tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Sorted permission codes in Permission::get_codes 

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41096 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Sam Minnee 2007-08-31 00:28:30 +00:00
parent 6b4b9e978a
commit 87c8cb6661
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
security/Permission.php
View File

@ -21,7 +21,7 @@ class Permission extends DataObject {
/**
* Check that the current member has the given permission
*
* @param $code string
* @param $code string|array Either a list of codes or a single code
* @param $arg string
* @param $memberID integer
* @param $strict Boolean
@ -61,17 +61,20 @@ class Permission extends DataObject {
else use_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
}
if(is_array($code)) $SQL_codeList = "'" . implode("', '", Convert::raw2sql($code)) . "'";
else $SQL_codeList = "'" . Convert::raw2sql($code) . "'";
if(!self::$strict_checking || !$strict) {
$hasPermission = DB::query("
SELECT COUNT(*)
FROM Permission
WHERE (Code LIKE '$code')
WHERE Code IN ('$SQL_codeList')
")->value();
if(!$hasPermission) return true;
}
// Raw SQL for efficiency
return DB::query("SELECT ID FROM Permission WHERE (Code LIKE '$code' OR Code LIKE 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value();
return DB::query("SELECT ID FROM Permission WHERE Code IN ($SQL_codeList, 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value();
}
}
@ -206,6 +209,7 @@ class Permission extends DataObject {
if(!array_key_exists($otherPerm, $allCodes)) $allCodes[$otherPerm] = $otherPerm;
}
asort($allCodes);
return $allCodes;
}