diff --git a/forms/TableListField.php b/forms/TableListField.php
index fa9da7581..ab7920e06 100755
--- a/forms/TableListField.php
+++ b/forms/TableListField.php
@@ -37,6 +37,8 @@ class TableListField extends FormField {
protected $fieldList;
+ protected $disableSorting = false;
+
/**
* @var $fieldListCsv array
*/
@@ -342,6 +344,10 @@ JS
}
return new DataObjectSet($headings);
}
+
+ function disableSorting($to = true) {
+ $this->disableSorting = $to;
+ }
/**
* Determines if a field is "sortable".
@@ -352,7 +358,7 @@ JS
* @return bool
*/
function isFieldSortable($fieldName) {
- if($this->customSourceItems) {
+ if($this->customSourceItems || $this->disableSorting) {
return false;
}
@@ -362,8 +368,14 @@ JS
$query = $this->__cachedQuery = $this->getQuery();
}
$sql = $query->sql();
+
+ $selects = $query->select;
+ foreach($selects as $i => $sel) {
+ if (preg_match('/"(.+?)"\."(.+?)"/', $sel, $matches)) $selects[$i] = $matches[2];
+ }
+
$SQL_fieldName = Convert::raw2sql($fieldName);
- return (in_array($SQL_fieldName,$query->select) || stripos($sql,"AS {$SQL_fieldName}"));
+ return (in_array($SQL_fieldName,$selects) || stripos($sql,"AS {$SQL_fieldName}"));
}
/**
diff --git a/security/Group.php b/security/Group.php
index beabea9c4..28074bee6 100644
--- a/security/Group.php
+++ b/security/Group.php
@@ -101,6 +101,21 @@ class Group extends DataObject {
$fields->removeFieldFromTab('Root', 'IP Addresses');
}
+ if(Permission::check('EDIT_PERMISSIONS') && DataObject::get('PermissionRole')) {
+ $fields->addFieldToTab(_t('SecurityAdmin.ROLES', 'Roles'),
+ new LiteralField(
+ "",
+ "" .
+ _t('SecurityAdmin.ROLESDESCRIPTION',
+ "This section allows you to add roles to this group. Roles are logical groupings of permissions, which can be editied in the Roles tab"
+ ) .
+ "
"
+ )
+ );
+
+ $fields->addFieldToTab(_t('SecurityAdmin.ROLES', 'Roles'), new CheckboxSetField('Roles', 'Roles', DataObject::get('PermissionRole')));
+ }
+
$memberList->setController($this);
$memberList->setPermissions(array('show', 'edit', 'delete', 'export', 'add'));
$memberList->setParentClass('Group');
diff --git a/static-main.php b/static-main.php
index 91564aaf6..b7ab6d7f8 100644
--- a/static-main.php
+++ b/static-main.php
@@ -16,6 +16,8 @@
$cacheOn = true;
$cacheDebug = false;
$hostmapLocation = '../subsites/host-map.php';
+date_default_timezone_set('Pacific/Auckland');
+
if ($cacheOn) {
if (file_exists($hostmapLocation)) {
@@ -34,14 +36,14 @@ if ($cacheOn) {
$file = $file ? $file : 'index';
if (file_exists('../cache/'.$cacheDir.$file.'.html')) {
- header('X-cache: hit at '.date('r'));
+ header('X-cache: hit at '.@date('r'));
echo file_get_contents('../cache/'.$cacheDir.$file.'.html');
} elseif (file_exists('../cache/'.$cacheDir.$file.'.php')) {
- header('X-cache: hit at '.date('r'));
+ header('X-cache: hit at '.@date('r'));
include_once '../cache/'.$cacheDir.$file.'.php';
if ($cacheDebug) echo "File was cached
";
} else {
- header('X-cache: miss at '.date('r') . ' on ' . $cacheDir . $file);
+ header('X-cache: miss at '.@date('r') . ' on ' . $cacheDir . $file);
// No cache hit... fallback!!!
