mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
ENHANCEMENT Replaced SecurityAdmin tree view for groups with three top-level tabs: "Users", "Groups" and "Roles"
This commit is contained in:
parent
e2c21cce8e
commit
6f71186e2c
@ -84,16 +84,29 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
* @return FieldList
|
* @return FieldList
|
||||||
*/
|
*/
|
||||||
function RootForm() {
|
function RootForm() {
|
||||||
$config = new GridFieldConfig_RecordEditor();
|
$memberList = Object::create('GridField',
|
||||||
$config->addComponent(new GridFieldExporter());
|
'Members',
|
||||||
$config->getComponentByType('GridFieldPopupForms')->setValidator(new Member_Validator());
|
false,
|
||||||
$memberList = new GridField('Members', 'All members', DataList::create('Member'), $config);
|
DataList::create('Member'),
|
||||||
$memberList->addExtraClass("members_grid");
|
$memberListConfig = GridFieldConfig_RecordEditor::create()
|
||||||
|
->addComponent(new GridFieldExporter())
|
||||||
|
)->addExtraClass("members_grid");
|
||||||
|
$memberListConfig->getComponentByType('GridFieldPopupForms')->setValidator(new Member_Validator());
|
||||||
|
|
||||||
|
$groupList = Object::create('GridField',
|
||||||
|
'Groups',
|
||||||
|
false,
|
||||||
|
DataList::create('Group'),
|
||||||
|
GridFieldConfig_RecordEditor::create()
|
||||||
|
)->setDisplayFields(array(
|
||||||
|
'Breadcrumbs' => singleton('Group')->fieldLabel('Title')
|
||||||
|
));
|
||||||
|
|
||||||
|
|
||||||
$fields = new FieldList(
|
$fields = new FieldList(
|
||||||
$root = new TabSet(
|
$root = new TabSet(
|
||||||
'Root',
|
'Root',
|
||||||
new Tab('Members', singleton('Member')->i18n_plural_name(),
|
new Tab('Users', _t('SecurityAdmin.Users', 'Users'),
|
||||||
$memberList,
|
$memberList,
|
||||||
new LiteralField('MembersCautionText',
|
new LiteralField('MembersCautionText',
|
||||||
sprintf('<p class="caution-remove"><strong>%s</strong></p>',
|
sprintf('<p class="caution-remove"><strong>%s</strong></p>',
|
||||||
@ -104,14 +117,8 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
new Tab('Import', _t('SecurityAdmin.TABIMPORT', 'Import'),
|
new Tab('Groups', singleton('Group')->plural_name(),
|
||||||
new LiteralField(
|
$groupList
|
||||||
'GroupImportFormIframe',
|
|
||||||
sprintf(
|
|
||||||
'<iframe src="%s" id="GroupImportFormIframe" width="100%%" height="400px" border="0"></iframe>',
|
|
||||||
$this->Link('groupimport')
|
|
||||||
)
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
// necessary for tree node selection in LeftAndMain.EditForm.js
|
// necessary for tree node selection in LeftAndMain.EditForm.js
|
||||||
@ -138,6 +145,17 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
$rolesTab->push($rolesField);
|
$rolesTab->push($rolesField);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$fields->findOrMakeTab('Root.Import', _t('SecurityAdmin.TABIMPORT', 'Import'));
|
||||||
|
$fields->addFieldToTab('Root.Import',
|
||||||
|
new LiteralField(
|
||||||
|
'GroupImportFormIframe',
|
||||||
|
sprintf(
|
||||||
|
'<iframe src="%s" id="GroupImportFormIframe" width="100%%" height="400px" border="0"></iframe>',
|
||||||
|
$this->Link('groupimport')
|
||||||
|
)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
$actions = new FieldList();
|
$actions = new FieldList();
|
||||||
|
|
||||||
$this->extend('updateRootFormFields', $fields, $actions);
|
$this->extend('updateRootFormFields', $fields, $actions);
|
||||||
@ -220,12 +238,28 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
return $form;
|
return $form;
|
||||||
}
|
}
|
||||||
|
|
||||||
function getCMSTreeTitle() {
|
public function Breadcrumbs($unlinked = false) {
|
||||||
return _t('SecurityAdmin.SGROUPS', 'Security Groups');
|
$crumbs = parent::Breadcrumbs($unlinked);
|
||||||
}
|
|
||||||
|
|
||||||
public function EditedMember() {
|
// Name root breadcrumb based on which record is edited,
|
||||||
if(Session::get('currentMember')) return DataObject::get_by_id('Member', (int) Session::get('currentMember'));
|
// which can only be determined by looking for the fieldname of the GridField.
