Sorted permission codes in Permission::get_codes

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41096 467b73ca-7a2a-4603-9d3b-597d59a354a9
2024-10-22 14:05:37 +02:00 · 2007-08-31 00:28:30 +00:00 · 2007-08-31 00:28:30 +00:00 · 87c8cb6661
commit 87c8cb6661
parent 6b4b9e978a
1 changed files with 7 additions and 3 deletions
--- a/security/Permission.php
+++ b/security/Permission.php
@ -21,7 +21,7 @@ class Permission extends DataObject {
 	/**
 	 * Check that the current member has the given permission
 	 * 
-	 * @param $code string
+	 * @param $code string|array Either a list of codes or a single code
 	 * @param $arg string
 	 * @param $memberID integer
 	 * @param $strict Boolean
@ -61,17 +61,20 @@ class Permission extends DataObject {
 					else use_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
 			}
 			
+			if(is_array($code)) $SQL_codeList = "'" . implode("', '", Convert::raw2sql($code)) . "'";
+			else $SQL_codeList = "'" . Convert::raw2sql($code) . "'";
+			
 			if(!self::$strict_checking || !$strict) {
 				$hasPermission = DB::query("
 					SELECT COUNT(*) 
 					FROM Permission 
-					WHERE (Code LIKE '$code') 
+					WHERE Code IN ('$SQL_codeList') 
 				")->value();
 				if(!$hasPermission) return true;
 			}
 			
 			// Raw SQL for efficiency
-			return DB::query("SELECT ID FROM Permission WHERE (Code LIKE '$code' OR Code LIKE 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value();
+			return DB::query("SELECT ID FROM Permission WHERE Code IN ($SQL_codeList, 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value();
 		}
 	}
 	
@ -206,6 +209,7 @@ class Permission extends DataObject {
 			if(!array_key_exists($otherPerm, $allCodes)) $allCodes[$otherPerm] = $otherPerm;
 		}
 		
+		asort($allCodes);
 		return $allCodes;
 	}