mlantahler: Small bugfix: Member::currentUser() returns FALSE if the user is not logged in. So Member::currentUser()->ID won't work. (merged from branches/gsoc)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41776 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2007-09-14 17:44:33 +00:00
parent 9a22699fcc
commit 692b4b3df9

View File

@ -3,7 +3,7 @@
class Permission extends DataObject { class Permission extends DataObject {
static $db = array( static $db = array(
"Code" => "Varchar", "Code" => "Varchar",
"Arg" => "Int", "Arg" => "Int",
); );
static $has_one = array( static $has_one = array(
"Group" => "Group", "Group" => "Group",
@ -11,7 +11,7 @@ class Permission extends DataObject {
static $indexes = array( static $indexes = array(
"Code" => true, "Code" => true,
); );
/** /**
* @var $strict_checking Boolean Method to globally disable "strict" checking, * @var $strict_checking Boolean Method to globally disable "strict" checking,
* which means a permission will be granted if the key does not exist at all. * which means a permission will be granted if the key does not exist at all.
@ -34,10 +34,10 @@ class Permission extends DataObject {
} }
$memberID = Member::currentUserID(); $memberID = Member::currentUserID();
} }
return self::checkMember($memberID, $code, $arg); return self::checkMember($memberID, $code, $arg);
} }
/** /**
* Check that the given member has the given permission * Check that the given member has the given permission
* *
@ -52,11 +52,12 @@ class Permission extends DataObject {
$groupList = self::groupList($memberID); $groupList = self::groupList($memberID);
if($groupList) { if($groupList) {
$groupCSV = implode(", ", $groupList); $groupCSV = implode(", ", $groupList);
// Arg component // Arg component
switch($arg) { switch($arg) {
case "any": $argClause = "";break; case "any": $argClause = "";break;
case "all": $argClause = " AND Arg = -1"; break; case "all": $argClause = " AND Arg = -1"; break;
default: default:
if(is_numeric($arg)) $argClause = "AND Arg IN (-1, $arg) "; if(is_numeric($arg)) $argClause = "AND Arg IN (-1, $arg) ";
else use_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR); else use_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
} }
@ -77,8 +78,8 @@ class Permission extends DataObject {
return DB::query("SELECT ID FROM Permission WHERE Code IN ($SQL_codeList, 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value(); return DB::query("SELECT ID FROM Permission WHERE Code IN ($SQL_codeList, 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value();
} }
} }
/** /**
* Get the list of groups that the given member belongs to. * Get the list of groups that the given member belongs to.
* Call without an argument to get the groups that the current member belongs to. In this case, the results will be session-cached * Call without an argument to get the groups that the current member belongs to. In this case, the results will be session-cached
@ -91,7 +92,7 @@ class Permission extends DataObject {
} else { } else {
$member = DataObject::get_by_id("Member", $memberID); $member = DataObject::get_by_id("Member", $memberID);
} }
if($member) { if($member) {
// Build a list of the IDs of the groups. Most of the heavy lifting is done by Member::Groups // Build a list of the IDs of the groups. Most of the heavy lifting is done by Member::Groups
// NOTE: This isn't effecient; but it's called once per session so it's a low priority to fix. // NOTE: This isn't effecient; but it's called once per session so it's a low priority to fix.
@ -128,17 +129,17 @@ class Permission extends DataObject {
$perm->write(); $perm->write();
return $perm; return $perm;
} }
function requireDefaultRecords() { function requireDefaultRecords() {
parent::requireDefaultRecords(); parent::requireDefaultRecords();
// Add default content if blank // Add default content if blank
if(!DB::query("SELECT ID FROM Permission")->value()) { if(!DB::query("SELECT ID FROM Permission")->value()) {
$admins = DB::query("SELECT ID FROM `Group` WHERE CanCMSAdmin = 1")->column(); $admins = DB::query("SELECT ID FROM `Group` WHERE CanCMSAdmin = 1")->column();
if(isset($admins)) { if(isset($admins)) {
foreach($admins as $admin) Permission::grant($admin, "ADMIN"); foreach($admins as $admin) Permission::grant($admin, "ADMIN");
} }
$authors = DB::query("SELECT ID FROM `Group` WHERE CanCMS = 1")->column(); $authors = DB::query("SELECT ID FROM `Group` WHERE CanCMS = 1")->column();
if(isset($authors)) { if(isset($authors)) {
foreach($authors as $author) { foreach($authors as $author) {
@ -148,10 +149,10 @@ class Permission extends DataObject {
Permission::grant($author, "CMS_ACCESS_ReportAdmin"); Permission::grant($author, "CMS_ACCESS_ReportAdmin");
} }
} }
} }
} }
/** /**
* Returns all members for a specific permission. * Returns all members for a specific permission.
* *