include 'main.php';
if ($cacheDebug) echo "File was !NOT! cached
";
diff --git a/tests/SiteTreePermissionsTest.php b/tests/SiteTreePermissionsTest.php
index 6c8aa95fd..cc74083ec 100755
--- a/tests/SiteTreePermissionsTest.php
+++ b/tests/SiteTreePermissionsTest.php
@@ -263,7 +263,7 @@ class SiteTreePermissionsTest extends FunctionalTest {
// Get the live version of the page
$page = Versioned::get_one_by_stage("SiteTree", "Live", "\"SiteTree\".\"ID\" = $pageID");
-
+
// subadmin users
$subadminuser = $this->objFromFixture('Member', 'subadmin');
$this->assertTrue(
@@ -271,6 +271,57 @@ class SiteTreePermissionsTest extends FunctionalTest {
'Authenticated members can edit a page that was deleted from stage and marked as "Editable by logged in users" if they have cms permissions and belong to any of these groups'
);
}
+
+ function testInheritCanViewFromSiteConfig() {
+ $page = $this->objFromFixture('Page', 'inheritWithNoParent');
+ $siteconfig = $this->objFromFixture('SiteConfig', 'default');
+ $editor = $this->objFromFixture('Member', 'editor');
+ $editorGroup = $this->objFromFixture('Group', 'editorgroup');
+
+ $siteconfig->CanViewType = 'Anyone';
+ $siteconfig->write();
+ $this->assertTrue($page->canView(FALSE), 'Anyone can view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to LoggedInUsers');
+
+ $siteconfig->CanViewType = 'LoggedInUsers';
+ $siteconfig->write();
+ $this->assertFalse($page->canView(FALSE), 'Anonymous can\'t view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to LoggedInUsers');
+
+ $siteconfig->CanViewType = 'LoggedInUsers';
+ $siteconfig->write();
+ $this->assertTrue($page->canView($editor), 'Users can view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to LoggedInUsers');
+
+ $siteconfig->CanViewType = 'OnlyTheseUsers';
+ $siteconfig->ViewerGroups()->add($editorGroup);
+ $siteconfig->ViewerGroups()->write();
+ $siteconfig->write();
+ $this->assertTrue($page->canView($editor), 'Editors can view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to OnlyTheseUsers');
+ $this->assertFalse($page->canView(FALSE), 'Anonymous can\'t view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to OnlyTheseUsers');
+ }
+
+ function testInheritCanEditFromSiteConfig() {
+ $page = $this->objFromFixture('Page', 'inheritWithNoParent');
+ $siteconfig = $this->objFromFixture('SiteConfig', 'default');
+ $editor = $this->objFromFixture('Member', 'editor');
+ $user = $this->objFromFixture('Member', 'websiteuser');
+ $editorGroup = $this->objFromFixture('Group', 'editorgroup');
+
+ $siteconfig->CanEditType = 'LoggedInUsers';
+ $siteconfig->write();
+
+ $this->assertFalse($page->canEdit(FALSE), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers');
+ $this->session()->inst_set('loggedInAs', $editor->ID);
+ $this->assertTrue($page->canEdit(), 'Users can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers');
+
+ $siteconfig->CanEditType = 'OnlyTheseUsers';
+ $siteconfig->EditorGroups()->add($editorGroup);
+ $siteconfig->EditorGroups()->write();
+ $siteconfig->write();
+ $this->assertTrue($page->canEdit($editor), 'Editors can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
+ $this->session()->inst_set('loggedInAs', null);
+ $this->assertFalse($page->canEdit(FALSE), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
+ $this->session()->inst_set('loggedInAs', $user->ID);
+ $this->assertFalse($page->canEdit($user), 'Website user can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
+ }
}
?>
\ No newline at end of file
diff --git a/tests/SiteTreePermissionsTest.yml b/tests/SiteTreePermissionsTest.yml
index c0c6fdff0..67e2987cb 100644
--- a/tests/SiteTreePermissionsTest.yml
+++ b/tests/SiteTreePermissionsTest.yml
@@ -1,3 +1,9 @@
+SiteConfig:
+ default:
+ Title: My test site
+ Tagline: There is no doubt this is a great test site
+ CanViewType: Anyone
+ CanEditType: LoggedInUsers
Permission:
cmsmain1:
Code: CMS_ACCESS_CMSMain
@@ -50,6 +56,10 @@ Page:
CanEditType: OnlyTheseUsers
EditorGroups: =>Group.subadmingroup
URLSegment: restrictedEditOnlySubadminGroup
+ inheritWithNoParent:
+ CanEditType: Inherit
+ CanViewType: Inherit
+ URLSegment: inheritWithNoParent
parent_restrictedViewOnlySubadminGroup:
CanViewType: OnlyTheseUsers
ViewerGroups: =>Group.subadmingroup