tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

ENHANCEMENT Using optional $member parameter for DataObject::can*() methods

Browse Source 
MINOR Added documentation to DataObject about permission handling


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@62841 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2008-09-22 16:02:03 +00:00
parent 4b2af337d8
commit 73dd86bd8e
1 changed files with 59 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
core/model/DataObject.php
View File

@ -1,6 +1,61 @@
<?php
/**
* A single database record & abstract class for the data-access-model.
*
* Object-level access control by {@link Permission}. Permission codes are arbitrary
* strings which can be selected on a group-by-group basis.
*
* <code>
* class Article extends DataObject implements PermissionProvider {
* static $api_access = true;
*
* public function canView($member = false) {
* return Permission::check('ARTICLE_VIEW');
* }
* public function canEdit($member = false) {
* return Permission::check('ARTICLE_EDIT');
* }
* public function canDelete() {
* return Permission::check('ARTICLE_DELETE');
* }
* public function canCreate() {
* return Permission::check('ARTICLE_CREATE');
* }
* public function providePermissions() {
* return array(
* 'ARTICLE_VIEW' => 'Read an article object',
* 'ARTICLE_EDIT' => 'Edit an article object',
* 'ARTICLE_DELETE' => 'Delete an article object',
* 'ARTICLE_CREATE' => 'Create an article object',
* );
* }
* }
* </code>
*
* Object-level access control by {@link Group} membership:
* <code>
* class Article extends DataObject {
* static $api_access = true;
*
* public function canView($member = false) {
* if(!$member) $member = Member::currentUser();
* return $member->inGroup('Subscribers');
* }
* public function canEdit($member = false) {
* if(!$member) $member = Member::currentUser();
* return $member->inGroup('Editors');
* }
* public function canDelete($member = false) {
* if(!$member) $member = Member::currentUser();
* return $member->inGroup('Editors');
* }
* public function canCreate($member = false) {
* if(!$member) $member = Member::currentUser();
* return $member->inGroup('Editors');
* }
* }
* </code>
*
* @package sapphire
* @subpackage model
*/
@ -1734,7 +1789,7 @@ class DataObject extends ViewableData implements DataObjectInterface {
* @return boolean
*/
public function canView($member = null) {
return Permission::check('ADMIN');
return Permission::check('ADMIN', 'any', $member);
}
/**
@ -1742,7 +1797,7 @@ class DataObject extends ViewableData implements DataObjectInterface {
* @return boolean
*/
public function canEdit($member = null) {
return Permission::check('ADMIN');
return Permission::check('ADMIN', 'any', $member);
}
/**
@ -1750,7 +1805,7 @@ class DataObject extends ViewableData implements DataObjectInterface {
* @return boolean
*/
public function canDelete($member = null) {
return Permission::check('ADMIN');
return Permission::check('ADMIN', 'any', $member);
}
/**
@ -1760,7 +1815,7 @@ class DataObject extends ViewableData implements DataObjectInterface {
* @return boolean
*/
public function canCreate($member = null) {
return Permission::check('ADMIN');
return Permission::check('ADMIN', 'any', $member);;
}
/**