|
||||||
|
// Note: Titles should be same titles as tabs in RootForm().
|
||||||
|
$params = $this->request->allParams();
|
||||||
|
if(isset($params['FieldName'])) {
|
||||||
|
if($params['FieldName'] == 'Groups') {
|
||||||
|
$crumbs->First()->Title = singleton('Group')->plural_name();
|
||||||
|
} elseif($params['FieldName'] == 'Users') {
|
||||||
|
$crumbs->First()->Title = _t('SecurityAdmin.Users', 'Users');
|
||||||
|
} elseif($params['FieldName'] == 'Roles') {
|
||||||
|
$crumbs->First()->Title = _t('SecurityAdmin.TABROLES', 'Roles');
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// Avoid writing "Users" (the controller menu title) as a breadcrumb
|
||||||
|
// because its confusing and inaccurate.
|
||||||
|
$crumbs = new ArrayList();
|
||||||
|
}
|
||||||
|
|
||||||
|
return $crumbs;
|
||||||
}
|
}
|
||||||
|
|
||||||
function providePermissions() {
|
function providePermissions() {
|
||||||
@ -286,37 +320,4 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
static function clear_hidden_permissions(){
|
static function clear_hidden_permissions(){
|
||||||
self::$hidden_permissions = array();
|
self::$hidden_permissions = array();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Delete multiple {@link Group} records. Usually used through the {@link SecurityAdmin} interface.
|
|
||||||
*
|
|
||||||
* @package cms
|
|
||||||
* @subpackage batchactions
|
|
||||||
*/
|
|
||||||
class SecurityAdmin_DeleteBatchAction extends CMSBatchAction {
|
|
||||||
function getActionTitle() {
|
|
||||||
return _t('AssetAdmin_DeleteBatchAction.TITLE', 'Delete groups');
|
|
||||||
}
|
|
||||||
|
|
||||||
function run(SS_List $records) {
|
|
||||||
$status = array(
|
|
||||||
'modified'=>array(),
|
|
||||||
'deleted'=>array()
|
|
||||||
);
|
|
||||||
|
|
||||||
foreach($records as $record) {
|
|
||||||
// TODO Provide better feedback if permission was denied
|
|
||||||
if(!$record->canDelete()) continue;
|
|
||||||
|
|
||||||
$id = $record->ID;
|
|
||||||
$record->delete();
|
|
||||||
$status['deleted'][$id] = array();
|
|
||||||
$record->destroy();
|
|
||||||
unset($record);
|
|
||||||
}
|
|
||||||
|
|
||||||
return Convert::raw2json($status);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,21 +0,0 @@
|
|||||||
<div class="cms-content center $BaseCSSClasses" data-layout-type="border">
|
|
||||||
<div class="cms-content-tools west">
|
|
||||||
<div class="cms-content-header north">
|
|
||||||
<div>
|
|
||||||
<h2>
|
|
||||||
<% include CMSBreadcrumbs %>
|
|
||||||
</h2>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
$AddForm
|
|
||||||
|
|
||||||
<div data-url-tree="$Link(getsubtree)" data-url-savetreenode="$Link(savetreenode)" class="cms-tree draggable jstree jstree-apple">
|
|
||||||
$SiteTreeAsUL
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</div>
|
|
||||||
|
|
||||||
$EditForm
|
|
||||||
|
|
||||||
</div>
|
|
@ -62,23 +62,19 @@ class Group extends DataObject {
|
|||||||
public function getCMSFields() {
|
public function getCMSFields() {
