From baf98e81d60e457bdbbc7fb7974325ef47c972d5 Mon Sep 17 00:00:00 2001 From: Ingo Schommer Date: Sat, 17 Oct 2009 05:11:23 +0000 Subject: [PATCH] BUGFIX Respecting SiteTree->canDelete() in SiteTree->getCMSActions() git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89338 467b73ca-7a2a-4603-9d3b-597d59a354a9 --- core/model/SiteTree.php | 14 ++++++--- tests/SiteTreeActionsTest.php | 58 ++++++++++++++++++++++++++++++++++- tests/SiteTreeActionsTest.yml | 28 +++++++++++++++-- 3 files changed, 91 insertions(+), 9 deletions(-) diff --git a/core/model/SiteTree.php b/core/model/SiteTree.php index 8906f1862..6b125ec47 100755 --- a/core/model/SiteTree.php +++ b/core/model/SiteTree.php @@ -1826,16 +1826,20 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid if($this->ExistsOnLive) { // "restore" $actions->push(new FormAction('revert',_t('CMSMain.RESTORE','Restore'))); - // "delete from live" - $actions->push(new FormAction('deletefromlive',_t('CMSMain.DELETEFP','Delete from the published site'))); + if($this->canDelete()) { + // "delete from live" + $actions->push(new FormAction('deletefromlive',_t('CMSMain.DELETEFP','Delete from the published site'))); + } } else { // "restore" $actions->push(new FormAction('restore',_t('CMSMain.RESTORE','Restore'))); } } else { - // "delete" - $actions->push($deleteAction = new FormAction('delete',_t('CMSMain.DELETE','Delete from the draft site'))); - $deleteAction->addExtraClass('delete'); + if($this->canDelete()) { + // "delete" + $actions->push($deleteAction = new FormAction('delete',_t('CMSMain.DELETE','Delete from the draft site'))); + $deleteAction->addExtraClass('delete'); + } // "save" $actions->push(new FormAction('save',_t('CMSMain.SAVE','Save'))); diff --git a/tests/SiteTreeActionsTest.php b/tests/SiteTreeActionsTest.php index 8cbeb779a..0f82a0837 100644 --- a/tests/SiteTreeActionsTest.php +++ b/tests/SiteTreeActionsTest.php @@ -27,6 +27,52 @@ class SiteTreeActionsTest extends FunctionalTest { parent::tear_down_once(); } + + function testActionsReadonly() { + if(class_exists('SiteTreeCMSWorkflow')) return true; + + $page = new SiteTreeActionsTest_Page(); + $page->CanEditType = 'LoggedInUsers'; + $page->write(); + $page->doPublish(); + + $readonlyEditor = $this->objFromFixture('Member', 'cmsreadonlyeditor'); + $this->session()->inst_set('loggedInAs', $readonlyEditor->ID); + + $actionsArr = $page->getCMSActions()->column('Name'); + + $this->assertNotContains('action_save',$actionsArr); + $this->assertNotContains('action_publish',$actionsArr); + $this->assertNotContains('action_unpublish',$actionsArr); + $this->assertNotContains('action_delete',$actionsArr); + $this->assertNotContains('action_deletefromlive',$actionsArr); + $this->assertNotContains('action_rollback',$actionsArr); + $this->assertNotContains('action_revert',$actionsArr); + } + + function testActionsNoDeletePublishedRecord() { + if(class_exists('SiteTreeCMSWorkflow')) return true; + + $page = new SiteTreeActionsTest_Page(); + $page->CanEditType = 'LoggedInUsers'; + $pageID = $page->ID; + $page->write(); + $page->doPublish(); + $page->deleteFromStage('Stage'); + + // Get the live version of the page + $page = Versioned::get_one_by_stage("SiteTree", "Live", "\"SiteTree\".\"ID\" = $pageID"); + + $editor = $this->objFromFixture('Member', 'cmsnodeleteeditor'); + $this->session()->inst_set('loggedInAs', $editor->ID); + + $actionsArr = $page->getCMSActions()->column('Name'); + + $this->assertContains('action_save',$actionsArr); + $this->assertContains('action_publish',$actionsArr); + $this->assertNotContains('action_delete',$actionsArr); + $this->assertNotContains('action_deletefromlive',$actionsArr); + } function testActionsPublishedRecord() { if(class_exists('SiteTreeCMSWorkflow')) return true; @@ -76,7 +122,7 @@ class SiteTreeActionsTest extends FunctionalTest { $this->assertNotContains('action_rollback',$actionsArr); $this->assertContains('action_revert',$actionsArr); } - + function testActionsChangedOnStageRecord() { if(class_exists('SiteTreeCMSWorkflow')) return true; @@ -102,4 +148,14 @@ class SiteTreeActionsTest extends FunctionalTest { $this->assertNotContains('action_revert',$actionsArr); } } + +class SiteTreeActionsTest_Page extends Page implements TestOnly { + function canEdit($member = null) { + return Permission::checkMember($member, 'SiteTreeActionsTest_Page_CANEDIT'); + } + + function canDelete($member = null) { + return Permission::checkMember($member, 'SiteTreeActionsTest_Page_CANDELETE'); + } +} ?> \ No newline at end of file diff --git a/tests/SiteTreeActionsTest.yml b/tests/SiteTreeActionsTest.yml index 993c52a41..b22da76a7 100644 --- a/tests/SiteTreeActionsTest.yml +++ b/tests/SiteTreeActionsTest.yml @@ -1,11 +1,33 @@ Permission: - cmsmain: + cmsmain1: Code: CMS_ACCESS_CMSMain + cmsmain2: + Code: CMS_ACCESS_CMSMain + cmsmain3: + Code: CMS_ACCESS_CMSMain + candelete: + Code: SiteTreeActionsTest_Page_CANDELETE + canedit1: + Code: SiteTreeActionsTest_Page_CANEDIT + canedit2: + Code: SiteTreeActionsTest_Page_CANEDIT Group: cmseditors: Title: CMS Editors - Permissions: =>Permission.cmsmain + Permissions: =>Permission.cmsmain1,=>Permission.canedit1,=>Permission.candelete + cmsreadonly: + Title: CMS Readonly + Permissions: =>Permission.cmsmain2 + cmsnodelete: + Title: CMS No Delete + Permissions: =>Permission.cmsmain3,=>Permission.canedit2 Member: cmseditor: Email: cmseditor@test.com - Groups: =>Group.cmseditors \ No newline at end of file + Groups: =>Group.cmseditors + cmsreadonlyeditor: + Email: cmsreadonlyeditor@test.com + Groups: =>Group.cmsreadonly + cmsnodeleteeditor: + Email: cmsnodeleteeditor@test.com + Groups: =>Group.cmsnodelete \ No newline at end of file