumbs')) {
|
} elseif ($this->popupController->hasMethod('Breadcrumbs')) {
|
||||||
$parents = $this->popupController->Breadcrumbs(false)->items;
|
$parents = $this->popupController->Breadcrumbs(false)->items;
|
||||||
$backlink = array_pop($parents)->Link;
|
$backlink = array_pop($parents)->Link;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!$backlink) {
|
if (!$backlink) {
|
||||||
$backlink = $toplevelController->Link();
|
$backlink = $toplevelController->Link();
|
||||||
}
|
}
|
||||||
|
|
||||||
return $backlink;
|
return $backlink;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the list of extra data from the $record as saved into it by
|
* Get the list of extra data from the $record as saved into it by
|
||||||
* {@see Form::saveInto()}
|
* {@see Form::saveInto()}
|
||||||
*
|
*
|
||||||
* Handles detection of falsey values explicitly saved into the
|
* Handles detection of falsey values explicitly saved into the
|
||||||
* DataObject by formfields
|
* DataObject by formfields
|
||||||
*
|
*
|
||||||
* @param DataObject $record
|
* @param DataObject $record
|
||||||
* @param SS_List $list
|
* @param SS_List $list
|
||||||
* @return array List of data to write to the relation
|
* @return array List of data to write to the relation
|
||||||
*/
|
*/
|
||||||
protected function getExtraSavedData($record, $list)
|
protected function getExtraSavedData($record, $list)
|
||||||
{
|
{
|
||||||
// Skip extra data if not ManyManyList
|
// Skip extra data if not ManyManyList
|
||||||
if (!($list instanceof ManyManyList)) {
|
if (!($list instanceof ManyManyList)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
$data = array();
|
$data = array();
|
||||||
foreach ($list->getExtraFields() as $field => $dbSpec) {
|
foreach ($list->getExtraFields() as $field => $dbSpec) {
|
||||||
$savedField = "ManyMany[{$field}]";
|
$savedField = "ManyMany[{$field}]";
|
||||||
if ($record->hasField($savedField)) {
|
if ($record->hasField($savedField)) {
|
||||||
$data[$field] = $record->getField($savedField);
|
$data[$field] = $record->getField($savedField);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $data;
|
return $data;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function doSave($data, $form)
|
public function doSave($data, $form)
|
||||||
{
|
{
|
||||||
$isNewRecord = $this->record->ID == 0;
|
$isNewRecord = $this->record->ID == 0;
|
||||||
|
|
||||||
// Check permission
|
// Check permission
|
||||||
if (!$this->record->canEdit()) {
|
if (!$this->record->canEdit()) {
|
||||||
return $this->httpError(403);
|
return $this->httpError(403);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Save from form data
|
// Save from form data
|
||||||
try {
|
try {
|
||||||
$this->saveFormIntoRecord($data, $form);
|
$this->saveFormIntoRecord($data, $form);
|
||||||
} catch (ValidationException $e) {
|
} catch (ValidationException $e) {
|
||||||
return $this->generateValidationResponse($form, $e);
|
return $this->generateValidationResponse($form, $e);
|
||||||
}
|
}
|
||||||
|
|
||||||
$link = '<a href="' . $this->Link('edit') . '">"'
|
$link = '<a href="' . $this->Link('edit') . '">"'
|
||||||
. htmlspecialchars($this->record->Title, ENT_QUOTES)
|
. htmlspecialchars($this->record->Title, ENT_QUOTES)
|
||||||
. '"</a>';
|
. '"</a>';
|
||||||
$message = _t(
|
$message = _t(
|
||||||
'GridFieldDetailForm.Saved',
|
'GridFieldDetailForm.Saved',
|
||||||
'Saved {name} {link}',
|
'Saved {name} {link}',
|
||||||
array(
|
array(
|
||||||
'name' => $this->record->i18n_singular_name(),
|
'name' => $this->record->i18n_singular_name(),
|
||||||
'link' => $link
|
'link' => $link
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
$form->sessionMessage($message, 'good', false);
|
$form->sessionMessage($message, 'good', false);
|
||||||
|
|
||||||
// Redirect after save
|
// Redirect after save
|
||||||
return $this->redirectAfterSave($isNewRecord);
|
return $this->redirectAfterSave($isNewRecord);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Response object for this request after a successful save
|
* Response object for this request after a successful save
|
||||||
*
|
*
|
||||||
* @param bool $isNewRecord True if this record was just created
|
* @param bool $isNewRecord True if this record was just created
|
||||||
* @return HTTPResponse|DBHTMLText
|
* @return HTTPResponse|DBHTMLText
|
||||||
*/
|
*/
|
||||||
protected function redirectAfterSave($isNewRecord)
|
protected function redirectAfterSave($isNewRecord)
|
||||||
{
|
{
|
||||||
$controller = $this->getToplevelController();
|
$controller = $this->getToplevelController();
|
||||||
if ($isNewRecord) {
|
if ($isNewRecord) {
|
||||||
return $controller->redirect($this->Link());
|
return $controller->redirect($this->Link());
|
||||||
} elseif ($this->gridField->getList()->byID($this->record->ID)) {
|
} elseif ($this->gridField->getList()->byID($this->record->ID)) {
|
||||||
// Return new view, as we can't do a "virtual redirect" via the CMS Ajax
|
// Return new view, as we can't do a "virtual redirect" via the CMS Ajax
|
||||||
// to the same URL (it assumes that its content is already current, and doesn't reload)
|
// to the same URL (it assumes that its content is already current, and doesn't reload)
|
||||||
return $this->edit($controller->getRequest());
|
return $this->edit($controller->getRequest());
|
||||||
} else {
|
} else {
|
||||||
// Changes to the record properties might've excluded the record from
|
// Changes to the record properties might've excluded the record from
|
||||||
// a filtered list, so return back to the main view if it can't be found
|
// a filtered list, so return back to the main view if it can't be found
|
||||||
$url = $controller->getRequest()->getURL();
|
$url = $controller->getRequest()->getURL();
|
||||||
$noActionURL = $controller->removeAction($url);
|
$noActionURL = $controller->removeAction($url);
|
||||||
$controller->getRequest()->addHeader('X-Pjax', 'Content');
|
$controller->getRequest()->addHeader('X-Pjax', 'Content');
|
||||||
return $controller->redirect($noActionURL, 302);
|
return $controller->redirect($noActionURL, 302);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function httpError($errorCode, $errorMessage = null)
|
public function httpError($errorCode, $errorMessage = null)
|
||||||
{
|
{
|
||||||
$controller = $this->getToplevelController();
|
$controller = $this->getToplevelController();
|
||||||
return $controller->httpError($errorCode, $errorMessage);
|
return $controller->httpError($errorCode, $errorMessage);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Loads the given form data into the underlying dataobject and relation
|
* Loads the given form data into the underlying dataobject and relation
|
||||||
*
|
*
|
||||||
* @param array $data
|
* @param array $data
|
||||||
* @param Form $form
|
* @param Form $form
|
||||||
* @throws ValidationException On error
|
* @throws ValidationException On error
|
||||||
* @return DataObject Saved record
|
* @return DataObject Saved record
|
||||||
*/
|
*/
|
||||||
protected function saveFormIntoRecord($data, $form)
|
protected function saveFormIntoRecord($data, $form)
|
||||||
{
|
{
|
||||||
$list = $this->gridField->getList();
|
$list = $this->gridField->getList();
|
||||||
|
|
||||||
// Check object matches the correct classname
|
// Check object matches the correct classname
|
||||||
if (isset($data['ClassName']) && $data['ClassName'] != $this->record->ClassName) {
|
if (isset($data['ClassName']) && $data['ClassName'] != $this->record->ClassName) {
|
||||||
$newClassName = $data['ClassName'];
|
$newClassName = $data['ClassName'];
|
||||||
// The records originally saved attribute was overwritten by $form->saveInto($record) before.
|
// The records originally saved attribute was overwritten by $form->saveInto($record) before.
|
||||||
// This is necessary for newClassInstance() to work as expected, and trigger change detection
|
// This is necessary for newClassInstance() to work as expected, and trigger change detection
|
||||||
// on the ClassName attribute
|
// on the ClassName attribute
|
||||||
$this->record->setClassName($this->record->ClassName);
|
$this->record->setClassName($this->record->ClassName);
|
||||||
// Replace $record with a new instance
|
// Replace $record with a new instance
|
||||||
$this->record = $this->record->newClassInstance($newClassName);
|
$this->record = $this->record->newClassInstance($newClassName);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Save form and any extra saved data into this dataobject
|
// Save form and any extra saved data into this dataobject
|
||||||
$form->saveInto($this->record);
|
$form->saveInto($this->record);
|
||||||
$this->record->write();
|
$this->record->write();
|
||||||
$extraData = $this->getExtraSavedData($this->record, $list);
|
$extraData = $this->getExtraSavedData($this->record, $list);
|
||||||
$list->add($this->record, $extraData);
|
$list->add($this->record, $extraData);
|
||||||
|
|
||||||
return $this->record;
|
return $this->record;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generate a response object for a form validation error
|
* Generate a response object for a form validation error
|
||||||
*
|
*
|
||||||
* @param Form $form The source form
|
* @param Form $form The source form
|
||||||
* @param ValidationException $e The validation error message
|
* @param ValidationException $e The validation error message
|
||||||
* @return HTTPResponse
|
* @return HTTPResponse
|
||||||
* @throws HTTPResponse_Exception
|
* @throws HTTPResponse_Exception
|
||||||
*/
|
*/
|
||||||
protected function generateValidationResponse($form, $e)
|
protected function generateValidationResponse($form, $e)
|
||||||
{
|
{
|
||||||
$controller = $this->getToplevelController();
|
$controller = $this->getToplevelController();
|
||||||
|
|
||||||
$form->sessionMessage($e->getResult()->message(), 'bad', false);
|
$form->sessionMessage($e->getResult()->message(), 'bad', false);
|
||||||
$responseNegotiator = new PjaxResponseNegotiator(array(
|
$responseNegotiator = new PjaxResponseNegotiator(array(
|
||||||
'CurrentForm' => function () use (&$form) {
|
'CurrentForm' => function () use (&$form) {
|
||||||
return $form->forTemplate();
|
return $form->forTemplate();
|
||||||
},
|
},
|
||||||
'default' => function () use (&$controller) {
|
'default' => function () use (&$controller) {
|
||||||
return $controller->redirectBack();
|
return $controller->redirectBack();
|
||||||
}
|
}
|
||||||
));
|
));
|
||||||
if ($controller->getRequest()->isAjax()) {
|
if ($controller->getRequest()->isAjax()) {
|
||||||
$controller->getRequest()->addHeader('X-Pjax', 'CurrentForm');
|
$controller->getRequest()->addHeader('X-Pjax', 'CurrentForm');
|
||||||
}
|
}
|
||||||
return $responseNegotiator->respond($controller->getRequest());
|
return $responseNegotiator->respond($controller->getRequest());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $data
|
* @param array $data
|
||||||
* @param Form $form
|
* @param Form $form
|
||||||
* @return HTTPResponse
|
* @return HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function doDelete($data, $form)
|
public function doDelete($data, $form)
|
||||||
{
|
{
|
||||||
$title = $this->record->Title;
|
$title = $this->record->Title;
|
||||||
try {
|
try {
|
||||||
if (!$this->record->canDelete()) {
|
if (!$this->record->canDelete()) {
|
||||||
throw new ValidationException(
|
throw new ValidationException(
|
||||||
_t('GridFieldDetailForm.DeletePermissionsFailure', "No delete permissions"),
|
_t('GridFieldDetailForm.DeletePermissionsFailure',"No delete permissions"));
|
||||||
0
|
}
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->record->delete();
|
$this->record->delete();
|
||||||
} catch (ValidationException $e) {
|
} catch (ValidationException $e) {
|
||||||
$form->sessionMessage($e->getResult()->message(), 'bad', false);
|
$form->sessionMessage($e->getResult()->message(), 'bad', false);
|
||||||
return $this->getToplevelController()->redirectBack();
|
return $this->getToplevelController()->redirectBack();
|
||||||
}
|
}
|
||||||
|
|
||||||
$message = sprintf(
|
$message = sprintf(
|
||||||
_t('GridFieldDetailForm.Deleted', 'Deleted %s %s'),
|
_t('GridFieldDetailForm.Deleted', 'Deleted %s %s'),
|
||||||
$this->record->i18n_singular_name(),
|
$this->record->i18n_singular_name(),
|
||||||
htmlspecialchars($title, ENT_QUOTES)
|
htmlspecialchars($title, ENT_QUOTES)
|
||||||
);
|
);
|
||||||
|
|
||||||
$toplevelController = $this->getToplevelController();
|
$toplevelController = $this->getToplevelController();
|
||||||
if ($toplevelController && $toplevelController instanceof LeftAndMain) {
|
if ($toplevelController && $toplevelController instanceof LeftAndMain) {
|
||||||
$backForm = $toplevelController->getEditForm();
|
$backForm = $toplevelController->getEditForm();
|
||||||
$backForm->sessionMessage($message, 'good', false);
|
$backForm->sessionMessage($message, 'good', false);
|
||||||
} else {
|
} else {
|
||||||
$form->sessionMessage($message, 'good', false);
|
$form->sessionMessage($message, 'good', false);
|
||||||
}
|
}
|
||||||
|
|
||||||
//when an item is deleted, redirect to the parent controller
|
//when an item is deleted, redirect to the parent controller
|
||||||
$controller = $this->getToplevelController();
|
$controller = $this->getToplevelController();
|
||||||
$controller->getRequest()->addHeader('X-Pjax', 'Content'); // Force a content refresh
|
$controller->getRequest()->addHeader('X-Pjax', 'Content'); // Force a content refresh
|
||||||
|
|
||||||
return $controller->redirect($this->getBackLink(), 302); //redirect back to admin section
|
return $controller->redirect($this->getBackLink(), 302); //redirect back to admin section
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param string $template
|
* @param string $template
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setTemplate($template)
|
public function setTemplate($template)
|
||||||
{
|
{
|
||||||
$this->template = $template;
|
$this->template = $template;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getTemplate()
|
public function getTemplate()
|
||||||
{
|
{
|
||||||
return $this->template;
|
return $this->template;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get list of templates to use
|
* Get list of templates to use
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getTemplates()
|
public function getTemplates()
|
||||||
{
|
{
|
||||||
$templates = SSViewer::get_templates_by_class($this, '', __CLASS__);
|
$templates = SSViewer::get_templates_by_class($this, '', __CLASS__);
|
||||||
// Prefer any custom template
|
// Prefer any custom template
|
||||||
if ($this->getTemplate()) {
|
if($this->getTemplate()) {
|
||||||
array_unshift($templates, $this->getTemplate());
|
array_unshift($templates, $this->getTemplate());
|
||||||
}
|
}
|
||||||
return $templates;
|
return $templates;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return Controller
|
* @return Controller
|
||||||
*/
|
*/
|
||||||
public function getController()
|
public function getController()
|
||||||
{
|
{
|
||||||
return $this->popupController;
|
return $this->popupController;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return GridField
|
* @return GridField
|
||||||
*/
|
*/
|
||||||
public function getGridField()
|
public function getGridField()
|
||||||
{
|
{
|
||||||
return $this->gridField;
|
return $this->gridField;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return DataObject
|
* @return DataObject
|
||||||
*/
|
*/
|
||||||
public function getRecord()
|
public function getRecord()
|
||||||
{
|
{
|
||||||
return $this->record;
|
return $this->record;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* CMS-specific functionality: Passes through navigation breadcrumbs
|
* CMS-specific functionality: Passes through navigation breadcrumbs
|
||||||
* to the template, and includes the currently edited record (if any).
|
* to the template, and includes the currently edited record (if any).
|
||||||
* see {@link LeftAndMain->Breadcrumbs()} for details.
|
* see {@link LeftAndMain->Breadcrumbs()} for details.
|
||||||
*
|
*
|
||||||
* @param boolean $unlinked
|
* @param boolean $unlinked
|
||||||
* @return ArrayList
|
* @return ArrayList
|
||||||
*/
|
*/
|
||||||
public function Breadcrumbs($unlinked = false)
|
public function Breadcrumbs($unlinked = false)
|
||||||
{
|
{
|
||||||
if (!$this->popupController->hasMethod('Breadcrumbs')) {
|
if (!$this->popupController->hasMethod('Breadcrumbs')) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** @var ArrayList $items */
|
/** @var ArrayList $items */
|
||||||
$items = $this->popupController->Breadcrumbs($unlinked);
|
$items = $this->popupController->Breadcrumbs($unlinked);
|
||||||
if ($this->record && $this->record->ID) {
|
if ($this->record && $this->record->ID) {
|
||||||
$title = ($this->record->Title) ? $this->record->Title : "#{$this->record->ID}";
|
$title = ($this->record->Title) ? $this->record->Title : "#{$this->record->ID}";
|
||||||
$items->push(new ArrayData(array(
|
$items->push(new ArrayData(array(
|
||||||
'Title' => $title,
|
'Title' => $title,
|
||||||
'Link' => $this->Link()
|
'Link' => $this->Link()
|
||||||
)));
|
)));
|
||||||
} else {
|
} else {
|
||||||
$items->push(new ArrayData(array(
|
$items->push(new ArrayData(array(
|
||||||
'Title' => sprintf(_t('GridField.NewRecord', 'New %s'), $this->record->i18n_singular_name()),
|
'Title' => sprintf(_t('GridField.NewRecord', 'New %s'), $this->record->i18n_singular_name()),
|
||||||
'Link' => false
|
'Link' => false
|
||||||
)));
|
)));
|
||||||
}
|
}
|
||||||
|
|
||||||
return $items;
|
return $items;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -25,198 +25,199 @@ use Exception;
|
|||||||
class Hierarchy extends DataExtension
|
class Hierarchy extends DataExtension
|
||||||
{
|
{
|
||||||
|
|
||||||
protected $markedNodes;
|
protected $markedNodes;
|
||||||
|
|
||||||
protected $markingFilter;
|
protected $markingFilter;
|
||||||
|
|
||||||
/** @var int */
|
/** @var int */
|
||||||
protected $_cache_numChildren;
|
protected $_cache_numChildren;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The lower bounds for the amount of nodes to mark. If set, the logic will expand nodes until it reaches at least
|
* The lower bounds for the amount of nodes to mark. If set, the logic will expand nodes until it reaches at least
|
||||||
* this number, and then stops. Root nodes will always show regardless of this settting. Further nodes can be
|
* this number, and then stops. Root nodes will always show regardless of this settting. Further nodes can be
|
||||||
* lazy-loaded via ajax. This isn't a hard limit. Example: On a value of 10, with 20 root nodes, each having 30
|
* lazy-loaded via ajax. This isn't a hard limit. Example: On a value of 10, with 20 root nodes, each having 30
|
||||||
* children, the actual node count will be 50 (all root nodes plus first expanded child).
|
* children, the actual node count will be 50 (all root nodes plus first expanded child).
|
||||||
*
|
*
|
||||||
* @config
|
* @config
|
||||||
* @var int
|
* @var int
|
||||||
*/
|
*/
|
||||||
private static $node_threshold_total = 50;
|
private static $node_threshold_total = 50;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Limit on the maximum children a specific node can display. Serves as a hard limit to avoid exceeding available
|
* Limit on the maximum children a specific node can display. Serves as a hard limit to avoid exceeding available
|
||||||
* server resources in generating the tree, and browser resources in rendering it. Nodes with children exceeding
|
* server resources in generating the tree, and browser resources in rendering it. Nodes with children exceeding
|
||||||
* this value typically won't display any children, although this is configurable through the $nodeCountCallback
|
* this value typically won't display any children, although this is configurable through the $nodeCountCallback
|
||||||
* parameter in {@link getChildrenAsUL()}. "Root" nodes will always show all children, regardless of this setting.
|
* parameter in {@link getChildrenAsUL()}. "Root" nodes will always show all children, regardless of this setting.
|
||||||
*
|
*
|
||||||
* @config
|
* @config
|
||||||
* @var int
|
* @var int
|
||||||
*/
|
*/
|
||||||
private static $node_threshold_leaf = 250;
|
private static $node_threshold_leaf = 250;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A list of classnames to exclude from display in both the CMS and front end
|
* A list of classnames to exclude from display in both the CMS and front end
|
||||||
* displays. ->Children() and ->AllChildren affected.
|
* displays. ->Children() and ->AllChildren affected.
|
||||||
* Especially useful for big sets of pages like listings
|
* Especially useful for big sets of pages like listings
|
||||||
* If you use this, and still need the classes to be editable
|
* If you use this, and still need the classes to be editable
|
||||||
* then add a model admin for the class
|
* then add a model admin for the class
|
||||||
* Note: Does not filter subclasses (non-inheriting)
|
* Note: Does not filter subclasses (non-inheriting)
|
||||||
*
|
*
|
||||||
* @var array
|
* @var array
|
||||||
* @config
|
* @config
|
||||||
*/
|
*/
|
||||||
private static $hide_from_hierarchy = array();
|
private static $hide_from_hierarchy = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A list of classnames to exclude from display in the page tree views of the CMS,
|
* A list of classnames to exclude from display in the page tree views of the CMS,
|
||||||
* unlike $hide_from_hierarchy above which effects both CMS and front end.
|
* unlike $hide_from_hierarchy above which effects both CMS and front end.
|
||||||
* Especially useful for big sets of pages like listings
|
* Especially useful for big sets of pages like listings
|
||||||
* If you use this, and still need the classes to be editable
|
* If you use this, and still need the classes to be editable
|
||||||
* then add a model admin for the class
|
* then add a model admin for the class
|
||||||
* Note: Does not filter subclasses (non-inheriting)
|
* Note: Does not filter subclasses (non-inheriting)
|
||||||
*
|
*
|
||||||
* @var array
|
* @var array
|
||||||
* @config
|
* @config
|
||||||
*/
|
*/
|
||||||
private static $hide_from_cms_tree = array();
|
private static $hide_from_cms_tree = array();
|
||||||
|
|
||||||
public static function get_extra_config($class, $extension, $args)
|
public static function get_extra_config($class, $extension, $args)
|
||||||
{
|
{
|
||||||
return array(
|
return array(
|
||||||
'has_one' => array('Parent' => $class)
|
'has_one' => array('Parent' => $class)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Validate the owner object - check for existence of infinite loops.
|
* Validate the owner object - check for existence of infinite loops.
|
||||||
*
|
*
|
||||||
* @param ValidationResult $validationResult
|
* @param ValidationResult $validationResult
|
||||||
*/
|
*/
|
||||||
public function validate(ValidationResult $validationResult)
|
public function validate(ValidationResult $validationResult)
|
||||||
{
|
{
|
||||||
// The object is new, won't be looping.
|
// The object is new, won't be looping.
|
||||||
if (!$this->owner->ID) {
|
if (!$this->owner->ID) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
// The object has no parent, won't be looping.
|
// The object has no parent, won't be looping.
|
||||||
if (!$this->owner->ParentID) {
|
if (!$this->owner->ParentID) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
// The parent has not changed, skip the check for performance reasons.
|
// The parent has not changed, skip the check for performance reasons.
|
||||||
if (!$this->owner->isChanged('ParentID')) {
|
if (!$this->owner->isChanged('ParentID')) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Walk the hierarchy upwards until we reach the top, or until we reach the originating node again.
|
// Walk the hierarchy upwards until we reach the top, or until we reach the originating node again.
|
||||||
$node = $this->owner;
|
$node = $this->owner;
|
||||||
while ($node) {
|
while($node) {
|
||||||
if ($node->ParentID==$this->owner->ID) {
|
if ($node->ParentID==$this->owner->ID) {
|
||||||
// Hierarchy is looping.
|
// Hierarchy is looping.
|
||||||
$validationResult->error(
|
$validationResult->addError(
|
||||||
_t(
|
_t(
|
||||||
'Hierarchy.InfiniteLoopNotAllowed',
|
'Hierarchy.InfiniteLoopNotAllowed',
|
||||||
'Infinite loop found within the "{type}" hierarchy. Please change the parent to resolve this',
|
'Infinite loop found within the "{type}" hierarchy. Please change the parent to resolve this',
|
||||||
'First argument is the class that makes up the hierarchy.',
|
'First argument is the class that makes up the hierarchy.',
|
||||||
array('type' => $this->owner->class)
|
array('type' => $this->owner->class)
|
||||||
),
|
),
|
||||||
'INFINITE_LOOP'
|
'bad',
|
||||||
);
|
'INFINITE_LOOP'
|
||||||
break;
|
);
|
||||||
}
|
break;
|
||||||
$node = $node->ParentID ? $node->Parent() : null;
|
}
|
||||||
}
|
$node = $node->ParentID ? $node->Parent() : null;
|
||||||
|
}
|
||||||
|
|
||||||
// At this point the $validationResult contains the response.
|
// At this point the $validationResult contains the response.
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the children of this DataObject as an XHTML UL. This will be called recursively on each child, so if they
|
* Returns the children of this DataObject as an XHTML UL. This will be called recursively on each child, so if they
|
||||||
* have children they will be displayed as a UL inside a LI.
|
* have children they will be displayed as a UL inside a LI.
|
||||||
*
|
*
|
||||||
* @param string $attributes Attributes to add to the UL
|
* @param string $attributes Attributes to add to the UL
|
||||||
* @param string|callable $titleEval PHP code to evaluate to start each child - this should include '<li>'
|
* @param string|callable $titleEval PHP code to evaluate to start each child - this should include '<li>'
|
||||||
* @param string $extraArg Extra arguments that will be passed on to children, for if they overload this function
|
* @param string $extraArg Extra arguments that will be passed on to children, for if they overload this function
|
||||||
* @param bool $limitToMarked Display only marked children
|
* @param bool $limitToMarked Display only marked children
|
||||||
* @param string $childrenMethod The name of the method used to get children from each object
|
* @param string $childrenMethod The name of the method used to get children from each object
|
||||||
* @param string $numChildrenMethod
|
* @param string $numChildrenMethod
|
||||||
* @param bool $rootCall Set to true for this first call, and then to false for calls inside the recursion.
|
* @param bool $rootCall Set to true for this first call, and then to false for calls inside the recursion.
|
||||||
* You should not change this.
|
* You should not change this.
|
||||||
* @param int $nodeCountThreshold See {@link self::$node_threshold_total}
|
* @param int $nodeCountThreshold See {@link self::$node_threshold_total}
|
||||||
* @param callable $nodeCountCallback Called with the node count, which gives the callback an opportunity to
|
* @param callable $nodeCountCallback Called with the node count, which gives the callback an opportunity to
|
||||||
* intercept the query. Useful e.g. to avoid excessive children listings (Arguments: $parent, $numChildren)
|
* intercept the query. Useful e.g. to avoid excessive children listings (Arguments: $parent, $numChildren)
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getChildrenAsUL(
|
public function getChildrenAsUL(
|
||||||
$attributes = "",
|
$attributes = "",
|
||||||
$titleEval = '"<li>" . $child->Title',
|
$titleEval = '"<li>" . $child->Title',
|
||||||
$extraArg = null,
|
$extraArg = null,
|
||||||
$limitToMarked = false,
|
$limitToMarked = false,
|
||||||
$childrenMethod = "AllChildrenIncludingDeleted",
|
$childrenMethod = "AllChildrenIncludingDeleted",
|
||||||
$numChildrenMethod = "numChildren",
|
$numChildrenMethod = "numChildren",
|
||||||
$rootCall = true,
|
$rootCall = true,
|
||||||
$nodeCountThreshold = null,
|
$nodeCountThreshold = null,
|
||||||
$nodeCountCallback = null
|
$nodeCountCallback = null
|
||||||
) {
|
) {
|
||||||
if (!is_numeric($nodeCountThreshold)) {
|
if(!is_numeric($nodeCountThreshold)) {
|
||||||
$nodeCountThreshold = Config::inst()->get(__CLASS__, 'node_threshold_total');
|
$nodeCountThreshold = Config::inst()->get(__CLASS__, 'node_threshold_total');
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($limitToMarked && $rootCall) {
|
if($limitToMarked && $rootCall) {
|
||||||
$this->markingFinished($numChildrenMethod);
|
$this->markingFinished($numChildrenMethod);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if ($nodeCountCallback) {
|
if($nodeCountCallback) {
|
||||||
$nodeCountWarning = $nodeCountCallback($this->owner, $this->owner->$numChildrenMethod());
|
$nodeCountWarning = $nodeCountCallback($this->owner, $this->owner->$numChildrenMethod());
|
||||||
if ($nodeCountWarning) {
|
if ($nodeCountWarning) {
|
||||||
return $nodeCountWarning;
|
return $nodeCountWarning;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if ($this->owner->hasMethod($childrenMethod)) {
|
if($this->owner->hasMethod($childrenMethod)) {
|
||||||
$children = $this->owner->$childrenMethod($extraArg);
|
$children = $this->owner->$childrenMethod($extraArg);
|
||||||
} else {
|
} else {
|
||||||
$children = null;
|
$children = null;
|
||||||
user_error(sprintf(
|
user_error(sprintf(
|
||||||
"Can't find the method '%s' on class '%s' for getting tree children",
|
"Can't find the method '%s' on class '%s' for getting tree children",
|
||||||
$childrenMethod,
|
$childrenMethod,
|
||||||
get_class($this->owner)
|
get_class($this->owner)
|
||||||
), E_USER_ERROR);
|
), E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
$output = null;
|
$output = null;
|
||||||
if ($children) {
|
if($children) {
|
||||||
if ($attributes) {
|
if($attributes) {
|
||||||
$attributes = " $attributes";
|
$attributes = " $attributes";
|
||||||
}
|
}
|
||||||
|
|
||||||
$output = "<ul$attributes>\n";
|
$output = "<ul$attributes>\n";
|
||||||
|
|
||||||
foreach ($children as $child) {
|
foreach($children as $child) {
|
||||||
if (!$limitToMarked || $child->isMarked()) {
|
if(!$limitToMarked || $child->isMarked()) {
|
||||||
$foundAChild = true;
|
$foundAChild = true;
|
||||||
if (is_callable($titleEval)) {
|
if(is_callable($titleEval)) {
|
||||||
$output .= $titleEval($child, $numChildrenMethod);
|
$output .= $titleEval($child, $numChildrenMethod);
|
||||||
} else {
|
} else {
|
||||||
$output .= eval("return $titleEval;");
|
$output .= eval("return $titleEval;");
|
||||||
}
|
}
|
||||||
$output .= "\n";
|
$output .= "\n";
|
||||||
|
|
||||||
$numChildren = $child->$numChildrenMethod();
|
$numChildren = $child->$numChildrenMethod();
|
||||||
|
|
||||||
if (// Always traverse into opened nodes (they might be exposed as parents of search results)
|
if (// Always traverse into opened nodes (they might be exposed as parents of search results)
|
||||||
$child->isExpanded()
|
$child->isExpanded()
|
||||||
// Only traverse into children if we haven't reached the maximum node count already.
|
// Only traverse into children if we haven't reached the maximum node count already.
|
||||||
// Otherwise, the remaining nodes are lazy loaded via ajax.
|
// Otherwise, the remaining nodes are lazy loaded via ajax.
|
||||||
&& $child->isMarked()
|
&& $child->isMarked()
|
||||||
) {
|
) {
|
||||||
// Additionally check if node count requirements are met
|
// Additionally check if node count requirements are met
|
||||||
$nodeCountWarning = $nodeCountCallback ? $nodeCountCallback($child, $numChildren) : null;
|
$nodeCountWarning = $nodeCountCallback ? $nodeCountCallback($child, $numChildren) : null;
|
||||||
if ($nodeCountWarning) {
|
if($nodeCountWarning) {
|
||||||
$output .= $nodeCountWarning;
|
$output .= $nodeCountWarning;
|
||||||
$child->markClosed();
|
$child->markClosed();
|
||||||
} else {
|
} else {
|
||||||
$output .= $child->getChildrenAsUL(
|
$output .= $child->getChildrenAsUL(
|
||||||
"",
|
"",
|
||||||
$titleEval,
|
$titleEval,
|
||||||
@ -227,770 +228,770 @@ class Hierarchy extends DataExtension
|
|||||||
false,
|
false,
|
||||||
$nodeCountThreshold
|
$nodeCountThreshold
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
} elseif ($child->isTreeOpened()) {
|
} elseif($child->isTreeOpened()) {
|
||||||
// Since we're not loading children, don't mark it as open either
|
// Since we're not loading children, don't mark it as open either
|
||||||
$child->markClosed();
|
$child->markClosed();
|
||||||
}
|
}
|
||||||
$output .= "</li>\n";
|
$output .= "</li>\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$output .= "</ul>\n";
|
$output .= "</ul>\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($foundAChild) && $foundAChild) {
|
if(isset($foundAChild) && $foundAChild) {
|
||||||
return $output;
|
return $output;
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mark a segment of the tree, by calling mark().
|
* Mark a segment of the tree, by calling mark().
|
||||||
*
|
*
|
||||||
* The method performs a breadth-first traversal until the number of nodes is more than minCount. This is used to
|
* The method performs a breadth-first traversal until the number of nodes is more than minCount. This is used to
|
||||||
* get a limited number of tree nodes to show in the CMS initially.
|
* get a limited number of tree nodes to show in the CMS initially.
|
||||||
*
|
*
|
||||||
* This method returns the number of nodes marked. After this method is called other methods can check
|
* This method returns the number of nodes marked. After this method is called other methods can check
|
||||||
* {@link isExpanded()} and {@link isMarked()} on individual nodes.
|
* {@link isExpanded()} and {@link isMarked()} on individual nodes.
|
||||||
*
|
*
|
||||||
* @param int $nodeCountThreshold See {@link getChildrenAsUL()}
|
* @param int $nodeCountThreshold See {@link getChildrenAsUL()}
|
||||||
* @param mixed $context
|
* @param mixed $context
|
||||||
* @param string $childrenMethod
|
* @param string $childrenMethod
|
||||||
* @param string $numChildrenMethod
|
* @param string $numChildrenMethod
|
||||||
* @return int The actual number of nodes marked.
|
* @return int The actual number of nodes marked.
|
||||||
*/
|
*/
|
||||||
public function markPartialTree(
|
public function markPartialTree(
|
||||||
$nodeCountThreshold = 30,
|
$nodeCountThreshold = 30,
|
||||||
$context = null,
|
$context = null,
|
||||||
$childrenMethod = "AllChildrenIncludingDeleted",
|
$childrenMethod = "AllChildrenIncludingDeleted",
|
||||||
$numChildrenMethod = "numChildren"
|
$numChildrenMethod = "numChildren"
|
||||||
) {
|
) {
|
||||||
if (!is_numeric($nodeCountThreshold)) {
|
if (!is_numeric($nodeCountThreshold)) {
|
||||||
$nodeCountThreshold = 30;
|
$nodeCountThreshold = 30;
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->markedNodes = array($this->owner->ID => $this->owner);
|
$this->markedNodes = array($this->owner->ID => $this->owner);
|
||||||
$this->owner->markUnexpanded();
|
$this->owner->markUnexpanded();
|
||||||
|
|
||||||
// foreach can't handle an ever-growing $nodes list
|
// foreach can't handle an ever-growing $nodes list
|
||||||
while (list($id, $node) = each($this->markedNodes)) {
|
while(list($id, $node) = each($this->markedNodes)) {
|
||||||
$children = $this->markChildren($node, $context, $childrenMethod, $numChildrenMethod);
|
$children = $this->markChildren($node, $context, $childrenMethod, $numChildrenMethod);
|
||||||
if ($nodeCountThreshold && sizeof($this->markedNodes) > $nodeCountThreshold) {
|
if($nodeCountThreshold && sizeof($this->markedNodes) > $nodeCountThreshold) {
|
||||||
// Undo marking children as opened since they're lazy loaded
|
// Undo marking children as opened since they're lazy loaded
|
||||||
if ($children) {
|
if ($children) {
|
||||||
foreach ($children as $child) {
|
foreach ($children as $child) {
|
||||||
$child->markClosed();
|
$child->markClosed();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return sizeof($this->markedNodes);
|
return sizeof($this->markedNodes);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Filter the marking to only those object with $node->$parameterName == $parameterValue
|
* Filter the marking to only those object with $node->$parameterName == $parameterValue
|
||||||
*
|
*
|
||||||
* @param string $parameterName The parameter on each node to check when marking.
