From db859b793a1f2dfb31a468dbae806cb4f025239e Mon Sep 17 00:00:00 2001 From: Ingo Schommer Date: Mon, 12 Apr 2010 02:04:15 +0000 Subject: [PATCH] BUGFIX: Use draft site permissions over published, if available. (from r90220) (from r96735) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102357 467b73ca-7a2a-4603-9d3b-597d59a354a9 --- core/model/SiteTree.php | 15 ++++++++------- tests/SiteTreeTest.php | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+), 7 deletions(-) diff --git a/core/model/SiteTree.php b/core/model/SiteTree.php index 30982bec2..29c1c1e5f 100755 --- a/core/model/SiteTree.php +++ b/core/model/SiteTree.php @@ -983,10 +983,12 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid // Get the groups that the given member belongs to $groupIDs = DataObject::get_by_id('Member', $memberID)->Groups()->column("ID"); $SQL_groupList = implode(", ", $groupIDs); - - $combinedStageResult = array(); + $combinedStageResult = array(); + foreach(array('Stage', 'Live') as $stage) { + $result = array_fill_keys($ids, false); + // Get the uninherited permissions $uninheritedPermissions = Versioned::get_by_stage("SiteTree", $stage, "(\"CanEditType\" = 'LoggedInUsers' OR (\"CanEditType\" = 'OnlyTheseUsers' AND \"SiteTree_EditorGroups\".\"SiteTreeID\" IS NOT NULL)) @@ -995,7 +997,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid "LEFT JOIN \"SiteTree_EditorGroups\" ON \"SiteTree_EditorGroups\".\"SiteTreeID\" = \"SiteTree\".\"ID\" AND \"SiteTree_EditorGroups\".\"GroupID\" IN ($SQL_groupList)"); - + if($uninheritedPermissions) { // Set all the relevant items in $result to true $result = array_fill_keys($uninheritedPermissions->column('ID'), true) + $result; @@ -1024,13 +1026,12 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid } } } + + $combinedStageResult = $combinedStageResult + $result; } - - $combinedStageResult = $combinedStageResult + $result; } - - return isset($combinedStageResult) ? $combinedStageResult : array(); + return isset($combinedStageResult) ? $combinedStageResult : array(); /* // check for empty spec diff --git a/tests/SiteTreeTest.php b/tests/SiteTreeTest.php index a1b1174af..35933a875 100755 --- a/tests/SiteTreeTest.php +++ b/tests/SiteTreeTest.php @@ -365,6 +365,43 @@ class SiteTreeTest extends SapphireTest { // Can't edit a child of that page that has its permissions overridden $this->assertFalse($product4->canEdit($editor)); } + + function testEditPermissionsOnDraftVsLive() { + // Create an inherit-permission page + $page = new Page(); + $page->write(); + $page->CanEditType = "Inherit"; + $page->doPublish(); + $pageID = $page->ID; + + // Lock down the site config + $sc = $page->SiteConfig; + $sc->CanEditType = 'OnlyTheseUsers'; + $sc->EditorGroups()->add($this->idFromFixture('Group', 'admins')); + $sc->write(); + + // Confirm that Member.editor can't edit the page + $this->objFromFixture('Member','editor')->logIn(); + $this->assertFalse($page->canEdit()); + + // Change the page to be editable by Group.editors, but do not publish + $this->objFromFixture('Member','admin')->logIn(); + $page->CanEditType = 'OnlyTheseUsers'; + $page->EditorGroups()->add($this->idFromFixture('Group', 'editors')); + $page->write(); + + // Confirm that Member.editor can now edit the page + $this->objFromFixture('Member','editor')->logIn(); + $this->assertTrue($page->canEdit()); + + // Publish the changes to the page + $this->objFromFixture('Member','admin')->logIn(); + $page->doPublish(); + + // Confirm that Member.editor can still edit the page + $this->objFromFixture('Member','editor')->logIn(); + $this->assertTrue($page->canEdit()); + } function testAuthorIDAndPublisherIDFilledOutOnPublish() { // Ensure that we have a member ID who is doing all this work