From efd9b2f666890c935e166154e010d9250001441e Mon Sep 17 00:00:00 2001 From: Sam Minnee Date: Tue, 12 Jan 2010 23:16:43 +0000 Subject: [PATCH] BUGFIX: Use draft site permissions over published, if available. (from r90220) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@96735 467b73ca-7a2a-4603-9d3b-597d59a354a9 --- core/model/SiteTree.php | 15 ++++++++------- tests/SiteTreeTest.php | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+), 7 deletions(-) diff --git a/core/model/SiteTree.php b/core/model/SiteTree.php index 8a8bbd786..98cc0902e 100755 --- a/core/model/SiteTree.php +++ b/core/model/SiteTree.php @@ -968,10 +968,12 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid // Get the groups that the given member belongs to $groupIDs = DataObject::get_by_id('Member', $memberID)->Groups()->column("ID"); $SQL_groupList = implode(", ", $groupIDs); - - $combinedStageResult = array(); + $combinedStageResult = array(); + foreach(array('Stage', 'Live') as $stage) { + $result = array_fill_keys($ids, false); + // Get the uninherited permissions $uninheritedPermissions = Versioned::get_by_stage("SiteTree", $stage, "(\"CanEditType\" = 'LoggedInUsers' OR (\"CanEditType\" = 'OnlyTheseUsers' AND \"SiteTree_EditorGroups\".\"SiteTreeID\" IS NOT NULL)) @@ -980,7 +982,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid "LEFT JOIN \"SiteTree_EditorGroups\" ON \"SiteTree_EditorGroups\".\"SiteTreeID\" = \"SiteTree\".\"ID\" AND \"SiteTree_EditorGroups\".\"GroupID\" IN ($SQL_groupList)"); - + if($uninheritedPermissions) { // Set all the relevant items in $result to true $result = array_fill_keys($uninheritedPermissions->column('ID'), true) + $result; @@ -1009,13 +1011,12 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid } } } + + $combinedStageResult = $combinedStageResult + $result; } - - $combinedStageResult = $combinedStageResult + $result; } - - return isset($combinedStageResult) ? $combinedStageResult : array(); + return isset($combinedStageResult) ? $combinedStageResult : array(); /* // check for empty spec diff --git a/tests/SiteTreeTest.php b/tests/SiteTreeTest.php index a1b1174af..35933a875 100755 --- a/tests/SiteTreeTest.php +++ b/tests/SiteTreeTest.php @@ -365,6 +365,43 @@ class SiteTreeTest extends SapphireTest { // Can't edit a child of that page that has its permissions overridden $this->assertFalse($product4->canEdit($editor)); } + + function testEditPermissionsOnDraftVsLive() { + // Create an inherit-permission page + $page = new Page(); + $page->write(); + $page->CanEditType = "Inherit"; + $page->doPublish(); + $pageID = $page->ID; + + // Lock down the site config + $sc = $page->SiteConfig; + $sc->CanEditType = 'OnlyTheseUsers'; + $sc->EditorGroups()->add($this->idFromFixture('Group', 'admins')); + $sc->write(); + + // Confirm that Member.editor can't edit the page + $this->objFromFixture('Member','editor')->logIn(); + $this->assertFalse($page->canEdit()); + + // Change the page to be editable by Group.editors, but do not publish + $this->objFromFixture('Member','admin')->logIn(); + $page->CanEditType = 'OnlyTheseUsers'; + $page->EditorGroups()->add($this->idFromFixture('Group', 'editors')); + $page->write(); + + // Confirm that Member.editor can now edit the page + $this->objFromFixture('Member','editor')->logIn(); + $this->assertTrue($page->canEdit()); + + // Publish the changes to the page + $this->objFromFixture('Member','admin')->logIn(); + $page->doPublish(); + + // Confirm that Member.editor can still edit the page + $this->objFromFixture('Member','editor')->logIn(); + $this->assertTrue($page->canEdit()); + } function testAuthorIDAndPublisherIDFilledOutOnPublish() { // Ensure that we have a member ID who is doing all this work