|
* @param string $parameterName The parameter on each node to check when marking.
|
||||||
* @param mixed $parameterValue The value the parameter must be to be marked.
|
* @param mixed $parameterValue The value the parameter must be to be marked.
|
||||||
*/
|
*/
|
||||||
public function setMarkingFilter($parameterName, $parameterValue)
|
public function setMarkingFilter($parameterName, $parameterValue)
|
||||||
{
|
{
|
||||||
$this->markingFilter = array(
|
$this->markingFilter = array(
|
||||||
"parameter" => $parameterName,
|
"parameter" => $parameterName,
|
||||||
"value" => $parameterValue
|
"value" => $parameterValue
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Filter the marking to only those where the function returns true. The node in question will be passed to the
|
* Filter the marking to only those where the function returns true. The node in question will be passed to the
|
||||||
* function.
|
* function.
|
||||||
*
|
*
|
||||||
* @param string $funcName The name of the function to call
|
* @param string $funcName The name of the function to call
|
||||||
*/
|
*/
|
||||||
public function setMarkingFilterFunction($funcName)
|
public function setMarkingFilterFunction($funcName)
|
||||||
{
|
{
|
||||||
$this->markingFilter = array(
|
$this->markingFilter = array(
|
||||||
"func" => $funcName,
|
"func" => $funcName,
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns true if the marking filter matches on the given node.
|
* Returns true if the marking filter matches on the given node.
|
||||||
*
|
*
|
||||||
* @param DataObject $node Node to check
|
* @param DataObject $node Node to check
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function markingFilterMatches($node)
|
public function markingFilterMatches($node)
|
||||||
{
|
{
|
||||||
if (!$this->markingFilter) {
|
if(!$this->markingFilter) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($this->markingFilter['parameter']) && $parameterName = $this->markingFilter['parameter']) {
|
if(isset($this->markingFilter['parameter']) && $parameterName = $this->markingFilter['parameter']) {
|
||||||
if (is_array($this->markingFilter['value'])) {
|
if(is_array($this->markingFilter['value'])){
|
||||||
$ret = false;
|
$ret = false;
|
||||||
foreach ($this->markingFilter['value'] as $value) {
|
foreach($this->markingFilter['value'] as $value) {
|
||||||
$ret = $ret||$node->$parameterName==$value;
|
$ret = $ret||$node->$parameterName==$value;
|
||||||
if ($ret == true) {
|
if($ret == true) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $ret;
|
return $ret;
|
||||||
} else {
|
} else {
|
||||||
return ($node->$parameterName == $this->markingFilter['value']);
|
return ($node->$parameterName == $this->markingFilter['value']);
|
||||||
}
|
}
|
||||||
} elseif ($func = $this->markingFilter['func']) {
|
} else if ($func = $this->markingFilter['func']) {
|
||||||
return call_user_func($func, $node);
|
return call_user_func($func, $node);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mark all children of the given node that match the marking filter.
|
* Mark all children of the given node that match the marking filter.
|
||||||
*
|
*
|
||||||
* @param DataObject $node Parent node
|
* @param DataObject $node Parent node
|
||||||
* @param mixed $context
|
* @param mixed $context
|
||||||
* @param string $childrenMethod The name of the instance method to call to get the object's list of children
|
* @param string $childrenMethod The name of the instance method to call to get the object's list of children
|
||||||
* @param string $numChildrenMethod The name of the instance method to call to count the object's children
|
* @param string $numChildrenMethod The name of the instance method to call to count the object's children
|
||||||
* @return DataList
|
* @return DataList
|
||||||
*/
|
*/
|
||||||
public function markChildren(
|
public function markChildren(
|
||||||
$node,
|
$node,
|
||||||
$context = null,
|
$context = null,
|
||||||
$childrenMethod = "AllChildrenIncludingDeleted",
|
$childrenMethod = "AllChildrenIncludingDeleted",
|
||||||
$numChildrenMethod = "numChildren"
|
$numChildrenMethod = "numChildren"
|
||||||
) {
|
) {
|
||||||
if ($node->hasMethod($childrenMethod)) {
|
if($node->hasMethod($childrenMethod)) {
|
||||||
$children = $node->$childrenMethod($context);
|
$children = $node->$childrenMethod($context);
|
||||||
} else {
|
} else {
|
||||||
$children = null;
|
$children = null;
|
||||||
user_error(sprintf(
|
user_error(sprintf(
|
||||||
"Can't find the method '%s' on class '%s' for getting tree children",
|
"Can't find the method '%s' on class '%s' for getting tree children",
|
||||||
$childrenMethod,
|
$childrenMethod,
|
||||||
get_class($node)
|
get_class($node)
|
||||||
), E_USER_ERROR);
|
), E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
$node->markExpanded();
|
$node->markExpanded();
|
||||||
if ($children) {
|
if($children) {
|
||||||
foreach ($children as $child) {
|
foreach($children as $child) {
|
||||||
$markingMatches = $this->markingFilterMatches($child);
|
$markingMatches = $this->markingFilterMatches($child);
|
||||||
if ($markingMatches) {
|
if($markingMatches) {
|
||||||
// Mark a child node as unexpanded if it has children and has not already been expanded
|
// Mark a child node as unexpanded if it has children and has not already been expanded
|
||||||
if ($child->$numChildrenMethod() && !$child->isExpanded()) {
|
if($child->$numChildrenMethod() && !$child->isExpanded()) {
|
||||||
$child->markUnexpanded();
|
$child->markUnexpanded();
|
||||||
} else {
|
} else {
|
||||||
$child->markExpanded();
|
$child->markExpanded();
|
||||||
}
|
}
|
||||||
$this->markedNodes[$child->ID] = $child;
|
$this->markedNodes[$child->ID] = $child;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $children;
|
return $children;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Ensure marked nodes that have children are also marked expanded. Call this after marking but before iterating
|
* Ensure marked nodes that have children are also marked expanded. Call this after marking but before iterating
|
||||||
* over the tree.
|
* over the tree.
|
||||||
*
|
*
|
||||||
* @param string $numChildrenMethod The name of the instance method to call to count the object's children
|
* @param string $numChildrenMethod The name of the instance method to call to count the object's children
|
||||||
*/
|
*/
|
||||||
protected function markingFinished($numChildrenMethod = "numChildren")
|
protected function markingFinished($numChildrenMethod = "numChildren")
|
||||||
{
|
{
|
||||||
// Mark childless nodes as expanded.
|
// Mark childless nodes as expanded.
|
||||||
if ($this->markedNodes) {
|
if($this->markedNodes) {
|
||||||
foreach ($this->markedNodes as $id => $node) {
|
foreach($this->markedNodes as $id => $node) {
|
||||||
if (!$node->isExpanded() && !$node->$numChildrenMethod()) {
|
if(!$node->isExpanded() && !$node->$numChildrenMethod()) {
|
||||||
$node->markExpanded();
|
$node->markExpanded();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return CSS classes of 'unexpanded', 'closed', both, or neither, as well as a 'jstree-*' state depending on the
|
* Return CSS classes of 'unexpanded', 'closed', both, or neither, as well as a 'jstree-*' state depending on the
|
||||||
* marking of this DataObject.
|
* marking of this DataObject.
|
||||||
*
|
*
|
||||||
* @param string $numChildrenMethod The name of the instance method to call to count the object's children
|
* @param string $numChildrenMethod The name of the instance method to call to count the object's children
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function markingClasses($numChildrenMethod = "numChildren")
|
public function markingClasses($numChildrenMethod = "numChildren")
|
||||||
{
|
{
|
||||||
$classes = '';
|
$classes = '';
|
||||||
if (!$this->isExpanded()) {
|
if(!$this->isExpanded()) {
|
||||||
$classes .= " unexpanded";
|
$classes .= " unexpanded";
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set jstree open state, or mark it as a leaf (closed) if there are no children
|
// Set jstree open state, or mark it as a leaf (closed) if there are no children
|
||||||
if (!$this->owner->$numChildrenMethod()) {
|
if(!$this->owner->$numChildrenMethod()) {
|
||||||
$classes .= " jstree-leaf closed";
|
$classes .= " jstree-leaf closed";
|
||||||
} elseif ($this->isTreeOpened()) {
|
} elseif($this->isTreeOpened()) {
|
||||||
$classes .= " jstree-open";
|
$classes .= " jstree-open";
|
||||||
} else {
|
} else {
|
||||||
$classes .= " jstree-closed closed";
|
$classes .= " jstree-closed closed";
|
||||||
}
|
}
|
||||||
return $classes;
|
return $classes;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mark the children of the DataObject with the given ID.
|
* Mark the children of the DataObject with the given ID.
|
||||||
*
|
*
|
||||||
* @param int $id ID of parent node
|
* @param int $id ID of parent node
|
||||||
* @param bool $open If this is true, mark the parent node as opened
|
* @param bool $open If this is true, mark the parent node as opened
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function markById($id, $open = false)
|
public function markById($id, $open = false)
|
||||||
{
|
{
|
||||||
if (isset($this->markedNodes[$id])) {
|
if(isset($this->markedNodes[$id])) {
|
||||||
$this->markChildren($this->markedNodes[$id]);
|
$this->markChildren($this->markedNodes[$id]);
|
||||||
if ($open) {
|
if($open) {
|
||||||
$this->markedNodes[$id]->markOpened();
|
$this->markedNodes[$id]->markOpened();
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Expose the given object in the tree, by marking this page and all it ancestors.
|
* Expose the given object in the tree, by marking this page and all it ancestors.
|
||||||
*
|
*
|
||||||
* @param DataObject $childObj
|
* @param DataObject $childObj
|
||||||
*/
|
*/
|
||||||
public function markToExpose($childObj)
|
public function markToExpose($childObj)
|
||||||
{
|
{
|
||||||
if (is_object($childObj)) {
|
if(is_object($childObj)){
|
||||||
$stack = array_reverse($childObj->parentStack());
|
$stack = array_reverse($childObj->parentStack());
|
||||||
foreach ($stack as $stackItem) {
|
foreach($stack as $stackItem) {
|
||||||
$this->markById($stackItem->ID, true);
|
$this->markById($stackItem->ID, true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the IDs of all the marked nodes.
|
* Return the IDs of all the marked nodes.
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function markedNodeIDs()
|
public function markedNodeIDs()
|
||||||
{
|
{
|
||||||
return array_keys($this->markedNodes);
|
return array_keys($this->markedNodes);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return an array of this page and its ancestors, ordered item -> root.
|
* Return an array of this page and its ancestors, ordered item -> root.
|
||||||
*
|
*
|
||||||
* @return SiteTree[]
|
* @return SiteTree[]
|
||||||
*/
|
*/
|
||||||
public function parentStack()
|
public function parentStack()
|
||||||
{
|
{
|
||||||
$p = $this->owner;
|
$p = $this->owner;
|
||||||
|
|
||||||
while ($p) {
|
while($p) {
|
||||||
$stack[] = $p;
|
$stack[] = $p;
|
||||||
$p = $p->ParentID ? $p->Parent() : null;
|
$p = $p->ParentID ? $p->Parent() : null;
|
||||||
}
|
}
|
||||||
|
|
||||||
return $stack;
|
return $stack;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Cache of DataObjects' marked statuses: [ClassName][ID] = bool
|
* Cache of DataObjects' marked statuses: [ClassName][ID] = bool
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected static $marked = array();
|
protected static $marked = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Cache of DataObjects' expanded statuses: [ClassName][ID] = bool
|
* Cache of DataObjects' expanded statuses: [ClassName][ID] = bool
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected static $expanded = array();
|
protected static $expanded = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Cache of DataObjects' opened statuses: [ClassName][ID] = bool
|
* Cache of DataObjects' opened statuses: [ClassName][ID] = bool
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected static $treeOpened = array();
|
protected static $treeOpened = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mark this DataObject as expanded.
|
* Mark this DataObject as expanded.
|
||||||
*/
|
*/
|
||||||
public function markExpanded()
|
public function markExpanded()
|
||||||
{
|
{
|
||||||
self::$marked[$this->owner->baseClass()][$this->owner->ID] = true;
|
self::$marked[$this->owner->baseClass()][$this->owner->ID] = true;
|
||||||
self::$expanded[$this->owner->baseClass()][$this->owner->ID] = true;
|
self::$expanded[$this->owner->baseClass()][$this->owner->ID] = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mark this DataObject as unexpanded.
|
* Mark this DataObject as unexpanded.
|
||||||
*/
|
*/
|
||||||
public function markUnexpanded()
|
public function markUnexpanded()
|
||||||
{
|
{
|
||||||
self::$marked[$this->owner->baseClass()][$this->owner->ID] = true;
|
self::$marked[$this->owner->baseClass()][$this->owner->ID] = true;
|
||||||
self::$expanded[$this->owner->baseClass()][$this->owner->ID] = false;
|
self::$expanded[$this->owner->baseClass()][$this->owner->ID] = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mark this DataObject's tree as opened.
|
* Mark this DataObject's tree as opened.
|
||||||
*/
|
*/
|
||||||
public function markOpened()
|
public function markOpened()
|
||||||
{
|
{
|
||||||
self::$marked[$this->owner->baseClass()][$this->owner->ID] = true;
|
self::$marked[$this->owner->baseClass()][$this->owner->ID] = true;
|
||||||
self::$treeOpened[$this->owner->baseClass()][$this->owner->ID] = true;
|
self::$treeOpened[$this->owner->baseClass()][$this->owner->ID] = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mark this DataObject's tree as closed.
|
* Mark this DataObject's tree as closed.
|
||||||
*/
|
*/
|
||||||
public function markClosed()
|
public function markClosed()
|
||||||
{
|
{
|
||||||
if (isset(self::$treeOpened[$this->owner->baseClass()][$this->owner->ID])) {
|
if(isset(self::$treeOpened[$this->owner->baseClass()][$this->owner->ID])) {
|
||||||
unset(self::$treeOpened[$this->owner->baseClass()][$this->owner->ID]);
|
unset(self::$treeOpened[$this->owner->baseClass()][$this->owner->ID]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if this DataObject is marked.
|
* Check if this DataObject is marked.
|
||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function isMarked()
|
public function isMarked()
|
||||||
{
|
{
|
||||||
$baseClass = $this->owner->baseClass();
|
$baseClass = $this->owner->baseClass();
|
||||||
$id = $this->owner->ID;
|
$id = $this->owner->ID;
|
||||||
return isset(self::$marked[$baseClass][$id]) ? self::$marked[$baseClass][$id] : false;
|
return isset(self::$marked[$baseClass][$id]) ? self::$marked[$baseClass][$id] : false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if this DataObject is expanded.
|
* Check if this DataObject is expanded.
|
||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function isExpanded()
|
public function isExpanded()
|
||||||
{
|
{
|
||||||
$baseClass = $this->owner->baseClass();
|
$baseClass = $this->owner->baseClass();
|
||||||
$id = $this->owner->ID;
|
$id = $this->owner->ID;
|
||||||
return isset(self::$expanded[$baseClass][$id]) ? self::$expanded[$baseClass][$id] : false;
|
return isset(self::$expanded[$baseClass][$id]) ? self::$expanded[$baseClass][$id] : false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if this DataObject's tree is opened.
|
* Check if this DataObject's tree is opened.
|
||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function isTreeOpened()
|
public function isTreeOpened()
|
||||||
{
|
{
|
||||||
$baseClass = $this->owner->baseClass();
|
$baseClass = $this->owner->baseClass();
|
||||||
$id = $this->owner->ID;
|
$id = $this->owner->ID;
|
||||||
return isset(self::$treeOpened[$baseClass][$id]) ? self::$treeOpened[$baseClass][$id] : false;
|
return isset(self::$treeOpened[$baseClass][$id]) ? self::$treeOpened[$baseClass][$id] : false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a list of this DataObject's and all it's descendants IDs.
|
* Get a list of this DataObject's and all it's descendants IDs.
|
||||||
*
|
*
|
||||||
* @return int[]
|
* @return int[]
|
||||||
*/
|
*/
|
||||||
public function getDescendantIDList()
|
public function getDescendantIDList()
|
||||||
{
|
{
|
||||||
$idList = array();
|
$idList = array();
|
||||||
$this->loadDescendantIDListInto($idList);
|
$this->loadDescendantIDListInto($idList);
|
||||||
return $idList;
|
return $idList;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a list of this DataObject's and all it's descendants ID, and put them in $idList.
|
* Get a list of this DataObject's and all it's descendants ID, and put them in $idList.
|
||||||
*
|
*
|
||||||
* @param array $idList Array to put results in.
|
* @param array $idList Array to put results in.
|
||||||
*/
|
*/
|
||||||
public function loadDescendantIDListInto(&$idList)
|
public function loadDescendantIDListInto(&$idList)
|
||||||
{
|
{
|
||||||
if ($children = $this->AllChildren()) {
|
if($children = $this->AllChildren()) {
|
||||||
foreach ($children as $child) {
|
foreach($children as $child) {
|
||||||
if (in_array($child->ID, $idList)) {
|
if(in_array($child->ID, $idList)) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
$idList[] = $child->ID;
|
$idList[] = $child->ID;
|
||||||
/** @var Hierarchy $ext */
|
/** @var Hierarchy $ext */
|
||||||
$ext = $child->getExtensionInstance('SilverStripe\ORM\Hierarchy\Hierarchy');
|
$ext = $child->getExtensionInstance('SilverStripe\ORM\Hierarchy\Hierarchy');
|
||||||
$ext->setOwner($child);
|
$ext->setOwner($child);
|
||||||
$ext->loadDescendantIDListInto($idList);
|
$ext->loadDescendantIDListInto($idList);
|
||||||
$ext->clearOwner();
|
$ext->clearOwner();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the children for this DataObject.
|
* Get the children for this DataObject.
|
||||||
*
|
*
|
||||||
* @return DataList
|
* @return DataList
|
||||||
*/
|
*/
|
||||||
public function Children()
|
public function Children()
|
||||||
{
|
{
|
||||||
if (!(isset($this->_cache_children) && $this->_cache_children)) {
|
if(!(isset($this->_cache_children) && $this->_cache_children)) {
|
||||||
$result = $this->owner->stageChildren(false);
|
$result = $this->owner->stageChildren(false);
|
||||||
$children = array();
|
$children = array();
|
||||||
foreach ($result as $record) {
|
foreach ($result as $record) {
|
||||||
if ($record->canView()) {
|
if ($record->canView()) {
|
||||||
$children[] = $record;
|
$children[] = $record;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$this->_cache_children = new ArrayList($children);
|
$this->_cache_children = new ArrayList($children);
|
||||||
}
|
}
|
||||||
return $this->_cache_children;
|
return $this->_cache_children;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return all children, including those 'not in menus'.
|
* Return all children, including those 'not in menus'.
|
||||||
*
|
*
|
||||||
* @return DataList
|
* @return DataList
|
||||||
*/
|
*/
|
||||||
public function AllChildren()
|
public function AllChildren()
|
||||||
{
|
{
|
||||||
return $this->owner->stageChildren(true);
|
return $this->owner->stageChildren(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return all children, including those that have been deleted but are still in live.
|
* Return all children, including those that have been deleted but are still in live.
|
||||||
* - Deleted children will be marked as "DeletedFromStage"
|
* - Deleted children will be marked as "DeletedFromStage"
|
||||||
* - Added children will be marked as "AddedToStage"
|
* - Added children will be marked as "AddedToStage"
|
||||||
* - Modified children will be marked as "ModifiedOnStage"
|
* - Modified children will be marked as "ModifiedOnStage"
|
||||||
* - Everything else has "SameOnStage" set, as an indicator that this information has been looked up.
|
* - Everything else has "SameOnStage" set, as an indicator that this information has been looked up.
|
||||||
*
|
*
|
||||||
* @param mixed $context
|
* @param mixed $context
|
||||||
* @return ArrayList
|
* @return ArrayList
|
||||||
*/
|
*/
|
||||||
public function AllChildrenIncludingDeleted($context = null)
|
public function AllChildrenIncludingDeleted($context = null)
|
||||||
{
|
{
|
||||||
return $this->doAllChildrenIncludingDeleted($context);
|
return $this->doAllChildrenIncludingDeleted($context);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @see AllChildrenIncludingDeleted
|
* @see AllChildrenIncludingDeleted
|
||||||
*
|
*
|
||||||
* @param mixed $context
|
* @param mixed $context
|
||||||
* @return ArrayList
|
* @return ArrayList
|
||||||
*/
|
*/
|
||||||
public function doAllChildrenIncludingDeleted($context = null)
|
public function doAllChildrenIncludingDeleted($context = null)
|
||||||
{
|
{
|
||||||
if (!$this->owner) {
|
if (!$this->owner) {
|
||||||
user_error('Hierarchy::doAllChildrenIncludingDeleted() called without $this->owner');
|
user_error('Hierarchy::doAllChildrenIncludingDeleted() called without $this->owner');
|
||||||
}
|
}
|
||||||
|
|
||||||
$baseClass = $this->owner->baseClass();
|
$baseClass = $this->owner->baseClass();
|
||||||
if ($baseClass) {
|
if($baseClass) {
|
||||||
$stageChildren = $this->owner->stageChildren(true);
|
$stageChildren = $this->owner->stageChildren(true);
|
||||||
|
|
||||||
// Add live site content that doesn't exist on the stage site, if required.
|
// Add live site content that doesn't exist on the stage site, if required.
|
||||||
if ($this->owner->hasExtension('SilverStripe\ORM\Versioning\Versioned')) {
|
if($this->owner->hasExtension('SilverStripe\ORM\Versioning\Versioned')) {
|
||||||
// Next, go through the live children. Only some of these will be listed
|
// Next, go through the live children. Only some of these will be listed
|
||||||
$liveChildren = $this->owner->liveChildren(true, true);
|
$liveChildren = $this->owner->liveChildren(true, true);
|
||||||
if ($liveChildren) {
|
if($liveChildren) {
|
||||||
$merged = new ArrayList();
|
$merged = new ArrayList();
|
||||||
$merged->merge($stageChildren);
|
$merged->merge($stageChildren);
|
||||||
$merged->merge($liveChildren);
|
$merged->merge($liveChildren);
|
||||||
$stageChildren = $merged;
|
$stageChildren = $merged;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->owner->extend("augmentAllChildrenIncludingDeleted", $stageChildren, $context);
|
$this->owner->extend("augmentAllChildrenIncludingDeleted", $stageChildren, $context);
|
||||||
} else {
|
} else {
|
||||||
user_error(
|
user_error(
|
||||||
"Hierarchy::AllChildren() Couldn't determine base class for '{$this->owner->class}'",
|
"Hierarchy::AllChildren() Couldn't determine base class for '{$this->owner->class}'",
|
||||||
E_USER_ERROR
|
E_USER_ERROR
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $stageChildren;
|
return $stageChildren;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return all the children that this page had, including pages that were deleted from both stage & live.
|
* Return all the children that this page had, including pages that were deleted from both stage & live.
|
||||||
*
|
*
|
||||||
* @return DataList
|
* @return DataList
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function AllHistoricalChildren()
|
public function AllHistoricalChildren()
|
||||||
{
|
{
|
||||||
if (!$this->owner->hasExtension('SilverStripe\ORM\Versioning\Versioned')) {
|
if(!$this->owner->hasExtension('SilverStripe\ORM\Versioning\Versioned')) {
|
||||||
throw new Exception('Hierarchy->AllHistoricalChildren() only works with Versioned extension applied');
|
throw new Exception('Hierarchy->AllHistoricalChildren() only works with Versioned extension applied');
|
||||||
}
|
}
|
||||||
|
|
||||||
$baseTable = $this->owner->baseTable();
|
$baseTable = $this->owner->baseTable();
|
||||||
$parentIDColumn = $this->owner->getSchema()->sqlColumnForField($this->owner, 'ParentID');
|
$parentIDColumn = $this->owner->getSchema()->sqlColumnForField($this->owner, 'ParentID');
|
||||||
return Versioned::get_including_deleted(
|
return Versioned::get_including_deleted(
|
||||||
$this->owner->baseClass(),
|
$this->owner->baseClass(),
|
||||||
[ $parentIDColumn => $this->owner->ID ],
|
[ $parentIDColumn => $this->owner->ID ],
|
||||||
"\"{$baseTable}\".\"ID\" ASC"
|
"\"{$baseTable}\".\"ID\" ASC"
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the number of children that this page ever had, including pages that were deleted.
|
* Return the number of children that this page ever had, including pages that were deleted.
|
||||||
*
|
*
|
||||||
* @return int
|
* @return int
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function numHistoricalChildren()
|
public function numHistoricalChildren()
|
||||||
{
|
{
|
||||||
if (!$this->owner->hasExtension('SilverStripe\ORM\Versioning\Versioned')) {
|
if(!$this->owner->hasExtension('SilverStripe\ORM\Versioning\Versioned')) {
|
||||||
throw new Exception('Hierarchy->AllHistoricalChildren() only works with Versioned extension applied');
|
throw new Exception('Hierarchy->AllHistoricalChildren() only works with Versioned extension applied');
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->AllHistoricalChildren()->count();
|
return $this->AllHistoricalChildren()->count();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the number of direct children. By default, values are cached after the first invocation. Can be
|
* Return the number of direct children. By default, values are cached after the first invocation. Can be
|
||||||
* augumented by {@link augmentNumChildrenCountQuery()}.
|
* augumented by {@link augmentNumChildrenCountQuery()}.
|
||||||
*
|
*
|
||||||
* @param bool $cache Whether to retrieve values from cache
|
* @param bool $cache Whether to retrieve values from cache
|
||||||
* @return int
|
* @return int
|
||||||
*/
|
*/
|
||||||
public function numChildren($cache = true)
|
public function numChildren($cache = true)
|
||||||
{
|
{
|
||||||
// Build the cache for this class if it doesn't exist.
|
// Build the cache for this class if it doesn't exist.
|
||||||
if (!$cache || !is_numeric($this->_cache_numChildren)) {
|
if(!$cache || !is_numeric($this->_cache_numChildren)) {
|
||||||
// Hey, this is efficient now!
|
// Hey, this is efficient now!
|
||||||
// We call stageChildren(), because Children() has canView() filtering
|
// We call stageChildren(), because Children() has canView() filtering
|
||||||
$this->_cache_numChildren = (int)$this->owner->stageChildren(true)->Count();
|
$this->_cache_numChildren = (int)$this->owner->stageChildren(true)->Count();
|
||||||
}
|
}
|
||||||
|
|
||||||
// If theres no value in the cache, it just means that it doesn't have any children.
|
// If theres no value in the cache, it just means that it doesn't have any children.
|
||||||
return $this->_cache_numChildren;
|
return $this->_cache_numChildren;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks if we're on a controller where we should filter. ie. Are we loading the SiteTree?
|
* Checks if we're on a controller where we should filter. ie. Are we loading the SiteTree?
|
||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function showingCMSTree()
|
public function showingCMSTree()
|
||||||
{
|
{
|
||||||
if (!Controller::has_curr()) {
|
if (!Controller::has_curr()) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$controller = Controller::curr();
|
$controller = Controller::curr();
|
||||||
return $controller instanceof LeftAndMain
|
return $controller instanceof LeftAndMain
|
||||||
&& in_array($controller->getAction(), array("treeview", "listview", "getsubtree"));
|
&& in_array($controller->getAction(), array("treeview", "listview", "getsubtree"));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return children in the stage site.
|
* Return children in the stage site.
|
||||||
*
|
*
|
||||||
* @param bool $showAll Include all of the elements, even those not shown in the menus. Only applicable when
|
* @param bool $showAll Include all of the elements, even those not shown in the menus. Only applicable when
|
||||||
* extension is applied to {@link SiteTree}.
|
* extension is applied to {@link SiteTree}.
|
||||||
* @return DataList
|
* @return DataList
|
||||||
*/
|
*/
|
||||||
public function stageChildren($showAll = false)
|
public function stageChildren($showAll = false)
|
||||||
{
|
{
|
||||||
$baseClass = $this->owner->baseClass();
|
$baseClass = $this->owner->baseClass();
|
||||||
$hide_from_hierarchy = $this->owner->config()->hide_from_hierarchy;
|
$hide_from_hierarchy = $this->owner->config()->hide_from_hierarchy;
|
||||||
$hide_from_cms_tree = $this->owner->config()->hide_from_cms_tree;
|
$hide_from_cms_tree = $this->owner->config()->hide_from_cms_tree;
|
||||||
$staged = $baseClass::get()
|
$staged = $baseClass::get()
|
||||||
->filter('ParentID', (int)$this->owner->ID)
|
->filter('ParentID', (int)$this->owner->ID)
|
||||||
->exclude('ID', (int)$this->owner->ID);
|
->exclude('ID', (int)$this->owner->ID);
|
||||||
if ($hide_from_hierarchy) {
|
if ($hide_from_hierarchy) {
|
||||||
$staged = $staged->exclude('ClassName', $hide_from_hierarchy);
|
$staged = $staged->exclude('ClassName', $hide_from_hierarchy);
|
||||||
}
|
}
|
||||||
if ($hide_from_cms_tree && $this->showingCMSTree()) {
|
if ($hide_from_cms_tree && $this->showingCMSTree()) {
|
||||||
$staged = $staged->exclude('ClassName', $hide_from_cms_tree);
|
$staged = $staged->exclude('ClassName', $hide_from_cms_tree);
|
||||||
}
|
}
|
||||||
if (!$showAll && DataObject::getSchema()->fieldSpec($this->owner, 'ShowInMenus')) {
|
if (!$showAll && DataObject::getSchema()->fieldSpec($this->owner, 'ShowInMenus')) {
|
||||||
$staged = $staged->filter('ShowInMenus', 1);
|
$staged = $staged->filter('ShowInMenus', 1);
|
||||||
}
|
}
|
||||||
$this->owner->extend("augmentStageChildren", $staged, $showAll);
|
$this->owner->extend("augmentStageChildren", $staged, $showAll);
|
||||||
return $staged;
|
return $staged;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return children in the live site, if it exists.
|
* Return children in the live site, if it exists.
|
||||||
*
|
*
|
||||||
* @param bool $showAll Include all of the elements, even those not shown in the menus. Only
|
* @param bool $showAll Include all of the elements, even those not shown in the menus. Only
|
||||||
* applicable when extension is applied to {@link SiteTree}.
|
* applicable when extension is applied to {@link SiteTree}.
|
||||||
* @param bool $onlyDeletedFromStage Only return items that have been deleted from stage
|
* @param bool $onlyDeletedFromStage Only return items that have been deleted from stage
|
||||||
* @return DataList
|
* @return DataList
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function liveChildren($showAll = false, $onlyDeletedFromStage = false)
|
public function liveChildren($showAll = false, $onlyDeletedFromStage = false)
|
||||||
{
|
{
|
||||||
if (!$this->owner->hasExtension(Versioned::class)) {
|
if(!$this->owner->hasExtension(Versioned::class)) {
|
||||||
throw new Exception('Hierarchy->liveChildren() only works with Versioned extension applied');
|
throw new Exception('Hierarchy->liveChildren() only works with Versioned extension applied');
|
||||||
}
|
}
|
||||||
|
|
||||||
$baseClass = $this->owner->baseClass();
|
$baseClass = $this->owner->baseClass();
|
||||||
$hide_from_hierarchy = $this->owner->config()->hide_from_hierarchy;
|
$hide_from_hierarchy = $this->owner->config()->hide_from_hierarchy;
|
||||||
$hide_from_cms_tree = $this->owner->config()->hide_from_cms_tree;
|
$hide_from_cms_tree = $this->owner->config()->hide_from_cms_tree;
|
||||||
$children = $baseClass::get()
|
$children = $baseClass::get()
|
||||||
->filter('ParentID', (int)$this->owner->ID)
|
->filter('ParentID', (int)$this->owner->ID)
|
||||||
->exclude('ID', (int)$this->owner->ID)
|
->exclude('ID', (int)$this->owner->ID)
|
||||||
->setDataQueryParam(array(
|
->setDataQueryParam(array(
|
||||||
'Versioned.mode' => $onlyDeletedFromStage ? 'stage_unique' : 'stage',
|
'Versioned.mode' => $onlyDeletedFromStage ? 'stage_unique' : 'stage',
|
||||||
'Versioned.stage' => 'Live'
|
'Versioned.stage' => 'Live'
|
||||||
));
|
));
|
||||||
if ($hide_from_hierarchy) {
|
if ($hide_from_hierarchy) {
|
||||||
$children = $children->exclude('ClassName', $hide_from_hierarchy);
|
$children = $children->exclude('ClassName', $hide_from_hierarchy);
|
||||||
}
|
}
|
||||||
if ($hide_from_cms_tree && $this->showingCMSTree()) {
|
if ($hide_from_cms_tree && $this->showingCMSTree()) {
|
||||||
$children = $children->exclude('ClassName', $hide_from_cms_tree);
|
$children = $children->exclude('ClassName', $hide_from_cms_tree);
|
||||||
}
|
}
|
||||||
if (!$showAll && DataObject::getSchema()->fieldSpec($this->owner, 'ShowInMenus')) {
|
if(!$showAll && DataObject::getSchema()->fieldSpec($this->owner, 'ShowInMenus')) {
|
||||||
$children = $children->filter('ShowInMenus', 1);
|
$children = $children->filter('ShowInMenus', 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $children;
|
return $children;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get this object's parent, optionally filtered by an SQL clause. If the clause doesn't match the parent, nothing
|
* Get this object's parent, optionally filtered by an SQL clause. If the clause doesn't match the parent, nothing
|
||||||
* is returned.
|
* is returned.
|
||||||
*
|
*
|
||||||
* @param string $filter
|
* @param string $filter
|
||||||
* @return DataObject
|
* @return DataObject
|
||||||
*/
|
*/
|
||||||
public function getParent($filter = null)
|
public function getParent($filter = null)
|
||||||
{
|
{
|
||||||
$parentID = $this->owner->ParentID;
|
$parentID = $this->owner->ParentID;
|
||||||
if (empty($parentID)) {
|
if(empty($parentID)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
$idSQL = $this->owner->getSchema()->sqlColumnForField($this->owner, 'ID');
|
$idSQL = $this->owner->getSchema()->sqlColumnForField($this->owner, 'ID');
|
||||||
return DataObject::get_one($this->owner->class, array(
|
return DataObject::get_one($this->owner->class, array(
|
||||||
array($idSQL => $parentID),
|
array($idSQL => $parentID),
|
||||||
$filter
|
$filter
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return all the parents of this class in a set ordered from the lowest to highest parent.
|
* Return all the parents of this class in a set ordered from the lowest to highest parent.