|
||||||
Requirements::javascript(SAPPHIRE_DIR . '/javascript/PermissionCheckboxSetField.js');
|
Requirements::javascript(SAPPHIRE_DIR . '/javascript/PermissionCheckboxSetField.js');
|
||||||
|
|
||||||
$config = new GridFieldConfig_RelationEditor();
|
|
||||||
$config->addComponents(new GridFieldExporter());
|
|
||||||
$config->getComponentByType('GridFieldRelationAdd')
|
|
||||||
->setResultsFormat('$Title ($Email)')->setSearchFields(array('FirstName', 'Surname', 'Email'));
|
|
||||||
$config->getComponentByType('GridFieldPopupForms')->setValidator(new Member_Validator());
|
|
||||||
|
|
||||||
$memberList = new GridField('Members','Members', $this->Members(), $config);
|
|
||||||
$memberList->addExtraClass('members_grid');
|
|
||||||
|
|
||||||
// @todo Implement permission checking on GridField
|
|
||||||
//$memberList->setPermissions(array('edit', 'delete', 'export', 'add', 'inlineadd'));
|
|
||||||
//$memberList->setPopupCaption(_t('SecurityAdmin.VIEWUSER', 'View User'));
|
|
||||||
$fields = new FieldList(
|
$fields = new FieldList(
|
||||||
new TabSet("Root",
|
new TabSet("Root",
|
||||||
new Tab('Members', _t('SecurityAdmin.MEMBERS', 'Members'),
|
new Tab('Members', _t('SecurityAdmin.MEMBERS', 'Members'),
|
||||||
new TextField("Title", $this->fieldLabel('Title')),
|
new TextField("Title", $this->fieldLabel('Title')),
|
||||||
$memberList
|
Object::create('DropdownField',
|
||||||
|
'ParentID',
|
||||||
|
$this->fieldLabel('Parent'),
|
||||||
|
DataList::create('Group')->exclude('ID', $this->ID)->map('ID', 'Breadcrumbs')
|
||||||
|
)->setEmptyString(' '),
|
||||||
|
new LiteralField(
|
||||||
|
'ParentIDDescription',
|
||||||
|
'<p><em>' . _t('Group.GroupReminder', 'If you choose a parent group, this group will take all it\'s roles') . '</em></p>'
|
||||||
|
)
|
||||||
),
|
),
|
||||||
|
|
||||||
$permissionsTab = new Tab('Permissions', _t('SecurityAdmin.PERMISSIONS', 'Permissions'),
|
$permissionsTab = new Tab('Permissions', _t('SecurityAdmin.PERMISSIONS', 'Permissions'),
|
||||||
@ -92,6 +88,18 @@ class Group extends DataObject {
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
if($this->ID) {
|
||||||
|
$config = new GridFieldConfig_RelationEditor();
|
||||||
|
$config->addComponents(new GridFieldExporter());
|
||||||
|
$config->getComponentByType('GridFieldRelationAdd')
|
||||||
|
->setResultsFormat('$Title ($Email)')->setSearchFields(array('FirstName', 'Surname', 'Email'));
|
||||||
|
$config->getComponentByType('GridFieldPopupForms')->setValidator(new Member_Validator());
|
||||||
|
$memberList = Object::create('GridField', 'Members',false, $this->Members(), $config)->addExtraClass('members_grid');
|
||||||
|
// @todo Implement permission checking on GridField
|
||||||
|
//$memberList->setPermissions(array('edit', 'delete', 'export', 'add', 'inlineadd'));
|
||||||
|
$fields->addFieldToTab('Root.Members', $memberList);
|
||||||
|
}
|
||||||
|
|
||||||
// Only add a dropdown for HTML editor configurations if more than one is available.
