From cfde8adaeee20843648f1339376aa703366f490f Mon Sep 17 00:00:00 2001 From: Ingo Schommer Date: Fri, 7 Nov 2008 12:17:42 +0000 Subject: [PATCH] API CHANGE Removed Folder->userCan*() and File->userCan*()permissions and added more consistent behaviour with Folder->can*() and File->can*() ENHANCEMENT Allowing decoration of can*() methods in File and Folder git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65452 467b73ca-7a2a-4603-9d3b-597d59a354a9 --- filesystem/File.php | 62 ++++++++++++++++++++++++++++++++++++++----- filesystem/Folder.php | 45 +------------------------------ 2 files changed, 56 insertions(+), 51 deletions(-) diff --git a/filesystem/File.php b/filesystem/File.php index 2b105c274..279e87220 100755 --- a/filesystem/File.php +++ b/filesystem/File.php @@ -83,6 +83,61 @@ class File extends DataObject { } } + /** + * @todo Enforce on filesystem URL level via mod_rewrite + * + * @return boolean + */ + function canView($member = null) { + if(!$member) $member = Member::currentUser(); + + $results = $this->extend('canView', $member); + if($results && is_array($results)) if(!min($results)) return false; + + return true; + } + + /** + * Returns true if the following conditions are met: + * - CMS_ACCESS_AssetAdmin + * + * @todo Decouple from CMS view access + * + * @return boolean + */ + function canEdit($member = null) { + if(!$member) $member = Member::currentUser(); + + $results = $this->extend('canEdit', $member); + if($results && is_array($results)) if(!min($results)) return false; + + return Permission::checkMember($member, 'CMS_ACCESS_AssetAdmin'); + } + + /** + * @return boolean + */ + function canCreate($member = null) { + if(!$member) $member = Member::currentUser(); + + $results = $this->extend('canCreate', $member); + if($results && is_array($results)) if(!min($results)) return false; + + return $this->canEdit($member); + } + + /** + * @return boolean + */ + function canDelete($member = null) { + if(!$member) $member = Member::currentUser(); + + $results = $this->extend('canDelete', $member); + if($results && is_array($results)) if(!min($results)) return false; + + return $this->canEdit($member); + } + /* * Find the given file */ @@ -516,13 +571,6 @@ class File extends DataObject { return $ret; } - - /** - * Stub, overridden by Folder - */ - function userCanEdit() { - return false; - } public function flushCache() { parent::flushCache(); diff --git a/filesystem/Folder.php b/filesystem/Folder.php index 4859c9d35..2672b82c9 100755 --- a/filesystem/Folder.php +++ b/filesystem/Folder.php @@ -6,18 +6,6 @@ */ class Folder extends File { - static $many_many = array( - "CanUse" => "Group", - "CanEdit" => "Group" - ); - - /** - * @todo: DataObject::CanEdit() is a permission checking function; the CanEdit relation should be renamed to Editors or something - */ - function CanEdit() { - return $this->getManyManyComponents('CanEdit'); - } - /* * Find the given folder or create it, recursively. * @@ -45,37 +33,6 @@ class Folder extends File { return $item; } - function userCanUse() { - if(Permission::check("ADMIN")) return true; - - $useGroups = $this->CanUse(); - - if( !$useGroups || $useGroups->Count() == 0 ) - return true; - - foreach( $useGroups as $useGroup ) - if( Member::currentUser()->inGroup( $useGroup->ID ) ) - return true; - - return false; - } - - function userCanEdit() { - if(Permission::check("ADMIN")) return true; - - $useGroups = $this->CanEdit(); - - if( !$useGroups || $useGroups->Count() == 0 ) - return true; - - foreach( $useGroups as $useGroup ) - if( Member::currentUser()->inGroup( $useGroup->ID ) ) - return true; - - return false; - } - - /** * Syncronise the file database with the actual content of the assets folder */ @@ -366,7 +323,7 @@ class Folder extends File { $fileList->setPopupCaption(_t('Folder.VIEWEDITASSET', "View/Edit Asset")); $nameField = ($this->ID && $this->ID != "root") ? new TextField("Name", "Folder Name") : new HiddenField("Name"); - if( $this->userCanEdit() ) { + if( $this->canEdit() ) { $deleteButton = new InlineFormAction('deletemarked',_t('Folder.DELSELECTED','Delete selected files'), 'delete'); $deleteButton->includeDefaultJS(false); } else {