|
||||||
*
|
*
|
||||||
* @return ArrayList
|
* @return ArrayList
|
||||||
*/
|
*/
|
||||||
public function getAncestors()
|
public function getAncestors()
|
||||||
{
|
{
|
||||||
$ancestors = new ArrayList();
|
$ancestors = new ArrayList();
|
||||||
$object = $this->owner;
|
$object = $this->owner;
|
||||||
|
|
||||||
while ($object = $object->getParent()) {
|
while($object = $object->getParent()) {
|
||||||
$ancestors->push($object);
|
$ancestors->push($object);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $ancestors;
|
return $ancestors;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a human-readable, flattened representation of the path to the object, using its {@link Title} attribute.
|
* Returns a human-readable, flattened representation of the path to the object, using its {@link Title} attribute.
|
||||||
*
|
*
|
||||||
* @param string $separator
|
* @param string $separator
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getBreadcrumbs($separator = ' » ')
|
public function getBreadcrumbs($separator = ' » ')
|
||||||
{
|
{
|
||||||
$crumbs = array();
|
$crumbs = array();
|
||||||
$ancestors = array_reverse($this->owner->getAncestors()->toArray());
|
$ancestors = array_reverse($this->owner->getAncestors()->toArray());
|
||||||
foreach ($ancestors as $ancestor) {
|
foreach ($ancestors as $ancestor) {
|
||||||
$crumbs[] = $ancestor->Title;
|
$crumbs[] = $ancestor->Title;
|
||||||
}
|
}
|
||||||
$crumbs[] = $this->owner->Title;
|
$crumbs[] = $this->owner->Title;
|
||||||
return implode($separator, $crumbs);
|
return implode($separator, $crumbs);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the next node in the tree of the type. If there is no instance of the className descended from this node,
|
* Get the next node in the tree of the type. If there is no instance of the className descended from this node,
|
||||||
* then search the parents.
|
* then search the parents.
|
||||||
*
|
*
|
||||||
* @todo Write!
|
* @todo Write!
|
||||||
*
|
*
|
||||||
* @param string $className Class name of the node to find
|
* @param string $className Class name of the node to find
|
||||||
* @param DataObject $afterNode Used for recursive calls to this function
|
* @param DataObject $afterNode Used for recursive calls to this function
|
||||||
* @return DataObject
|
* @return DataObject
|
||||||
*/
|
*/
|
||||||
public function naturalPrev($className, $afterNode = null)
|
public function naturalPrev($className, $afterNode = null)
|
||||||
{
|
{
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the next node in the tree of the type. If there is no instance of the className descended from this node,
|
* Get the next node in the tree of the type. If there is no instance of the className descended from this node,
|
||||||
* then search the parents.
|
* then search the parents.
|
||||||
* @param string $className Class name of the node to find.
|
* @param string $className Class name of the node to find.
|
||||||
* @param string|int $root ID/ClassName of the node to limit the search to
|
* @param string|int $root ID/ClassName of the node to limit the search to
|
||||||
* @param DataObject $afterNode Used for recursive calls to this function
|
* @param DataObject $afterNode Used for recursive calls to this function
|
||||||
* @return DataObject
|
* @return DataObject
|
||||||
*/
|
*/
|
||||||
public function naturalNext($className = null, $root = 0, $afterNode = null)
|
public function naturalNext($className = null, $root = 0, $afterNode = null)
|
||||||
{
|
{
|
||||||
// If this node is not the node we are searching from, then we can possibly return this node as a solution
|
// If this node is not the node we are searching from, then we can possibly return this node as a solution
|
||||||
if ($afterNode && $afterNode->ID != $this->owner->ID) {
|
if($afterNode && $afterNode->ID != $this->owner->ID) {
|
||||||
if (!$className || ($className && $this->owner->class == $className)) {
|
if(!$className || ($className && $this->owner->class == $className)) {
|
||||||
return $this->owner;
|
return $this->owner;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$nextNode = null;
|
$nextNode = null;
|
||||||
$baseClass = $this->owner->baseClass();
|
$baseClass = $this->owner->baseClass();
|
||||||
|
|
||||||
$children = $baseClass::get()
|
$children = $baseClass::get()
|
||||||
->filter('ParentID', (int)$this->owner->ID)
|
->filter('ParentID', (int)$this->owner->ID)
|
||||||
->sort('"Sort"', 'ASC');
|
->sort('"Sort"', 'ASC');
|
||||||
if ($afterNode) {
|
if ($afterNode) {
|
||||||
$children = $children->filter('Sort:GreaterThan', $afterNode->Sort);
|
$children = $children->filter('Sort:GreaterThan', $afterNode->Sort);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Try all the siblings of this node after the given node
|
// Try all the siblings of this node after the given node
|
||||||
/*if( $siblings = DataObject::get( $this->owner->baseClass(),
|
/*if( $siblings = DataObject::get( $this->owner->baseClass(),
|
||||||
"\"ParentID\"={$this->owner->ParentID}" . ( $afterNode ) ? "\"Sort\"
|
"\"ParentID\"={$this->owner->ParentID}" . ( $afterNode ) ? "\"Sort\"
|
||||||
> {$afterNode->Sort}" : "" , '\"Sort\" ASC' ) ) $searchNodes->merge( $siblings );*/
|
> {$afterNode->Sort}" : "" , '\"Sort\" ASC' ) ) $searchNodes->merge( $siblings );*/
|
||||||
|
|
||||||
if ($children) {
|
if($children) {
|
||||||
foreach ($children as $node) {
|
foreach($children as $node) {
|
||||||
if ($nextNode = $node->naturalNext($className, $node->ID, $this->owner)) {
|
if($nextNode = $node->naturalNext($className, $node->ID, $this->owner)) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($nextNode) {
|
if($nextNode) {
|
||||||
return $nextNode;
|
return $nextNode;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// if this is not an instance of the root class or has the root id, search the parent
|
// if this is not an instance of the root class or has the root id, search the parent
|
||||||
if (!(is_numeric($root) && $root == $this->owner->ID || $root == $this->owner->class)
|
if(!(is_numeric($root) && $root == $this->owner->ID || $root == $this->owner->class)
|
||||||
&& ($parent = $this->owner->Parent())) {
|
&& ($parent = $this->owner->Parent())) {
|
||||||
return $parent->naturalNext($className, $root, $this->owner);
|
return $parent->naturalNext( $className, $root, $this->owner );
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Flush all Hierarchy caches:
|
* Flush all Hierarchy caches:
|
||||||
* - Children (instance)
|
* - Children (instance)
|
||||||
* - NumChildren (instance)
|
* - NumChildren (instance)
|
||||||
* - Marked (global)
|
* - Marked (global)
|
||||||
* - Expanded (global)
|
* - Expanded (global)
|
||||||
* - TreeOpened (global)
|
* - TreeOpened (global)
|
||||||
*/
|
*/
|
||||||
public function flushCache()
|
public function flushCache()
|
||||||
{
|
{
|
||||||
$this->_cache_children = null;
|
$this->_cache_children = null;
|
||||||
$this->_cache_numChildren = null;
|
$this->_cache_numChildren = null;
|
||||||
self::$marked = array();
|
self::$marked = array();
|
||||||
self::$expanded = array();
|
self::$expanded = array();
|
||||||
self::$treeOpened = array();
|
self::$treeOpened = array();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Reset global Hierarchy caches:
|
* Reset global Hierarchy caches:
|
||||||
* - Marked
|
* - Marked
|
||||||
* - Expanded
|
* - Expanded
|
||||||
* - TreeOpened
|
* - TreeOpened
|
||||||
*/
|
*/
|
||||||
public static function reset()
|
public static function reset()
|
||||||
{
|
{
|
||||||
self::$marked = array();
|
self::$marked = array();
|
||||||
self::$expanded = array();
|
self::$expanded = array();
|
||||||
self::$treeOpened = array();
|
self::$treeOpened = array();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -12,52 +12,72 @@ use Exception;
|
|||||||
class ValidationException extends Exception
|
class ValidationException extends Exception
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The contained ValidationResult related to this error
|
* The contained ValidationResult related to this error
|
||||||
*
|
*
|
||||||
* @var ValidationResult
|
* @var ValidationResult
|
||||||
*/
|
*/
|
||||||
protected $result;
|
protected $result;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Construct a new ValidationException with an optional ValidationResult object
|
* Construct a new ValidationException with an optional ValidationResult object
|
||||||
*
|
*
|
||||||
* @param ValidationResult|string $result The ValidationResult containing the
|
* @param ValidationResult|string $result The ValidationResult containing the
|
||||||
* failed result. Can be substituted with an error message instead if no
|
* failed result. Can be substituted with an error message instead if no
|
||||||
* ValidationResult exists.
|
* ValidationResult exists.
|
||||||
* @param string|integer $message The error message. If $result was given the
|
* @param string|integer $message The error message. If $result was given the
|
||||||
* message string rather than a ValidationResult object then this will have
|
* message string rather than a ValidationResult object then this will have
|
||||||
* the error code number.
|
* the error code number.
|
||||||
* @param integer $code The error code number, if not given in the second parameter
|
* @param integer $code The error code number, if not given in the second parameter
|
||||||
*/
|
*/
|
||||||
public function __construct($result = null, $message = null, $code = 0)
|
public function __construct($result = null, $code = 0, $dummy = null) {
|
||||||
{
|
$exceptionMessage = null;
|
||||||
|
|
||||||
// Check arguments
|
// Backwards compatibiliy failover. The 2nd argument used to be $message, and $code the 3rd.
|
||||||
if (!($result instanceof ValidationResult)) {
|
// For callers using that, we ditch the message
|
||||||
// Shift parameters if no ValidationResult is given
|
if(!is_numeric($code)) {
|
||||||
$code = $message;
|
$exceptionMessage = $code;
|
||||||
$message = $result;
|
if($dummy) $code = $dummy;
|
||||||
|
}
|
||||||
|
|
||||||
// Infer ValidationResult from parameters
|
if($result instanceof ValidationResult) {
|
||||||
$result = new ValidationResult(false, $message);
|
$this->result = $result;
|
||||||
} elseif (empty($message)) {
|
|
||||||
// Infer message if not given
|
|
||||||
$message = $result->message();
|
|
||||||
}
|
|
||||||
|
|
||||||
// Construct
|
} else if(is_string($result)) {
|
||||||
$this->result = $result;
|
$this->result = ValidationResult::create()->addError($result);
|
||||||
parent::__construct($message, $code);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
} else if(!$result) {
|
||||||
* Retrieves the ValidationResult related to this error
|
$this->result = ValidationResult::create()->addError(_t("ValdiationExcetpion.DEFAULT_ERROR", "Validation error"));
|
||||||
*
|
|
||||||
* @return ValidationResult
|
} else {
|
||||||
*/
|
throw new InvalidArgumentException(
|
||||||
|
"ValidationExceptions must be passed a ValdiationResult, a string, or nothing at all");
|
||||||
|
}
|
||||||
|
|
||||||
|
// Construct
|
||||||
|
parent::__construct($exceptionMessage ? $exceptionMessage : $this->result->message(), $code);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a ValidationException with a message for a single field-specific error message.
|
||||||
|
*
|
||||||
|
* @param string $field The field name
|
||||||
|
* @param string $message The error message
|
||||||
|
* @return ValidationException
|
||||||
|
*/
|
||||||
|
static function create_for_field($field, $message) {
|
||||||
|
$result = new ValidationResult;
|
||||||
|
$result->addFieldError($field, $message);
|
||||||
|
return new ValidationException($result);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Retrieves the ValidationResult related to this error
|
||||||
|
*
|
||||||
|
* @return ValidationResult
|
||||||
|
*/
|
||||||
public function getResult()
|
public function getResult()
|
||||||
{
|
{
|
||||||
return $this->result;
|
return $this->result;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -10,121 +10,251 @@ use SilverStripe\Core\Object;
|
|||||||
*/
|
*/
|
||||||
class ValidationResult extends Object
|
class ValidationResult extends Object
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @var bool - is the result valid or not
|
* @var bool - is the result valid or not
|
||||||
*/
|
*/
|
||||||
protected $isValid;
|
protected $isValid = true;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var array of errors
|
* @var array of errors
|
||||||
*/
|
*/
|
||||||
protected $errorList = array();
|
protected $errorList = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a new ValidationResult.
|
* Create a new ValidationResult.
|
||||||
* By default, it is a successful result. Call $this->error() to record errors.
|
* By default, it is a successful result. Call $this->error() to record errors.
|
||||||
* @param bool $valid
|
*
|
||||||
* @param string|null $message
|
* @param void $valid @deprecated
|
||||||
*/
|
* @param void $message @deprecated
|
||||||
public function __construct($valid = true, $message = null)
|
*/
|
||||||
{
|
public function __construct($valid = null, $message = null) {
|
||||||
$this->isValid = $valid;
|
if ($message !== null) {
|
||||||
|
Deprecation::notice('3.2', '$message parameter is deprecated please use addMessage or addError instead', false);
|
||||||
|
$this->addError($message);
|
||||||
|
}
|
||||||
|
if ($valid !== null) {
|
||||||
|
Deprecation::notice('3.2', '$valid parameter is deprecated please addError to mark the result as invalid', false);
|
||||||
|
$this->isValid = $valid;
|
||||||
if ($message) {
|
if ($message) {
|
||||||
$this->errorList[] = $message;
|
$this->errorList[] = $message;
|
||||||
}
|
}
|
||||||
parent::__construct();
|
parent::__construct();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Record an error against this validation result,
|
* Return the full error meta-data, suitable for combining with another ValidationResult.
|
||||||
* @param string $message The validation error message
|
*/
|
||||||
* @param string $code An optional error code string, that can be accessed with {@link $this->codeList()}.
|
function getErrorMetaData() {
|
||||||
* @return $this
|
return $this->errorList;
|
||||||
*/
|
}
|
||||||
public function error($message, $code = null)
|
|
||||||
{
|
|
||||||
$this->isValid = false;
|
|
||||||
|
|
||||||
if ($code) {
|
/**
|
||||||
if (!is_numeric($code)) {
|
* Record a
|
||||||
$this->errorList[$code] = $message;
|
* against this validation result.
|
||||||
} else {
|
*
|
||||||
user_error("ValidationResult::error() - Don't use a numeric code '$code'. Use a string."
|
* It's better to use addError, addFeildError, addMessage, or addFieldMessage instead.
|
||||||
. "I'm going to ignore it.", E_USER_WARNING);
|
*
|
||||||
$this->errorList[$code] = $message;
|
* @param string $message The message string.
|
||||||
}
|
* @param string $code A codename for this error. Only one message per codename will be added.
|
||||||
} else {
|
* This can be usedful for ensuring no duplicate messages
|
||||||
$this->errorList[] = $message;
|
* @param string $fieldName The field to link the message to. If omitted; a form-wide message is assumed.
|
||||||
}
|
* @param string $messageType The type of message: e.g. "bad", "warning", "good", or "required". Passed as a CSS
|
||||||
|
* class to the form, so other values can be used if desired.
|
||||||
|
* @param bool $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
||||||
|
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
||||||
|
* user supplied data in the message.
|
||||||
|
*
|
||||||
|
* @deprecated 3.2
|
||||||
|
*/
|
||||||
|
public function error($message, $code = null, $fieldName = null, $messageType = "bad", $escapeHtml = true) {
|
||||||
|
Deprecation::notice('3.2', 'Use addError or addFieldError instead.');
|
||||||
|
|
||||||
return $this;
|
return $this->addFieldError($fieldName, $message, $messageType, $code, $escapeHtml);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns true if the result is valid.
|
* Record an error against this validation result,
|
||||||
* @return boolean
|
*
|
||||||
*/
|
* @param string $message The message string.
|
||||||
|
* @param string $messageType The type of message: e.g. "bad", "warning", "good", or "required". Passed as a CSS
|
||||||
|
* class to the form, so other values can be used if desired.
|
||||||
|
* @param string $code A codename for this error. Only one message per codename will be added.
|
||||||
|
* This can be usedful for ensuring no duplicate messages
|
||||||
|
* @param bool $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
||||||
|
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
||||||
|
* user supplied data in the message.
|
||||||
|
*/
|
||||||
|
public function addError($message, $messageType = "bad", $code = null, $escapeHtml = true) {
|
||||||
|
|
||||||
|
return $this->addFieldError(null, $message, $messageType, $code, $escapeHtml);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Record an error against this validation result,
|
||||||
|
*
|
||||||
|
* @param string $fieldName The field to link the message to. If omitted; a form-wide message is assumed.
|
||||||
|
* @param string $message The message string.
|
||||||
|
* @param string $messageType The type of message: e.g. "bad", "warning", "good", or "required". Passed as a CSS
|
||||||
|
* class to the form, so other values can be used if desired.
|
||||||
|
* @param string $code A codename for this error. Only one message per codename will be added.
|
||||||
|
* This can be usedful for ensuring no duplicate messages
|
||||||
|
* @param bool $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
||||||
|
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
||||||
|
* user supplied data in the message.
|
||||||
|
*/
|
||||||
|
public function addFieldError($fieldName = null, $message, $messageType = "bad", $code = null, $escapeHtml = true) {
|
||||||
|
$this->isValid = false;
|
||||||
|
|
||||||
|
return $this->addFieldMessage($fieldName, $message, $messageType, $code, $escapeHtml);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add a message to this ValidationResult without necessarily marking it as an error
|
||||||
|
*
|
||||||
|
* @param string $message The message string.
|
||||||
|
* @param string $messageType The type of message: e.g. "bad", "warning", "good", or "required". Passed as a CSS
|
||||||
|
* class to the form, so other values can be used if desired.
|
||||||
|
* @param string $code A codename for this error. Only one message per codename will be added.
|
||||||
|
* This can be usedful for ensuring no duplicate messages
|
||||||
|
* @param bool $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
||||||
|
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
||||||
|
* user supplied data in the message.
|
||||||
|
*/
|
||||||
|
public function addMessage($message, $messageType = "bad", $code = null, $escapeHtml = true) {
|
||||||
|
return $this->addFieldMessage(null, $message, $messageType, $code, $escapeHtml);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add a message to this ValidationResult without necessarily marking it as an error
|
||||||
|
*
|
||||||
|
* @param string $fieldName The field to link the message to. If omitted; a form-wide message is assumed.
|
||||||
|
* @param string $message The message string.
|
||||||
|
* @param string $messageType The type of message: e.g. "bad", "warning", "good", or "required". Passed as a CSS
|
||||||
|
* class to the form, so other values can be used if desired.
|
||||||
|
* @param string $code A codename for this error. Only one message per codename will be added.
|
||||||
|
* This can be usedful for ensuring no duplicate messages
|
||||||
|
* @param bool $escapeHtml Automatically sanitize the message. Set to FALSE if the message contains HTML.
|
||||||
|
* In that case, you might want to use {@link Convert::raw2xml()} to escape any
|
||||||
|
* user supplied data in the message.
|
||||||
|
*/
|
||||||
|
public function addFieldMessage($fieldName, $message, $messageType = "bad", $code = null, $escapeHtml = true) {
|
||||||
|
$metadata = array(
|
||||||
|
'message' => $escapeHtml ? Convert::raw2xml($message) : $message,
|
||||||
|
'fieldName' => $fieldName,
|
||||||
|
'messageType' => $messageType,
|
||||||
|
);
|
||||||
|
|
||||||
|
if($code) {
|
||||||
|
if(!is_numeric($code)) {
|
||||||
|
$this->errorList[$code] = $metadata;
|
||||||
|
} else {
|
||||||
|
throw new InvalidArgumentException(
|
||||||
|
"ValidationResult::error() - Don't use a numeric code '$code'. Use a string.");
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$this->errorList[] = $metadata;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns true if the result is valid.
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
public function valid()
|
public function valid()
|
||||||
{
|
{
|
||||||
return $this->isValid;
|
return $this->isValid;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get an array of errors
|
* Get an array of errors
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function messageList()
|
public function messageList()
|
||||||
{
|
{
|
||||||
return $this->errorList;
|
$list = array();
|
||||||
}
|
foreach($this->errorList as $key => $item) {
|
||||||
|
if(is_numeric($key)) $list[] = $item['message'];
|
||||||
|
else $list[$key] = $item['message'];
|
||||||
|
}
|
||||||
|
return $list;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get an array of error codes
|
* Get the field-specific messages as a map.
|
||||||
* @return array
|
* Keys will be field names, and values will be a 2 element map with keys 'messsage', and 'messageType'
|
||||||
*/
|
*/
|
||||||
|
public function fieldErrors() {
|
||||||
|
$output = array();
|
||||||
|
foreach($this->errorList as $key => $item) {
|
||||||
|
if($item['fieldName']) {
|
||||||
|
$output[$item['fieldName']] = array(
|
||||||
|
'message' => $item['message'],
|
||||||
|
'messageType' => $item['messageType']
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $output;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get an array of error codes
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
public function codeList()
|
public function codeList()
|
||||||
{
|
{
|
||||||
$codeList = array();
|
$codeList = array();
|
||||||
foreach ($this->errorList as $k => $v) {
|
foreach ($this->errorList as $k => $v) {
|
||||||
if (!is_numeric($k)) {
|
if (!is_numeric($k)) {
|
||||||
$codeList[] = $k;
|
$codeList[] = $k;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $codeList;
|
return $codeList;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the error message as a string.
|
* Get the error message as a string.
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function message()
|
public function message()
|
||||||
{
|
{
|
||||||
return implode("; ", $this->errorList);
|
return implode("; ", $this->messageList());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a starred list of all messages
|
* The the error message that's not related to a field as a string
|
||||||
* @return string
|
*/
|
||||||
*/
|
public function overallMessage() {
|
||||||
|
$messages = array();
|
||||||
|
foreach($this->errorList as $item) {
|
||||||
|
if(!$item['fieldName']) $messages[] = $item['message'];
|
||||||
|
}
|
||||||
|
return implode("; ", $messages);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a starred list of all messages
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
public function starredList()
|
public function starredList()
|
||||||
{
|
{
|
||||||
return " * " . implode("\n * ", $this->errorList);
|
return " * " . implode("\n * ", $this->messageList());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Combine this Validation Result with the ValidationResult given in other.
|
* Combine this Validation Result with the ValidationResult given in other.
|
||||||
* It will be valid if both this and the other result are valid.
|
* It will be valid if both this and the other result are valid.
|
||||||
* This object will be modified to contain the new validation information.
|
* This object will be modified to contain the new validation information.
|
||||||
*
|
*
|
||||||
* @param ValidationResult $other the validation result object to combine
|
* @param ValidationResult $other the validation result object to combine
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function combineAnd(ValidationResult $other)
|
public function combineAnd(ValidationResult $other)
|
||||||
{
|
{
|
||||||
$this->isValid = $this->isValid && $other->valid();
|
$this->isValid = $this->isValid && $other->valid();
|
||||||
$this->errorList = array_merge($this->errorList, $other->messageList());
|
$this->errorList = array_merge($this->errorList, $other->getErrorMetaData());
|
||||||
|
return $this;
|
||||||
return $this;
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
@ -53,436 +53,436 @@ use SilverStripe\View\Requirements;
|
|||||||
class Group extends DataObject
|
class Group extends DataObject
|
||||||
{
|
{
|
||||||
|
|
||||||
private static $db = array(
|
private static $db = array(
|
||||||
"Title" => "Varchar(255)",
|
"Title" => "Varchar(255)",
|
||||||
"Description" => "Text",
|
"Description" => "Text",
|
||||||
"Code" => "Varchar(255)",
|
"Code" => "Varchar(255)",
|
||||||
"Locked" => "Boolean",
|
"Locked" => "Boolean",
|
||||||
"Sort" => "Int",
|
"Sort" => "Int",
|
||||||
"HtmlEditorConfig" => "Text"
|
"HtmlEditorConfig" => "Text"
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
"Parent" => "SilverStripe\\Security\\Group",
|
"Parent" => "SilverStripe\\Security\\Group",
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array(
|
private static $has_many = array(
|
||||||
"Permissions" => "SilverStripe\\Security\\Permission",
|
"Permissions" => "SilverStripe\\Security\\Permission",
|
||||||
"Groups" => "SilverStripe\\Security\\Group"
|
"Groups" => "SilverStripe\\Security\\Group"
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $many_many = array(
|
private static $many_many = array(
|
||||||
"Members" => "SilverStripe\\Security\\Member",
|
"Members" => "SilverStripe\\Security\\Member",
|
||||||
"Roles" => "SilverStripe\\Security\\PermissionRole",
|
"Roles" => "SilverStripe\\Security\\PermissionRole",
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $extensions = array(
|
private static $extensions = array(
|
||||||
"SilverStripe\\ORM\\Hierarchy\\Hierarchy",
|
"SilverStripe\\ORM\\Hierarchy\\Hierarchy",
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $table_name = "Group";
|
private static $table_name = "Group";
|
||||||
|
|
||||||
public function populateDefaults()
|
public function populateDefaults()
|
||||||
{
|
{
|
||||||
parent::populateDefaults();
|
parent::populateDefaults();
|
||||||
|
|
||||||
if (!$this->Title) {
|
if (!$this->Title) {
|
||||||
$this->Title = _t('SecurityAdmin.NEWGROUP', "New Group");
|
$this->Title = _t('SecurityAdmin.NEWGROUP', "New Group");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getAllChildren()
|
public function getAllChildren()
|
||||||
{
|
{
|
||||||
$doSet = new ArrayList();
|
$doSet = new ArrayList();
|
||||||
|
|
||||||
$children = Group::get()->filter("ParentID", $this->ID);
|
$children = Group::get()->filter("ParentID", $this->ID);
|
||||||
foreach ($children as $child) {
|
foreach($children as $child) {
|
||||||
$doSet->push($child);
|
$doSet->push($child);
|
||||||
$doSet->merge($child->getAllChildren());
|
$doSet->merge($child->getAllChildren());
|
||||||
}
|
}
|
||||||
|
|
||||||
return $doSet;
|
return $doSet;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Caution: Only call on instances, not through a singleton.
|
* Caution: Only call on instances, not through a singleton.
|
||||||
* The "root group" fields will be created through {@link SecurityAdmin->EditForm()}.
|
* The "root group" fields will be created through {@link SecurityAdmin->EditForm()}.
|
||||||
*
|
*
|
||||||
* @return FieldList
|
* @return FieldList
|
||||||
*/
|
*/
|
||||||
public function getCMSFields()
|
public function getCMSFields()
|
||||||
{
|
{
|
||||||
$fields = new FieldList(
|
$fields = new FieldList(
|
||||||
new TabSet(
|
new TabSet(
|
||||||
"Root",
|
"Root",
|
||||||
new Tab(
|
new Tab(
|
||||||
'Members',
|
'Members',
|
||||||
_t('SecurityAdmin.MEMBERS', 'Members'),
|
_t('SecurityAdmin.MEMBERS', 'Members'),
|
||||||
new TextField("Title", $this->fieldLabel('Title')),
|
new TextField("Title", $this->fieldLabel('Title')),
|
||||||
$parentidfield = DropdownField::create(
|
$parentidfield = DropdownField::create(
|
||||||
'ParentID',
|
'ParentID',
|
||||||
$this->fieldLabel('Parent'),
|
$this->fieldLabel('Parent'),
|
||||||
Group::get()->exclude('ID', $this->ID)->map('ID', 'Breadcrumbs')
|
Group::get()->exclude('ID', $this->ID)->map('ID', 'Breadcrumbs')
|
||||||
)->setEmptyString(' '),
|
)->setEmptyString(' '),
|
||||||
new TextareaField('Description', $this->fieldLabel('Description'))
|
new TextareaField('Description', $this->fieldLabel('Description'))
|
||||||
),
|
),
|
||||||
$permissionsTab = new Tab(
|
$permissionsTab = new Tab(
|
||||||
'Permissions',
|
'Permissions',
|
||||||
_t('SecurityAdmin.PERMISSIONS', 'Permissions'),
|
_t('SecurityAdmin.PERMISSIONS', 'Permissions'),
|
||||||
$permissionsField = new PermissionCheckboxSetField(
|
$permissionsField = new PermissionCheckboxSetField(
|
||||||
'Permissions',
|
'Permissions',
|
||||||
false,
|
false,
|
||||||
'SilverStripe\\Security\\Permission',
|
'SilverStripe\\Security\\Permission',
|
||||||
'GroupID',
|
'GroupID',
|
||||||
$this
|
$this
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
$parentidfield->setDescription(
|
$parentidfield->setDescription(
|
||||||
_t('Group.GroupReminder', 'If you choose a parent group, this group will take all it\'s roles')
|
_t('Group.GroupReminder', 'If you choose a parent group, this group will take all it\'s roles')
|
||||||
);
|
);
|
||||||
|
|
||||||
// Filter permissions
|
// Filter permissions
|
||||||
// TODO SecurityAdmin coupling, not easy to get to the form fields through GridFieldDetailForm
|
// TODO SecurityAdmin coupling, not easy to get to the form fields through GridFieldDetailForm
|
||||||
$permissionsField->setHiddenPermissions((array)Config::inst()->get('SilverStripe\\Admin\\SecurityAdmin', 'hidden_permissions'));
|
$permissionsField->setHiddenPermissions((array)Config::inst()->get('SilverStripe\\Admin\\SecurityAdmin', 'hidden_permissions'));
|
||||||
|
|
||||||
if ($this->ID) {
|
if($this->ID) {
|
||||||
$group = $this;
|
$group = $this;
|
||||||
$config = GridFieldConfig_RelationEditor::create();
|
$config = GridFieldConfig_RelationEditor::create();
|
||||||
$config->addComponent(new GridFieldButtonRow('after'));
|
$config->addComponent(new GridFieldButtonRow('after'));
|
||||||
$config->addComponents(new GridFieldExportButton('buttons-after-left'));
|
$config->addComponents(new GridFieldExportButton('buttons-after-left'));
|
||||||
$config->addComponents(new GridFieldPrintButton('buttons-after-left'));
|
$config->addComponents(new GridFieldPrintButton('buttons-after-left'));
|
||||||
/** @var GridFieldAddExistingAutocompleter $autocompleter */
|
/** @var GridFieldAddExistingAutocompleter $autocompleter */
|
||||||
$autocompleter = $config->getComponentByType('SilverStripe\\Forms\\GridField\\GridFieldAddExistingAutocompleter');
|
$autocompleter = $config->getComponentByType('SilverStripe\\Forms\\GridField\\GridFieldAddExistingAutocompleter');
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
$autocompleter
|
$autocompleter
|
||||||
->setResultsFormat('$Title ($Email)')
|
->setResultsFormat('$Title ($Email)')
|
||||||
->setSearchFields(array('FirstName', 'Surname', 'Email'));
|
->setSearchFields(array('FirstName', 'Surname', 'Email'));
|
||||||
/** @var GridFieldDetailForm $detailForm */
|
/** @var GridFieldDetailForm $detailForm */
|
||||||
$detailForm = $config->getComponentByType('SilverStripe\\Forms\\GridField\\GridFieldDetailForm');
|
$detailForm = $config->getComponentByType('SilverStripe\\Forms\\GridField\\GridFieldDetailForm');
|
||||||
$detailForm
|
$detailForm
|
||||||
->setValidator(Member_Validator::create())
|
->setValidator(Member_Validator::create())
|
||||||
->setItemEditFormCallback(function ($form, $component) use ($group) {
|
->setItemEditFormCallback(function($form, $component) use($group) {
|
||||||
/** @var Form $form */
|
/** @var Form $form */
|
||||||
$record = $form->getRecord();
|
$record = $form->getRecord();
|
||||||
$groupsField = $form->Fields()->dataFieldByName('DirectGroups');
|
$groupsField = $form->Fields()->dataFieldByName('DirectGroups');
|
||||||
if ($groupsField) {
|
if($groupsField) {
|
||||||
// If new records are created in a group context,
|
// If new records are created in a group context,
|
||||||
// set this group by default.
|
// set this group by default.
|
||||||
if ($record && !$record->ID) {
|
if($record && !$record->ID) {
|
||||||
$groupsField->setValue($group->ID);
|
$groupsField->setValue($group->ID);
|
||||||
} elseif ($record && $record->ID) {
|
} elseif($record && $record->ID) {
|
||||||
// TODO Mark disabled once chosen.js supports it
|
// TODO Mark disabled once chosen.js supports it
|
||||||
// $groupsField->setDisabledItems(array($group->ID));
|
// $groupsField->setDisabledItems(array($group->ID));
|
||||||
$form->Fields()->replaceField(
|
$form->Fields()->replaceField(
|
||||||
'DirectGroups',
|
'DirectGroups',
|
||||||
$groupsField->performReadonlyTransformation()
|
$groupsField->performReadonlyTransformation()
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
$memberList = GridField::create('Members', false, $this->DirectMembers(), $config)
|
$memberList = GridField::create('Members',false, $this->DirectMembers(), $config)
|
||||||
->addExtraClass('members_grid');
|
->addExtraClass('members_grid');
|
||||||
// @todo Implement permission checking on GridField
|
// @todo Implement permission checking on GridField
|
||||||
//$memberList->setPermissions(array('edit', 'delete', 'export', 'add', 'inlineadd'));
|
//$memberList->setPermissions(array('edit', 'delete', 'export', 'add', 'inlineadd'));
|
||||||
$fields->addFieldToTab('Root.Members', $memberList);
|
$fields->addFieldToTab('Root.Members', $memberList);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Only add a dropdown for HTML editor configurations if more than one is available.
|
// Only add a dropdown for HTML editor configurations if more than one is available.
|
||||||
// Otherwise Member->getHtmlEditorConfigForCMS() will default to the 'cms' configuration.
|
// Otherwise Member->getHtmlEditorConfigForCMS() will default to the 'cms' configuration.
|
||||||
$editorConfigMap = HTMLEditorConfig::get_available_configs_map();
|
$editorConfigMap = HTMLEditorConfig::get_available_configs_map();
|
||||||
if (count($editorConfigMap) > 1) {
|
if(count($editorConfigMap) > 1) {
|
||||||
$fields->addFieldToTab(
|
$fields->addFieldToTab(
|
||||||
'Root.Permissions',
|
'Root.Permissions',
|
||||||
new DropdownField(
|
new DropdownField(
|
||||||
'HtmlEditorConfig',
|
'HtmlEditorConfig',
|
||||||
'HTML Editor Configuration',
|
'HTML Editor Configuration',
|
||||||
$editorConfigMap
|
$editorConfigMap
|
||||||
),
|
),
|
||||||
'Permissions'
|
'Permissions'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!Permission::check('EDIT_PERMISSIONS')) {
|
if(!Permission::check('EDIT_PERMISSIONS')) {
|
||||||
$fields->removeFieldFromTab('Root', 'Permissions');
|
$fields->removeFieldFromTab('Root', 'Permissions');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Only show the "Roles" tab if permissions are granted to edit them,
|
// Only show the "Roles" tab if permissions are granted to edit them,
|
||||||
// and at least one role exists
|
// and at least one role exists
|
||||||
if (Permission::check('APPLY_ROLES') && DataObject::get('SilverStripe\\Security\\PermissionRole')) {
|
if(Permission::check('APPLY_ROLES') && DataObject::get('SilverStripe\\Security\\PermissionRole')) {
|
||||||
$fields->findOrMakeTab('Root.Roles', _t('SecurityAdmin.ROLES', 'Roles'));
|
$fields->findOrMakeTab('Root.Roles', _t('SecurityAdmin.ROLES', 'Roles'));
|
||||||
$fields->addFieldToTab(
|
$fields->addFieldToTab(
|
||||||
'Root.Roles',
|
'Root.Roles',
|
||||||
new LiteralField(
|
new LiteralField(
|
||||||
"",
|
"",
|
||||||
"<p>" .
