tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-09-29 20:59:23 +02:00
Code Issues Projects Releases Wiki Activity

Added values for new permission code 'VIEW_DRAFT_CONTENT' test (from r97898)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102551 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2010-04-13 01:43:29 +00:00
parent 9a04ca62d2
commit ee4174c0e2
2 changed files with 32 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/control/ContentController.php
View File

@ -109,11 +109,9 @@ class ContentController extends Controller {
if($this->dataRecord && $this->URLSegment != 'Security' && !$this->dataRecord->can('View')) {
return Security::permissionFailure($this);
}
var_dump(Versioned::current_stage());
// Draft/Archive security check - only CMS users should be able to look at stage/archived content
if($this->URLSegment != 'Security' && !Session::get('unsecuredDraftSite') && (Versioned::current_archived_date() || (Versioned::current_stage() && Versioned::current_stage() != 'Live'))) {
var_dump($this->URLSegment);
var_dump($this->dataRecord->canViewStage(Versioned::current_stage()));
if(!$this->dataRecord->canViewStage(Versioned::current_stage())) {
$link = $this->Link();
$message = _t("ContentController.DRAFT_SITE_ACCESS_RESTRICTION", 'You must log in with your CMS password in order to view the draft or archived content. <a href="%s">Click here to go back to the published site.</a>');

32
tests/control/ContentControllerTest.yml
View File

@ -1,3 +1,27 @@
Group:
editors:
Title: Editors
admins:
Title: Administrators
Permission:
admins:
Code: VIEW_DRAFT_CONTENT
Group: =>Group.admins
editors:
Group: =>Group.editors
Member:
editor:
FirstName: Test
Surname: Editor
Groups: =>Group.editors
admin:
FirstName: Test
Surname: Administrator
Groups: =>Group.admins
ContentControllerTest_Page:
root_page:
Title: Home Page
@ -13,4 +37,10 @@ ContentControllerTest_Page:
third_level_page_2:
Title: Third Level Page Two
URLSegment: third-level-2
Parent: =>ContentControllerTest_Page.second_level_page
Parent: =>ContentControllerTest_Page.second_level_page
contact_page:
Title: Contact Page
URLSegment: contact
CanViewType: OnlyTheseUsers
EditorGroups: =>Group.admins