From ebaf33c72097be545d06d02d5f9781598f08dea6 Mon Sep 17 00:00:00 2001
From: Ingo Schommer <ingo@silverstripe.com>
Date: Tue, 23 Feb 2010 00:57:38 +0000
Subject: [PATCH] FEATURE Showing (readonly) permissions for a Member record in
 admin/security popup (from r99586)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99662 467b73ca-7a2a-4603-9d3b-597d59a354a9
---
 security/Member.php                     | 16 ++++++++++++++++
 security/PermissionCheckboxSetField.php |  6 +++++-
 security/PermissionRole.php             |  3 ++-
 3 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/security/Member.php b/security/Member.php
index b26f93703..05b37c543 100755
--- a/security/Member.php
+++ b/security/Member.php
@@ -1030,6 +1030,22 @@ class Member extends DataObject {
 			$groupsField = new TreeMultiselectField('Groups', false, 'Group');
 			$fields->findOrMakeTab('Root.Groups', singleton('Group')->i18n_plural_name());
 			$fields->addFieldToTab('Root.Groups', $groupsField);
+			
+			// Add permission field (readonly to avoid complicated group assignment logic).
+			// This should only be available for existing records, as new records start
+			// with no permissions until they have a group assignment anyway.
+			if($this->ID) {
+				$permissionsField = new PermissionCheckboxSetField_Readonly(
+					'Permissions',
+					singleton('Permission')->i18n_plural_name(),
+					'Permission',
+					'GroupID',
+					// we don't want parent relationships, they're automatically resolved in the field
+					$this->getManyManyComponents('Groups')
+				);
+				$fields->findOrMakeTab('Root.Permissions', singleton('Permission')->i18n_plural_name());
+				$fields->addFieldToTab('Root.Permissions', $permissionsField);
+			}
 		}
 
 		$this->extend('updateCMSFields', $fields);
diff --git a/security/PermissionCheckboxSetField.php b/security/PermissionCheckboxSetField.php
index f094eba71..1134c2248 100644
--- a/security/PermissionCheckboxSetField.php
+++ b/security/PermissionCheckboxSetField.php
@@ -80,7 +80,11 @@ class PermissionCheckboxSetField extends FormField {
 		// Get existing values from the form record (assuming the formfield name is a join field on the record)
 		if(is_object($this->form)) {
 			$record = $this->form->getRecord();
-			if($record && !$records->find('ID', $record->ID)) {
+			if(
+				$record 
+				&& (is_a($record, 'Group') || is_a($record, 'PermissionRole')) 
+				&& !$records->find('ID', $record->ID)
+			) {
 				$records->push($record);
 			}
 		}
diff --git a/security/PermissionRole.php b/security/PermissionRole.php
index b9184f34b..97cb38fb5 100644
--- a/security/PermissionRole.php
+++ b/security/PermissionRole.php
@@ -32,7 +32,8 @@ class PermissionRole extends DataObject {
 			'Codes',
 			singleton('Permission')->i18n_plural_name(),
 			'PermissionRoleCode',
-			'RoleID'));
+			'RoleID'
+		));
 		
 		return $fields;
 	}