|
"<p>" .
|
||||||
_t(
|
_t(
|
||||||
'SecurityAdmin.ROLESDESCRIPTION',
|
'SecurityAdmin.ROLESDESCRIPTION',
|
||||||
"Roles are predefined sets of permissions, and can be assigned to groups.<br />"
|
"Roles are predefined sets of permissions, and can be assigned to groups.<br />"
|
||||||
. "They are inherited from parent groups if required."
|
. "They are inherited from parent groups if required."
|
||||||
) . '<br />' .
|
) . '<br />' .
|
||||||
sprintf(
|
sprintf(
|
||||||
'<a href="%s" class="add-role">%s</a>',
|
'<a href="%s" class="add-role">%s</a>',
|
||||||
SecurityAdmin::singleton()->Link('show/root#Root_Roles'),
|
SecurityAdmin::singleton()->Link('show/root#Root_Roles'),
|
||||||
// TODO This should include #Root_Roles to switch directly to the tab,
|
// TODO This should include #Root_Roles to switch directly to the tab,
|
||||||
// but tabstrip.js doesn't display tabs when directly adressed through a URL pragma
|
// but tabstrip.js doesn't display tabs when directly adressed through a URL pragma
|
||||||
_t('Group.RolesAddEditLink', 'Manage roles')
|
_t('Group.RolesAddEditLink', 'Manage roles')
|
||||||
) .
|
) .
|
||||||
"</p>"
|
"</p>"
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
// Add roles (and disable all checkboxes for inherited roles)
|
// Add roles (and disable all checkboxes for inherited roles)
|
||||||
$allRoles = PermissionRole::get();
|
$allRoles = PermissionRole::get();
|
||||||
if (!Permission::check('ADMIN')) {
|
if(!Permission::check('ADMIN')) {
|
||||||
$allRoles = $allRoles->filter("OnlyAdminCanApply", 0);
|
$allRoles = $allRoles->filter("OnlyAdminCanApply", 0);
|
||||||
}
|
}
|
||||||
if ($this->ID) {
|
if($this->ID) {
|
||||||
$groupRoles = $this->Roles();
|
$groupRoles = $this->Roles();
|
||||||
$inheritedRoles = new ArrayList();
|
$inheritedRoles = new ArrayList();
|
||||||
$ancestors = $this->getAncestors();
|
$ancestors = $this->getAncestors();
|
||||||
foreach ($ancestors as $ancestor) {
|
foreach($ancestors as $ancestor) {
|
||||||
$ancestorRoles = $ancestor->Roles();
|
$ancestorRoles = $ancestor->Roles();
|
||||||
if ($ancestorRoles) {
|
if ($ancestorRoles) {
|
||||||
$inheritedRoles->merge($ancestorRoles);
|
$inheritedRoles->merge($ancestorRoles);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$groupRoleIDs = $groupRoles->column('ID') + $inheritedRoles->column('ID');
|
$groupRoleIDs = $groupRoles->column('ID') + $inheritedRoles->column('ID');
|
||||||
$inheritedRoleIDs = $inheritedRoles->column('ID');
|
$inheritedRoleIDs = $inheritedRoles->column('ID');
|
||||||
} else {
|
} else {
|
||||||
$groupRoleIDs = array();
|
$groupRoleIDs = array();
|
||||||
$inheritedRoleIDs = array();
|
$inheritedRoleIDs = array();
|
||||||
}
|
}
|
||||||
|
|
||||||
$rolesField = ListboxField::create('Roles', false, $allRoles->map()->toArray())
|
$rolesField = ListboxField::create('Roles', false, $allRoles->map()->toArray())
|
||||||
->setDefaultItems($groupRoleIDs)
|
->setDefaultItems($groupRoleIDs)
|
||||||
->setAttribute('data-placeholder', _t('Group.AddRole', 'Add a role for this group'))
|
->setAttribute('data-placeholder', _t('Group.AddRole', 'Add a role for this group'))
|
||||||
->setDisabledItems($inheritedRoleIDs);
|
->setDisabledItems($inheritedRoleIDs);
|
||||||
if (!$allRoles->count()) {
|
if(!$allRoles->count()) {
|
||||||
$rolesField->setAttribute('data-placeholder', _t('Group.NoRoles', 'No roles found'));
|
$rolesField->setAttribute('data-placeholder', _t('Group.NoRoles', 'No roles found'));
|
||||||
}
|
}
|
||||||
$fields->addFieldToTab('Root.Roles', $rolesField);
|
$fields->addFieldToTab('Root.Roles', $rolesField);
|
||||||
}
|
}
|
||||||
|
|
||||||
$fields->push($idField = new HiddenField("ID"));
|
$fields->push($idField = new HiddenField("ID"));
|
||||||
|
|
||||||
$this->extend('updateCMSFields', $fields);
|
$this->extend('updateCMSFields', $fields);
|
||||||
|
|
||||||
return $fields;
|
return $fields;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param bool $includerelations Indicate if the labels returned include relation fields
|
* @param bool $includerelations Indicate if the labels returned include relation fields
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function fieldLabels($includerelations = true)
|
public function fieldLabels($includerelations = true)
|
||||||
{
|
{
|
||||||
$labels = parent::fieldLabels($includerelations);
|
$labels = parent::fieldLabels($includerelations);
|
||||||
$labels['Title'] = _t('SecurityAdmin.GROUPNAME', 'Group name');
|
$labels['Title'] = _t('SecurityAdmin.GROUPNAME', 'Group name');
|
||||||
$labels['Description'] = _t('Group.Description', 'Description');
|
$labels['Description'] = _t('Group.Description', 'Description');
|
||||||
$labels['Code'] = _t('Group.Code', 'Group Code', 'Programmatical code identifying a group');
|
$labels['Code'] = _t('Group.Code', 'Group Code', 'Programmatical code identifying a group');
|
||||||
$labels['Locked'] = _t('Group.Locked', 'Locked?', 'Group is locked in the security administration area');
|
$labels['Locked'] = _t('Group.Locked', 'Locked?', 'Group is locked in the security administration area');
|
||||||
$labels['Sort'] = _t('Group.Sort', 'Sort Order');
|
$labels['Sort'] = _t('Group.Sort', 'Sort Order');
|
||||||
if ($includerelations) {
|
if($includerelations){
|
||||||
$labels['Parent'] = _t('Group.Parent', 'Parent Group', 'One group has one parent group');
|
$labels['Parent'] = _t('Group.Parent', 'Parent Group', 'One group has one parent group');
|
||||||
$labels['Permissions'] = _t('Group.has_many_Permissions', 'Permissions', 'One group has many permissions');
|
$labels['Permissions'] = _t('Group.has_many_Permissions', 'Permissions', 'One group has many permissions');
|
||||||
$labels['Members'] = _t('Group.many_many_Members', 'Members', 'One group has many members');
|
$labels['Members'] = _t('Group.many_many_Members', 'Members', 'One group has many members');
|
||||||
}
|
}
|
||||||
|
|
||||||
return $labels;
|
return $labels;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get many-many relation to {@link Member},
|
* Get many-many relation to {@link Member},
|
||||||
* including all members which are "inherited" from children groups of this record.
|
* including all members which are "inherited" from children groups of this record.
|
||||||
* See {@link DirectMembers()} for retrieving members without any inheritance.
|
* See {@link DirectMembers()} for retrieving members without any inheritance.
|
||||||
*
|
*
|
||||||
* @param String $filter
|
* @param String $filter
|
||||||
* @return ManyManyList
|
* @return ManyManyList
|
||||||
*/
|
*/
|
||||||
public function Members($filter = '')
|
public function Members($filter = '')
|
||||||
{
|
{
|
||||||
// First get direct members as a base result
|
// First get direct members as a base result
|
||||||
$result = $this->DirectMembers();
|
$result = $this->DirectMembers();
|
||||||
|
|
||||||
// Unsaved group cannot have child groups because its ID is still 0.
|
// Unsaved group cannot have child groups because its ID is still 0.
|
||||||
if (!$this->exists()) {
|
if (!$this->exists()) {
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Remove the default foreign key filter in prep for re-applying a filter containing all children groups.
|
// Remove the default foreign key filter in prep for re-applying a filter containing all children groups.
|
||||||
// Filters are conjunctive in DataQuery by default, so this filter would otherwise overrule any less specific
|
// Filters are conjunctive in DataQuery by default, so this filter would otherwise overrule any less specific
|
||||||
// ones.
|
// ones.
|
||||||
if (!($result instanceof UnsavedRelationList)) {
|
if(!($result instanceof UnsavedRelationList)) {
|
||||||
$result = $result->alterDataQuery(function ($query) {
|
$result = $result->alterDataQuery(function($query){
|
||||||
/** @var DataQuery $query */
|
/** @var DataQuery $query */
|
||||||
$query->removeFilterOn('Group_Members');
|
$query->removeFilterOn('Group_Members');
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
// Now set all children groups as a new foreign key
|
// Now set all children groups as a new foreign key
|
||||||
$groups = Group::get()->byIDs($this->collateFamilyIDs());
|
$groups = Group::get()->byIDs($this->collateFamilyIDs());
|
||||||
$result = $result->forForeignID($groups->column('ID'))->where($filter);
|
$result = $result->forForeignID($groups->column('ID'))->where($filter);
|
||||||
|
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return only the members directly added to this group
|
* Return only the members directly added to this group
|
||||||
*/
|
*/
|
||||||
public function DirectMembers()
|
public function DirectMembers()
|
||||||
{
|
{
|
||||||
return $this->getManyManyComponents('Members');
|
return $this->getManyManyComponents('Members');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a set of this record's "family" of IDs - the IDs of
|
* Return a set of this record's "family" of IDs - the IDs of
|
||||||
* this record and all its descendants.
|
* this record and all its descendants.
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function collateFamilyIDs()
|
public function collateFamilyIDs()
|
||||||
{
|
{
|
||||||
if (!$this->exists()) {
|
if (!$this->exists()) {
|
||||||
throw new \InvalidArgumentException("Cannot call collateFamilyIDs on unsaved Group.");
|
throw new \InvalidArgumentException("Cannot call collateFamilyIDs on unsaved Group.");
|
||||||
}
|
}
|
||||||
|
|
||||||
$familyIDs = array();
|
$familyIDs = array();
|
||||||
$chunkToAdd = array($this->ID);
|
$chunkToAdd = array($this->ID);
|
||||||
|
|
||||||
while ($chunkToAdd) {
|
while($chunkToAdd) {
|
||||||
$familyIDs = array_merge($familyIDs, $chunkToAdd);
|
$familyIDs = array_merge($familyIDs,$chunkToAdd);
|
||||||
|
|
||||||
// Get the children of *all* the groups identified in the previous chunk.
|
// Get the children of *all* the groups identified in the previous chunk.
|
||||||
// This minimises the number of SQL queries necessary
|
// This minimises the number of SQL queries necessary
|
||||||
$chunkToAdd = Group::get()->filter("ParentID", $chunkToAdd)->column('ID');
|
$chunkToAdd = Group::get()->filter("ParentID", $chunkToAdd)->column('ID');
|
||||||
}
|
}
|
||||||
|
|
||||||
return $familyIDs;
|
return $familyIDs;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns an array of the IDs of this group and all its parents
|
* Returns an array of the IDs of this group and all its parents
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function collateAncestorIDs()
|
public function collateAncestorIDs()
|
||||||
{
|
{
|
||||||
$parent = $this;
|
$parent = $this;
|
||||||
$items = [];
|
$items = [];
|
||||||
while (isset($parent) && $parent instanceof Group) {
|
while(isset($parent) && $parent instanceof Group) {
|
||||||
$items[] = $parent->ID;
|
$items[] = $parent->ID;
|
||||||
$parent = $parent->Parent;
|
$parent = $parent->Parent;
|
||||||
}
|
}
|
||||||
return $items;
|
return $items;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This isn't a decendant of SiteTree, but needs this in case
|
* This isn't a decendant of SiteTree, but needs this in case
|
||||||
* the group is "reorganised";
|
* the group is "reorganised";
|
||||||
*/
|
*/
|
||||||
public function cmsCleanup_parentChanged()
|
public function cmsCleanup_parentChanged()
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Override this so groups are ordered in the CMS
|
* Override this so groups are ordered in the CMS
|
||||||
*/
|
*/
|
||||||
public function stageChildren()
|
public function stageChildren()
|
||||||
{
|
{
|
||||||
return Group::get()
|
return Group::get()
|
||||||
->filter("ParentID", $this->ID)
|
->filter("ParentID", $this->ID)
|
||||||
->exclude("ID", $this->ID)
|
->exclude("ID", $this->ID)
|
||||||
->sort('"Sort"');
|
->sort('"Sort"');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getTreeTitle()
|
public function getTreeTitle()
|
||||||
{
|
{
|
||||||
if ($this->hasMethod('alternateTreeTitle')) {
|
if($this->hasMethod('alternateTreeTitle')) {
|
||||||
return $this->alternateTreeTitle();
|
return $this->alternateTreeTitle();
|
||||||
}
|
}
|
||||||
return htmlspecialchars($this->Title, ENT_QUOTES);
|
return htmlspecialchars($this->Title, ENT_QUOTES);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Overloaded to ensure the code is always descent.
|
* Overloaded to ensure the code is always descent.
|
||||||
*
|
*
|
||||||
* @param string
|
* @param string
|
||||||
*/
|
*/
|
||||||
public function setCode($val)
|
public function setCode($val)
|
||||||
{
|
{
|
||||||
$this->setField("Code", Convert::raw2url($val));
|
$this->setField("Code", Convert::raw2url($val));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function validate()
|
public function validate()
|
||||||
{
|
{
|
||||||
$result = parent::validate();
|
$result = parent::validate();
|
||||||
|
|
||||||
// Check if the new group hierarchy would add certain "privileged permissions",
|
// Check if the new group hierarchy would add certain "privileged permissions",
|
||||||
// and require an admin to perform this change in case it does.
|
// and require an admin to perform this change in case it does.
|
||||||
// This prevents "sub-admin" users with group editing permissions to increase their privileges.
|
// This prevents "sub-admin" users with group editing permissions to increase their privileges.
|
||||||
if ($this->Parent()->exists() && !Permission::check('ADMIN')) {
|
if($this->Parent()->exists() && !Permission::check('ADMIN')) {
|
||||||
$inheritedCodes = Permission::get()
|
$inheritedCodes = Permission::get()
|
||||||
->filter('GroupID', $this->Parent()->collateAncestorIDs())
|
->filter('GroupID', $this->Parent()->collateAncestorIDs())
|
||||||
->column('Code');
|
->column('Code');
|
||||||
$privilegedCodes = Config::inst()->get('SilverStripe\\Security\\Permission', 'privileged_permissions');
|
$privilegedCodes = Config::inst()->get('SilverStripe\\Security\\Permission', 'privileged_permissions');
|
||||||
if (array_intersect($inheritedCodes, $privilegedCodes)) {
|
if(array_intersect($inheritedCodes, $privilegedCodes)) {
|
||||||
$result->error(sprintf(
|
$result->addError(sprintf(
|
||||||
_t(
|
_t(
|
||||||
'Group.HierarchyPermsError',
|
'Group.HierarchyPermsError',
|
||||||
'Can\'t assign parent group "%s" with privileged permissions (requires ADMIN access)'
|
'Can\'t assign parent group "%s" with privileged permissions (requires ADMIN access)'
|
||||||
),
|
),
|
||||||
$this->Parent()->Title
|
$this->Parent()->Title
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function onBeforeWrite()
|
public function onBeforeWrite()
|
||||||
{
|
{
|
||||||
parent::onBeforeWrite();
|
parent::onBeforeWrite();
|
||||||
|
|
||||||
// Only set code property when the group has a custom title, and no code exists.
|
// Only set code property when the group has a custom title, and no code exists.
|
||||||
// The "Code" attribute is usually treated as a more permanent identifier than database IDs
|
// The "Code" attribute is usually treated as a more permanent identifier than database IDs
|
||||||
// in custom application logic, so can't be changed after its first set.
|
// in custom application logic, so can't be changed after its first set.
|
||||||
if (!$this->Code && $this->Title != _t('SecurityAdmin.NEWGROUP', "New Group")) {
|
if(!$this->Code && $this->Title != _t('SecurityAdmin.NEWGROUP',"New Group")) {
|
||||||
$this->setCode($this->Title);
|
$this->setCode($this->Title);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function onBeforeDelete()
|
public function onBeforeDelete()
|
||||||
{
|
{
|
||||||
parent::onBeforeDelete();
|
parent::onBeforeDelete();
|
||||||
|
|
||||||
// if deleting this group, delete it's children as well
|
// if deleting this group, delete it's children as well
|
||||||
foreach ($this->Groups() as $group) {
|
foreach($this->Groups() as $group) {
|
||||||
$group->delete();
|
$group->delete();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Delete associated permissions
|
// Delete associated permissions
|
||||||
foreach ($this->Permissions() as $permission) {
|
foreach($this->Permissions() as $permission) {
|
||||||
$permission->delete();
|
$permission->delete();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks for permission-code CMS_ACCESS_SecurityAdmin.
|
* Checks for permission-code CMS_ACCESS_SecurityAdmin.
|
||||||
* If the group has ADMIN permissions, it requires the user to have ADMIN permissions as well.
|
* If the group has ADMIN permissions, it requires the user to have ADMIN permissions as well.
|
||||||
*
|
*
|
||||||
* @param $member Member
|
* @param $member Member
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function canEdit($member = null)
|
public function canEdit($member = null)
|
||||||
{
|
{
|
||||||
if (!$member || !(is_a($member, 'SilverStripe\\Security\\Member')) || is_numeric($member)) {
|
if (!$member || !(is_a($member, 'SilverStripe\\Security\\Member')) || is_numeric($member)) {
|
||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
// extended access checks
|
// extended access checks
|
||||||
$results = $this->extend('canEdit', $member);
|
$results = $this->extend('canEdit', $member);
|
||||||
if ($results && is_array($results)) {
|
if ($results && is_array($results)) {
|
||||||
if (!min($results)) {
|
if (!min($results)) {
|
||||||
return false;
|
return false;
|
||||||
@ -490,48 +490,48 @@ class Group extends DataObject
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (// either we have an ADMIN
|
if (// either we have an ADMIN
|
||||||
(bool)Permission::checkMember($member, "ADMIN")
|
(bool)Permission::checkMember($member, "ADMIN")
|
||||||
|| (
|
|| (
|
||||||
// or a privileged CMS user and a group without ADMIN permissions.
|
// or a privileged CMS user and a group without ADMIN permissions.
|
||||||
// without this check, a user would be able to add himself to an administrators group
|
// without this check, a user would be able to add himself to an administrators group
|
||||||
// with just access to the "Security" admin interface
|
// with just access to the "Security" admin interface
|
||||||
Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin") &&
|
Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin") &&
|
||||||
!Permission::get()->filter(array('GroupID' => $this->ID, 'Code' => 'ADMIN'))->exists()
|
!Permission::get()->filter(array('GroupID' => $this->ID, 'Code' => 'ADMIN'))->exists()
|
||||||
)
|
)
|
||||||
) {
|
) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks for permission-code CMS_ACCESS_SecurityAdmin.
|
* Checks for permission-code CMS_ACCESS_SecurityAdmin.
|
||||||
*
|
*
|
||||||
* @param $member Member
|
* @param $member Member
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function canView($member = null)
|
public function canView($member = null)
|
||||||
{
|
{
|
||||||
if (!$member || !(is_a($member, 'SilverStripe\\Security\\Member')) || is_numeric($member)) {
|
if (!$member || !(is_a($member, 'SilverStripe\\Security\\Member')) || is_numeric($member)) {
|
||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
// extended access checks
|
// extended access checks
|
||||||
$results = $this->extend('canView', $member);
|
$results = $this->extend('canView', $member);
|
||||||
if ($results && is_array($results)) {
|
if ($results && is_array($results)) {
|
||||||
if (!min($results)) {
|
if (!min($results)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// user needs access to CMS_ACCESS_SecurityAdmin
|
// user needs access to CMS_ACCESS_SecurityAdmin
|
||||||
if (Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin")) {
|
if (Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin")) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function canDelete($member = null)
|
public function canDelete($member = null)
|
||||||
{
|
{
|
||||||
@ -539,30 +539,30 @@ class Group extends DataObject
|
|||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
// extended access checks
|
// extended access checks
|
||||||
$results = $this->extend('canDelete', $member);
|
$results = $this->extend('canDelete', $member);
|
||||||
if ($results && is_array($results)) {
|
if ($results && is_array($results)) {
|
||||||
if (!min($results)) {
|
if (!min($results)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->canEdit($member);
|
return $this->canEdit($member);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns all of the children for the CMS Tree.
|
* Returns all of the children for the CMS Tree.
|
||||||
* Filters to only those groups that the current user can edit
|
* Filters to only those groups that the current user can edit
|
||||||
*/
|
*/
|
||||||
public function AllChildrenIncludingDeleted()
|
public function AllChildrenIncludingDeleted()
|
||||||
{
|
{
|
||||||
/** @var Hierarchy $extInstance */
|
/** @var Hierarchy $extInstance */
|
||||||
$extInstance = $this->getExtensionInstance('SilverStripe\\ORM\\Hierarchy\\Hierarchy');
|
$extInstance = $this->getExtensionInstance('SilverStripe\\ORM\\Hierarchy\\Hierarchy');
|
||||||
$extInstance->setOwner($this);
|
$extInstance->setOwner($this);
|
||||||
$children = $extInstance->AllChildrenIncludingDeleted();
|
$children = $extInstance->AllChildrenIncludingDeleted();
|
||||||
$extInstance->clearOwner();
|
$extInstance->clearOwner();
|
||||||
|
|
||||||
$filteredChildren = new ArrayList();
|
$filteredChildren = new ArrayList();
|
||||||
|
|
||||||
if ($children) {
|
if ($children) {
|
||||||
foreach ($children as $child) {
|
foreach ($children as $child) {
|
||||||
@ -570,46 +570,46 @@ class Group extends DataObject
|
|||||||
$filteredChildren->push($child);
|
$filteredChildren->push($child);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $filteredChildren;
|
return $filteredChildren;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add default records to database.
|
* Add default records to database.
|
||||||
*
|
*
|
||||||
* This function is called whenever the database is built, after the
|
* This function is called whenever the database is built, after the
|
||||||
* database tables have all been created.
|
* database tables have all been created.
|
||||||
*/
|
*/
|
||||||
public function requireDefaultRecords()
|
public function requireDefaultRecords()
|
||||||
{
|
{
|
||||||
parent::requireDefaultRecords();
|
parent::requireDefaultRecords();
|
||||||
|
|
||||||
// Add default author group if no other group exists
|
// Add default author group if no other group exists
|
||||||
$allGroups = DataObject::get('SilverStripe\\Security\\Group');
|
$allGroups = DataObject::get('SilverStripe\\Security\\Group');
|
||||||
if (!$allGroups->count()) {
|
if(!$allGroups->count()) {
|
||||||
$authorGroup = new Group();
|
$authorGroup = new Group();
|
||||||
$authorGroup->Code = 'content-authors';
|
$authorGroup->Code = 'content-authors';
|
||||||
$authorGroup->Title = _t('Group.DefaultGroupTitleContentAuthors', 'Content Authors');
|
$authorGroup->Title = _t('Group.DefaultGroupTitleContentAuthors', 'Content Authors');
|
||||||
$authorGroup->Sort = 1;
|
$authorGroup->Sort = 1;
|
||||||
$authorGroup->write();
|
$authorGroup->write();
|
||||||
Permission::grant($authorGroup->ID, 'CMS_ACCESS_CMSMain');
|
Permission::grant($authorGroup->ID, 'CMS_ACCESS_CMSMain');
|
||||||
Permission::grant($authorGroup->ID, 'CMS_ACCESS_AssetAdmin');
|
Permission::grant($authorGroup->ID, 'CMS_ACCESS_AssetAdmin');
|
||||||
Permission::grant($authorGroup->ID, 'CMS_ACCESS_ReportAdmin');
|
Permission::grant($authorGroup->ID, 'CMS_ACCESS_ReportAdmin');
|
||||||
Permission::grant($authorGroup->ID, 'SITETREE_REORGANISE');
|
Permission::grant($authorGroup->ID, 'SITETREE_REORGANISE');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Add default admin group if none with permission code ADMIN exists
|
// Add default admin group if none with permission code ADMIN exists
|
||||||
$adminGroups = Permission::get_groups_by_permission('ADMIN');
|
$adminGroups = Permission::get_groups_by_permission('ADMIN');
|
||||||
if (!$adminGroups->count()) {
|
if(!$adminGroups->count()) {
|
||||||
$adminGroup = new Group();
|
$adminGroup = new Group();
|
||||||
$adminGroup->Code = 'administrators';
|
$adminGroup->Code = 'administrators';
|
||||||
$adminGroup->Title = _t('Group.DefaultGroupTitleAdministrators', 'Administrators');
|
$adminGroup->Title = _t('Group.DefaultGroupTitleAdministrators', 'Administrators');
|
||||||
$adminGroup->Sort = 0;
|
$adminGroup->Sort = 0;
|
||||||
$adminGroup->write();
|
$adminGroup->write();
|
||||||
Permission::grant($adminGroup->ID, 'ADMIN');
|
Permission::grant($adminGroup->ID, 'ADMIN');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Members are populated through Member->requireDefaultRecords()
|
// Members are populated through Member->requireDefaultRecords()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -63,380 +63,380 @@ use Zend_Locale_Format;
|
|||||||
class Member extends DataObject implements TemplateGlobalProvider
|
class Member extends DataObject implements TemplateGlobalProvider
|
||||||
{
|
{
|
||||||
|
|
||||||
private static $db = array(
|
private static $db = array(
|
||||||
'FirstName' => 'Varchar',
|
'FirstName' => 'Varchar',
|
||||||
'Surname' => 'Varchar',
|
'Surname' => 'Varchar',
|
||||||
'Email' => 'Varchar(254)', // See RFC 5321, Section 4.5.3.1.3. (256 minus the < and > character)
|
'Email' => 'Varchar(254)', // See RFC 5321, Section 4.5.3.1.3. (256 minus the < and > character)
|
||||||
'TempIDHash' => 'Varchar(160)', // Temporary id used for cms re-authentication
|
'TempIDHash' => 'Varchar(160)', // Temporary id used for cms re-authentication
|
||||||
'TempIDExpired' => 'Datetime', // Expiry of temp login
|
'TempIDExpired' => 'Datetime', // Expiry of temp login
|
||||||
'Password' => 'Varchar(160)',
|
'Password' => 'Varchar(160)',
|
||||||
'AutoLoginHash' => 'Varchar(160)', // Used to auto-login the user on password reset
|
'AutoLoginHash' => 'Varchar(160)', // Used to auto-login the user on password reset
|
||||||
'AutoLoginExpired' => 'Datetime',
|
'AutoLoginExpired' => 'Datetime',
|
||||||
// This is an arbitrary code pointing to a PasswordEncryptor instance,
|
// This is an arbitrary code pointing to a PasswordEncryptor instance,
|
||||||
// not an actual encryption algorithm.
|
// not an actual encryption algorithm.
|
||||||
// Warning: Never change this field after its the first password hashing without
|
// Warning: Never change this field after its the first password hashing without
|
||||||
// providing a new cleartext password as well.
|
// providing a new cleartext password as well.
|
||||||
'PasswordEncryption' => "Varchar(50)",
|
'PasswordEncryption' => "Varchar(50)",
|
||||||
'Salt' => 'Varchar(50)',
|
'Salt' => 'Varchar(50)',
|
||||||
'PasswordExpiry' => 'Date',
|
'PasswordExpiry' => 'Date',
|
||||||
'LockedOutUntil' => 'Datetime',
|
'LockedOutUntil' => 'Datetime',
|
||||||
'Locale' => 'Varchar(6)',
|
'Locale' => 'Varchar(6)',
|
||||||
// handled in registerFailedLogin(), only used if $lock_out_after_incorrect_logins is set
|
// handled in registerFailedLogin(), only used if $lock_out_after_incorrect_logins is set
|
||||||
'FailedLoginCount' => 'Int',
|
'FailedLoginCount' => 'Int',
|
||||||
// In ISO format
|
// In ISO format
|
||||||
'DateFormat' => 'Varchar(30)',
|
'DateFormat' => 'Varchar(30)',
|
||||||
'TimeFormat' => 'Varchar(30)',
|
'TimeFormat' => 'Varchar(30)',
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $belongs_many_many = array(
|
private static $belongs_many_many = array(
|
||||||
'Groups' => 'SilverStripe\\Security\\Group',
|
'Groups' => 'SilverStripe\\Security\\Group',
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array(
|
private static $has_many = array(
|
||||||
'LoggedPasswords' => 'SilverStripe\\Security\\MemberPassword',
|
'LoggedPasswords' => 'SilverStripe\\Security\\MemberPassword',
|
||||||
'RememberLoginHashes' => 'SilverStripe\\Security\\RememberLoginHash'
|
'RememberLoginHashes' => 'SilverStripe\\Security\\RememberLoginHash'
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $table_name = "Member";
|
private static $table_name = "Member";
|
||||||
|
|
||||||
private static $default_sort = '"Surname", "FirstName"';
|
private static $default_sort = '"Surname", "FirstName"';
|
||||||
|
|
||||||
private static $indexes = array(
|
private static $indexes = array(
|
||||||
'Email' => true,
|
'Email' => true,
|
||||||
//Removed due to duplicate null values causing MSSQL problems
|
//Removed due to duplicate null values causing MSSQL problems
|
||||||
//'AutoLoginHash' => Array('type'=>'unique', 'value'=>'AutoLoginHash', 'ignoreNulls'=>true)
|
//'AutoLoginHash' => Array('type'=>'unique', 'value'=>'AutoLoginHash', 'ignoreNulls'=>true)
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var boolean
|
* @var boolean
|
||||||
*/
|
*/
|
||||||
private static $notify_password_change = false;
|
private static $notify_password_change = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* All searchable database columns
|
* All searchable database columns
|
||||||
* in this object, currently queried
|
* in this object, currently queried
|
||||||
* with a "column LIKE '%keywords%'
|
* with a "column LIKE '%keywords%'
|
||||||
* statement.
|
* statement.
|
||||||
*
|
*
|
||||||
* @var array
|
* @var array
|
||||||
* @todo Generic implementation of $searchable_fields on DataObject,
|
* @todo Generic implementation of $searchable_fields on DataObject,
|
||||||
* with definition for different searching algorithms
|
* with definition for different searching algorithms
|
||||||
* (LIKE, FULLTEXT) and default FormFields to construct a searchform.
|
* (LIKE, FULLTEXT) and default FormFields to construct a searchform.
|
||||||
*/
|
*/
|
||||||
private static $searchable_fields = array(
|
private static $searchable_fields = array(
|
||||||
'FirstName',
|
'FirstName',
|
||||||
'Surname',
|
'Surname',
|
||||||
'Email',
|
'Email',
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
private static $summary_fields = array(
|
private static $summary_fields = array(
|
||||||
'FirstName',
|
'FirstName',
|
||||||
'Surname',
|
'Surname',
|
||||||
'Email',
|
'Email',
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
private static $casting = array(
|
private static $casting = array(
|
||||||
'Name' => 'Varchar',
|
'Name' => 'Varchar',
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Internal-use only fields
|
* Internal-use only fields
|
||||||
*
|
*
|
||||||
* @config
|
* @config
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
private static $hidden_fields = array(
|
private static $hidden_fields = array(
|
||||||
'AutoLoginHash',
|
'AutoLoginHash',
|
||||||
'AutoLoginExpired',
|
'AutoLoginExpired',
|
||||||
'PasswordEncryption',
|
'PasswordEncryption',
|
||||||
'PasswordExpiry',
|
'PasswordExpiry',
|
||||||
'LockedOutUntil',
|
'LockedOutUntil',
|
||||||
'TempIDHash',
|
'TempIDHash',
|
||||||
'TempIDExpired',
|
'TempIDExpired',
|
||||||
'Salt',
|
'Salt',
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var array See {@link set_title_columns()}
|
* @var array See {@link set_title_columns()}
|
||||||
*/
|
*/
|
||||||
private static $title_format = null;
|
private static $title_format = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The unique field used to identify this member.
|
* The unique field used to identify this member.
|
||||||
* By default, it's "Email", but another common
|
* By default, it's "Email", but another common
|
||||||
* field could be Username.
|
* field could be Username.
|
||||||
*
|
*
|
||||||
* @config
|
* @config
|
||||||
* @var string
|
* @var string
|
||||||
* @skipUpgrade
|
* @skipUpgrade
|
||||||
*/
|
*/
|
||||||
private static $unique_identifier_field = 'Email';
|
private static $unique_identifier_field = 'Email';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Object for validating user's password
|
* Object for validating user's password
|
||||||
*
|
*
|
||||||
* @config
|
* @config
|
||||||
* @var PasswordValidator
|
* @var PasswordValidator
|
||||||
*/
|
*/
|
||||||
private static $password_validator = null;
|
private static $password_validator = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* The number of days that a password should be valid for.
|
* The number of days that a password should be valid for.
|
||||||
* By default, this is null, which means that passwords never expire
|
* By default, this is null, which means that passwords never expire
|
||||||
*/
|
*/
|
||||||
private static $password_expiry_days = null;
|
private static $password_expiry_days = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var Int Number of incorrect logins after which
|
* @var Int Number of incorrect logins after which
|
||||||
* the user is blocked from further attempts for the timespan
|
* the user is blocked from further attempts for the timespan
|
||||||
* defined in {@link $lock_out_delay_mins}.
|
* defined in {@link $lock_out_delay_mins}.
|
||||||
*/
|
*/
|
||||||
private static $lock_out_after_incorrect_logins = 10;
|
private static $lock_out_after_incorrect_logins = 10;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var integer Minutes of enforced lockout after incorrect password attempts.
|
* @var integer Minutes of enforced lockout after incorrect password attempts.
|
||||||
* Only applies if {@link $lock_out_after_incorrect_logins} greater than 0.
|
* Only applies if {@link $lock_out_after_incorrect_logins} greater than 0.
|
||||||
*/
|
*/
|
||||||
private static $lock_out_delay_mins = 15;
|
private static $lock_out_delay_mins = 15;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var String If this is set, then a session cookie with the given name will be set on log-in,
|
* @var String If this is set, then a session cookie with the given name will be set on log-in,
|
||||||
* and cleared on logout.
|
* and cleared on logout.
|
||||||
*/
|
*/
|
||||||
private static $login_marker_cookie = null;
|
private static $login_marker_cookie = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Indicates that when a {@link Member} logs in, Member:session_regenerate_id()
|
* Indicates that when a {@link Member} logs in, Member:session_regenerate_id()
|
||||||
* should be called as a security precaution.
|
* should be called as a security precaution.
|
||||||
*
|
*
|
||||||
* This doesn't always work, especially if you're trying to set session cookies
|
* This doesn't always work, especially if you're trying to set session cookies
|
||||||
* across an entire site using the domain parameter to session_set_cookie_params()
|
* across an entire site using the domain parameter to session_set_cookie_params()
|
||||||
*
|
*
|
||||||
* @config
|
* @config
|
||||||
* @var boolean
|
* @var boolean
|
||||||
*/
|
*/
|
||||||
private static $session_regenerate_id = true;
|
private static $session_regenerate_id = true;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default lifetime of temporary ids.
