'index', 'build/defaults' => 'buildDefaults', 'generatesecuretoken' => 'generatesecuretoken', '$Action' => 'runRegisteredController', ); private static $allowed_actions = array( 'index', 'buildDefaults', 'runRegisteredController', 'generatesecuretoken', ); /** * Assume that CLI equals admin permissions * If set to false, normal permission model will apply even in CLI mode * Applies to all development admin tasks (E.g. TaskRunner, DatabaseAdmin) * * @config * @var bool */ private static $allow_all_cli = true; protected function init() { parent::init(); // Special case for dev/build: Defer permission checks to DatabaseAdmin->init() (see #4957) $requestedDevBuild = (stripos($this->getRequest()->getURL(), 'dev/build') === 0) && (stripos($this->getRequest()->getURL(), 'dev/build/defaults') === false); // We allow access to this controller regardless of live-status or ADMIN permission only // if on CLI. Access to this controller is always allowed in "dev-mode", or of the user is ADMIN. $allowAllCLI = static::config()->get('allow_all_cli'); $canAccess = ( $requestedDevBuild || Director::isDev() || (Director::is_cli() && $allowAllCLI) // Its important that we don't run this check if dev/build was requested || Permission::check("ADMIN") ); if (!$canAccess) { Security::permissionFailure($this); return; } // Backwards compat: Default to "draft" stage, which is important // for tasks like dev/build which call DataObject->requireDefaultRecords(), // but also for other administrative tasks which have assumptions about the default stage. if (class_exists(Versioned::class)) { Versioned::set_stage(Versioned::DRAFT); } } public function index() { // Web mode if (!Director::is_cli()) { $renderer = DebugView::create(); echo $renderer->renderHeader(); echo $renderer->renderInfo("SilverStripe Development Tools", Director::absoluteBaseURL()); $base = Director::baseURL(); echo '