From d6b4ad39d83d71d2d6e94fc7e3364a1fa7f2d600 Mon Sep 17 00:00:00 2001
From: Mateusz Uzdowski <mateusz@silverstripe.com>
Date: Thu, 10 Dec 2009 03:44:35 +0000
Subject: [PATCH] BUGFIX: adding onAfterDelete hooks to remove the no longer
 necessary permissions

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94859 467b73ca-7a2a-4603-9d3b-597d59a354a9
---
 security/Group.php          | 10 ++++++++++
 security/PermissionRole.php | 10 ++++++++++
 2 files changed, 20 insertions(+)

diff --git a/security/Group.php b/security/Group.php
index 2133b9b25..4ca4398a6 100644
--- a/security/Group.php
+++ b/security/Group.php
@@ -334,6 +334,16 @@ class Group extends DataObject {
 		}
 	}
 	
+	function onAfterDelete() {
+		parent::onAfterDelete();
+		
+		// Delete associated permissions
+		$permissions = $this->Permissions();
+		foreach ( $permissions as $permission ) {
+			$permission->delete();
+		}
+	}
+	
 	/**
 	 * Checks for permission-code CMS_ACCESS_SecurityAdmin.
 	 * If the group has ADMIN permissions, it requires the user to have ADMIN permissions as well.
diff --git a/security/PermissionRole.php b/security/PermissionRole.php
index c71c45618..b85e5ef0e 100644
--- a/security/PermissionRole.php
+++ b/security/PermissionRole.php
@@ -36,4 +36,14 @@ class PermissionRole extends DataObject {
 		
 		return $fields;
 	}
+	
+	function onAfterDelete() {
+		parent::onAfterDelete();
+		
+		// Delete associated permission codes
+		$codes = $this->Codes();
+		foreach ( $codes as $code ) {
+			$code->delete();
+		}
+	}
 }