From bf3b7e0e9ee9a1562606d157244c2ea3a950b351 Mon Sep 17 00:00:00 2001 From: Ingo Schommer Date: Sat, 21 Nov 2009 01:44:52 +0000 Subject: [PATCH] APICHANGE: add the ability to remove some permissions specified by their code in the rendered field html of PermissionChecksetBoxField and full-covered unit tests of this ability. (from r92428) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92463 467b73ca-7a2a-4603-9d3b-597d59a354a9 --- security/Permission.php | 28 ++++++++++++++++++++++++- security/PermissionCheckboxSetField.php | 2 ++ tests/security/PermissionTest.php | 13 ++++++++++++ 3 files changed, 42 insertions(+), 1 deletion(-) diff --git a/security/Permission.php b/security/Permission.php index ce9f1e7af..d53c87fbb 100755 --- a/security/Permission.php +++ b/security/Permission.php @@ -82,7 +82,13 @@ class Permission extends DataObject { * @var bool */ static $admin_implies_all = true; - + + /** + * a list of permission codes which doesn't appear in the Permission list + * when make the {@link PermissionCheckboxSetField} + * @var array; + */ + static $hidden_permissions = array(); /** * Check that the current member has the given permission. @@ -559,6 +565,26 @@ class Permission extends DataObject { return $a['sort'] < $b['sort'] ? -1 : 1; } } + + /** + * add a permission represented by the $code to the {@link slef::$hidden_permissions} list + * + * @param $code string - the permissions code + * @return void + */ + static function add_to_hidden_permissions($code){ + self::$hidden_permissions[] = $code; + } + + /** + * remove a permission represented by the $code from the {@link slef::$hidden_permissions} list + * + * @param $code string - the permissions code + * @return void + */ + static function remove_from_hidden_permissions($code){ + self::$hidden_permissions = array_diff(self::$hidden_permissions, array($code)); + } /** * Declare an array of permissions for the system. diff --git a/security/PermissionCheckboxSetField.php b/security/PermissionCheckboxSetField.php index a71f54fa5..d3eafeed4 100644 --- a/security/PermissionCheckboxSetField.php +++ b/security/PermissionCheckboxSetField.php @@ -69,7 +69,9 @@ class PermissionCheckboxSetField extends CheckboxSetField { if($source) { foreach($source as $categoryName => $permissions) { $options .= "
  • $categoryName
    • "; + $hiddens = Permission::$hidden_permissions; foreach($permissions as $code => $permission) { + if(in_array($code, $hiddens)) continue; $key = $code; $value = $permission['name']; diff --git a/tests/security/PermissionTest.php b/tests/security/PermissionTest.php index 9bb176924..ca56dcf29 100644 --- a/tests/security/PermissionTest.php +++ b/tests/security/PermissionTest.php @@ -41,4 +41,17 @@ class PermissionTest extends SapphireTest { $this->assertFalse(Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin")); } + function testHiddenPermissions(){ + $permissionCheckboxSet = new PermissionCheckboxSetField('Permissions','Permissions','Permission','GroupID'); + $this->assertContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field()); + $this->assertContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field()); + + Permission::add_to_hidden_permissions('CMS_ACCESS_CMSMain'); + Permission::add_to_hidden_permissions('CMS_ACCESS_AssetAdmin'); + $this->assertNotContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field()); + $this->assertNotContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field()); + + Permission::remove_from_hidden_permissions('CMS_ACCESS_AssetAdmin'); + $this->assertContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field()); + } } \ No newline at end of file