tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Sorted permission codes in Permission::get_codes

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41096 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Sam Minnee 2007-08-31 00:28:30 +00:00
parent 6b4b9e978a
commit 87c8cb6661
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
security/Permission.php
View File

@ -21,7 +21,7 @@ class Permission extends DataObject {
/** /**
* Check that the current member has the given permission * Check that the current member has the given permission
* *
* @param $code string * @param $code string|array Either a list of codes or a single code
* @param $arg string * @param $arg string
* @param $memberID integer * @param $memberID integer
* @param $strict Boolean * @param $strict Boolean
@ -61,17 +61,20 @@ class Permission extends DataObject {
else use_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR); else use_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
} }
if(is_array($code)) $SQL_codeList = "'" . implode("', '", Convert::raw2sql($code)) . "'";
else $SQL_codeList = "'" . Convert::raw2sql($code) . "'";
if(!self::$strict_checking || !$strict) { if(!self::$strict_checking || !$strict) {
$hasPermission = DB::query(" $hasPermission = DB::query("
SELECT COUNT(*) SELECT COUNT(*)
FROM Permission FROM Permission
WHERE (Code LIKE '$code') WHERE Code IN ('$SQL_codeList')
")->value(); ")->value();
if(!$hasPermission) return true; if(!$hasPermission) return true;
} }
// Raw SQL for efficiency // Raw SQL for efficiency
return DB::query("SELECT ID FROM Permission WHERE (Code LIKE '$code' OR Code LIKE 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value(); return DB::query("SELECT ID FROM Permission WHERE Code IN ($SQL_codeList, 'ADMIN') AND GroupID IN ($groupCSV) $argClause")->value();
} }
} }
@ -206,6 +209,7 @@ class Permission extends DataObject {
if(!array_key_exists($otherPerm, $allCodes)) $allCodes[$otherPerm] = $otherPerm; if(!array_key_exists($otherPerm, $allCodes)) $allCodes[$otherPerm] = $otherPerm;
} }
asort($allCodes);
return $allCodes; return $allCodes;
} }