diff --git a/_config/uploadfield.yml b/_config/uploadfield.yml index 6227f3e50..4639af322 100644 --- a/_config/uploadfield.yml +++ b/_config/uploadfield.yml @@ -5,6 +5,7 @@ UploadField: autoUpload: true allowedMaxFileNumber: canUpload: true + canAttachExisting: 'CMS_ACCESS_AssetAdmin' previewMaxWidth: 80 previewMaxHeight: 60 uploadTemplateName: 'ss-uploadfield-uploadtemplate' diff --git a/forms/UploadField.php b/forms/UploadField.php index 40523ca26..a72bc3883 100644 --- a/forms/UploadField.php +++ b/forms/UploadField.php @@ -89,6 +89,10 @@ class UploadField extends FileField { */ 'canUpload' => true, /** + * @var boolean|string Can the user attach files from the assets archive on the site? + * String values are interpreted as permission codes. + */ + 'canAttachExisting' => "CMS_ACCESS_AssetAdmin", * @var int */ 'previewMaxWidth' => 80, @@ -553,6 +557,7 @@ class UploadField extends FileField { public function attach($request) { if(!$request->isPOST()) return $this->httpError(403); if(!$this->managesRelation()) return $this->httpError(403); + if(!$this->canAttachExisting()) return $this->httpError(403); $return = array(); @@ -646,6 +651,11 @@ class UploadField extends FileField { return (is_bool($can)) ? $can : Permission::check($can); } + public function canAttachExisting() { + $can = $this->getConfig('canAttachExisting'); + return (is_bool($can)) ? $can : Permission::check($can); + } + } /** diff --git a/templates/UploadField.ss b/templates/UploadField.ss index 3481472f9..d3b8a817a 100644 --- a/templates/UploadField.ss +++ b/templates/UploadField.ss @@ -59,7 +59,10 @@ <% else %> multiple="multiple"<% end_if %> /> <% end_if %> + + <% if canAttachExisting %> + <% end_if %> <% if not $autoUpload %> <% end_if %> diff --git a/tests/forms/uploadfield/UploadFieldTest.php b/tests/forms/uploadfield/UploadFieldTest.php index 8831e6206..e1d7cacdb 100644 --- a/tests/forms/uploadfield/UploadFieldTest.php +++ b/tests/forms/uploadfield/UploadFieldTest.php @@ -512,6 +512,22 @@ class UploadFieldTest extends FunctionalTest { $this->assertTrue($field->canUpload()); } + public function testCanAttachExisting() { + $this->loginWithPermission('ADMIN'); + $response = $this->get('UploadFieldTest_Controller'); + $this->assertFalse($response->isError()); + + $parser = new CSSContentParser($response->getBody()); + $this->assertTrue( + (bool)$parser->getBySelector('#CanAttachExistingFalseField .ss-uploadfield-fromcomputer-fileinput'), + 'Keeps input file control' + ); + $this->assertFalse( + (bool)$parser->getBySelector('#CanAttachExistingFalseField .ss-uploadfield-fromfiles'), + 'Removes "From files" button' + ); + } + public function testIsSaveable() { $form = $this->getMockForm(); @@ -815,6 +831,10 @@ class UploadFieldTest_Controller extends Controller implements TestOnly { $fieldCanUploadFalse->setConfig('canUpload', false); $fieldCanUploadFalse->setRecord($record); + $fieldCanAttachExisting = new UploadField('CanAttachExistingFalseField'); + $fieldCanAttachExisting->setConfig('canAttachExisting', false); + $fieldCanAttachExisting->setRecord($record); + $form = new Form( $this, 'Form', @@ -830,7 +850,8 @@ class UploadFieldTest_Controller extends Controller implements TestOnly { $fieldReadonly, $fieldDisabled, $fieldSubfolder, - $fieldCanUploadFalse + $fieldCanUploadFalse, + $fieldCanAttachExisting ), new FieldList( new FormAction('submit') @@ -847,7 +868,8 @@ class UploadFieldTest_Controller extends Controller implements TestOnly { 'ReadonlyField', 'DisabledField', 'SubfolderField', - 'CanUploadFalseField' + 'CanUploadFalseField', + 'CanAttachExistingField' ) ); return $form;