|
// Only add a dropdown for HTML editor configurations if more than one is available.
|
||||||
// Otherwise Member->getHtmlEditorConfigForCMS() will default to the 'cms' configuration.
|
// Otherwise Member->getHtmlEditorConfigForCMS() will default to the 'cms' configuration.
|
||||||
@ -109,7 +117,6 @@ class Group extends DataObject {
|
|||||||
|
|
||||||
if(!Permission::check('EDIT_PERMISSIONS')) {
|
if(!Permission::check('EDIT_PERMISSIONS')) {
|
||||||
$fields->removeFieldFromTab('Root', 'Permissions');
|
$fields->removeFieldFromTab('Root', 'Permissions');
|
||||||
$fields->removeFieldFromTab('Root', 'IP Addresses');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Only show the "Roles" tab if permissions are granted to edit them,
|
// Only show the "Roles" tab if permissions are granted to edit them,
|
||||||
@ -137,19 +144,26 @@ class Group extends DataObject {
|
|||||||
|
|
||||||
// Add roles (and disable all checkboxes for inherited roles)
|
// Add roles (and disable all checkboxes for inherited roles)
|
||||||
$allRoles = Permission::check('ADMIN') ? DataObject::get('PermissionRole') : DataObject::get('PermissionRole', 'OnlyAdminCanApply = 0');
|
$allRoles = Permission::check('ADMIN') ? DataObject::get('PermissionRole') : DataObject::get('PermissionRole', 'OnlyAdminCanApply = 0');
|
||||||
$groupRoles = $this->Roles();
|
if($this->ID) {
|
||||||
$inheritedRoles = new ArrayList();
|
$groupRoles = $this->Roles();
|
||||||
$ancestors = $this->getAncestors();
|
$inheritedRoles = new ArrayList();
|
||||||
foreach($ancestors as $ancestor) {
|
$ancestors = $this->getAncestors();
|
||||||
$ancestorRoles = $ancestor->Roles();
|
foreach($ancestors as $ancestor) {
|
||||||
if($ancestorRoles) $inheritedRoles->merge($ancestorRoles);
|
$ancestorRoles = $ancestor->Roles();
|
||||||
|
if($ancestorRoles) $inheritedRoles->merge($ancestorRoles);
|
||||||
|
}
|
||||||
|
$groupRoleIDs = $groupRoles->column('ID') + $inheritedRoles->column('ID');
|
||||||
|
$inheritedRoleIDs = $inheritedRoles->column('ID');
|
||||||
|
} else {
|
||||||
|
$groupRoleIDs = array();
|
||||||
|
$inheritedRoleIDs = array();
|
||||||
}
|
}
|
||||||
$groupRoleIDs = $groupRoles->column('ID') + $inheritedRoles->column('ID');
|
|
||||||
$rolesField = Object::create('ListboxField', 'Roles', false, $allRoles->map()->toArray())
|
$rolesField = Object::create('ListboxField', 'Roles', false, $allRoles->map()->toArray())
|
||||||
->setMultiple(true)
|
->setMultiple(true)
|
||||||
->setDefaultItems($groupRoleIDs)
|
->setDefaultItems($groupRoleIDs)
|
||||||
->setAttribute('data-placeholder', _t('Group.AddRole', 'Add a role for this group'))
|
->setAttribute('data-placeholder', _t('Group.AddRole', 'Add a role for this group'))
|
||||||
->setDisabledItems($inheritedRoles->column('ID'));
|
->setDisabledItems($inheritedRoleIDs);
|
||||||
if(!$allRoles->Count()) $rolesField->setAttribute('data-placeholder', _t('Group.NoRoles', 'No roles found'));
|
if(!$allRoles->Count()) $rolesField->setAttribute('data-placeholder', _t('Group.NoRoles', 'No roles found'));
|
||||||
$fields->addFieldToTab('Root.Roles', $rolesField);
|
$fields->addFieldToTab('Root.Roles', $rolesField);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user