mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
MINOR added more documentation around SiteConfig. Also wrote unit tests for permissions inheritance off it. (from r86132)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89164 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Sam Minnee
parent
b930149c3a
commit
7dd6d10cde
@ -37,6 +37,8 @@ class TableListField extends FormField {
|
||||
|
||||
protected $fieldList;
|
||||
|
||||
protected $disableSorting = false;
|
||||
|
||||
/**
|
||||
* @var $fieldListCsv array
|
||||
*/
|
||||
@ -343,6 +345,10 @@ JS
|
||||
return new DataObjectSet($headings);
|
||||
}
|
||||
|
||||
function disableSorting($to = true) {
|
||||
$this->disableSorting = $to;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determines if a field is "sortable".
|
||||
* If the field is generated by a custom getter, we can't sort on it
|
||||
@ -352,7 +358,7 @@ JS
|
||||
* @return bool
|
||||
*/
|
||||
function isFieldSortable($fieldName) {
|
||||
if($this->customSourceItems) {
|
||||
if($this->customSourceItems || $this->disableSorting) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -362,8 +368,14 @@ JS
|
||||
$query = $this->__cachedQuery = $this->getQuery();
|
||||
}
|
||||
$sql = $query->sql();
|
||||
|
||||
$selects = $query->select;
|
||||
foreach($selects as $i => $sel) {
|
||||
if (preg_match('/"(.+?)"\."(.+?)"/', $sel, $matches)) $selects[$i] = $matches[2];
|
||||
}
|
||||
|
||||
$SQL_fieldName = Convert::raw2sql($fieldName);
|
||||
return (in_array($SQL_fieldName,$query->select) || stripos($sql,"AS {$SQL_fieldName}"));
|
||||
return (in_array($SQL_fieldName,$selects) || stripos($sql,"AS {$SQL_fieldName}"));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -101,6 +101,21 @@ class Group extends DataObject {
|
||||
$fields->removeFieldFromTab('Root', 'IP Addresses');
|
||||
}
|
||||
|
||||
if(Permission::check('EDIT_PERMISSIONS') && DataObject::get('PermissionRole')) {
|
||||
$fields->addFieldToTab(_t('SecurityAdmin.ROLES', 'Roles'),
|
||||
new LiteralField(
|
||||
"",
|
||||
"<p>" .
|
||||
_t('SecurityAdmin.ROLESDESCRIPTION',
|
||||
"This section allows you to add roles to this group. Roles are logical groupings of permissions, which can be editied in the Roles tab"
|
||||
) .
|
||||
"</p>"
|
||||
)
|
||||
);
|
||||
|
||||
$fields->addFieldToTab(_t('SecurityAdmin.ROLES', 'Roles'), new CheckboxSetField('Roles', 'Roles', DataObject::get('PermissionRole')));
|
||||
}
|
||||
|
||||
$memberList->setController($this);
|
||||
$memberList->setPermissions(array('show', 'edit', 'delete', 'export', 'add'));
|
||||
$memberList->setParentClass('Group');
|
||||
|
||||
@ -16,6 +16,8 @@
|
||||
$cacheOn = true;
|
||||
$cacheDebug = false;
|
||||
$hostmapLocation = '../subsites/host-map.php';
|
||||
date_default_timezone_set('Pacific/Auckland');
|
||||
|
||||
|
||||
if ($cacheOn) {
|
||||
if (file_exists($hostmapLocation)) {
|
||||
@ -34,14 +36,14 @@ if ($cacheOn) {
|
||||
$file = $file ? $file : 'index';
|
||||
|
||||
if (file_exists('../cache/'.$cacheDir.$file.'.html')) {
|
||||
header('X-cache: hit at '.date('r'));
|
||||
header('X-cache: hit at '.@date('r'));
|
||||
echo file_get_contents('../cache/'.$cacheDir.$file.'.html');
|
||||
} elseif (file_exists('../cache/'.$cacheDir.$file.'.php')) {
|
||||
header('X-cache: hit at '.date('r'));
|
||||
header('X-cache: hit at '.@date('r'));
|
||||
include_once '../cache/'.$cacheDir.$file.'.php';
|
||||
if ($cacheDebug) echo "<h1>File was cached</h1>";
|
||||
} else {
|
||||
header('X-cache: miss at '.date('r') . ' on ' . $cacheDir . $file);
|
||||
header('X-cache: miss at '.@date('r') . ' on ' . $cacheDir . $file);
|
||||
// No cache hit... fallback!!!
