tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #4517 from dhensby/pulls/access-all-areas

Browse Source 
Fix issue where Access All CMS Sections doesnt work
This commit is contained in:
Damian Mooyman 2015-08-21 11:48:45 +12:00
commit d64852b2e8
2 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
security/Permission.php
View File

@ -163,15 +163,22 @@ class Permission extends DataObject implements TemplateGlobalProvider {
$memberID = (is_object($member)) ? $member->ID : $member;
}
// If $admin_implies_all was false then this would be inefficient, but that's an edge
// case and this keeps the code simpler
if(!is_array($code)) $code = array($code);
if($arg == 'any') {
// Cache the permissions in memory
if(!isset(self::$cache_permissions[$memberID])) {
self::$cache_permissions[$memberID] = self::permissions_for_member($memberID);
}
// If $admin_implies_all was false then this would be inefficient, but that's an edge
// case and this keeps the code simpler
if(!is_array($code)) $code = array($code);
foreach ($code as $permCode) {
if (substr($permCode, 0, 11) == 'CMS_ACCESS_') {
//cms_access_leftandmain means access to all CMS areas
$code[] = 'CMS_ACCESS_LeftAndMain';
break;
}
}
if(Config::inst()->get('Permission', 'admin_implies_all')) $code[] = "ADMIN";
// Multiple $code values - return true if at least one matches, ie, intersection exists

22
tests/security/PermissionTest.php
View File

@ -23,6 +23,26 @@ class PermissionTest extends SapphireTest {
$this->assertTrue(Permission::checkMember($member, "SITETREE_VIEW_ALL"));
}
public function testLeftAndMainAccessAll() {
//add user and group
$member = Member::create()->update(array(
'FirstName' => 'Left',
'Surname' => 'Main',
'Email' => 'leftandmain@example.com',
));
$member->write();
$group = Group::create()->update(array(
'Title' => 'LeftAndMain',
));
$group->write();
Permission::grant($group->ID, 'CMS_ACCESS_LeftAndMain');
$group->DirectMembers()->add($member);
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_MyAdmin"));
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_AssetAdmin"));
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin"));
}
public function testPermissionAreInheritedFromOneRole() {
$member = $this->objFromFixture('Member', 'author');
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_MyAdmin"));
@ -39,7 +59,7 @@ class PermissionTest extends SapphireTest {
$this->assertFalse(Permission::checkMember($member, "SITETREE_VIEW_ALL"));
}
function testPermissionsForMember() {
public function testPermissionsForMember() {
$member = $this->objFromFixture('Member', 'access');
$permissions = Permission::permissions_for_member($member->ID);
$this->assertEquals(4, count($permissions));