|
* Default lifetime of temporary ids.
|
||||||
*
|
*
|
||||||
* This is the period within which a user can be re-authenticated within the CMS by entering only their password
|
* This is the period within which a user can be re-authenticated within the CMS by entering only their password
|
||||||
* and without losing their workspace.
|
* and without losing their workspace.
|
||||||
*
|
*
|
||||||
* Any session expiration outside of this time will require them to login from the frontend using their full
|
* Any session expiration outside of this time will require them to login from the frontend using their full
|
||||||
* username and password.
|
* username and password.
|
||||||
*
|
*
|
||||||
* Defaults to 72 hours. Set to zero to disable expiration.
|
* Defaults to 72 hours. Set to zero to disable expiration.
|
||||||
*
|
*
|
||||||
* @config
|
* @config
|
||||||
* @var int Lifetime in seconds
|
* @var int Lifetime in seconds
|
||||||
*/
|
*/
|
||||||
private static $temp_id_lifetime = 259200;
|
private static $temp_id_lifetime = 259200;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Ensure the locale is set to something sensible by default.
|
* Ensure the locale is set to something sensible by default.
|
||||||
*/
|
*/
|
||||||
public function populateDefaults()
|
public function populateDefaults()
|
||||||
{
|
{
|
||||||
parent::populateDefaults();
|
parent::populateDefaults();
|
||||||
$this->Locale = i18n::get_closest_translation(i18n::get_locale());
|
$this->Locale = i18n::get_closest_translation(i18n::get_locale());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function requireDefaultRecords()
|
public function requireDefaultRecords()
|
||||||
{
|
{
|
||||||
parent::requireDefaultRecords();
|
parent::requireDefaultRecords();
|
||||||
// Default groups should've been built by Group->requireDefaultRecords() already
|
// Default groups should've been built by Group->requireDefaultRecords() already
|
||||||
static::default_admin();
|
static::default_admin();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the default admin record if it exists, or creates it otherwise if enabled
|
* Get the default admin record if it exists, or creates it otherwise if enabled
|
||||||
*
|
*
|
||||||
* @return Member
|
* @return Member
|
||||||
*/
|
*/
|
||||||
public static function default_admin()
|
public static function default_admin()
|
||||||
{
|
{
|
||||||
// Check if set
|
// Check if set
|
||||||
if (!Security::has_default_admin()) {
|
if (!Security::has_default_admin()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Find or create ADMIN group
|
// Find or create ADMIN group
|
||||||
Group::singleton()->requireDefaultRecords();
|
Group::singleton()->requireDefaultRecords();
|
||||||
$adminGroup = Permission::get_groups_by_permission('ADMIN')->first();
|
$adminGroup = Permission::get_groups_by_permission('ADMIN')->first();
|
||||||
|
|
||||||
// Find member
|
// Find member
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
$admin = Member::get()
|
$admin = Member::get()
|
||||||
->filter('Email', Security::default_admin_username())
|
->filter('Email', Security::default_admin_username())
|
||||||
->first();
|
->first();
|
||||||
if (!$admin) {
|
if(!$admin) {
|
||||||
// 'Password' is not set to avoid creating
|
// 'Password' is not set to avoid creating
|
||||||
// persistent logins in the database. See Security::setDefaultAdmin().
|
// persistent logins in the database. See Security::setDefaultAdmin().
|
||||||
// Set 'Email' to identify this as the default admin
|
// Set 'Email' to identify this as the default admin
|
||||||
$admin = Member::create();
|
$admin = Member::create();
|
||||||
$admin->FirstName = _t('Member.DefaultAdminFirstname', 'Default Admin');
|
$admin->FirstName = _t('Member.DefaultAdminFirstname', 'Default Admin');
|
||||||
$admin->Email = Security::default_admin_username();
|
$admin->Email = Security::default_admin_username();
|
||||||
$admin->write();
|
$admin->write();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Ensure this user is in the admin group
|
// Ensure this user is in the admin group
|
||||||
if (!$admin->inGroup($adminGroup)) {
|
if(!$admin->inGroup($adminGroup)) {
|
||||||
// Add member to group instead of adding group to member
|
// Add member to group instead of adding group to member
|
||||||
// This bypasses the privilege escallation code in Member_GroupSet
|
// This bypasses the privilege escallation code in Member_GroupSet
|
||||||
$adminGroup
|
$adminGroup
|
||||||
->DirectMembers()
|
->DirectMembers()
|
||||||
->add($admin);
|
->add($admin);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $admin;
|
return $admin;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if the passed password matches the stored one (if the member is not locked out).
|
* Check if the passed password matches the stored one (if the member is not locked out).
|
||||||
*
|
*
|
||||||
* @param string $password
|
* @param string $password
|
||||||
* @return ValidationResult
|
* @return ValidationResult
|
||||||
*/
|
*/
|
||||||
public function checkPassword($password)
|
public function checkPassword($password)
|
||||||
{
|
{
|
||||||
$result = $this->canLogIn();
|
$result = $this->canLogIn();
|
||||||
|
|
||||||
// Short-circuit the result upon failure, no further checks needed.
|
// Short-circuit the result upon failure, no further checks needed.
|
||||||
if (!$result->valid()) {
|
if (!$result->valid()) {
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Allow default admin to login as self
|
// Allow default admin to login as self
|
||||||
if ($this->isDefaultAdmin() && Security::check_default_admin($this->Email, $password)) {
|
if($this->isDefaultAdmin() && Security::check_default_admin($this->Email, $password)) {
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check a password is set on this member
|
// Check a password is set on this member
|
||||||
if (empty($this->Password) && $this->exists()) {
|
if(empty($this->Password) && $this->exists()) {
|
||||||
$result->error(_t('Member.NoPassword', 'There is no password on this member.'));
|
$result->addError(_t('Member.NoPassword','There is no password on this member.'));
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
$e = PasswordEncryptor::create_for_algorithm($this->PasswordEncryption);
|
$e = PasswordEncryptor::create_for_algorithm($this->PasswordEncryption);
|
||||||
if (!$e->check($this->Password, $password, $this->Salt, $this)) {
|
if(!$e->check($this->Password, $password, $this->Salt, $this)) {
|
||||||
$result->error(_t(
|
$result->addError(_t (
|
||||||
'Member.ERRORWRONGCRED',
|
'Member.ERRORWRONGCRED',
|
||||||
'The provided details don\'t seem to be correct. Please try again.'
|
'The provided details don\'t seem to be correct. Please try again.'
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if this user is the currently configured default admin
|
* Check if this user is the currently configured default admin
|
||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function isDefaultAdmin()
|
public function isDefaultAdmin()
|
||||||
{
|
{
|
||||||
return Security::has_default_admin()
|
return Security::has_default_admin()
|
||||||
&& $this->Email === Security::default_admin_username();
|
&& $this->Email === Security::default_admin_username();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a valid {@link ValidationResult} if this member can currently log in, or an invalid
|
* Returns a valid {@link ValidationResult} if this member can currently log in, or an invalid
|
||||||
* one with error messages to display if the member is locked out.
|
* one with error messages to display if the member is locked out.
|
||||||
*
|
*
|
||||||
* You can hook into this with a "canLogIn" method on an attached extension.
|
* You can hook into this with a "canLogIn" method on an attached extension.
|
||||||
*
|
*
|
||||||
* @return ValidationResult
|
* @return ValidationResult
|
||||||
*/
|
*/
|
||||||
public function canLogIn()
|
public function canLogIn()
|
||||||
{
|
{
|
||||||
$result = ValidationResult::create();
|
$result = ValidationResult::create();
|
||||||
|
|
||||||
if ($this->isLockedOut()) {
|
if($this->isLockedOut()) {
|
||||||
$result->error(
|
$result->addError(
|
||||||
_t(
|
_t(
|
||||||
'Member.ERRORLOCKEDOUT2',
|
'Member.ERRORLOCKEDOUT2',
|
||||||
'Your account has been temporarily disabled because of too many failed attempts at ' .
|
'Your account has been temporarily disabled because of too many failed attempts at ' .
|
||||||
'logging in. Please try again in {count} minutes.',
|
'logging in. Please try again in {count} minutes.',
|
||||||
null,
|
null,
|
||||||
array('count' => $this->config()->lock_out_delay_mins)
|
array('count' => $this->config()->lock_out_delay_mins)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->extend('canLogIn', $result);
|
$this->extend('canLogIn', $result);
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns true if this user is locked out
|
* Returns true if this user is locked out
|
||||||
*/
|
*/
|
||||||
public function isLockedOut()
|
public function isLockedOut()
|
||||||
{
|
{
|
||||||
return $this->LockedOutUntil && DBDatetime::now()->Format('U') < strtotime($this->LockedOutUntil);
|
return $this->LockedOutUntil && DBDatetime::now()->Format('U') < strtotime($this->LockedOutUntil);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Regenerate the session_id.
|
* Regenerate the session_id.
|
||||||
* This wrapper is here to make it easier to disable calls to session_regenerate_id(), should you need to.
|
* This wrapper is here to make it easier to disable calls to session_regenerate_id(), should you need to.
|
||||||
* They have caused problems in certain
|
* They have caused problems in certain
|
||||||
* quirky problems (such as using the Windmill 0.3.6 proxy).
|
* quirky problems (such as using the Windmill 0.3.6 proxy).
|
||||||
*/
|
*/
|
||||||
public static function session_regenerate_id()
|
public static function session_regenerate_id()
|
||||||
{
|
{
|
||||||
if (!self::config()->session_regenerate_id) {
|
if (!self::config()->session_regenerate_id) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// This can be called via CLI during testing.
|
// This can be called via CLI during testing.
|
||||||
if (Director::is_cli()) {
|
if (Director::is_cli()) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$file = '';
|
$file = '';
|
||||||
$line = '';
|
$line = '';
|
||||||
|
|
||||||
// @ is to supress win32 warnings/notices when session wasn't cleaned up properly
|
// @ is to supress win32 warnings/notices when session wasn't cleaned up properly
|
||||||
// There's nothing we can do about this, because it's an operating system function!
|
// There's nothing we can do about this, because it's an operating system function!
|
||||||
if (!headers_sent($file, $line)) {
|
if (!headers_sent($file, $line)) {
|
||||||
@session_regenerate_id(true);
|
@session_regenerate_id(true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set a {@link PasswordValidator} object to use to validate member's passwords.
|
* Set a {@link PasswordValidator} object to use to validate member's passwords.
|
||||||
*
|
*
|
||||||
* @param PasswordValidator $pv
|
* @param PasswordValidator $pv
|
||||||
*/
|
*/
|
||||||
public static function set_password_validator($pv)
|
public static function set_password_validator($pv)
|
||||||
{
|
{
|
||||||
self::$password_validator = $pv;
|
self::$password_validator = $pv;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the current {@link PasswordValidator}
|
* Returns the current {@link PasswordValidator}
|
||||||
*
|
*
|
||||||
* @return PasswordValidator
|
* @return PasswordValidator
|
||||||
*/
|
*/
|
||||||
public static function password_validator()
|
public static function password_validator()
|
||||||
{
|
{
|
||||||
return self::$password_validator;
|
return self::$password_validator;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public function isPasswordExpired()
|
public function isPasswordExpired()
|
||||||
@ -444,176 +444,176 @@ class Member extends DataObject implements TemplateGlobalProvider
|
|||||||
if (!$this->PasswordExpiry) {
|
if (!$this->PasswordExpiry) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
return strtotime(date('Y-m-d')) >= strtotime($this->PasswordExpiry);
|
return strtotime(date('Y-m-d')) >= strtotime($this->PasswordExpiry);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Logs this member in
|
* Logs this member in
|
||||||
*
|
*
|
||||||
* @param bool $remember If set to TRUE, the member will be logged in automatically the next time.
|
* @param bool $remember If set to TRUE, the member will be logged in automatically the next time.
|
||||||
*/
|
*/
|
||||||
public function logIn($remember = false)
|
public function logIn($remember = false)
|
||||||
{
|
{
|
||||||
$this->extend('beforeMemberLoggedIn');
|
$this->extend('beforeMemberLoggedIn');
|
||||||
|
|
||||||
self::session_regenerate_id();
|
self::session_regenerate_id();
|
||||||
|
|
||||||
Session::set("loggedInAs", $this->ID);
|
Session::set("loggedInAs", $this->ID);
|
||||||
// This lets apache rules detect whether the user has logged in
|
// This lets apache rules detect whether the user has logged in
|
||||||
if (Member::config()->login_marker_cookie) {
|
if (Member::config()->login_marker_cookie) {
|
||||||
Cookie::set(Member::config()->login_marker_cookie, 1, 0);
|
Cookie::set(Member::config()->login_marker_cookie, 1, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (Security::config()->autologin_enabled) {
|
if (Security::config()->autologin_enabled) {
|
||||||
// Cleans up any potential previous hash for this member on this device
|
// Cleans up any potential previous hash for this member on this device
|
||||||
if ($alcDevice = Cookie::get('alc_device')) {
|
if ($alcDevice = Cookie::get('alc_device')) {
|
||||||
RememberLoginHash::get()->filter('DeviceID', $alcDevice)->removeAll();
|
RememberLoginHash::get()->filter('DeviceID', $alcDevice)->removeAll();
|
||||||
}
|
}
|
||||||
if ($remember) {
|
if($remember) {
|
||||||
$rememberLoginHash = RememberLoginHash::generate($this);
|
$rememberLoginHash = RememberLoginHash::generate($this);
|
||||||
$tokenExpiryDays = Config::inst()->get(
|
$tokenExpiryDays = Config::inst()->get(
|
||||||
'SilverStripe\\Security\\RememberLoginHash',
|
'SilverStripe\\Security\\RememberLoginHash',
|
||||||
'token_expiry_days'
|
'token_expiry_days'
|
||||||
);
|
);
|
||||||
$deviceExpiryDays = Config::inst()->get(
|
$deviceExpiryDays = Config::inst()->get(
|
||||||
'SilverStripe\\Security\\RememberLoginHash',
|
'SilverStripe\\Security\\RememberLoginHash',
|
||||||
'device_expiry_days'
|
'device_expiry_days'
|
||||||
);
|
);
|
||||||
Cookie::set(
|
Cookie::set(
|
||||||
'alc_enc',
|
'alc_enc',
|
||||||
$this->ID . ':' . $rememberLoginHash->getToken(),
|
$this->ID . ':' . $rememberLoginHash->getToken(),
|
||||||
$tokenExpiryDays,
|
$tokenExpiryDays,
|
||||||
null,
|
null,
|
||||||
null,
|
null,
|
||||||
null,
|
null,
|
||||||
true
|
true
|
||||||
);
|
);
|
||||||
Cookie::set('alc_device', $rememberLoginHash->DeviceID, $deviceExpiryDays, null, null, null, true);
|
Cookie::set('alc_device', $rememberLoginHash->DeviceID, $deviceExpiryDays, null, null, null, true);
|
||||||
} else {
|
} else {
|
||||||
Cookie::set('alc_enc', null);
|
Cookie::set('alc_enc', null);
|
||||||
Cookie::set('alc_device', null);
|
Cookie::set('alc_device', null);
|
||||||
Cookie::force_expiry('alc_enc');
|
Cookie::force_expiry('alc_enc');
|
||||||
Cookie::force_expiry('alc_device');
|
Cookie::force_expiry('alc_device');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Clear the incorrect log-in count
|
// Clear the incorrect log-in count
|
||||||
$this->registerSuccessfulLogin();
|
$this->registerSuccessfulLogin();
|
||||||
|
|
||||||
$this->LockedOutUntil = null;
|
$this->LockedOutUntil = null;
|
||||||
|
|
||||||
$this->regenerateTempID();
|
$this->regenerateTempID();
|
||||||
|
|
||||||
$this->write();
|
$this->write();
|
||||||
|
|
||||||
// Audit logging hook
|
// Audit logging hook
|
||||||
$this->extend('memberLoggedIn');
|
$this->extend('memberLoggedIn');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Trigger regeneration of TempID.
|
* Trigger regeneration of TempID.
|
||||||
*
|
*
|
||||||
* This should be performed any time the user presents their normal identification (normally Email)
|
* This should be performed any time the user presents their normal identification (normally Email)
|
||||||
* and is successfully authenticated.
|
* and is successfully authenticated.
|
||||||
*/
|
*/
|
||||||
public function regenerateTempID()
|
public function regenerateTempID()
|
||||||
{
|
{
|
||||||
$generator = new RandomGenerator();
|
$generator = new RandomGenerator();
|
||||||
$this->TempIDHash = $generator->randomToken('sha1');
|
$this->TempIDHash = $generator->randomToken('sha1');
|
||||||
$this->TempIDExpired = self::config()->temp_id_lifetime
|
$this->TempIDExpired = self::config()->temp_id_lifetime
|
||||||
? date('Y-m-d H:i:s', strtotime(DBDatetime::now()->getValue()) + self::config()->temp_id_lifetime)
|
? date('Y-m-d H:i:s', strtotime(DBDatetime::now()->getValue()) + self::config()->temp_id_lifetime)
|
||||||
: null;
|
: null;
|
||||||
$this->write();
|
$this->write();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if the member ID logged in session actually
|
* Check if the member ID logged in session actually
|
||||||
* has a database record of the same ID. If there is
|
* has a database record of the same ID. If there is
|
||||||
* no logged in user, FALSE is returned anyway.
|
* no logged in user, FALSE is returned anyway.
|
||||||
*
|
*
|
||||||
* @return boolean TRUE record found FALSE no record found
|
* @return boolean TRUE record found FALSE no record found
|
||||||
*/
|
*/
|
||||||
public static function logged_in_session_exists()
|
public static function logged_in_session_exists()
|
||||||
{
|
{
|
||||||
if ($id = Member::currentUserID()) {
|
if($id = Member::currentUserID()) {
|
||||||
if ($member = DataObject::get_by_id('SilverStripe\\Security\\Member', $id)) {
|
if($member = DataObject::get_by_id('SilverStripe\\Security\\Member', $id)) {
|
||||||
if ($member->exists()) {
|
if ($member->exists()) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Log the user in if the "remember login" cookie is set
|
* Log the user in if the "remember login" cookie is set
|
||||||
*
|
*
|
||||||
* The <i>remember login token</i> will be changed on every successful
|
* The <i>remember login token</i> will be changed on every successful
|
||||||
* auto-login.
|
* auto-login.
|
||||||
*/
|
*/
|
||||||
public static function autoLogin()
|
public static function autoLogin()
|
||||||
{
|
{
|
||||||
// Don't bother trying this multiple times
|
// Don't bother trying this multiple times
|
||||||
if (!class_exists('SilverStripe\\Dev\\SapphireTest', false) || !SapphireTest::is_running_test()) {
|
if (!class_exists('SilverStripe\\Dev\\SapphireTest', false) || !SapphireTest::is_running_test()) {
|
||||||
self::$_already_tried_to_auto_log_in = true;
|
self::$_already_tried_to_auto_log_in = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!Security::config()->autologin_enabled
|
if(!Security::config()->autologin_enabled
|
||||||
|| strpos(Cookie::get('alc_enc'), ':') === false
|
|| strpos(Cookie::get('alc_enc'), ':') === false
|
||||||
|| Session::get("loggedInAs")
|
|| Session::get("loggedInAs")
|
||||||
|| !Security::database_is_ready()
|
|| !Security::database_is_ready()
|
||||||
) {
|
) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strpos(Cookie::get('alc_enc'), ':') && Cookie::get('alc_device') && !Session::get("loggedInAs")) {
|
if(strpos(Cookie::get('alc_enc'), ':') && Cookie::get('alc_device') && !Session::get("loggedInAs")) {
|
||||||
list($uid, $token) = explode(':', Cookie::get('alc_enc'), 2);
|
list($uid, $token) = explode(':', Cookie::get('alc_enc'), 2);
|
||||||
|
|
||||||
if (!$uid || !$token) {
|
if (!$uid || !$token) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$deviceID = Cookie::get('alc_device');
|
$deviceID = Cookie::get('alc_device');
|
||||||
|
|
||||||
/** @var Member $member */
|
/** @var Member $member */
|
||||||
$member = Member::get()->byID($uid);
|
$member = Member::get()->byID($uid);
|
||||||
|
|
||||||
/** @var RememberLoginHash $rememberLoginHash */
|
/** @var RememberLoginHash $rememberLoginHash */
|
||||||
$rememberLoginHash = null;
|
$rememberLoginHash = null;
|
||||||
|
|
||||||
// check if autologin token matches
|
// check if autologin token matches
|
||||||
if ($member) {
|
if($member) {
|
||||||
$hash = $member->encryptWithUserSettings($token);
|
$hash = $member->encryptWithUserSettings($token);
|
||||||
$rememberLoginHash = RememberLoginHash::get()
|
$rememberLoginHash = RememberLoginHash::get()
|
||||||
->filter(array(
|
->filter(array(
|
||||||
'MemberID' => $member->ID,
|
'MemberID' => $member->ID,
|
||||||
'DeviceID' => $deviceID,
|
'DeviceID' => $deviceID,
|
||||||
'Hash' => $hash
|
'Hash' => $hash
|
||||||
))->first();
|
))->first();
|
||||||
if (!$rememberLoginHash) {
|
if(!$rememberLoginHash) {
|
||||||
$member = null;
|
$member = null;
|
||||||
} else {
|
} else {
|
||||||
// Check for expired token
|
// Check for expired token
|
||||||
$expiryDate = new DateTime($rememberLoginHash->ExpiryDate);
|
$expiryDate = new DateTime($rememberLoginHash->ExpiryDate);
|
||||||
$now = DBDatetime::now();
|
$now = DBDatetime::now();
|
||||||
$now = new DateTime($now->Rfc2822());
|
$now = new DateTime($now->Rfc2822());
|
||||||
if ($now > $expiryDate) {
|
if ($now > $expiryDate) {
|
||||||
$member = null;
|
$member = null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($member) {
|
if($member) {
|
||||||
self::session_regenerate_id();
|
self::session_regenerate_id();
|
||||||
Session::set("loggedInAs", $member->ID);
|
Session::set("loggedInAs", $member->ID);
|
||||||
// This lets apache rules detect whether the user has logged in
|
// This lets apache rules detect whether the user has logged in
|
||||||
if (Member::config()->login_marker_cookie) {
|
if(Member::config()->login_marker_cookie) {
|
||||||
Cookie::set(Member::config()->login_marker_cookie, 1, 0, null, null, false, true);
|
Cookie::set(Member::config()->login_marker_cookie, 1, 0, null, null, false, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($rememberLoginHash) {
|
if ($rememberLoginHash) {
|
||||||
$rememberLoginHash->renew();
|
$rememberLoginHash->renew();
|
||||||
$tokenExpiryDays = RememberLoginHash::config()->get('token_expiry_days');
|
$tokenExpiryDays = RememberLoginHash::config()->get('token_expiry_days');
|
||||||
Cookie::set(
|
Cookie::set(
|
||||||
'alc_enc',
|
'alc_enc',
|
||||||
$member->ID . ':' . $rememberLoginHash->getToken(),
|
$member->ID . ':' . $rememberLoginHash->getToken(),
|
||||||
@ -623,272 +623,272 @@ class Member extends DataObject implements TemplateGlobalProvider
|
|||||||
false,
|
false,
|
||||||
true
|
true
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
$member->write();
|
$member->write();
|
||||||
|
|
||||||
// Audit logging hook
|
// Audit logging hook
|
||||||
$member->extend('memberAutoLoggedIn');
|
$member->extend('memberAutoLoggedIn');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Logs this member out.
|
* Logs this member out.
|
||||||
*/
|
*/
|
||||||
public function logOut()
|
public function logOut()
|
||||||
{
|
{
|
||||||
$this->extend('beforeMemberLoggedOut');
|
$this->extend('beforeMemberLoggedOut');
|
||||||
|
|
||||||
Session::clear("loggedInAs");
|
Session::clear("loggedInAs");
|
||||||
if (Member::config()->login_marker_cookie) {
|
if (Member::config()->login_marker_cookie) {
|
||||||
Cookie::set(Member::config()->login_marker_cookie, null, 0);
|
Cookie::set(Member::config()->login_marker_cookie, null, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
Session::destroy();
|
Session::destroy();
|
||||||
|
|
||||||
$this->extend('memberLoggedOut');
|
$this->extend('memberLoggedOut');
|
||||||
|
|
||||||
// Clears any potential previous hashes for this member
|
// Clears any potential previous hashes for this member
|
||||||
RememberLoginHash::clear($this, Cookie::get('alc_device'));
|
RememberLoginHash::clear($this, Cookie::get('alc_device'));
|
||||||
|
|
||||||
Cookie::set('alc_enc', null); // // Clear the Remember Me cookie
|
Cookie::set('alc_enc', null); // // Clear the Remember Me cookie
|
||||||
Cookie::force_expiry('alc_enc');
|
Cookie::force_expiry('alc_enc');
|
||||||
Cookie::set('alc_device', null);
|
Cookie::set('alc_device', null);
|
||||||
Cookie::force_expiry('alc_device');
|
Cookie::force_expiry('alc_device');
|
||||||
|
|
||||||
// Switch back to live in order to avoid infinite loops when
|
// Switch back to live in order to avoid infinite loops when
|
||||||
// redirecting to the login screen (if this login screen is versioned)
|
// redirecting to the login screen (if this login screen is versioned)
|
||||||
Session::clear('readingMode');
|
Session::clear('readingMode');
|
||||||
|
|
||||||
$this->write();
|
$this->write();
|
||||||
|
|
||||||
// Audit logging hook
|
// Audit logging hook
|
||||||
$this->extend('memberLoggedOut');
|
$this->extend('memberLoggedOut');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Utility for generating secure password hashes for this member.
|
* Utility for generating secure password hashes for this member.
|
||||||
*
|
*
|
||||||
* @param string $string
|
* @param string $string
|
||||||
* @return string
|
* @return string
|
||||||
* @throws PasswordEncryptor_NotFoundException
|
* @throws PasswordEncryptor_NotFoundException
|
||||||
*/
|
*/
|
||||||
public function encryptWithUserSettings($string)
|
public function encryptWithUserSettings($string)
|
||||||
{
|
{
|
||||||
if (!$string) {
|
if (!$string) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
// If the algorithm or salt is not available, it means we are operating
|
// If the algorithm or salt is not available, it means we are operating
|
||||||
// on legacy account with unhashed password. Do not hash the string.
|
// on legacy account with unhashed password. Do not hash the string.
|
||||||
if (!$this->PasswordEncryption) {
|
if (!$this->PasswordEncryption) {
|
||||||
return $string;
|
return $string;
|
||||||
}
|
}
|
||||||
|
|
||||||
// We assume we have PasswordEncryption and Salt available here.
|
// We assume we have PasswordEncryption and Salt available here.
|
||||||
$e = PasswordEncryptor::create_for_algorithm($this->PasswordEncryption);
|
$e = PasswordEncryptor::create_for_algorithm($this->PasswordEncryption);
|
||||||
return $e->encrypt($string, $this->Salt);
|
return $e->encrypt($string, $this->Salt);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generate an auto login token which can be used to reset the password,
|
* Generate an auto login token which can be used to reset the password,
|
||||||
* at the same time hashing it and storing in the database.
|
* at the same time hashing it and storing in the database.
|
||||||
*
|
*
|
||||||
* @param int $lifetime The lifetime of the auto login hash in days (by default 2 days)
|
* @param int $lifetime The lifetime of the auto login hash in days (by default 2 days)
|
||||||
*
|
*
|
||||||
* @returns string Token that should be passed to the client (but NOT persisted).
|
* @returns string Token that should be passed to the client (but NOT persisted).
|
||||||
*
|
*
|
||||||
* @todo Make it possible to handle database errors such as a "duplicate key" error
|
* @todo Make it possible to handle database errors such as a "duplicate key" error
|
||||||
*/
|
*/
|
||||||
public function generateAutologinTokenAndStoreHash($lifetime = 2)
|
public function generateAutologinTokenAndStoreHash($lifetime = 2)
|
||||||
{
|
{
|
||||||
do {
|
do {
|
||||||
$generator = new RandomGenerator();
|
$generator = new RandomGenerator();
|
||||||
$token = $generator->randomToken();
|
$token = $generator->randomToken();
|
||||||
$hash = $this->encryptWithUserSettings($token);
|
$hash = $this->encryptWithUserSettings($token);
|
||||||
} while (DataObject::get_one('SilverStripe\\Security\\Member', array(
|
} while(DataObject::get_one('SilverStripe\\Security\\Member', array(
|
||||||
'"Member"."AutoLoginHash"' => $hash
|
'"Member"."AutoLoginHash"' => $hash
|
||||||
)));
|
)));
|
||||||
|
|
||||||
$this->AutoLoginHash = $hash;
|
$this->AutoLoginHash = $hash;
|
||||||
$this->AutoLoginExpired = date('Y-m-d H:i:s', time() + (86400 * $lifetime));
|
$this->AutoLoginExpired = date('Y-m-d H:i:s', time() + (86400 * $lifetime));
|
||||||
|
|
||||||
$this->write();
|
$this->write();
|
||||||
|
|
||||||
return $token;
|
return $token;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check the token against the member.
|
* Check the token against the member.
|
||||||
*
|
*
|
||||||
* @param string $autologinToken
|
* @param string $autologinToken
|
||||||
*
|
*
|
||||||
* @returns bool Is token valid?
|
* @returns bool Is token valid?
|
||||||
*/
|
*/
|
||||||
public function validateAutoLoginToken($autologinToken)
|
public function validateAutoLoginToken($autologinToken)
|
||||||
{
|
{
|
||||||
$hash = $this->encryptWithUserSettings($autologinToken);
|
$hash = $this->encryptWithUserSettings($autologinToken);
|
||||||
$member = self::member_from_autologinhash($hash, false);
|
$member = self::member_from_autologinhash($hash, false);
|
||||||
return (bool)$member;
|
return (bool)$member;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the member for the auto login hash
|
* Return the member for the auto login hash
|
||||||
*
|
*
|
||||||
* @param string $hash The hash key
|
* @param string $hash The hash key
|
||||||
* @param bool $login Should the member be logged in?
|
* @param bool $login Should the member be logged in?
|
||||||
*
|
*
|
||||||
* @return Member the matching member, if valid
|
* @return Member the matching member, if valid
|
||||||
* @return Member
|
* @return Member
|
||||||
*/
|
*/
|
||||||
public static function member_from_autologinhash($hash, $login = false)
|
public static function member_from_autologinhash($hash, $login = false)
|
||||||
{
|
{
|
||||||
|
|
||||||
$nowExpression = DB::get_conn()->now();
|
$nowExpression = DB::get_conn()->now();
|
||||||
/** @var Member $member */
|
/** @var Member $member */
|
||||||
$member = DataObject::get_one('SilverStripe\\Security\\Member', array(
|
$member = DataObject::get_one('SilverStripe\\Security\\Member', array(
|
||||||
"\"Member\".\"AutoLoginHash\"" => $hash,
|
"\"Member\".\"AutoLoginHash\"" => $hash,
|
||||||
"\"Member\".\"AutoLoginExpired\" > $nowExpression" // NOW() can't be parameterised
|
"\"Member\".\"AutoLoginExpired\" > $nowExpression" // NOW() can't be parameterised
|
||||||
));
|
));
|
||||||
|
|
||||||
if ($login && $member) {
|
if ($login && $member) {
|
||||||
$member->logIn();
|
$member->logIn();
|
||||||
}
|
}
|
||||||
|
|
||||||
return $member;
|
return $member;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Find a member record with the given TempIDHash value
|
* Find a member record with the given TempIDHash value
|
||||||
*
|
*
|
||||||
* @param string $tempid
|
* @param string $tempid
|
||||||
* @return Member
|
* @return Member
|
||||||
*/
|
*/
|
||||||
public static function member_from_tempid($tempid)
|
public static function member_from_tempid($tempid)
|
||||||
{
|
{
|
||||||
$members = Member::get()
|
$members = Member::get()
|
||||||
->filter('TempIDHash', $tempid);
|
->filter('TempIDHash', $tempid);
|
||||||
|
|
||||||
// Exclude expired
|
// Exclude expired
|
||||||
if (static::config()->temp_id_lifetime) {
|
if(static::config()->temp_id_lifetime) {
|
||||||
$members = $members->filter('TempIDExpired:GreaterThan', DBDatetime::now()->getValue());
|
$members = $members->filter('TempIDExpired:GreaterThan', DBDatetime::now()->getValue());
|
||||||
}
|
}
|
||||||
|
|
||||||
return $members->first();
|
return $members->first();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the fields for the member form - used in the registration/profile module.
|
* Returns the fields for the member form - used in the registration/profile module.
|
||||||
* It should return fields that are editable by the admin and the logged-in user.
|
* It should return fields that are editable by the admin and the logged-in user.
|
||||||
*
|
*
|
||||||
* @return FieldList Returns a {@link FieldList} containing the fields for
|
* @return FieldList Returns a {@link FieldList} containing the fields for
|
||||||
* the member form.
|
* the member form.
|
||||||
*/
|
*/
|
||||||
public function getMemberFormFields()
|
public function getMemberFormFields()
|
||||||
{
|
{
|
||||||
$fields = parent::getFrontEndFields();
|
$fields = parent::getFrontEndFields();
|
||||||
|
|
||||||
$fields->replaceField('Password', $this->getMemberPasswordField());
|
$fields->replaceField('Password', $this->getMemberPasswordField());
|
||||||
|
|
||||||
$fields->replaceField('Locale', new DropdownField(
|
$fields->replaceField('Locale', new DropdownField (
|
||||||
'Locale',
|
'Locale',
|
||||||
$this->fieldLabel('Locale'),
|
$this->fieldLabel('Locale'),
|
||||||
i18n::get_existing_translations()
|
i18n::get_existing_translations()
|
||||||
));
|
));
|
||||||
|
|
||||||
$fields->removeByName(static::config()->hidden_fields);
|
$fields->removeByName(static::config()->hidden_fields);
|
||||||
$fields->removeByName('FailedLoginCount');
|
$fields->removeByName('FailedLoginCount');
|
||||||
|
|
||||||
|
|
||||||
$this->extend('updateMemberFormFields', $fields);
|
$this->extend('updateMemberFormFields', $fields);
|
||||||
return $fields;
|
return $fields;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Builds "Change / Create Password" field for this member
|
* Builds "Change / Create Password" field for this member
|
||||||
*
|
*
|
||||||
* @return ConfirmedPasswordField
|
* @return ConfirmedPasswordField
|
||||||
*/
|
*/
|
||||||
public function getMemberPasswordField()
|
public function getMemberPasswordField()
|
||||||
{
|
{
|
||||||
$editingPassword = $this->isInDB();
|
$editingPassword = $this->isInDB();
|
||||||
$label = $editingPassword
|
$label = $editingPassword
|
||||||
? _t('Member.EDIT_PASSWORD', 'New Password')
|
? _t('Member.EDIT_PASSWORD', 'New Password')
|
||||||
: $this->fieldLabel('Password');
|
: $this->fieldLabel('Password');
|
||||||
/** @var ConfirmedPasswordField $password */
|
/** @var ConfirmedPasswordField $password */
|
||||||
$password = ConfirmedPasswordField::create(
|
$password = ConfirmedPasswordField::create(
|
||||||
'Password',
|
'Password',
|
||||||
$label,
|
$label,
|
||||||
null,
|
null,
|
||||||
null,
|
null,
|
||||||
$editingPassword
|
$editingPassword
|
||||||
);
|
);
|
||||||
|
|
||||||
// If editing own password, require confirmation of existing
|
// If editing own password, require confirmation of existing
|
||||||
if ($editingPassword && $this->ID == Member::currentUserID()) {
|
if($editingPassword && $this->ID == Member::currentUserID()) {
|
||||||
$password->setRequireExistingPassword(true);
|
$password->setRequireExistingPassword(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$password->setCanBeEmpty(true);
|
$password->setCanBeEmpty(true);
|
||||||
$this->extend('updateMemberPasswordField', $password);
|
$this->extend('updateMemberPasswordField', $password);
|
||||||
return $password;
|
return $password;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the {@link RequiredFields} instance for the Member object. This
|
* Returns the {@link RequiredFields} instance for the Member object. This
|
||||||
* Validator is used when saving a {@link CMSProfileController} or added to
|
* Validator is used when saving a {@link CMSProfileController} or added to
|
||||||
* any form responsible for saving a users data.
