filterField = $filterField; $this->managedClass = $managedClass; if ($records instanceof SS_List) { $this->records = $records; } elseif ($records instanceof Group) { $this->records = new ArrayList(array($records)); } elseif ($records) { throw new InvalidArgumentException( '$record should be either a Group record, or a SS_List of Group records' ); } // Get all available codes in the system as a categorized nested array $this->source = Permission::get_codes(true); parent::__construct($name, $title); } /** * @param array $codes */ public function setHiddenPermissions($codes) { $this->hiddenPermissions = $codes; } /** * @return array */ public function getHiddenPermissions() { return $this->hiddenPermissions; } /** * @param array $properties * @return string */ public function Field($properties = array()) { $uninheritedCodes = array(); $inheritedCodes = array(); $records = ($this->records) ? $this->records : new ArrayList(); // Get existing values from the form record (assuming the formfield name is a join field on the record) if (is_object($this->form)) { $record = $this->form->getRecord(); if ($record && ($record instanceof Group || $record instanceof PermissionRole) && !$records->find('ID', $record->ID) ) { $records->push($record); } } // Get all 'inherited' codes not directly assigned to the group (which is stored in $values) foreach ($records as $record) { // Get all uninherited permissions $relationMethod = $this->name; foreach ($record->$relationMethod() as $permission) { if (!isset($uninheritedCodes[$permission->Code])) { $uninheritedCodes[$permission->Code] = array(); } $uninheritedCodes[$permission->Code][] = _t( 'SilverStripe\\Security\\PermissionCheckboxSetField.AssignedTo', 'assigned to "{title}"', array('title' => $record->dbObject('Title')->forTemplate()) ); } // Special case for Group records (not PermissionRole): // Determine inherited assignments if ($record instanceof Group) { // Get all permissions from roles if ($record->Roles()->count()) { foreach ($record->Roles() as $role) { /** @var PermissionRole $role */ foreach ($role->Codes() as $code) { if (!isset($inheritedCodes[$code->Code])) { $inheritedCodes[$code->Code] = array(); } $inheritedCodes[$code->Code][] = _t( 'SilverStripe\\Security\\PermissionCheckboxSetField.FromRole', 'inherited from role "{title}"', 'A permission inherited from a certain permission role', array('title' => $role->dbObject('Title')->forTemplate()) ); } } } // Get from parent groups $parentGroups = $record->getAncestors(); if ($parentGroups) { foreach ($parentGroups as $parent) { if (!$parent->Roles()->Count()) { continue; } foreach ($parent->Roles() as $role) { if ($role->Codes()) { foreach ($role->Codes() as $code) { if (!isset($inheritedCodes[$code->Code])) { $inheritedCodes[$code->Code] = array(); } $inheritedCodes[$code->Code][] = _t( 'SilverStripe\\Security\\PermissionCheckboxSetField.FromRoleOnGroup', 'inherited from role "%s" on group "%s"', 'A permission inherited from a role on a certain group', array('roletitle' => $role->dbObject('Title')->forTemplate(), 'grouptitle' => $parent->dbObject('Title')->forTemplate()) ); } } } if ($parent->Permissions()->Count()) { foreach ($parent->Permissions() as $permission) { if (!isset($inheritedCodes[$permission->Code])) { $inheritedCodes[$permission->Code] = array(); } $inheritedCodes[$permission->Code][] = _t( 'SilverStripe\\Security\\PermissionCheckboxSetField.FromGroup', 'inherited from group "{title}"', 'A permission inherited from a certain group', array('title' => $parent->dbObject('Title')->forTemplate()) ); } } } } } } $odd = 0; $options = ''; $globalHidden = (array)Config::inst()->get('SilverStripe\\Security\\Permission', 'hidden_permissions'); if ($this->source) { $privilegedPermissions = Permission::config()->privileged_permissions; // loop through all available categorized permissions and see if they're assigned for the given groups foreach ($this->source as $categoryName => $permissions) { $options .= "