mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
mlantahler: Small bugfix: Member::currentUser() returns FALSE if the user is not logged in. So Member::currentUser()->ID won't work. (merged from branches/gsoc)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41776 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
9a22699fcc
commit
692b4b3df9
@ -3,7 +3,7 @@
|
|||||||
class Permission extends DataObject {
|
class Permission extends DataObject {
|
||||||
static $db = array(
|
static $db = array(
|
||||||
"Code" => "Varchar",
|
"Code" => "Varchar",
|
||||||
"Arg" => "Int",
|
"Arg" => "Int",
|
||||||
);
|
);
|
||||||
static $has_one = array(
|
static $has_one = array(
|
||||||
"Group" => "Group",
|
"Group" => "Group",
|
||||||
@ -11,7 +11,7 @@ class Permission extends DataObject {
|
|||||||
static $indexes = array(
|
static $indexes = array(
|
||||||
"Code" => true,
|
"Code" => true,
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var $strict_checking Boolean Method to globally disable "strict" checking,
|
* @var $strict_checking Boolean Method to globally disable "strict" checking,
|
||||||
* which means a permission will be granted if the key does not exist at all.
|
* which means a permission will be granted if the key does not exist at all.
|
||||||
@ -34,10 +34,10 @@ class Permission extends DataObject {
|
|||||||
}
|
}
|
||||||
$memberID = Member::currentUserID();
|
$memberID = Member::currentUserID();
|
||||||
}
|
}
|
||||||
|
|
||||||
return self::checkMember($memberID, $code, $arg);
|
return self::checkMember($memberID, $code, $arg);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check that the given member has the given permission
|
* Check that the given member has the given permission
|
||||||
*
|
*
|
||||||
@ -52,11 +52,12 @@ class Permission extends DataObject {
|
|||||||
$groupList = self::groupList($memberID);
|
$groupList = self::groupList($memberID);
|
||||||
if($groupList) {
|
if($groupList) {
|
||||||
$groupCSV = implode(", ", $groupList);
|
$groupCSV = implode(", ", $groupList);
|
||||||
|
|
||||||
// Arg component
|
// Arg component
|
||||||
switch($arg) {
|
switch($arg) {
|
||||||
case "any": $argClause = "";break;
|
case "any": $argClause = "";break;
|
||||||
case "all": $argClause = " AND Arg = -1"; break;
|
case "all": $argClause = " AND Arg = -1"; break;
|
||||||
default:
|
default:
|
||||||
if(is_numeric($arg)) $argClause = "AND Arg IN (-1, $arg) ";
|
if(is_numeric($arg)) $argClause = "AND Arg IN (-1, $arg) ";
|
||||||
else use_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
|
else use_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
|
||||||
}
|
}
|
||||||
@ -77,8 +78,8 @@ class Permission extends DataObject {
|
|||||||
return DB::query("SELECT ID FROM Permission WHERE Code IN ($SQL_codeList, 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value();
|
return DB::query("SELECT ID FROM Permission WHERE Code IN ($SQL_codeList, 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the list of groups that the given member belongs to.
|
* Get the list of groups that the given member belongs to.
|
||||||
* Call without an argument to get the groups that the current member belongs to. In this case, the results will be session-cached
|
* Call without an argument to get the groups that the current member belongs to. In this case, the results will be session-cached
|
||||||
@ -91,7 +92,7 @@ class Permission extends DataObject {
|
|||||||
} else {
|
} else {
|
||||||
$member = DataObject::get_by_id("Member", $memberID);
|
$member = DataObject::get_by_id("Member", $memberID);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($member) {
|
if($member) {
|
||||||
// Build a list of the IDs of the groups. Most of the heavy lifting is done by Member::Groups
|
// Build a list of the IDs of the groups. Most of the heavy lifting is done by Member::Groups
|
||||||
// NOTE: This isn't effecient; but it's called once per session so it's a low priority to fix.
|
// NOTE: This isn't effecient; but it's called once per session so it's a low priority to fix.
|
||||||
@ -128,17 +129,17 @@ class Permission extends DataObject {
|
|||||||
$perm->write();
|
$perm->write();
|
||||||
return $perm;
|
return $perm;
|
||||||
}
|
}
|
||||||
|
|
||||||
function requireDefaultRecords() {
|
function requireDefaultRecords() {
|
||||||
parent::requireDefaultRecords();
|
parent::requireDefaultRecords();
|
||||||
|
|
||||||
// Add default content if blank
|
// Add default content if blank
|
||||||
if(!DB::query("SELECT ID FROM Permission")->value()) {
|
if(!DB::query("SELECT ID FROM Permission")->value()) {
|
||||||
$admins = DB::query("SELECT ID FROM `Group` WHERE CanCMSAdmin = 1")->column();
|
$admins = DB::query("SELECT ID FROM `Group` WHERE CanCMSAdmin = 1")->column();
|
||||||
if(isset($admins)) {
|
if(isset($admins)) {
|
||||||
foreach($admins as $admin) Permission::grant($admin, "ADMIN");
|
foreach($admins as $admin) Permission::grant($admin, "ADMIN");
|
||||||
}
|
}
|
||||||
|
|
||||||
$authors = DB::query("SELECT ID FROM `Group` WHERE CanCMS = 1")->column();
|
$authors = DB::query("SELECT ID FROM `Group` WHERE CanCMS = 1")->column();
|
||||||
if(isset($authors)) {
|
if(isset($authors)) {
|
||||||
foreach($authors as $author) {
|
foreach($authors as $author) {
|
||||||
@ -148,10 +149,10 @@ class Permission extends DataObject {
|
|||||||
Permission::grant($author, "CMS_ACCESS_ReportAdmin");
|
Permission::grant($author, "CMS_ACCESS_ReportAdmin");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns all members for a specific permission.
|
* Returns all members for a specific permission.
|
||||||
*
|
*
|
||||||
|
Loading…
Reference in New Issue
Block a user