|
* any form responsible for saving a users data.
|
||||||
*
|
*
|
||||||
* To customize the required fields, add a {@link DataExtension} to member
|
* To customize the required fields, add a {@link DataExtension} to member
|
||||||
* calling the `updateValidator()` method.
|
* calling the `updateValidator()` method.
|
||||||
*
|
*
|
||||||
* @return Member_Validator
|
* @return Member_Validator
|
||||||
*/
|
*/
|
||||||
public function getValidator()
|
public function getValidator()
|
||||||
{
|
{
|
||||||
$validator = Injector::inst()->create('SilverStripe\\Security\\Member_Validator');
|
$validator = Injector::inst()->create('SilverStripe\\Security\\Member_Validator');
|
||||||
$validator->setForMember($this);
|
$validator->setForMember($this);
|
||||||
$this->extend('updateValidator', $validator);
|
$this->extend('updateValidator', $validator);
|
||||||
|
|
||||||
return $validator;
|
return $validator;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the current logged in user
|
* Returns the current logged in user
|
||||||
*
|
*
|
||||||
* @return Member
|
* @return Member
|
||||||
*/
|
*/
|
||||||
public static function currentUser()
|
public static function currentUser()
|
||||||
{
|
{
|
||||||
$id = Member::currentUserID();
|
$id = Member::currentUserID();
|
||||||
|
|
||||||
if ($id) {
|
if($id) {
|
||||||
return DataObject::get_by_id('SilverStripe\\Security\\Member', $id);
|
return DataObject::get_by_id('SilverStripe\\Security\\Member', $id);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the ID of the current logged in user
|
* Get the ID of the current logged in user
|
||||||
*
|
*
|
||||||
* @return int Returns the ID of the current logged in user or 0.
|
* @return int Returns the ID of the current logged in user or 0.
|
||||||
*/
|
*/
|
||||||
public static function currentUserID()
|
public static function currentUserID()
|
||||||
{
|
{
|
||||||
$id = Session::get("loggedInAs");
|
$id = Session::get("loggedInAs");
|
||||||
if (!$id && !self::$_already_tried_to_auto_log_in) {
|
if(!$id && !self::$_already_tried_to_auto_log_in) {
|
||||||
self::autoLogin();
|
self::autoLogin();
|
||||||
$id = Session::get("loggedInAs");
|
$id = Session::get("loggedInAs");
|
||||||
}
|
}
|
||||||
|
|
||||||
return is_numeric($id) ? $id : 0;
|
return is_numeric($id) ? $id : 0;
|
||||||
}
|
}
|
||||||
private static $_already_tried_to_auto_log_in = false;
|
private static $_already_tried_to_auto_log_in = false;
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generate a random password, with randomiser to kick in if there's no words file on the
|
* Generate a random password, with randomiser to kick in if there's no words file on the
|
||||||
* filesystem.
|
* filesystem.
|
||||||
*
|
*
|
||||||
@ -896,178 +896,178 @@ class Member extends DataObject implements TemplateGlobalProvider
|
|||||||
*/
|
*/
|
||||||
public static function create_new_password()
|
public static function create_new_password()
|
||||||
{
|
{
|
||||||
$words = Config::inst()->get('SilverStripe\\Security\\Security', 'word_list');
|
$words = Config::inst()->get('SilverStripe\\Security\\Security', 'word_list');
|
||||||
|
|
||||||
if ($words && file_exists($words)) {
|
if($words && file_exists($words)) {
|
||||||
$words = file($words);
|
$words = file($words);
|
||||||
|
|
||||||
list($usec, $sec) = explode(' ', microtime());
|
list($usec, $sec) = explode(' ', microtime());
|
||||||
srand($sec + ((float) $usec * 100000));
|
srand($sec + ((float) $usec * 100000));
|
||||||
|
|
||||||
$word = trim($words[rand(0, sizeof($words)-1)]);
|
$word = trim($words[rand(0,sizeof($words)-1)]);
|
||||||
$number = rand(10, 999);
|
$number = rand(10,999);
|
||||||
|
|
||||||
return $word . $number;
|
return $word . $number;
|
||||||
} else {
|
} else {
|
||||||
$random = rand();
|
$random = rand();
|
||||||
$string = md5($random);
|
$string = md5($random);
|
||||||
$output = substr($string, 0, 8);
|
$output = substr($string, 0, 8);
|
||||||
return $output;
|
return $output;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Event handler called before writing to the database.
|
* Event handler called before writing to the database.
|
||||||
*/
|
*/
|
||||||
public function onBeforeWrite()
|
public function onBeforeWrite()
|
||||||
{
|
{
|
||||||
if ($this->SetPassword) {
|
if ($this->SetPassword) {
|
||||||
$this->Password = $this->SetPassword;
|
$this->Password = $this->SetPassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
// If a member with the same "unique identifier" already exists with a different ID, don't allow merging.
|
// If a member with the same "unique identifier" already exists with a different ID, don't allow merging.
|
||||||
// Note: This does not a full replacement for safeguards in the controller layer (e.g. in a registration form),
|
// Note: This does not a full replacement for safeguards in the controller layer (e.g. in a registration form),
|
||||||
// but rather a last line of defense against data inconsistencies.
|
// but rather a last line of defense against data inconsistencies.
|
||||||
$identifierField = Member::config()->unique_identifier_field;
|
$identifierField = Member::config()->unique_identifier_field;
|
||||||
if ($this->$identifierField) {
|
if($this->$identifierField) {
|
||||||
// Note: Same logic as Member_Validator class
|
// Note: Same logic as Member_Validator class
|
||||||
$filter = array("\"$identifierField\"" => $this->$identifierField);
|
$filter = array("\"$identifierField\"" => $this->$identifierField);
|
||||||
if ($this->ID) {
|
if($this->ID) {
|
||||||
$filter[] = array('"Member"."ID" <> ?' => $this->ID);
|
$filter[] = array('"Member"."ID" <> ?' => $this->ID);
|
||||||
}
|
}
|
||||||
$existingRecord = DataObject::get_one('SilverStripe\\Security\\Member', $filter);
|
$existingRecord = DataObject::get_one('SilverStripe\\Security\\Member', $filter);
|
||||||
|
|
||||||
if ($existingRecord) {
|
if($existingRecord) {
|
||||||
throw new ValidationException(ValidationResult::create(false, _t(
|
throw new ValidationException(ValidationResult::create()->adderror(_t(
|
||||||
'Member.ValidationIdentifierFailed',
|
'Member.ValidationIdentifierFailed',
|
||||||
'Can\'t overwrite existing member #{id} with identical identifier ({name} = {value}))',
|
'Can\'t overwrite existing member #{id} with identical identifier ({name} = {value}))',
|
||||||
'Values in brackets show "fieldname = value", usually denoting an existing email address',
|
'Values in brackets show "fieldname = value", usually denoting an existing email address',
|
||||||
array(
|
array(
|
||||||
'id' => $existingRecord->ID,
|
'id' => $existingRecord->ID,
|
||||||
'name' => $identifierField,
|
'name' => $identifierField,
|
||||||
'value' => $this->$identifierField
|
'value' => $this->$identifierField
|
||||||
)
|
)
|
||||||
)));
|
)));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// We don't send emails out on dev/tests sites to prevent accidentally spamming users.
|
// We don't send emails out on dev/tests sites to prevent accidentally spamming users.
|
||||||
// However, if TestMailer is in use this isn't a risk.
|
// However, if TestMailer is in use this isn't a risk.
|
||||||
if ((Director::isLive() || Email::mailer() instanceof TestMailer)
|
if ((Director::isLive() || Email::mailer() instanceof TestMailer)
|
||||||
&& $this->isChanged('Password')
|
&& $this->isChanged('Password')
|
||||||
&& $this->record['Password']
|
&& $this->record['Password']
|
||||||
&& $this->config()->notify_password_change
|
&& $this->config()->notify_password_change
|
||||||
) {
|
) {
|
||||||
/** @var Email $e */
|
/** @var Email $e */
|
||||||
$e = Email::create();
|
$e = Email::create();
|
||||||
$e->setSubject(_t('Member.SUBJECTPASSWORDCHANGED', "Your password has been changed", 'Email subject'));
|
$e->setSubject(_t('Member.SUBJECTPASSWORDCHANGED', "Your password has been changed", 'Email subject'));
|
||||||
$e->setTemplate('ChangePasswordEmail');
|
$e->setTemplate('ChangePasswordEmail');
|
||||||
$e->populateTemplate($this);
|
$e->populateTemplate($this);
|
||||||
$e->setTo($this->Email);
|
$e->setTo($this->Email);
|
||||||
$e->send();
|
$e->send();
|
||||||
}
|
}
|
||||||
|
|
||||||
// The test on $this->ID is used for when records are initially created.
|
// The test on $this->ID is used for when records are initially created.
|
||||||
// Note that this only works with cleartext passwords, as we can't rehash
|
// Note that this only works with cleartext passwords, as we can't rehash
|
||||||
// existing passwords.
|
// existing passwords.
|
||||||
if ((!$this->ID && $this->Password) || $this->isChanged('Password')) {
|
if((!$this->ID && $this->Password) || $this->isChanged('Password')) {
|
||||||
//reset salt so that it gets regenerated - this will invalidate any persistant login cookies
|
//reset salt so that it gets regenerated - this will invalidate any persistant login cookies
|
||||||
// or other information encrypted with this Member's settings (see self::encryptWithUserSettings)
|
// or other information encrypted with this Member's settings (see self::encryptWithUserSettings)
|
||||||
$this->Salt = '';
|
$this->Salt = '';
|
||||||
// Password was changed: encrypt the password according the settings
|
// Password was changed: encrypt the password according the settings
|
||||||
$encryption_details = Security::encrypt_password(
|
$encryption_details = Security::encrypt_password(
|
||||||
$this->Password, // this is assumed to be cleartext
|
$this->Password, // this is assumed to be cleartext
|
||||||
$this->Salt,
|
$this->Salt,
|
||||||
($this->PasswordEncryption) ?
|
($this->PasswordEncryption) ?
|
||||||
$this->PasswordEncryption : Security::config()->password_encryption_algorithm,
|
$this->PasswordEncryption : Security::config()->password_encryption_algorithm,
|
||||||
$this
|
$this
|
||||||
);
|
);
|
||||||
|
|
||||||
// Overwrite the Password property with the hashed value
|
// Overwrite the Password property with the hashed value
|
||||||
$this->Password = $encryption_details['password'];
|
$this->Password = $encryption_details['password'];
|
||||||
$this->Salt = $encryption_details['salt'];
|
$this->Salt = $encryption_details['salt'];
|
||||||
$this->PasswordEncryption = $encryption_details['algorithm'];
|
$this->PasswordEncryption = $encryption_details['algorithm'];
|
||||||
|
|
||||||
// If we haven't manually set a password expiry
|
// If we haven't manually set a password expiry
|
||||||
if (!$this->isChanged('PasswordExpiry')) {
|
if(!$this->isChanged('PasswordExpiry')) {
|
||||||
// then set it for us
|
// then set it for us
|
||||||
if (self::config()->password_expiry_days) {
|
if(self::config()->password_expiry_days) {
|
||||||
$this->PasswordExpiry = date('Y-m-d', time() + 86400 * self::config()->password_expiry_days);
|
$this->PasswordExpiry = date('Y-m-d', time() + 86400 * self::config()->password_expiry_days);
|
||||||
} else {
|
} else {
|
||||||
$this->PasswordExpiry = null;
|
$this->PasswordExpiry = null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// save locale
|
// save locale
|
||||||
if (!$this->Locale) {
|
if(!$this->Locale) {
|
||||||
$this->Locale = i18n::get_locale();
|
$this->Locale = i18n::get_locale();
|
||||||
}
|
}
|
||||||
|
|
||||||
parent::onBeforeWrite();
|
parent::onBeforeWrite();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function onAfterWrite()
|
public function onAfterWrite()
|
||||||
{
|
{
|
||||||
parent::onAfterWrite();
|
parent::onAfterWrite();
|
||||||
|
|
||||||
Permission::flush_permission_cache();
|
Permission::flush_permission_cache();
|
||||||
|
|
||||||
if ($this->isChanged('Password')) {
|
if($this->isChanged('Password')) {
|
||||||
MemberPassword::log($this);
|
MemberPassword::log($this);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function onAfterDelete()
|
public function onAfterDelete()
|
||||||
{
|
{
|
||||||
parent::onAfterDelete();
|
parent::onAfterDelete();
|
||||||
|
|
||||||
//prevent orphaned records remaining in the DB
|
//prevent orphaned records remaining in the DB
|
||||||
$this->deletePasswordLogs();
|
$this->deletePasswordLogs();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Delete the MemberPassword objects that are associated to this user
|
* Delete the MemberPassword objects that are associated to this user
|
||||||
*
|
*
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
protected function deletePasswordLogs()
|
protected function deletePasswordLogs()
|
||||||
{
|
{
|
||||||
foreach ($this->LoggedPasswords() as $password) {
|
foreach ($this->LoggedPasswords() as $password) {
|
||||||
$password->delete();
|
$password->delete();
|
||||||
$password->destroy();
|
$password->destroy();
|
||||||
}
|
}
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Filter out admin groups to avoid privilege escalation,
|
* Filter out admin groups to avoid privilege escalation,
|
||||||
* If any admin groups are requested, deny the whole save operation.
|
* If any admin groups are requested, deny the whole save operation.
|
||||||
*
|
*
|
||||||
* @param array $ids Database IDs of Group records
|
* @param array $ids Database IDs of Group records
|
||||||
* @return bool True if the change can be accepted
|
* @return bool True if the change can be accepted
|
||||||
*/
|
*/
|
||||||
public function onChangeGroups($ids)
|
public function onChangeGroups($ids)
|
||||||
{
|
{
|
||||||
// unless the current user is an admin already OR the logged in user is an admin
|
// unless the current user is an admin already OR the logged in user is an admin
|
||||||
if (Permission::check('ADMIN') || Permission::checkMember($this, 'ADMIN')) {
|
if(Permission::check('ADMIN') || Permission::checkMember($this, 'ADMIN')) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// If there are no admin groups in this set then it's ok
|
// If there are no admin groups in this set then it's ok
|
||||||
$adminGroups = Permission::get_groups_by_permission('ADMIN');
|
$adminGroups = Permission::get_groups_by_permission('ADMIN');
|
||||||
$adminGroupIDs = ($adminGroups) ? $adminGroups->column('ID') : array();
|
$adminGroupIDs = ($adminGroups) ? $adminGroups->column('ID') : array();
|
||||||
return count(array_intersect($ids, $adminGroupIDs)) == 0;
|
return count(array_intersect($ids, $adminGroupIDs)) == 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if the member is in one of the given groups.
|
* Check if the member is in one of the given groups.
|
||||||
*
|
*
|
||||||
* @param array|SS_List $groups Collection of {@link Group} DataObjects to check
|
* @param array|SS_List $groups Collection of {@link Group} DataObjects to check
|
||||||
* @param boolean $strict Only determine direct group membership if set to true (Default: false)
|
* @param boolean $strict Only determine direct group membership if set to true (Default: false)
|
||||||
* @return bool Returns TRUE if the member is in one of the given groups, otherwise FALSE.
|
* @return bool Returns TRUE if the member is in one of the given groups, otherwise FALSE.
|
||||||
*/
|
*/
|
||||||
public function inGroups($groups, $strict = false)
|
public function inGroups($groups, $strict = false)
|
||||||
{
|
{
|
||||||
if ($groups) {
|
if ($groups) {
|
||||||
@ -1076,608 +1076,608 @@ class Member extends DataObject implements TemplateGlobalProvider
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if the member is in the given group or any parent groups.
|
* Check if the member is in the given group or any parent groups.
|
||||||
*
|
*
|
||||||
* @param int|Group|string $group Group instance, Group Code or ID
|
* @param int|Group|string $group Group instance, Group Code or ID
|
||||||
* @param boolean $strict Only determine direct group membership if set to TRUE (Default: FALSE)
|
* @param boolean $strict Only determine direct group membership if set to TRUE (Default: FALSE)
|
||||||
* @return bool Returns TRUE if the member is in the given group, otherwise FALSE.
|
* @return bool Returns TRUE if the member is in the given group, otherwise FALSE.
|
||||||
*/
|
*/
|
||||||
public function inGroup($group, $strict = false)
|
public function inGroup($group, $strict = false)
|
||||||
{
|
{
|
||||||
if (is_numeric($group)) {
|
if(is_numeric($group)) {
|
||||||
$groupCheckObj = DataObject::get_by_id('SilverStripe\\Security\\Group', $group);
|
$groupCheckObj = DataObject::get_by_id('SilverStripe\\Security\\Group', $group);
|
||||||
} elseif (is_string($group)) {
|
} elseif(is_string($group)) {
|
||||||
$groupCheckObj = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
$groupCheckObj = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
||||||
'"Group"."Code"' => $group
|
'"Group"."Code"' => $group
|
||||||
));
|
));
|
||||||
} elseif ($group instanceof Group) {
|
} elseif($group instanceof Group) {
|
||||||
$groupCheckObj = $group;
|
$groupCheckObj = $group;
|
||||||
} else {
|
} else {
|
||||||
user_error('Member::inGroup(): Wrong format for $group parameter', E_USER_ERROR);
|
user_error('Member::inGroup(): Wrong format for $group parameter', E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$groupCheckObj) {
|
if (!$groupCheckObj) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$groupCandidateObjs = ($strict) ? $this->getManyManyComponents("Groups") : $this->Groups();
|
$groupCandidateObjs = ($strict) ? $this->getManyManyComponents("Groups") : $this->Groups();
|
||||||
if ($groupCandidateObjs) {
|
if ($groupCandidateObjs) {
|
||||||
foreach ($groupCandidateObjs as $groupCandidateObj) {
|
foreach ($groupCandidateObjs as $groupCandidateObj) {
|
||||||
if ($groupCandidateObj->ID == $groupCheckObj->ID) {
|
if ($groupCandidateObj->ID == $groupCheckObj->ID) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Adds the member to a group. This will create the group if the given
|
* Adds the member to a group. This will create the group if the given
|
||||||
* group code does not return a valid group object.
|
* group code does not return a valid group object.
|
||||||
*
|
*
|
||||||
* @param string $groupcode
|
* @param string $groupcode
|
||||||
* @param string $title Title of the group
|
* @param string $title Title of the group
|
||||||
*/
|
*/
|
||||||
public function addToGroupByCode($groupcode, $title = "")
|
public function addToGroupByCode($groupcode, $title = "")
|
||||||
{
|
{
|
||||||
$group = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
$group = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
||||||
'"Group"."Code"' => $groupcode
|
'"Group"."Code"' => $groupcode
|
||||||
));
|
));
|
||||||
|
|
||||||
if ($group) {
|
if($group) {
|
||||||
$this->Groups()->add($group);
|
$this->Groups()->add($group);
|
||||||
} else {
|
} else {
|
||||||
if (!$title) {
|
if (!$title) {
|
||||||
$title = $groupcode;
|
$title = $groupcode;
|
||||||
}
|
}
|
||||||
|
|
||||||
$group = new Group();
|
$group = new Group();
|
||||||
$group->Code = $groupcode;
|
$group->Code = $groupcode;
|
||||||
$group->Title = $title;
|
$group->Title = $title;
|
||||||
$group->write();
|
$group->write();
|
||||||
|
|
||||||
$this->Groups()->add($group);
|
$this->Groups()->add($group);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Removes a member from a group.
|
* Removes a member from a group.
|
||||||
*
|
*
|
||||||
* @param string $groupcode
|
* @param string $groupcode
|
||||||
*/
|
*/
|
||||||
public function removeFromGroupByCode($groupcode)
|
public function removeFromGroupByCode($groupcode)
|
||||||
{
|
{
|
||||||
$group = Group::get()->filter(array('Code' => $groupcode))->first();
|
$group = Group::get()->filter(array('Code' => $groupcode))->first();
|
||||||
|
|
||||||
if ($group) {
|
if($group) {
|
||||||
$this->Groups()->remove($group);
|
$this->Groups()->remove($group);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $columns Column names on the Member record to show in {@link getTitle()}.
|
* @param array $columns Column names on the Member record to show in {@link getTitle()}.
|
||||||
* @param String $sep Separator
|
* @param String $sep Separator
|
||||||
*/
|
*/
|
||||||
public static function set_title_columns($columns, $sep = ' ')
|
public static function set_title_columns($columns, $sep = ' ')
|
||||||
{
|
{
|
||||||
if (!is_array($columns)) {
|
if (!is_array($columns)) {
|
||||||
$columns = array($columns);
|
$columns = array($columns);
|
||||||
}
|
}
|
||||||
self::config()->title_format = array('columns' => $columns, 'sep' => $sep);
|
self::config()->title_format = array('columns' => $columns, 'sep' => $sep);
|
||||||
}
|
}
|
||||||
|
|
||||||
//------------------- HELPER METHODS -----------------------------------//
|
//------------------- HELPER METHODS -----------------------------------//
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the complete name of the member, by default in the format "<Surname>, <FirstName>".
|
* Get the complete name of the member, by default in the format "<Surname>, <FirstName>".
|
||||||
* Falls back to showing either field on its own.
|
* Falls back to showing either field on its own.
|
||||||
*
|
*
|
||||||
* You can overload this getter with {@link set_title_format()}
|
* You can overload this getter with {@link set_title_format()}
|
||||||
* and {@link set_title_sql()}.
|
* and {@link set_title_sql()}.
|
||||||
*
|
*
|
||||||
* @return string Returns the first- and surname of the member. If the ID
|
* @return string Returns the first- and surname of the member. If the ID
|
||||||
* of the member is equal 0, only the surname is returned.
|
* of the member is equal 0, only the surname is returned.
|
||||||
*/
|
*/
|
||||||
public function getTitle()
|
public function getTitle()
|
||||||
{
|
{
|
||||||
$format = $this->config()->title_format;
|
$format = $this->config()->title_format;
|
||||||
if ($format) {
|
if ($format) {
|
||||||
$values = array();
|
$values = array();
|
||||||
foreach ($format['columns'] as $col) {
|
foreach($format['columns'] as $col) {
|
||||||
$values[] = $this->getField($col);
|
$values[] = $this->getField($col);
|
||||||
}
|
}
|
||||||
return join($format['sep'], $values);
|
return join($format['sep'], $values);
|
||||||
}
|
}
|
||||||
if ($this->getField('ID') === 0) {
|
if ($this->getField('ID') === 0) {
|
||||||
return $this->getField('Surname');
|
return $this->getField('Surname');
|
||||||
} else {
|
} else {
|
||||||
if ($this->getField('Surname') && $this->getField('FirstName')) {
|
if($this->getField('Surname') && $this->getField('FirstName')){
|
||||||
return $this->getField('Surname') . ', ' . $this->getField('FirstName');
|
return $this->getField('Surname') . ', ' . $this->getField('FirstName');
|
||||||
} elseif ($this->getField('Surname')) {
|
}elseif($this->getField('Surname')){
|
||||||
return $this->getField('Surname');
|
return $this->getField('Surname');
|
||||||
} elseif ($this->getField('FirstName')) {
|
}elseif($this->getField('FirstName')){
|
||||||
return $this->getField('FirstName');
|
return $this->getField('FirstName');
|
||||||
} else {
|
}else{
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a SQL CONCAT() fragment suitable for a SELECT statement.
|
* Return a SQL CONCAT() fragment suitable for a SELECT statement.
|
||||||
* Useful for custom queries which assume a certain member title format.
|
* Useful for custom queries which assume a certain member title format.
|
||||||
*
|
*
|
||||||
* @return String SQL
|
* @return String SQL
|
||||||
*/
|
*/
|
||||||
public static function get_title_sql()
|
public static function get_title_sql()
|
||||||
{
|
{
|
||||||
// This should be abstracted to SSDatabase concatOperator or similar.
|
// This should be abstracted to SSDatabase concatOperator or similar.
|
||||||
$op = (DB::get_conn() instanceof MSSQLDatabase) ? " + " : " || ";
|
$op = (DB::get_conn() instanceof MSSQLDatabase) ? " + " : " || ";
|
||||||
|
|
||||||
// Get title_format with fallback to default
|
// Get title_format with fallback to default
|
||||||
$format = static::config()->title_format;
|
$format = static::config()->title_format;
|
||||||
if (!$format) {
|
if (!$format) {
|
||||||
$format = [
|
$format = [
|
||||||
'columns' => ['Surname', 'FirstName'],
|
'columns' => ['Surname', 'FirstName'],
|
||||||
'sep' => ' ',
|
'sep' => ' ',
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
$columnsWithTablename = array();
|
$columnsWithTablename = array();
|
||||||
foreach ($format['columns'] as $column) {
|
foreach($format['columns'] as $column) {
|
||||||
$columnsWithTablename[] = static::getSchema()->sqlColumnForField(__CLASS__, $column);
|
$columnsWithTablename[] = static::getSchema()->sqlColumnForField(__CLASS__, $column);
|
||||||
}
|
}
|
||||||
|
|
||||||
$sepSQL = Convert::raw2sql($format['sep'], true);
|
$sepSQL = Convert::raw2sql($format['sep'], true);
|
||||||
return "(".join(" $op $sepSQL $op ", $columnsWithTablename).")";
|
return "(".join(" $op $sepSQL $op ", $columnsWithTablename).")";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the complete name of the member
|
* Get the complete name of the member
|
||||||
*
|
*
|
||||||
* @return string Returns the first- and surname of the member.
|
* @return string Returns the first- and surname of the member.
|
||||||
*/
|
*/
|
||||||
public function getName()
|
public function getName()
|
||||||
{
|
{
|
||||||
return ($this->Surname) ? trim($this->FirstName . ' ' . $this->Surname) : $this->FirstName;
|
return ($this->Surname) ? trim($this->FirstName . ' ' . $this->Surname) : $this->FirstName;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set first- and surname
|
* Set first- and surname
|
||||||
*
|
*
|
||||||
* This method assumes that the last part of the name is the surname, e.g.
|
* This method assumes that the last part of the name is the surname, e.g.
|
||||||
* <i>A B C</i> will result in firstname <i>A B</i> and surname <i>C</i>
|
* <i>A B C</i> will result in firstname <i>A B</i> and surname <i>C</i>
|
||||||
*
|
*
|
||||||
* @param string $name The name
|
* @param string $name The name
|
||||||
*/
|
*/
|
||||||
public function setName($name)
|
public function setName($name)
|
||||||
{
|
{
|
||||||
$nameParts = explode(' ', $name);
|
$nameParts = explode(' ', $name);
|
||||||
$this->Surname = array_pop($nameParts);
|
$this->Surname = array_pop($nameParts);
|
||||||
$this->FirstName = join(' ', $nameParts);
|
$this->FirstName = join(' ', $nameParts);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Alias for {@link setName}
|
* Alias for {@link setName}
|
||||||
*
|
*
|
||||||
* @param string $name The name
|
* @param string $name The name
|
||||||
* @see setName()
|
* @see setName()
|
||||||
*/
|
*/
|
||||||
public function splitName($name)
|
public function splitName($name)
|
||||||
{
|
{
|
||||||
return $this->setName($name);
|
return $this->setName($name);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Override the default getter for DateFormat so the
|
* Override the default getter for DateFormat so the
|
||||||
* default format for the user's locale is used
|
* default format for the user's locale is used
|
||||||
* if the user has not defined their own.
|
* if the user has not defined their own.
|
||||||
*
|
*
|
||||||
* @return string ISO date format
|
* @return string ISO date format
|
||||||
*/
|
*/
|
||||||
public function getDateFormat()
|
public function getDateFormat()
|
||||||
{
|
{
|
||||||
if ($this->getField('DateFormat')) {
|
if($this->getField('DateFormat')) {
|
||||||
return $this->getField('DateFormat');
|
return $this->getField('DateFormat');
|
||||||
} else {
|
} else {
|
||||||
return i18n::config()->get('date_format');
|
return i18n::config()->get('date_format');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Override the default getter for TimeFormat so the
|
* Override the default getter for TimeFormat so the
|
||||||
* default format for the user's locale is used
|
* default format for the user's locale is used
|
||||||
* if the user has not defined their own.
|
* if the user has not defined their own.
|
||||||
*
|
*
|
||||||
* @return string ISO date format
|
* @return string ISO date format
|
||||||
*/
|
*/
|
||||||
public function getTimeFormat()
|
public function getTimeFormat()
|
||||||
{
|
{
|
||||||
if ($this->getField('TimeFormat')) {
|
if($this->getField('TimeFormat')) {
|
||||||
return $this->getField('TimeFormat');
|
return $this->getField('TimeFormat');
|
||||||
} else {
|
} else {
|
||||||
return i18n::config()->get('time_format');
|
return i18n::config()->get('time_format');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//---------------------------------------------------------------------//
|
//---------------------------------------------------------------------//
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a "many-to-many" map that holds for all members their group memberships,
|
* Get a "many-to-many" map that holds for all members their group memberships,
|
||||||
* including any parent groups where membership is implied.
|
* including any parent groups where membership is implied.
|
||||||
* Use {@link DirectGroups()} to only retrieve the group relations without inheritance.
|
* Use {@link DirectGroups()} to only retrieve the group relations without inheritance.
|
||||||
*
|
*
|
||||||
* @todo Push all this logic into Member_GroupSet's getIterator()?
|
* @todo Push all this logic into Member_GroupSet's getIterator()?
|
||||||
* @return Member_Groupset
|
* @return Member_Groupset
|
||||||
*/
|
*/
|
||||||
public function Groups()
|
public function Groups()
|
||||||
{
|
{
|
||||||
$groups = Member_GroupSet::create('SilverStripe\\Security\\Group', 'Group_Members', 'GroupID', 'MemberID');
|
$groups = Member_GroupSet::create('SilverStripe\\Security\\Group', 'Group_Members', 'GroupID', 'MemberID');
|
||||||
$groups = $groups->forForeignID($this->ID);
|
$groups = $groups->forForeignID($this->ID);
|
||||||
|
|
||||||
$this->extend('updateGroups', $groups);
|
$this->extend('updateGroups', $groups);
|
||||||
|
|
||||||
return $groups;
|
return $groups;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return ManyManyList
|
* @return ManyManyList
|
||||||
*/
|
*/
|
||||||
public function DirectGroups()
|
public function DirectGroups()
|
||||||
{
|
{
|
||||||
return $this->getManyManyComponents('Groups');
|
return $this->getManyManyComponents('Groups');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a member SQLMap of members in specific groups
|
* Get a member SQLMap of members in specific groups
|
||||||
*
|
*
|
||||||
* If no $groups is passed, all members will be returned
|
* If no $groups is passed, all members will be returned
|
||||||
*
|
*
|
||||||
* @param mixed $groups - takes a SS_List, an array or a single Group.ID
|
* @param mixed $groups - takes a SS_List, an array or a single Group.ID
|
||||||
* @return Map Returns an Map that returns all Member data.
|
* @return Map Returns an Map that returns all Member data.
|
||||||
*/
|
*/
|
||||||
public static function map_in_groups($groups = null)
|
public static function map_in_groups($groups = null)
|
||||||
{
|
{
|
||||||
$groupIDList = array();
|
$groupIDList = array();
|
||||||
|
|
||||||
if ($groups instanceof SS_List) {
|
if($groups instanceof SS_List) {
|
||||||
foreach ($groups as $group) {
|
foreach( $groups as $group ) {
|
||||||
$groupIDList[] = $group->ID;
|
$groupIDList[] = $group->ID;
|
||||||
}
|
}
|
||||||
} elseif (is_array($groups)) {
|
} elseif(is_array($groups)) {
|
||||||
$groupIDList = $groups;
|
$groupIDList = $groups;
|
||||||
} elseif ($groups) {
|
} elseif($groups) {
|
||||||
$groupIDList[] = $groups;
|
$groupIDList[] = $groups;
|
||||||
}
|
}
|
||||||
|
|
||||||
// No groups, return all Members
|
// No groups, return all Members
|
||||||
if (!$groupIDList) {
|
if(!$groupIDList) {
|
||||||
return Member::get()->sort(array('Surname'=>'ASC', 'FirstName'=>'ASC'))->map();
|
return Member::get()->sort(array('Surname'=>'ASC', 'FirstName'=>'ASC'))->map();
|
||||||
}
|
}
|
||||||
|
|
||||||
$membersList = new ArrayList();
|
$membersList = new ArrayList();
|
||||||
// This is a bit ineffective, but follow the ORM style
|
// This is a bit ineffective, but follow the ORM style
|
||||||
foreach (Group::get()->byIDs($groupIDList) as $group) {
|
foreach(Group::get()->byIDs($groupIDList) as $group) {
|
||||||
$membersList->merge($group->Members());
|
$membersList->merge($group->Members());
|
||||||
}
|
}
|
||||||
|
|
||||||
$membersList->removeDuplicates('ID');
|
$membersList->removeDuplicates('ID');
|
||||||
return $membersList->map();
|
return $membersList->map();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a map of all members in the groups given that have CMS permissions
|
* Get a map of all members in the groups given that have CMS permissions
|
||||||
*
|
*
|
||||||
* If no groups are passed, all groups with CMS permissions will be used.
|
* If no groups are passed, all groups with CMS permissions will be used.
|
||||||
*
|
*
|
||||||
* @param array $groups Groups to consider or NULL to use all groups with
|
* @param array $groups Groups to consider or NULL to use all groups with
|
||||||
* CMS permissions.
|
* CMS permissions.
|
||||||
* @return Map Returns a map of all members in the groups given that
|
* @return Map Returns a map of all members in the groups given that
|
||||||
* have CMS permissions.
|
* have CMS permissions.