|
||||
include 'main.php';
|
||||
if ($cacheDebug) echo "<h1>File was !NOT! cached</h1>";
|
||||
|
||||
@ -272,5 +272,56 @@ class SiteTreePermissionsTest extends FunctionalTest {
|
||||
);
|
||||
}
|
||||
|
||||
function testInheritCanViewFromSiteConfig() {
|
||||
$page = $this->objFromFixture('Page', 'inheritWithNoParent');
|
||||
$siteconfig = $this->objFromFixture('SiteConfig', 'default');
|
||||
$editor = $this->objFromFixture('Member', 'editor');
|
||||
$editorGroup = $this->objFromFixture('Group', 'editorgroup');
|
||||
|
||||
$siteconfig->CanViewType = 'Anyone';
|
||||
$siteconfig->write();
|
||||
$this->assertTrue($page->canView(FALSE), 'Anyone can view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to LoggedInUsers');
|
||||
|
||||
$siteconfig->CanViewType = 'LoggedInUsers';
|
||||
$siteconfig->write();
|
||||
$this->assertFalse($page->canView(FALSE), 'Anonymous can\'t view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to LoggedInUsers');
|
||||
|
||||
$siteconfig->CanViewType = 'LoggedInUsers';
|
||||
$siteconfig->write();
|
||||
$this->assertTrue($page->canView($editor), 'Users can view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to LoggedInUsers');
|
||||
|
||||
$siteconfig->CanViewType = 'OnlyTheseUsers';
|
||||
$siteconfig->ViewerGroups()->add($editorGroup);
|
||||
$siteconfig->ViewerGroups()->write();
|
||||
$siteconfig->write();
|
||||
$this->assertTrue($page->canView($editor), 'Editors can view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to OnlyTheseUsers');
|
||||
$this->assertFalse($page->canView(FALSE), 'Anonymous can\'t view a page when set to inherit from the SiteConfig, and SiteConfig has canView set to OnlyTheseUsers');
|
||||
}
|
||||
|
||||
function testInheritCanEditFromSiteConfig() {
|
||||
$page = $this->objFromFixture('Page', 'inheritWithNoParent');
|
||||
$siteconfig = $this->objFromFixture('SiteConfig', 'default');
|
||||
$editor = $this->objFromFixture('Member', 'editor');
|
||||
$user = $this->objFromFixture('Member', 'websiteuser');
|
||||
$editorGroup = $this->objFromFixture('Group', 'editorgroup');
|
||||
|
||||
$siteconfig->CanEditType = 'LoggedInUsers';
|
||||
$siteconfig->write();
|
||||
|
||||
$this->assertFalse($page->canEdit(FALSE), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers');
|
||||
$this->session()->inst_set('loggedInAs', $editor->ID);
|
||||
$this->assertTrue($page->canEdit(), 'Users can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers');
|
||||
|
||||
$siteconfig->CanEditType = 'OnlyTheseUsers';
|
||||
$siteconfig->EditorGroups()->add($editorGroup);
|
||||
$siteconfig->EditorGroups()->write();
|
||||
$siteconfig->write();
|
||||
$this->assertTrue($page->canEdit($editor), 'Editors can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
|
||||
$this->session()->inst_set('loggedInAs', null);
|
||||
$this->assertFalse($page->canEdit(FALSE), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
|
||||
$this->session()->inst_set('loggedInAs', $user->ID);
|
||||
$this->assertFalse($page->canEdit($user), 'Website user can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
|
||||
}
|
||||
|
||||
}
|
||||
?>
|
||||
@ -1,3 +1,9 @@
|
||||
SiteConfig:
|
||||
default:
|
||||
Title: My test site
|
||||
Tagline: There is no doubt this is a great test site
|
||||
CanViewType: Anyone
|
||||
CanEditType: LoggedInUsers
|
||||
Permission:
|
||||
cmsmain1:
|
||||
Code: CMS_ACCESS_CMSMain
|
||||
@ -50,6 +56,10 @@ Page:
|
||||
CanEditType: OnlyTheseUsers
|
||||
EditorGroups: =>Group.subadmingroup
|
||||
URLSegment: restrictedEditOnlySubadminGroup
|
||||
inheritWithNoParent:
|
||||
CanEditType: Inherit
|
||||
CanViewType: Inherit
|
||||
URLSegment: inheritWithNoParent
|
||||
parent_restrictedViewOnlySubadminGroup:
|
||||
CanViewType: OnlyTheseUsers
|
||||
ViewerGroups: =>Group.subadmingroup
|
||||
|
||||
Loading…
Reference in New Issue
Block a user