mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-04 07:08:34 +02:00
BUGFIX: Use draft site permissions over published, if available. (from r90220)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@96735 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
63096cfefb
commit
efd9b2f666
@ -972,6 +972,8 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
|
||||
$combinedStageResult = array();
|
||||
|
||||
foreach(array('Stage', 'Live') as $stage) {
|
||||
$result = array_fill_keys($ids, false);
|
||||
|
||||
// Get the uninherited permissions
|
||||
$uninheritedPermissions = Versioned::get_by_stage("SiteTree", $stage, "(\"CanEditType\" = 'LoggedInUsers' OR
|
||||
(\"CanEditType\" = 'OnlyTheseUsers' AND \"SiteTree_EditorGroups\".\"SiteTreeID\" IS NOT NULL))
|
||||
@ -1009,14 +1011,13 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$combinedStageResult = $combinedStageResult + $result;
|
||||
$combinedStageResult = $combinedStageResult + $result;
|
||||
}
|
||||
}
|
||||
|
||||
return isset($combinedStageResult) ? $combinedStageResult : array();
|
||||
|
||||
|
||||
/*
|
||||
// check for empty spec
|
||||
if(!$this->CanEditType || $this->CanEditType == 'Anyone') return true;
|
||||
|
@ -366,6 +366,43 @@ class SiteTreeTest extends SapphireTest {
|
||||
$this->assertFalse($product4->canEdit($editor));
|
||||
}
|
||||
|
||||
function testEditPermissionsOnDraftVsLive() {
|
||||
// Create an inherit-permission page
|
||||
$page = new Page();
|
||||
$page->write();
|
||||
$page->CanEditType = "Inherit";
|
||||
$page->doPublish();
|
||||
$pageID = $page->ID;
|
||||
|
||||
// Lock down the site config
|
||||
$sc = $page->SiteConfig;
|
||||
$sc->CanEditType = 'OnlyTheseUsers';
|
||||
$sc->EditorGroups()->add($this->idFromFixture('Group', 'admins'));
|
||||
$sc->write();
|
||||
|
||||
// Confirm that Member.editor can't edit the page
|
||||
$this->objFromFixture('Member','editor')->logIn();
|
||||
$this->assertFalse($page->canEdit());
|
||||
|
||||
// Change the page to be editable by Group.editors, but do not publish
|
||||
$this->objFromFixture('Member','admin')->logIn();
|
||||
$page->CanEditType = 'OnlyTheseUsers';
|
||||
$page->EditorGroups()->add($this->idFromFixture('Group', 'editors'));
|
||||
$page->write();
|
||||
|
||||
// Confirm that Member.editor can now edit the page
|
||||
$this->objFromFixture('Member','editor')->logIn();
|
||||
$this->assertTrue($page->canEdit());
|
||||
|
||||
// Publish the changes to the page
|
||||
$this->objFromFixture('Member','admin')->logIn();
|
||||
$page->doPublish();
|
||||
|
||||
// Confirm that Member.editor can still edit the page
|
||||
$this->objFromFixture('Member','editor')->logIn();
|
||||
$this->assertTrue($page->canEdit());
|
||||
}
|
||||
|
||||
function testAuthorIDAndPublisherIDFilledOutOnPublish() {
|
||||
// Ensure that we have a member ID who is doing all this work
|
||||
$member = Member::currentUser();
|
||||
|
Loading…
Reference in New Issue
Block a user