|
||||||
*/
|
*/
|
||||||
public static function mapInCMSGroups($groups = null)
|
public static function mapInCMSGroups($groups = null)
|
||||||
{
|
{
|
||||||
if (!$groups || $groups->Count() == 0) {
|
if(!$groups || $groups->Count() == 0) {
|
||||||
$perms = array('ADMIN', 'CMS_ACCESS_AssetAdmin');
|
$perms = array('ADMIN', 'CMS_ACCESS_AssetAdmin');
|
||||||
|
|
||||||
if (class_exists('SilverStripe\\CMS\\Controllers\\CMSMain')) {
|
if (class_exists('SilverStripe\\CMS\\Controllers\\CMSMain')) {
|
||||||
$cmsPerms = CMSMain::singleton()->providePermissions();
|
$cmsPerms = CMSMain::singleton()->providePermissions();
|
||||||
} else {
|
} else {
|
||||||
$cmsPerms = LeftAndMain::singleton()->providePermissions();
|
$cmsPerms = LeftAndMain::singleton()->providePermissions();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($cmsPerms)) {
|
if(!empty($cmsPerms)) {
|
||||||
$perms = array_unique(array_merge($perms, array_keys($cmsPerms)));
|
$perms = array_unique(array_merge($perms, array_keys($cmsPerms)));
|
||||||
}
|
}
|
||||||
|
|
||||||
$permsClause = DB::placeholders($perms);
|
$permsClause = DB::placeholders($perms);
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
$groups = Group::get()
|
$groups = Group::get()
|
||||||
->innerJoin("Permission", '"Permission"."GroupID" = "Group"."ID"')
|
->innerJoin("Permission", '"Permission"."GroupID" = "Group"."ID"')
|
||||||
->where(array(
|
->where(array(
|
||||||
"\"Permission\".\"Code\" IN ($permsClause)" => $perms
|
"\"Permission\".\"Code\" IN ($permsClause)" => $perms
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
$groupIDList = array();
|
$groupIDList = array();
|
||||||
|
|
||||||
if ($groups instanceof SS_List) {
|
if($groups instanceof SS_List) {
|
||||||
foreach ($groups as $group) {
|
foreach($groups as $group) {
|
||||||
$groupIDList[] = $group->ID;
|
$groupIDList[] = $group->ID;
|
||||||
}
|
}
|
||||||
} elseif (is_array($groups)) {
|
} elseif(is_array($groups)) {
|
||||||
$groupIDList = $groups;
|
$groupIDList = $groups;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
$members = Member::get()
|
$members = Member::get()
|
||||||
->innerJoin("Group_Members", '"Group_Members"."MemberID" = "Member"."ID"')
|
->innerJoin("Group_Members", '"Group_Members"."MemberID" = "Member"."ID"')
|
||||||
->innerJoin("Group", '"Group"."ID" = "Group_Members"."GroupID"');
|
->innerJoin("Group", '"Group"."ID" = "Group_Members"."GroupID"');
|
||||||
if ($groupIDList) {
|
if($groupIDList) {
|
||||||
$groupClause = DB::placeholders($groupIDList);
|
$groupClause = DB::placeholders($groupIDList);
|
||||||
$members = $members->where(array(
|
$members = $members->where(array(
|
||||||
"\"Group\".\"ID\" IN ($groupClause)" => $groupIDList
|
"\"Group\".\"ID\" IN ($groupClause)" => $groupIDList
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
return $members->sort('"Member"."Surname", "Member"."FirstName"')->map();
|
return $members->sort('"Member"."Surname", "Member"."FirstName"')->map();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the groups in which the member is NOT in
|
* Get the groups in which the member is NOT in
|
||||||
*
|
*
|
||||||
* When passed an array of groups, and a component set of groups, this
|
* When passed an array of groups, and a component set of groups, this
|
||||||
* function will return the array of groups the member is NOT in.
|
* function will return the array of groups the member is NOT in.
|
||||||
*
|
*
|
||||||
* @param array $groupList An array of group code names.
|
* @param array $groupList An array of group code names.
|
||||||
* @param array $memberGroups A component set of groups (if set to NULL,
|
* @param array $memberGroups A component set of groups (if set to NULL,
|
||||||
* $this->groups() will be used)
|
* $this->groups() will be used)
|
||||||
* @return array Groups in which the member is NOT in.
|
* @return array Groups in which the member is NOT in.
|
||||||
*/
|
*/
|
||||||
public function memberNotInGroups($groupList, $memberGroups = null)
|
public function memberNotInGroups($groupList, $memberGroups = null)
|
||||||
{
|
{
|
||||||
if (!$memberGroups) {
|
if (!$memberGroups) {
|
||||||
$memberGroups = $this->Groups();
|
$memberGroups = $this->Groups();
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($memberGroups as $group) {
|
foreach($memberGroups as $group) {
|
||||||
if (in_array($group->Code, $groupList)) {
|
if(in_array($group->Code, $groupList)) {
|
||||||
$index = array_search($group->Code, $groupList);
|
$index = array_search($group->Code, $groupList);
|
||||||
unset($groupList[$index]);
|
unset($groupList[$index]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $groupList;
|
return $groupList;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a {@link FieldList} of fields that would appropriate for editing
|
* Return a {@link FieldList} of fields that would appropriate for editing
|
||||||
* this member.
|
* this member.
|
||||||
*
|
*
|
||||||
* @return FieldList Return a FieldList of fields that would appropriate for
|
* @return FieldList Return a FieldList of fields that would appropriate for
|
||||||
* editing this member.
|
* editing this member.
|
||||||
*/
|
*/
|
||||||
public function getCMSFields()
|
public function getCMSFields()
|
||||||
{
|
{
|
||||||
require_once 'Zend/Date.php';
|
require_once 'Zend/Date.php';
|
||||||
|
|
||||||
$self = $this;
|
$self = $this;
|
||||||
$this->beforeUpdateCMSFields(function (FieldList $fields) use ($self) {
|
$this->beforeUpdateCMSFields(function(FieldList $fields) use ($self) {
|
||||||
/** @var FieldList $mainFields */
|
/** @var FieldList $mainFields */
|
||||||
$mainFields = $fields->fieldByName("Root")->fieldByName("Main")->getChildren();
|
$mainFields = $fields->fieldByName("Root")->fieldByName("Main")->getChildren();
|
||||||
|
|
||||||
// Build change password field
|
// Build change password field
|
||||||
$mainFields->replaceField('Password', $self->getMemberPasswordField());
|
$mainFields->replaceField('Password', $self->getMemberPasswordField());
|
||||||
|
|
||||||
$mainFields->replaceField('Locale', new DropdownField(
|
$mainFields->replaceField('Locale', new DropdownField(
|
||||||
"Locale",
|
"Locale",
|
||||||
_t('Member.INTERFACELANG', "Interface Language", 'Language of the CMS'),
|
_t('Member.INTERFACELANG', "Interface Language", 'Language of the CMS'),
|
||||||
i18n::get_existing_translations()
|
i18n::get_existing_translations()
|
||||||
));
|
));
|
||||||
$mainFields->removeByName($self->config()->hidden_fields);
|
$mainFields->removeByName($self->config()->hidden_fields);
|
||||||
|
|
||||||
if (! $self->config()->lock_out_after_incorrect_logins) {
|
if( ! $self->config()->lock_out_after_incorrect_logins) {
|
||||||
$mainFields->removeByName('FailedLoginCount');
|
$mainFields->removeByName('FailedLoginCount');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// Groups relation will get us into logical conflicts because
|
// Groups relation will get us into logical conflicts because
|
||||||
// Members are displayed within group edit form in SecurityAdmin
|
// Members are displayed within group edit form in SecurityAdmin
|
||||||
$fields->removeByName('Groups');
|
$fields->removeByName('Groups');
|
||||||
|
|
||||||
// Members shouldn't be able to directly view/edit logged passwords
|
// Members shouldn't be able to directly view/edit logged passwords
|
||||||
$fields->removeByName('LoggedPasswords');
|
$fields->removeByName('LoggedPasswords');
|
||||||
|
|
||||||
$fields->removeByName('RememberLoginHashes');
|
$fields->removeByName('RememberLoginHashes');
|
||||||
|
|
||||||
if (Permission::check('EDIT_PERMISSIONS')) {
|
if(Permission::check('EDIT_PERMISSIONS')) {
|
||||||
$groupsMap = array();
|
$groupsMap = array();
|
||||||
foreach (Group::get() as $group) {
|
foreach(Group::get() as $group) {
|
||||||
// Listboxfield values are escaped, use ASCII char instead of »
|
// Listboxfield values are escaped, use ASCII char instead of »
|
||||||
$groupsMap[$group->ID] = $group->getBreadcrumbs(' > ');
|
$groupsMap[$group->ID] = $group->getBreadcrumbs(' > ');
|
||||||
}
|
}
|
||||||
asort($groupsMap);
|
asort($groupsMap);
|
||||||
$fields->addFieldToTab(
|
$fields->addFieldToTab(
|
||||||
'Root.Main',
|
'Root.Main',
|
||||||
ListboxField::create('DirectGroups', singleton('SilverStripe\\Security\\Group')->i18n_plural_name())
|
ListboxField::create('DirectGroups', singleton('SilverStripe\\Security\\Group')->i18n_plural_name())
|
||||||
->setSource($groupsMap)
|
->setSource($groupsMap)
|
||||||
->setAttribute(
|
->setAttribute(
|
||||||
'data-placeholder',
|
'data-placeholder',
|
||||||
_t('Member.ADDGROUP', 'Add group', 'Placeholder text for a dropdown')
|
_t('Member.ADDGROUP', 'Add group', 'Placeholder text for a dropdown')
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
// Add permission field (readonly to avoid complicated group assignment logic).
|
// Add permission field (readonly to avoid complicated group assignment logic).
|
||||||
// This should only be available for existing records, as new records start
|
// This should only be available for existing records, as new records start
|
||||||
// with no permissions until they have a group assignment anyway.
|
// with no permissions until they have a group assignment anyway.
|
||||||
if ($self->ID) {
|
if($self->ID) {
|
||||||
$permissionsField = new PermissionCheckboxSetField_Readonly(
|
$permissionsField = new PermissionCheckboxSetField_Readonly(
|
||||||
'Permissions',
|
'Permissions',
|
||||||
false,
|
false,
|
||||||
'SilverStripe\\Security\\Permission',
|
'SilverStripe\\Security\\Permission',
|
||||||
'GroupID',
|
'GroupID',
|
||||||
// we don't want parent relationships, they're automatically resolved in the field
|
// we don't want parent relationships, they're automatically resolved in the field
|
||||||
$self->getManyManyComponents('Groups')
|
$self->getManyManyComponents('Groups')
|
||||||
);
|
);
|
||||||
$fields->findOrMakeTab('Root.Permissions', singleton('SilverStripe\\Security\\Permission')->i18n_plural_name());
|
$fields->findOrMakeTab('Root.Permissions', singleton('SilverStripe\\Security\\Permission')->i18n_plural_name());
|
||||||
$fields->addFieldToTab('Root.Permissions', $permissionsField);
|
$fields->addFieldToTab('Root.Permissions', $permissionsField);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$permissionsTab = $fields->fieldByName("Root")->fieldByName('Permissions');
|
$permissionsTab = $fields->fieldByName("Root")->fieldByName('Permissions');
|
||||||
if ($permissionsTab) {
|
if ($permissionsTab) {
|
||||||
$permissionsTab->addExtraClass('readonly');
|
$permissionsTab->addExtraClass('readonly');
|
||||||
}
|
}
|
||||||
|
|
||||||
$defaultDateFormat = Zend_Locale_Format::getDateFormat(new Zend_Locale($self->Locale));
|
$defaultDateFormat = Zend_Locale_Format::getDateFormat(new Zend_Locale($self->Locale));
|
||||||
$dateFormatMap = array(
|
$dateFormatMap = array(
|
||||||
'MMM d, yyyy' => Zend_Date::now()->toString('MMM d, yyyy'),
|
'MMM d, yyyy' => Zend_Date::now()->toString('MMM d, yyyy'),
|
||||||
'yyyy/MM/dd' => Zend_Date::now()->toString('yyyy/MM/dd'),
|
'yyyy/MM/dd' => Zend_Date::now()->toString('yyyy/MM/dd'),
|
||||||
'MM/dd/yyyy' => Zend_Date::now()->toString('MM/dd/yyyy'),
|
'MM/dd/yyyy' => Zend_Date::now()->toString('MM/dd/yyyy'),
|
||||||
'dd/MM/yyyy' => Zend_Date::now()->toString('dd/MM/yyyy'),
|
'dd/MM/yyyy' => Zend_Date::now()->toString('dd/MM/yyyy'),
|
||||||
);
|
);
|
||||||
$dateFormatMap[$defaultDateFormat] = Zend_Date::now()->toString($defaultDateFormat)
|
$dateFormatMap[$defaultDateFormat] = Zend_Date::now()->toString($defaultDateFormat)
|
||||||
. sprintf(' (%s)', _t('Member.DefaultDateTime', 'default'));
|
. sprintf(' (%s)', _t('Member.DefaultDateTime', 'default'));
|
||||||
$mainFields->push(
|
$mainFields->push(
|
||||||
$dateFormatField = new MemberDatetimeOptionsetField(
|
$dateFormatField = new MemberDatetimeOptionsetField(
|
||||||
'DateFormat',
|
'DateFormat',
|
||||||
$self->fieldLabel('DateFormat'),
|
$self->fieldLabel('DateFormat'),
|
||||||
$dateFormatMap
|
$dateFormatMap
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
$formatClass = get_class($dateFormatField);
|
$formatClass = get_class($dateFormatField);
|
||||||
$dateFormatField->setValue($self->DateFormat);
|
$dateFormatField->setValue($self->DateFormat);
|
||||||
$dateTemplate = SSViewer::get_templates_by_class($formatClass, '_description_date', $formatClass);
|
$dateTemplate = SSViewer::get_templates_by_class($formatClass, '_description_date', $formatClass);
|
||||||
$dateFormatField->setDescriptionTemplate($dateTemplate);
|
$dateFormatField->setDescriptionTemplate($dateTemplate);
|
||||||
|
|
||||||
$defaultTimeFormat = Zend_Locale_Format::getTimeFormat(new Zend_Locale($self->Locale));
|
$defaultTimeFormat = Zend_Locale_Format::getTimeFormat(new Zend_Locale($self->Locale));
|
||||||
$timeFormatMap = array(
|
$timeFormatMap = array(
|
||||||
'h:mm a' => Zend_Date::now()->toString('h:mm a'),
|
'h:mm a' => Zend_Date::now()->toString('h:mm a'),
|
||||||
'H:mm' => Zend_Date::now()->toString('H:mm'),
|
'H:mm' => Zend_Date::now()->toString('H:mm'),
|
||||||
);
|
);
|
||||||
$timeFormatMap[$defaultTimeFormat] = Zend_Date::now()->toString($defaultTimeFormat)
|
$timeFormatMap[$defaultTimeFormat] = Zend_Date::now()->toString($defaultTimeFormat)
|
||||||
. sprintf(' (%s)', _t('Member.DefaultDateTime', 'default'));
|
. sprintf(' (%s)', _t('Member.DefaultDateTime', 'default'));
|
||||||
$mainFields->push(
|
$mainFields->push(
|
||||||
$timeFormatField = new MemberDatetimeOptionsetField(
|
$timeFormatField = new MemberDatetimeOptionsetField(
|
||||||
'TimeFormat',
|
'TimeFormat',
|
||||||
$self->fieldLabel('TimeFormat'),
|
$self->fieldLabel('TimeFormat'),
|
||||||
$timeFormatMap
|
$timeFormatMap
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
$timeFormatField->setValue($self->TimeFormat);
|
$timeFormatField->setValue($self->TimeFormat);
|
||||||
$timeTemplate = SSViewer::get_templates_by_class($formatClass, '_description_time', $formatClass);
|
$timeTemplate = SSViewer::get_templates_by_class($formatClass,'_description_time', $formatClass);
|
||||||
$timeFormatField->setDescriptionTemplate($timeTemplate);
|
$timeFormatField->setDescriptionTemplate($timeTemplate);
|
||||||
});
|
});
|
||||||
|
|
||||||
return parent::getCMSFields();
|
return parent::getCMSFields();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param bool $includerelations Indicate if the labels returned include relation fields
|
* @param bool $includerelations Indicate if the labels returned include relation fields
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function fieldLabels($includerelations = true)
|
public function fieldLabels($includerelations = true)
|
||||||
{
|
{
|
||||||
$labels = parent::fieldLabels($includerelations);
|
$labels = parent::fieldLabels($includerelations);
|
||||||
|
|
||||||
$labels['FirstName'] = _t('Member.FIRSTNAME', 'First Name');
|
$labels['FirstName'] = _t('Member.FIRSTNAME', 'First Name');
|
||||||
$labels['Surname'] = _t('Member.SURNAME', 'Surname');
|
$labels['Surname'] = _t('Member.SURNAME', 'Surname');
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
$labels['Email'] = _t('Member.EMAIL', 'Email');
|
$labels['Email'] = _t('Member.EMAIL', 'Email');
|
||||||
$labels['Password'] = _t('Member.db_Password', 'Password');
|
$labels['Password'] = _t('Member.db_Password', 'Password');
|
||||||
$labels['PasswordExpiry'] = _t('Member.db_PasswordExpiry', 'Password Expiry Date', 'Password expiry date');
|
$labels['PasswordExpiry'] = _t('Member.db_PasswordExpiry', 'Password Expiry Date', 'Password expiry date');
|
||||||
$labels['LockedOutUntil'] = _t('Member.db_LockedOutUntil', 'Locked out until', 'Security related date');
|
$labels['LockedOutUntil'] = _t('Member.db_LockedOutUntil', 'Locked out until', 'Security related date');
|
||||||
$labels['Locale'] = _t('Member.db_Locale', 'Interface Locale');
|
$labels['Locale'] = _t('Member.db_Locale', 'Interface Locale');
|
||||||
$labels['DateFormat'] = _t('Member.DATEFORMAT', 'Date format');
|
$labels['DateFormat'] = _t('Member.DATEFORMAT', 'Date format');
|
||||||
$labels['TimeFormat'] = _t('Member.TIMEFORMAT', 'Time format');
|
$labels['TimeFormat'] = _t('Member.TIMEFORMAT', 'Time format');
|
||||||
if ($includerelations) {
|
if($includerelations){
|
||||||
$labels['Groups'] = _t(
|
$labels['Groups'] = _t(
|
||||||
'Member.belongs_many_many_Groups',
|
'Member.belongs_many_many_Groups',
|
||||||
'Groups',
|
'Groups',
|
||||||
'Security Groups this member belongs to'
|
'Security Groups this member belongs to'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
return $labels;
|
return $labels;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Users can view their own record.
|
* Users can view their own record.
|
||||||
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions.
|
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions.
|
||||||
* This is likely to be customized for social sites etc. with a looser permission model.
|
* This is likely to be customized for social sites etc. with a looser permission model.
|
||||||
*
|
*
|
||||||
* @param Member $member
|
* @param Member $member
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function canView($member = null)
|
public function canView($member = null)
|
||||||
{
|
{
|
||||||
//get member
|
//get member
|
||||||
if (!($member instanceof Member)) {
|
if(!($member instanceof Member)) {
|
||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
}
|
}
|
||||||
//check for extensions, we do this first as they can overrule everything
|
//check for extensions, we do this first as they can overrule everything
|
||||||
$extended = $this->extendedCan(__FUNCTION__, $member);
|
$extended = $this->extendedCan(__FUNCTION__, $member);
|
||||||
if ($extended !== null) {
|
if($extended !== null) {
|
||||||
return $extended;
|
return $extended;
|
||||||
}
|
}
|
||||||
|
|
||||||
//need to be logged in and/or most checks below rely on $member being a Member
|
//need to be logged in and/or most checks below rely on $member being a Member
|
||||||
if (!$member) {
|
if(!$member) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
// members can usually view their own record
|
// members can usually view their own record
|
||||||
if ($this->ID == $member->ID) {
|
if($this->ID == $member->ID) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//standard check
|
//standard check
|
||||||
return Permission::checkMember($member, 'CMS_ACCESS_SecurityAdmin');
|
return Permission::checkMember($member, 'CMS_ACCESS_SecurityAdmin');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Users can edit their own record.
|
* Users can edit their own record.
|
||||||
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions
|
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions
|
||||||
*
|
*
|
||||||
* @param Member $member
|
* @param Member $member
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function canEdit($member = null)
|
public function canEdit($member = null)
|
||||||
{
|
{
|
||||||
//get member
|
//get member
|
||||||
if (!($member instanceof Member)) {
|
if(!($member instanceof Member)) {
|
||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
}
|
}
|
||||||
//check for extensions, we do this first as they can overrule everything
|
//check for extensions, we do this first as they can overrule everything
|
||||||
$extended = $this->extendedCan(__FUNCTION__, $member);
|
$extended = $this->extendedCan(__FUNCTION__, $member);
|
||||||
if ($extended !== null) {
|
if($extended !== null) {
|
||||||
return $extended;
|
return $extended;
|
||||||
}
|
}
|
||||||
|
|
||||||
//need to be logged in and/or most checks below rely on $member being a Member
|
//need to be logged in and/or most checks below rely on $member being a Member
|
||||||
if (!$member) {
|
if(!$member) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// HACK: we should not allow for an non-Admin to edit an Admin
|
// HACK: we should not allow for an non-Admin to edit an Admin
|
||||||
if (!Permission::checkMember($member, 'ADMIN') && Permission::checkMember($this, 'ADMIN')) {
|
if(!Permission::checkMember($member, 'ADMIN') && Permission::checkMember($this, 'ADMIN')) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
// members can usually edit their own record
|
// members can usually edit their own record
|
||||||
if ($this->ID == $member->ID) {
|
if($this->ID == $member->ID) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//standard check
|
//standard check
|
||||||
@ -1686,36 +1686,36 @@ class Member extends DataObject implements TemplateGlobalProvider
|
|||||||
/**
|
/**
|
||||||
* Users can edit their own record.
|
* Users can edit their own record.
|
||||||
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions
|
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions
|
||||||
*
|
*
|
||||||
* @param Member $member
|
* @param Member $member
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function canDelete($member = null)
|
public function canDelete($member = null)
|
||||||
{
|
{
|
||||||
if (!($member instanceof Member)) {
|
if(!($member instanceof Member)) {
|
||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
}
|
}
|
||||||
//check for extensions, we do this first as they can overrule everything
|
//check for extensions, we do this first as they can overrule everything
|
||||||
$extended = $this->extendedCan(__FUNCTION__, $member);
|
$extended = $this->extendedCan(__FUNCTION__, $member);
|
||||||
if ($extended !== null) {
|
if($extended !== null) {
|
||||||
return $extended;
|
return $extended;
|
||||||
}
|
}
|
||||||
|
|
||||||
//need to be logged in and/or most checks below rely on $member being a Member
|
//need to be logged in and/or most checks below rely on $member being a Member
|
||||||
if (!$member) {
|
if(!$member) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
// Members are not allowed to remove themselves,
|
// Members are not allowed to remove themselves,
|
||||||
// since it would create inconsistencies in the admin UIs.
|
// since it would create inconsistencies in the admin UIs.
|
||||||
if ($this->ID && $member->ID == $this->ID) {
|
if($this->ID && $member->ID == $this->ID) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// HACK: if you want to delete a member, you have to be a member yourself.
|
// HACK: if you want to delete a member, you have to be a member yourself.
|
||||||
// this is a hack because what this should do is to stop a user
|
// this is a hack because what this should do is to stop a user
|
||||||
// deleting a member who has more privileges (e.g. a non-Admin deleting an Admin)
|
// deleting a member who has more privileges (e.g. a non-Admin deleting an Admin)
|
||||||
if (Permission::checkMember($this, 'ADMIN')) {
|
if(Permission::checkMember($this, 'ADMIN')) {
|
||||||
if (! Permission::checkMember($member, 'ADMIN')) {
|
if( ! Permission::checkMember($member, 'ADMIN')) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1723,111 +1723,111 @@ class Member extends DataObject implements TemplateGlobalProvider
|
|||||||
return Permission::checkMember($member, 'CMS_ACCESS_SecurityAdmin');
|
return Permission::checkMember($member, 'CMS_ACCESS_SecurityAdmin');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Validate this member object.
|
* Validate this member object.
|
||||||
*/
|
*/
|
||||||
public function validate()
|
public function validate()
|
||||||
{
|
{
|
||||||
$valid = parent::validate();
|
$valid = parent::validate();
|
||||||
|
|
||||||
if (!$this->ID || $this->isChanged('Password')) {
|
if(!$this->ID || $this->isChanged('Password')) {
|
||||||
if ($this->Password && self::$password_validator) {
|
if($this->Password && self::$password_validator) {
|
||||||
$valid->combineAnd(self::$password_validator->validate($this->Password, $this));
|
$valid->combineAnd(self::$password_validator->validate($this->Password, $this));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((!$this->ID && $this->SetPassword) || $this->isChanged('SetPassword')) {
|
if((!$this->ID && $this->SetPassword) || $this->isChanged('SetPassword')) {
|
||||||
if ($this->SetPassword && self::$password_validator) {
|
if($this->SetPassword && self::$password_validator) {
|
||||||
$valid->combineAnd(self::$password_validator->validate($this->SetPassword, $this));
|
$valid->combineAnd(self::$password_validator->validate($this->SetPassword, $this));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $valid;
|
return $valid;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Change password. This will cause rehashing according to
|
* Change password. This will cause rehashing according to
|
||||||
* the `PasswordEncryption` property.
|
* the `PasswordEncryption` property.
|
||||||
*
|
*
|
||||||
* @param string $password Cleartext password
|
* @param string $password Cleartext password
|
||||||
* @return ValidationResult
|
* @return ValidationResult
|
||||||
*/
|
*/
|
||||||
public function changePassword($password)
|
public function changePassword($password)
|
||||||
{
|
{
|
||||||
$this->Password = $password;
|
$this->Password = $password;
|
||||||
$valid = $this->validate();
|
$valid = $this->validate();
|
||||||
|
|
||||||
if ($valid->valid()) {
|
if($valid->valid()) {
|
||||||
$this->AutoLoginHash = null;
|
$this->AutoLoginHash = null;
|
||||||
$this->write();
|
$this->write();
|
||||||
}
|
}
|
||||||
|
|
||||||
return $valid;
|
return $valid;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tell this member that someone made a failed attempt at logging in as them.
|
* Tell this member that someone made a failed attempt at logging in as them.
|
||||||
* This can be used to lock the user out temporarily if too many failed attempts are made.
|
* This can be used to lock the user out temporarily if too many failed attempts are made.
|
||||||
*/
|
*/
|
||||||
public function registerFailedLogin()
|
public function registerFailedLogin()
|
||||||
{
|
{
|
||||||
if (self::config()->lock_out_after_incorrect_logins) {
|
if(self::config()->lock_out_after_incorrect_logins) {
|
||||||
// Keep a tally of the number of failed log-ins so that we can lock people out
|
// Keep a tally of the number of failed log-ins so that we can lock people out
|
||||||
$this->FailedLoginCount = $this->FailedLoginCount + 1;
|
$this->FailedLoginCount = $this->FailedLoginCount + 1;
|
||||||
|
|
||||||
if ($this->FailedLoginCount >= self::config()->lock_out_after_incorrect_logins) {
|
if($this->FailedLoginCount >= self::config()->lock_out_after_incorrect_logins) {
|
||||||
$lockoutMins = self::config()->lock_out_delay_mins;
|
$lockoutMins = self::config()->lock_out_delay_mins;
|
||||||
$this->LockedOutUntil = date('Y-m-d H:i:s', DBDatetime::now()->Format('U') + $lockoutMins*60);
|
$this->LockedOutUntil = date('Y-m-d H:i:s', DBDatetime::now()->Format('U') + $lockoutMins*60);
|
||||||
$this->FailedLoginCount = 0;
|
$this->FailedLoginCount = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$this->extend('registerFailedLogin');
|
$this->extend('registerFailedLogin');
|
||||||
$this->write();
|
$this->write();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tell this member that a successful login has been made
|
* Tell this member that a successful login has been made
|
||||||
*/
|
*/
|
||||||
public function registerSuccessfulLogin()
|
public function registerSuccessfulLogin()
|
||||||
{
|
{
|
||||||
if (self::config()->lock_out_after_incorrect_logins) {
|
if(self::config()->lock_out_after_incorrect_logins) {
|
||||||
// Forgive all past login failures
|
// Forgive all past login failures
|
||||||
$this->FailedLoginCount = 0;
|
$this->FailedLoginCount = 0;
|
||||||
$this->write();
|
$this->write();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Get the HtmlEditorConfig for this user to be used in the CMS.
|
* Get the HtmlEditorConfig for this user to be used in the CMS.
|
||||||
* This is set by the group. If multiple configurations are set,
|
* This is set by the group. If multiple configurations are set,
|
||||||
* the one with the highest priority wins.
|
* the one with the highest priority wins.
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getHtmlEditorConfigForCMS()
|
public function getHtmlEditorConfigForCMS()
|
||||||
{
|
{
|
||||||
$currentName = '';
|
$currentName = '';
|
||||||
$currentPriority = 0;
|
$currentPriority = 0;
|
||||||
|
|
||||||
foreach ($this->Groups() as $group) {
|
foreach($this->Groups() as $group) {
|
||||||
$configName = $group->HtmlEditorConfig;
|
$configName = $group->HtmlEditorConfig;
|
||||||
if ($configName) {
|
if($configName) {
|
||||||
$config = HTMLEditorConfig::get($group->HtmlEditorConfig);
|
$config = HTMLEditorConfig::get($group->HtmlEditorConfig);
|
||||||
if ($config && $config->getOption('priority') > $currentPriority) {
|
if($config && $config->getOption('priority') > $currentPriority) {
|
||||||
$currentName = $configName;
|
$currentName = $configName;
|
||||||
$currentPriority = $config->getOption('priority');
|
$currentPriority = $config->getOption('priority');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// If can't find a suitable editor, just default to cms
|
// If can't find a suitable editor, just default to cms
|
||||||
return $currentName ? $currentName : 'cms';
|
return $currentName ? $currentName : 'cms';
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function get_template_global_variables()
|
public static function get_template_global_variables()
|
||||||
{
|
{
|
||||||
return array(
|
return array(
|
||||||
'CurrentMember' => 'currentUser',
|
'CurrentMember' => 'currentUser',
|
||||||
'currentUser',
|
'currentUser',
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -16,212 +16,208 @@ use InvalidArgumentException;
|
|||||||
class MemberAuthenticator extends Authenticator
|
class MemberAuthenticator extends Authenticator
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Contains encryption algorithm identifiers.
|
* Contains encryption algorithm identifiers.
|
||||||
* If set, will migrate to new precision-safe password hashing
|
* If set, will migrate to new precision-safe password hashing
|
||||||
* upon login. See http://open.silverstripe.org/ticket/3004
|
* upon login. See http://open.silverstripe.org/ticket/3004
|
||||||
*
|
*
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
private static $migrate_legacy_hashes = array(
|
private static $migrate_legacy_hashes = array(
|
||||||
'md5' => 'md5_v2.4',
|
'md5' => 'md5_v2.4',
|
||||||
'sha1' => 'sha1_v2.4'
|
'sha1' => 'sha1_v2.4'
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Attempt to find and authenticate member if possible from the given data
|
* Attempt to find and authenticate member if possible from the given data
|
||||||
*
|
*
|
||||||
* @param array $data
|
* @param array $data
|
||||||
* @param Form $form
|
* @param Form $form
|
||||||
* @param bool &$success Success flag
|
* @param bool &$success Success flag
|
||||||
* @return Member Found member, regardless of successful login
|
* @return Member Found member, regardless of successful login
|
||||||
*/
|
*/
|
||||||
protected static function authenticate_member($data, $form, &$success)
|
protected static function authenticate_member($data, $form, &$success)
|
||||||
{
|
{
|
||||||
// Default success to false
|
// Default success to false
|
||||||
$success = false;
|
$success = false;
|
||||||
|
|
||||||
// Attempt to identify by temporary ID
|
// Attempt to identify by temporary ID
|
||||||
$member = null;
|
$member = null;
|
||||||
$email = null;
|
$email = null;
|
||||||
if (!empty($data['tempid'])) {
|
if(!empty($data['tempid'])) {
|
||||||
// Find user by tempid, in case they are re-validating an existing session
|
// Find user by tempid, in case they are re-validating an existing session
|
||||||
$member = Member::member_from_tempid($data['tempid']);
|
$member = Member::member_from_tempid($data['tempid']);
|
||||||
if ($member) {
|
if ($member) {
|
||||||
$email = $member->Email;
|
$email = $member->Email;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Otherwise, get email from posted value instead
|
// Otherwise, get email from posted value instead
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
if (!$member && !empty($data['Email'])) {
|
if(!$member && !empty($data['Email'])) {
|
||||||
$email = $data['Email'];
|
$email = $data['Email'];
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check default login (see Security::setDefaultAdmin())
|
// Check default login (see Security::setDefaultAdmin())
|
||||||
$asDefaultAdmin = $email === Security::default_admin_username();
|
$asDefaultAdmin = $email === Security::default_admin_username();
|
||||||
if ($asDefaultAdmin) {
|
if($asDefaultAdmin) {
|
||||||
// If logging is as default admin, ensure record is setup correctly
|
// If logging is as default admin, ensure record is setup correctly
|
||||||
$member = Member::default_admin();
|
$member = Member::default_admin();
|
||||||
$success = !$member->isLockedOut() && Security::check_default_admin($email, $data['Password']);
|
$success = !$member->isLockedOut() && Security::check_default_admin($email, $data['Password']);
|
||||||
//protect against failed login
|
//protect against failed login
|
||||||
if ($success) {
|
if($success) {
|
||||||
return $member;
|
return $member;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Attempt to identify user by email
|
// Attempt to identify user by email
|
||||||
if (!$member && $email) {
|
if(!$member && $email) {
|
||||||
// Find user by email
|
// Find user by email
|
||||||
$member = Member::get()
|
$member = Member::get()
|
||||||
->filter(Member::config()->unique_identifier_field, $email)
|
->filter(Member::config()->unique_identifier_field, $email)
|
||||||
->first();
|
->first();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate against member if possible
|
// Validate against member if possible
|
||||||
if ($member && !$asDefaultAdmin) {
|
if($member && !$asDefaultAdmin) {
|
||||||
$result = $member->checkPassword($data['Password']);
|
$result = $member->checkPassword($data['Password']);
|
||||||
$success = $result->valid();
|
$success = $result->valid();
|
||||||
} else {
|
} else {
|
||||||
$result = new ValidationResult(false, _t('Member.ERRORWRONGCRED'));
|
$result = ValidationResult::create()->addError(_t('Member.ERRORWRONGCRED'));
|
||||||
}
|
}
|
||||||
|
|
||||||
// Emit failure to member and form (if available)
|
// Emit failure to member and form (if available)
|
||||||
if (!$success) {
|
if(!$success) {
|
||||||
if ($member) {
|
if($member) $member->registerFailedLogin();
|
||||||
$member->registerFailedLogin();
|
if($form) $form->setSessionValidationResult($result, true);
|
||||||
}
|
} else {
|
||||||
if ($form) {
|
|
||||||
$form->sessionMessage($result->message(), 'bad');
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if ($member) {
|
if ($member) {
|
||||||
$member->registerSuccessfulLogin();
|
$member->registerSuccessfulLogin();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $member;
|
return $member;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Log login attempt
|
* Log login attempt
|
||||||
* TODO We could handle this with an extension
|
* TODO We could handle this with an extension
|
||||||
*
|
*
|
||||||
* @param array $data
|
* @param array $data
|
||||||
* @param Member $member
|
* @param Member $member
|
||||||
* @param bool $success
|
* @param bool $success
|
||||||
*/
|
*/
|
||||||
protected static function record_login_attempt($data, $member, $success)
|
protected static function record_login_attempt($data, $member, $success)
|
||||||
{
|
{
|
||||||
if (!Security::config()->login_recording) {
|
if (!Security::config()->login_recording) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check email is valid
|
// Check email is valid
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
$email = isset($data['Email']) ? $data['Email'] : null;
|
$email = isset($data['Email']) ? $data['Email'] : null;
|
||||||
if (is_array($email)) {
|
if(is_array($email)) {
|
||||||
throw new InvalidArgumentException("Bad email passed to MemberAuthenticator::authenticate(): $email");
|
throw new InvalidArgumentException("Bad email passed to MemberAuthenticator::authenticate(): $email");
|
||||||
}
|
}
|
||||||
|
|
||||||
$attempt = new LoginAttempt();
|
$attempt = new LoginAttempt();
|
||||||
if ($success) {
|
if($success) {
|
||||||
// successful login (member is existing with matching password)
|
// successful login (member is existing with matching password)
|
||||||
$attempt->MemberID = $member->ID;
|
$attempt->MemberID = $member->ID;
|
||||||
$attempt->Status = 'Success';
|
$attempt->Status = 'Success';
|
||||||
|
|
||||||
// Audit logging hook
|
// Audit logging hook
|
||||||
$member->extend('authenticated');
|
$member->extend('authenticated');
|
||||||
} else {
|
} else {
|
||||||
// Failed login - we're trying to see if a user exists with this email (disregarding wrong passwords)
|
// Failed login - we're trying to see if a user exists with this email (disregarding wrong passwords)
|
||||||
$attempt->Status = 'Failure';
|
$attempt->Status = 'Failure';
|
||||||
if ($member) {
|
if($member) {
|
||||||
// Audit logging hook
|
// Audit logging hook
|
||||||
$attempt->MemberID = $member->ID;
|
$attempt->MemberID = $member->ID;
|
||||||
$member->extend('authenticationFailed');
|
$member->extend('authenticationFailed');
|
||||||
} else {
|
} else {
|
||||||
// Audit logging hook
|
// Audit logging hook
|
||||||
Member::singleton()->extend('authenticationFailedUnknownUser', $data);
|
Member::singleton()->extend('authenticationFailedUnknownUser', $data);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$attempt->Email = $email;
|
$attempt->Email = $email;
|
||||||
$attempt->IP = Controller::curr()->getRequest()->getIP();
|
$attempt->IP = Controller::curr()->getRequest()->getIP();
|
||||||
$attempt->write();
|
$attempt->write();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Method to authenticate an user
|
* Method to authenticate an user
|
||||||
*
|
*
|
||||||
* @param array $data Raw data to authenticate the user
|
* @param array $data Raw data to authenticate the user
|
||||||
* @param Form $form Optional: If passed, better error messages can be
|
* @param Form $form Optional: If passed, better error messages can be
|
||||||
* produced by using
|
* produced by using
|
||||||
* {@link Form::sessionMessage()}
|
* {@link Form::sessionMessage()}
|
||||||
* @return bool|Member Returns FALSE if authentication fails, otherwise
|
* @return bool|Member Returns FALSE if authentication fails, otherwise
|
||||||
* the member object
|
* the member object
|
||||||
* @see Security::setDefaultAdmin()
|
* @see Security::setDefaultAdmin()
|
||||||
*/
|
*/
|
||||||
public static function authenticate($data, Form $form = null)
|
public static function authenticate($data, Form $form = null)
|
||||||
{
|
{
|
||||||
// Find authenticated member
|
// Find authenticated member
|
||||||
$member = static::authenticate_member($data, $form, $success);
|
$member = static::authenticate_member($data, $form, $success);
|
||||||
|
|
||||||
// Optionally record every login attempt as a {@link LoginAttempt} object
|
// Optionally record every login attempt as a {@link LoginAttempt} object
|
||||||
static::record_login_attempt($data, $member, $success);
|
static::record_login_attempt($data, $member, $success);
|
||||||
|
|
||||||
// Legacy migration to precision-safe password hashes.
|
// Legacy migration to precision-safe password hashes.
|
||||||
// A login-event with cleartext passwords is the only time
|
// A login-event with cleartext passwords is the only time
|
||||||
// when we can rehash passwords to a different hashing algorithm,
|
// when we can rehash passwords to a different hashing algorithm,
|
||||||
// bulk-migration doesn't work due to the nature of hashing.
|
// bulk-migration doesn't work due to the nature of hashing.
|
||||||
// See PasswordEncryptor_LegacyPHPHash class.
|
// See PasswordEncryptor_LegacyPHPHash class.
|
||||||
if ($success && $member && isset(self::$migrate_legacy_hashes[$member->PasswordEncryption])) {
|
if($success && $member && isset(self::$migrate_legacy_hashes[$member->PasswordEncryption])) {
|
||||||
$member->Password = $data['Password'];
|
$member->Password = $data['Password'];
|
||||||
$member->PasswordEncryption = self::$migrate_legacy_hashes[$member->PasswordEncryption];
|
$member->PasswordEncryption = self::$migrate_legacy_hashes[$member->PasswordEncryption];
|
||||||
$member->write();
|
$member->write();
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($success) {
|
if ($success) {
|
||||||
Session::clear('BackURL');
|
Session::clear('BackURL');
|
||||||
}
|
}
|
||||||
|
|
||||||
return $success ? $member : null;
|
return $success ? $member : null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Method that creates the login form for this authentication method
|
* Method that creates the login form for this authentication method
|
||||||
*
|
*
|
||||||
* @param Controller $controller The parent controller, necessary to create the
|
* @param Controller $controller The parent controller, necessary to create the
|
||||||
* appropriate form action tag
|
* appropriate form action tag
|
||||||
* @return Form Returns the login form to use with this authentication
|
* @return Form Returns the login form to use with this authentication
|
||||||
* method
|
* method
|
||||||
*/
|
*/
|
||||||
public static function get_login_form(Controller $controller)
|
public static function get_login_form(Controller $controller)
|
||||||
{
|
{
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
return MemberLoginForm::create($controller, "LoginForm");
|
return MemberLoginForm::create($controller, "LoginForm");
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function get_cms_login_form(Controller $controller)
|
public static function get_cms_login_form(Controller $controller)
|
||||||
{
|
{
|
||||||
/** @skipUpgrade */
|
/** @skipUpgrade */
|
||||||
return CMSMemberLoginForm::create($controller, "LoginForm");
|
return CMSMemberLoginForm::create($controller, "LoginForm");
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function supports_cms()
|
public static function supports_cms()
|
||||||
{
|
{
|
||||||
// Don't automatically support subclasses of MemberAuthenticator
|
// Don't automatically support subclasses of MemberAuthenticator
|
||||||
return get_called_class() === __CLASS__;
|
return get_called_class() === __CLASS__;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the name of the authentication method
|
* Get the name of the authentication method
|
||||||
*
|
*
|
||||||
* @return string Returns the name of the authentication method.
|
* @return string Returns the name of the authentication method.
|
||||||
*/
|
*/
|
||||||
public static function get_name()
|
public static function get_name()
|
||||||
{
|
{
|
||||||
return _t('MemberAuthenticator.TITLE', "E-mail & Password");
|
return _t('MemberAuthenticator.TITLE', "E-mail & Password");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -20,128 +20,131 @@ use SilverStripe\ORM\ValidationResult;
|
|||||||
class PasswordValidator extends Object
|
class PasswordValidator extends Object
|
||||||
{
|
{
|
||||||
|
|
||||||
private static $character_strength_tests = array(
|
private static $character_strength_tests = array(
|
||||||
'lowercase' => '/[a-z]/',
|
'lowercase' => '/[a-z]/',
|
||||||
'uppercase' => '/[A-Z]/',
|
'uppercase' => '/[A-Z]/',
|
||||||
'digits' => '/[0-9]/',
|
'digits' => '/[0-9]/',
|
||||||
'punctuation' => '/[^A-Za-z0-9]/',
|
'punctuation' => '/[^A-Za-z0-9]/',
|
||||||
);
|
);
|
||||||
|
|
||||||
protected $minLength, $minScore, $testNames, $historicalPasswordCount;
|
protected $minLength, $minScore, $testNames, $historicalPasswordCount;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Minimum password length
|
* Minimum password length
|
||||||
*
|
*
|
||||||
* @param int $minLength
|
* @param int $minLength
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function minLength($minLength)
|
public function minLength($minLength)
|
||||||
{
|
{
|
||||||
$this->minLength = $minLength;
|
$this->minLength = $minLength;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check the character strength of the password.
|
* Check the character strength of the password.
|
||||||
*
|
*
|
||||||
* Eg: $this->characterStrength(3, array("lowercase", "uppercase", "digits", "punctuation"))
|
* Eg: $this->characterStrength(3, array("lowercase", "uppercase", "digits", "punctuation"))
|
||||||
*
|
*
|
||||||
* @param int $minScore The minimum number of character tests that must pass
|
* @param int $minScore The minimum number of character tests that must pass
|
||||||
* @param array $testNames The names of the tests to perform
|
* @param array $testNames The names of the tests to perform
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function characterStrength($minScore, $testNames)
|
public function characterStrength($minScore, $testNames)
|
||||||
{
|
{
|
||||||
$this->minScore = $minScore;
|
$this->minScore = $minScore;
|
||||||
$this->testNames = $testNames;
|
$this->testNames = $testNames;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check a number of previous passwords that the user has used, and don't let them change to that.
|
* Check a number of previous passwords that the user has used, and don't let them change to that.
|
||||||
*
|
*
|
||||||
* @param int $count
|
* @param int $count
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function checkHistoricalPasswords($count)
|
public function checkHistoricalPasswords($count)
|
||||||
{
|
{
|
||||||
$this->historicalPasswordCount = $count;
|
$this->historicalPasswordCount = $count;
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param String $password
|
* @param String $password
|
||||||
* @param Member $member
|
* @param Member $member
|
||||||
* @return ValidationResult
|
* @return ValidationResult
|
||||||
*/
|
*/
|
||||||
public function validate($password, $member)
|
public function validate($password, $member)
|
||||||
{
|
{
|
||||||
$valid = ValidationResult::create();
|
$valid = ValidationResult::create();
|
||||||
|
|
||||||
if ($this->minLength) {
|
if($this->minLength) {
|
||||||
if (strlen($password) < $this->minLength) {
|
if(strlen($password) < $this->minLength) {
|
||||||
$valid->error(
|
$valid->addError(
|
||||||
sprintf(
|
sprintf(
|
||||||
_t(
|
_t(
|
||||||
'PasswordValidator.TOOSHORT',
|
'PasswordValidator.TOOSHORT',
|
||||||
'Password is too short, it must be %s or more characters long'
|
'Password is too short, it must be %s or more characters long'
|
||||||
),
|
),
|
||||||
$this->minLength
|
$this->minLength
|
||||||
),
|
),
|
||||||
'TOO_SHORT'
|
'bad',
|
||||||
);
|
'TOO_SHORT'
|
||||||
}
|
);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if ($this->minScore) {
|
if($this->minScore) {
|
||||||
$score = 0;
|
$score = 0;
|
||||||
$missedTests = array();
|
$missedTests = array();
|
||||||
foreach ($this->testNames as $name) {
|
foreach($this->testNames as $name) {
|
||||||
if (preg_match(self::config()->character_strength_tests[$name], $password)) {
|
if(preg_match(self::config()->character_strength_tests[$name], $password)) {
|
||||||
$score++;
|
$score++;
|
||||||
} else {
|
} else {
|
||||||
$missedTests[] = _t(
|
$missedTests[] = _t(
|
||||||
'PasswordValidator.STRENGTHTEST' . strtoupper($name),
|
'PasswordValidator.STRENGTHTEST' . strtoupper($name),
|
||||||
$name,
|
$name,
|
||||||
'The user needs to add this to their password for more complexity'
|
'The user needs to add this to their password for more complexity'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($score < $this->minScore) {
|
if($score < $this->minScore) {
|
||||||
$valid->error(
|
$valid->addError(
|
||||||
sprintf(
|
sprintf(
|
||||||
_t(
|
_t(
|
||||||
'PasswordValidator.LOWCHARSTRENGTH',
|
'PasswordValidator.LOWCHARSTRENGTH',
|
||||||
'Please increase password strength by adding some of the following characters: %s'
|
'Please increase password strength by adding some of the following characters: %s'
|
||||||
),
|
),
|
||||||
implode(', ', $missedTests)
|
implode(', ', $missedTests)
|
||||||
),
|
),
|
||||||
'LOW_CHARACTER_STRENGTH'
|
'bad',
|
||||||
);
|
'LOW_CHARACTER_STRENGTH'
|
||||||
}
|
);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if ($this->historicalPasswordCount) {
|
if($this->historicalPasswordCount) {
|
||||||
$previousPasswords = MemberPassword::get()
|
$previousPasswords = MemberPassword::get()
|
||||||
->where(array('"MemberPassword"."MemberID"' => $member->ID))
|
->where(array('"MemberPassword"."MemberID"' => $member->ID))
|
||||||
->sort('"Created" DESC, "ID" DESC')
|
->sort('"Created" DESC, "ID" DESC')
|
||||||
->limit($this->historicalPasswordCount);
|
->limit($this->historicalPasswordCount);
|
||||||
/** @var MemberPassword $previousPassword */
|
/** @var MemberPassword $previousPassword */
|
||||||
foreach ($previousPasswords as $previousPassword) {
|
foreach($previousPasswords as $previousPassword) {
|
||||||
if ($previousPassword->checkPassword($password)) {
|
if($previousPassword->checkPassword($password)) {
|
||||||
$valid->error(
|
$valid->addError(
|
||||||
_t(
|
_t(
|
||||||
'PasswordValidator.PREVPASSWORD',
|
'PasswordValidator.PREVPASSWORD',
|
||||||
'You\'ve already used that password in the past, please choose a new password'
|
'You\'ve already used that password in the past, please choose a new password'
|
||||||
),
|
),
|
||||||
'PREVIOUS_PASSWORD'
|
'bad',
|
||||||
);
|
'PREVIOUS_PASSWORD'
|
||||||
break;
|
);
|
||||||
}
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return $valid;
|
return $valid;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -13,50 +13,50 @@ use SilverStripe\ORM\DataObject;
|
|||||||
*/
|
*/
|
||||||
class PermissionRoleCode extends DataObject
|
class PermissionRoleCode extends DataObject
|
||||||
{
|
{
|
||||||
private static $db = array(
|
private static $db = array(
|
||||||
"Code" => "Varchar",
|
"Code" => "Varchar",
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
"Role" => "SilverStripe\\Security\\PermissionRole",
|
"Role" => "SilverStripe\\Security\\PermissionRole",
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $table_name = "PermissionRoleCode";
|
private static $table_name = "PermissionRoleCode";
|
||||||
|
|
||||||
public function validate()
|
public function validate()
|
||||||
{
|
{
|
||||||
$result = parent::validate();
|
$result = parent::validate();
|
||||||
|
|
||||||
// Check that new code doesn't increase privileges, unless an admin is editing.
|
// Check that new code doesn't increase privileges, unless an admin is editing.
|
||||||
$privilegedCodes = Permission::config()->privileged_permissions;
|
$privilegedCodes = Permission::config()->privileged_permissions;
|
||||||
if ($this->Code
|
if ($this->Code
|
||||||
&& in_array($this->Code, $privilegedCodes)
|
&& in_array($this->Code, $privilegedCodes)
|
||||||
&& !Permission::check('ADMIN')
|
&& !Permission::check('ADMIN')
|
||||||
) {
|
) {
|
||||||
$result->error(sprintf(
|
$result->addError(sprintf(
|
||||||
_t(
|
_t(
|
||||||
'PermissionRoleCode.PermsError',
|
'PermissionRoleCode.PermsError',
|
||||||
'Can\'t assign code "%s" with privileged permissions (requires ADMIN access)'
|
'Can\'t assign code "%s" with privileged permissions (requires ADMIN access)'
|
||||||
),
|
),
|
||||||
$this->Code
|
$this->Code
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function canCreate($member = null, $context = array())
|
public function canCreate($member = null, $context = array())
|
||||||
{
|
{
|
||||||
return Permission::check('APPLY_ROLES', 'any', $member);
|
return Permission::check('APPLY_ROLES', 'any', $member);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function canEdit($member = null)
|
public function canEdit($member = null)
|
||||||
{
|
{
|
||||||
return Permission::check('APPLY_ROLES', 'any', $member);
|
return Permission::check('APPLY_ROLES', 'any', $member);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function canDelete($member = null)
|
public function canDelete($member = null)
|
||||||
{
|
{
|
||||||
return Permission::check('APPLY_ROLES', 'any', $member);
|
return Permission::check('APPLY_ROLES', 'any', $member);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -436,6 +436,34 @@ class FormTest extends FunctionalTest {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testValidationException() {
|
||||||
|
$this->get('FormTest_Controller');
|
||||||
|
|
||||||
|
$response = $this->post(
|
||||||
|
'FormTest_Controller/Form',
|
||||||
|
array(
|
||||||
|
'Email' => 'test@test.com',
|
||||||
|
'SomeRequiredField' => 'test',
|
||||||
|
'action_triggerException' => 1,
|
||||||
|
)
|
||||||
|
);
|
||||||
|
$this->assertPartialMatchBySelector(
|
||||||
|
'#Form_Form_Email_Holder span.message',
|
||||||
|
array(
|
||||||
|
'Error on Email field'
|
||||||
|
),
|
||||||
|
'Formfield validation shows note on field if invalid'
|
||||||
|
);
|
||||||
|
$this->assertPartialMatchBySelector(
|
||||||
|
'#Form_Form_error',
|
||||||
|
array(
|
||||||
|
'Error at top of form'
|
||||||
|
),
|
||||||
|
'Required fields show a notification on field when left blank'
|
||||||
|
);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
public function testGloballyDisabledSecurityTokenInheritsToNewForm() {
|
public function testGloballyDisabledSecurityTokenInheritsToNewForm() {
|
||||||
SecurityToken::enable();
|
SecurityToken::enable();
|
||||||
|
|
||||||
@ -758,6 +786,7 @@ class FormTest extends FunctionalTest {
|
|||||||
$form = $this->getStubForm();
|
$form = $this->getStubForm();
|
||||||
$form->getController()->handleRequest(new HTTPRequest('GET', '/'), DataModel::inst()); // stub out request
|
$form->getController()->handleRequest(new HTTPRequest('GET', '/'), DataModel::inst()); // stub out request
|
||||||
$form->sessionMessage('<em>Escaped HTML</em>', 'good', true);
|
$form->sessionMessage('<em>Escaped HTML</em>', 'good', true);
|
||||||
|
$form->setupFormErrors();
|
||||||
$parser = new CSSContentParser($form->forTemplate());
|
$parser = new CSSContentParser($form->forTemplate());
|
||||||
$messageEls = $parser->getBySelector('.message');
|
$messageEls = $parser->getBySelector('.message');
|
||||||
$this->assertContains(
|
$this->assertContains(
|
||||||
@ -768,6 +797,7 @@ class FormTest extends FunctionalTest {
|
|||||||
$form = $this->getStubForm();
|
$form = $this->getStubForm();
|
||||||
$form->getController()->handleRequest(new HTTPRequest('GET', '/'), DataModel::inst()); // stub out request
|
$form->getController()->handleRequest(new HTTPRequest('GET', '/'), DataModel::inst()); // stub out request
|
||||||
$form->sessionMessage('<em>Unescaped HTML</em>', 'good', false);
|
$form->sessionMessage('<em>Unescaped HTML</em>', 'good', false);
|
||||||
|
$form->setupFormErrors();
|
||||||
$parser = new CSSContentParser($form->forTemplate());
|
$parser = new CSSContentParser($form->forTemplate());
|
||||||
$messageEls = $parser->getBySelector('.message');
|
$messageEls = $parser->getBySelector('.message');
|
||||||
$this->assertContains(
|
$this->assertContains(
|
||||||
@ -779,7 +809,7 @@ class FormTest extends FunctionalTest {
|
|||||||
function testFieldMessageEscapeHtml() {
|
function testFieldMessageEscapeHtml() {
|
||||||
$form = $this->getStubForm();
|
$form = $this->getStubForm();
|
||||||
$form->getController()->handleRequest(new HTTPRequest('GET', '/'), DataModel::inst()); // stub out request
|
$form->getController()->handleRequest(new HTTPRequest('GET', '/'), DataModel::inst()); // stub out request
|
||||||
$form->addErrorMessage('key1', '<em>Escaped HTML</em>', 'good', true);
|
$form->getSessionValidationResult()->addFieldMessage('key1', '<em>Escaped HTML</em>', 'good');
|
||||||
$form->setupFormErrors();
|
$form->setupFormErrors();
|
||||||
$parser = new CSSContentParser($result = $form->forTemplate());
|
$parser = new CSSContentParser($result = $form->forTemplate());
|
||||||
$messageEls = $parser->getBySelector('#Form_Form_key1_Holder .message');
|
$messageEls = $parser->getBySelector('#Form_Form_key1_Holder .message');
|
||||||
@ -790,7 +820,7 @@ class FormTest extends FunctionalTest {
|
|||||||
|
|
||||||
$form = $this->getStubForm();
|
$form = $this->getStubForm();
|
||||||
$form->getController()->handleRequest(new HTTPRequest('GET', '/'), DataModel::inst()); // stub out request
|
$form->getController()->handleRequest(new HTTPRequest('GET', '/'), DataModel::inst()); // stub out request
|
||||||
$form->addErrorMessage('key1', '<em>Unescaped HTML</em>', 'good', false);
|
$form->getSessionValidationResult()->addFieldMessage('key1', '<em>Unescaped HTML</em>', 'good', null, false);
|
||||||
$form->setupFormErrors();
|
$form->setupFormErrors();
|
||||||
$parser = new CSSContentParser($form->forTemplate());
|
$parser = new CSSContentParser($form->forTemplate());
|
||||||
$messageEls = $parser->getBySelector('#Form_Form_key1_Holder .message');
|
$messageEls = $parser->getBySelector('#Form_Form_key1_Holder .message');
|
||||||
|
@ -1762,6 +1762,6 @@ class DataObjectTest extends SapphireTest {
|
|||||||
$staff->Salary = PHP_INT_MAX;
|
$staff->Salary = PHP_INT_MAX;
|
||||||
$staff->write();
|
$staff->write();
|
||||||
$this->assertEquals(PHP_INT_MAX, DataObjectTest\Staff::get()->byID($staff->ID)->Salary);
|
$this->assertEquals(PHP_INT_MAX, DataObjectTest\Staff::get()->byID($staff->ID)->Salary);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -31,7 +31,17 @@ class HierarchyTest extends SapphireTest {
|
|||||||
$obj2aa = $this->objFromFixture(HierarchyTest\TestObject::class, 'obj2aa');
|
$obj2aa = $this->objFromFixture(HierarchyTest\TestObject::class, 'obj2aa');
|
||||||
|
|
||||||
$obj2->ParentID = $obj2aa->ID;
|
$obj2->ParentID = $obj2aa->ID;
|
||||||
$obj2->write();
|
$obj2->write();
|
||||||
|
}
|
||||||
|
catch (ValidationException $e) {
|
||||||
|
$this->assertContains(
|
||||||
|
Convert::raw2xml('Infinite loop found within the "HierarchyTest_Object" hierarchy'),
|
||||||
|
$e->getMessage()
|
||||||
|
);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->fail('Failed to prevent infinite loop in hierarchy.');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -13,12 +13,14 @@ class ValidationExceptionTest extends SapphireTest
|
|||||||
*/
|
*/
|
||||||
public function testCreateFromValidationResult() {
|
public function testCreateFromValidationResult() {
|
||||||
|
|
||||||
$result = new ValidationResult(false, 'Not a valid result');
|
$result = new ValidationResult();
|
||||||
|
$result->addError('Not a valid result');
|
||||||
|
|
||||||
$exception = new ValidationException($result);
|
$exception = new ValidationException($result);
|
||||||
|
|
||||||
$this->assertEquals(0, $exception->getCode());
|
$this->assertEquals(0, $exception->getCode());
|
||||||
$this->assertEquals('Not a valid result', $exception->getMessage());
|
$this->assertEquals('Not a valid result', $exception->getMessage());
|
||||||
$this->assertEquals(false, $exception->getResult()->valid());
|
$this->assertFalse($exception->getResult()->valid());
|
||||||
$this->assertEquals('Not a valid result', $exception->getResult()->message());
|
$this->assertEquals('Not a valid result', $exception->getResult()->message());
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -29,8 +31,8 @@ class ValidationExceptionTest extends SapphireTest
|
|||||||
*/
|
*/
|
||||||
public function testCreateFromComplexValidationResult() {
|
public function testCreateFromComplexValidationResult() {
|
||||||
$result = new ValidationResult();
|
$result = new ValidationResult();
|
||||||
$result->error('Invalid type')
|
$result->addError('Invalid type')
|
||||||
->error('Out of kiwis');
|
->addError('Out of kiwis');
|
||||||
$exception = new ValidationException($result);
|
$exception = new ValidationException($result);
|
||||||
|
|
||||||
$this->assertEquals(0, $exception->getCode());
|
$this->assertEquals(0, $exception->getCode());
|
||||||
@ -48,7 +50,7 @@ class ValidationExceptionTest extends SapphireTest
|
|||||||
|
|
||||||
$this->assertEquals(E_USER_ERROR, $exception->getCode());
|
$this->assertEquals(E_USER_ERROR, $exception->getCode());
|
||||||
$this->assertEquals('Error inferred from message', $exception->getMessage());
|
$this->assertEquals('Error inferred from message', $exception->getMessage());
|
||||||
$this->assertEquals(false, $exception->getResult()->valid());
|
$this->assertFalse($exception->getResult()->valid());
|
||||||
$this->assertEquals('Error inferred from message', $exception->getResult()->message());
|
$this->assertEquals('Error inferred from message', $exception->getResult()->message());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -57,12 +59,13 @@ class ValidationExceptionTest extends SapphireTest
|
|||||||
* and a custom message
|
* and a custom message
|
||||||
*/
|
*/
|
||||||
public function testCreateWithValidationResultAndMessage() {
|
public function testCreateWithValidationResultAndMessage() {
|
||||||
$result = new ValidationResult(false, 'Incorrect placement of cutlery');
|
$result = new ValidationResult();
|
||||||
|
$result->addError('Incorrect placement of cutlery');
|
||||||
$exception = new ValidationException($result, 'An error has occurred', E_USER_WARNING);
|
$exception = new ValidationException($result, 'An error has occurred', E_USER_WARNING);
|
||||||
|
|
||||||
$this->assertEquals(E_USER_WARNING, $exception->getCode());
|
$this->assertEquals(E_USER_WARNING, $exception->getCode());
|
||||||
$this->assertEquals('An error has occurred', $exception->getMessage());
|
$this->assertEquals('An error has occurred', $exception->getMessage());
|
||||||
$this->assertEquals(false, $exception->getResult()->valid());
|
$this->assertFalse($exception->getResult()->valid());
|
||||||
$this->assertEquals('Incorrect placement of cutlery', $exception->getResult()->message());
|
$this->assertEquals('Incorrect placement of cutlery', $exception->getResult()->message());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -73,8 +76,8 @@ class ValidationExceptionTest extends SapphireTest
|
|||||||
*/
|
*/
|
||||||
public function testCreateWithComplexValidationResultAndMessage() {
|
public function testCreateWithComplexValidationResultAndMessage() {
|
||||||
$result = new ValidationResult();
|
$result = new ValidationResult();
|
||||||
$result->error('A spork is not a knife')
|
$result->addError('A spork is not a knife')
|
||||||
->error('A knife is not a back scratcher');
|
->addError('A knife is not a back scratcher');
|
||||||
$exception = new ValidationException($result, 'An error has occurred', E_USER_WARNING);
|
$exception = new ValidationException($result, 'An error has occurred', E_USER_WARNING);
|
||||||
|
|
||||||
$this->assertEquals(E_USER_WARNING, $exception->getCode());
|
$this->assertEquals(E_USER_WARNING, $exception->getCode());
|
||||||
@ -91,8 +94,8 @@ class ValidationExceptionTest extends SapphireTest
|
|||||||
$result = new ValidationResult();
|
$result = new ValidationResult();
|
||||||
$anotherresult = new ValidationResult();
|
$anotherresult = new ValidationResult();
|
||||||
$yetanotherresult = new ValidationResult();
|
$yetanotherresult = new ValidationResult();
|
||||||
$anotherresult->error("Eat with your mouth closed", "EATING101");
|
$anotherresult->addError("Eat with your mouth closed", 'bad', "EATING101");
|
||||||
$yetanotherresult->error("You didn't wash your hands", "BECLEAN");
|
$yetanotherresult->addError("You didn't wash your hands", 'bad', "BECLEAN", false);
|
||||||
|
|
||||||
$this->assertTrue($result->valid());
|
$this->assertTrue($result->valid());
|
||||||
$this->assertFalse($anotherresult->valid());
|
$this->assertFalse($anotherresult->valid());
|
||||||
@ -104,7 +107,53 @@ class ValidationExceptionTest extends SapphireTest
|
|||||||
$this->assertEquals(array(
|
$this->assertEquals(array(
|
||||||
"EATING101" => "Eat with your mouth closed",
|
"EATING101" => "Eat with your mouth closed",
|
||||||
"BECLEAN" => "You didn't wash your hands"
|
"BECLEAN" => "You didn't wash your hands"
|
||||||
),$result->messageList());
|
), $result->messageList());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that a ValidationException created with no contained ValidationResult
|
||||||
|
* will correctly populate itself with an inferred version
|
||||||
|
*/
|
||||||
|
public function testCreateForField() {
|
||||||
|
$exception = ValidationException::create_for_field('Content', 'Content is required');
|
||||||
|
|
||||||
|
$this->assertEquals('Content is required', $exception->getMessage());
|
||||||
|
$this->assertEquals(false, $exception->getResult()->valid());
|
||||||
|
|
||||||
|
$this->assertEquals(array(
|
||||||
|
'Content' => array(
|
||||||
|
'message' => 'Content is required',
|
||||||
|
'messageType' => 'bad',
|
||||||
|
),
|
||||||
|
), $exception->getResult()->fieldErrors());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that a ValidationException created with no contained ValidationResult
|
||||||
|
* will correctly populate itself with an inferred version
|
||||||
|
*/
|
||||||
|
public function testValidationResultAddMethods() {
|
||||||
|
$result = new ValidationResult();
|
||||||
|
$result->addMessage('A spork is not a knife', 'bad');
|
||||||
|
$result->addError('A knife is not a back scratcher');
|
||||||
|
$result->addFieldMessage('Title', 'Title is good', 'good');
|
||||||
|
$result->addFieldError('Content', 'Content is bad');
|
||||||
|
|
||||||
|
|
||||||
|
$this->assertEquals(array(
|
||||||
|
'Title' => array(
|
||||||
|
'message' => 'Title is good',
|
||||||
|
'messageType' => 'good'
|
||||||
|
),
|
||||||
|
'Content' => array(
|
||||||
|
'message' => 'Content is bad',
|
||||||
|
'messageType' => 'bad'
|
||||||
|
)
|
||||||
|
), $result->fieldErrors());
|
||||||
|
|
||||||
|
$this->assertEquals('A spork is not a knife; A knife is not a back scratcher', $result->overallMessage());
|
||||||
|
|
||||||
|
$exception = ValidationException::create_for_field('Content', 'Content is required');
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -139,6 +139,7 @@ class MemberAuthenticatorTest extends SapphireTest {
|
|||||||
'tempid' => $tempID,
|
'tempid' => $tempID,
|
||||||
'Password' => 'mypassword'
|
'Password' => 'mypassword'
|
||||||
), $form);
|
), $form);
|
||||||
|
$form->setupFormErrors();
|
||||||
$this->assertNotEmpty($result);
|
$this->assertNotEmpty($result);
|
||||||
$this->assertEquals($result->ID, $member->ID);
|
$this->assertEquals($result->ID, $member->ID);
|
||||||
$this->assertEmpty($form->Message());
|
$this->assertEmpty($form->Message());
|
||||||
@ -149,8 +150,9 @@ class MemberAuthenticatorTest extends SapphireTest {
|
|||||||
'tempid' => $tempID,
|
'tempid' => $tempID,
|
||||||
'Password' => 'notmypassword'
|
'Password' => 'notmypassword'
|
||||||
), $form);
|
), $form);
|
||||||
|
$form->setupFormErrors();
|
||||||
$this->assertEmpty($result);
|
$this->assertEmpty($result);
|
||||||
$this->assertEquals('The provided details don't seem to be correct. Please try again.', $form->Message());
|
$this->assertEquals(Convert::raw2xml(_t('Member.ERRORWRONGCRED')), $form->Message());
|
||||||
$this->assertEquals('bad', $form->MessageType());
|
$this->assertEquals('bad', $form->MessageType());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -168,6 +170,7 @@ class MemberAuthenticatorTest extends SapphireTest {
|
|||||||
'Email' => 'admin',
|
'Email' => 'admin',
|
||||||
'Password' => 'password'
|
'Password' => 'password'
|
||||||
), $form);
|
), $form);
|
||||||
|
$form->setupFormErrors();
|
||||||
$this->assertNotEmpty($result);
|
$this->assertNotEmpty($result);
|
||||||
$this->assertEquals($result->Email, Security::default_admin_username());
|
$this->assertEquals($result->Email, Security::default_admin_username());
|
||||||
$this->assertEmpty($form->Message());
|
$this->assertEmpty($form->Message());
|
||||||
@ -178,6 +181,7 @@ class MemberAuthenticatorTest extends SapphireTest {
|
|||||||
'Email' => 'admin',
|
'Email' => 'admin',
|
||||||
'Password' => 'notmypassword'
|
'Password' => 'notmypassword'
|
||||||
), $form);
|
), $form);
|
||||||
|
$form->setupFormErrors();
|
||||||
$this->assertEmpty($result);
|
$this->assertEmpty($result);
|
||||||
$this->assertEquals('The provided details don't seem to be correct. Please try again.', $form->Message());
|
$this->assertEquals('The provided details don't seem to be correct. Please try again.', $form->Message());
|
||||||
$this->assertEquals('bad', $form->MessageType());
|
$this->assertEquals('bad', $form->MessageType());
|
||||||
|
@ -444,7 +444,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
$member->LockedOutUntil,
|
$member->LockedOutUntil,
|
||||||
'User does not have a lockout time set if under threshold for failed attempts'
|
'User does not have a lockout time set if under threshold for failed attempts'
|
||||||
);
|
);
|
||||||
$this->assertContains($this->loginErrorMessage(), Convert::raw2xml(_t('Member.ERRORWRONGCRED')));
|
$this->assertContains(Convert::raw2xml(_t('Member.ERRORWRONGCRED')), $this->loginErrorMessage());
|
||||||
} else {
|
} else {
|
||||||
// Fuzzy matching for time to avoid side effects from slow running tests
|
// Fuzzy matching for time to avoid side effects from slow running tests
|
||||||
$this->assertGreaterThan(
|
$this->assertGreaterThan(
|
||||||
@ -644,7 +644,8 @@ class SecurityTest extends FunctionalTest {
|
|||||||
* Get the error message on the login form
|
* Get the error message on the login form
|
||||||
*/
|
*/
|
||||||
public function loginErrorMessage() {
|
public function loginErrorMessage() {
|
||||||
return $this->session()->inst_get('FormInfo.MemberLoginForm_LoginForm.formError.message');
|
$result = $this->session()->inst_get('FormInfo.MemberLoginForm_LoginForm.result');
|
||||||
|
return $result->message();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user