"Varchar", ); private static $has_one = array( "Role" => "SilverStripe\\Security\\PermissionRole", ); private static $table_name = "PermissionRoleCode"; public function validate() { $result = parent::validate(); // Check that new code doesn't increase privileges, unless an admin is editing. $privilegedCodes = Permission::config()->privileged_permissions; if ($this->Code && in_array($this->Code, $privilegedCodes) && !Permission::check('ADMIN') ) { $result->addError(sprintf( _t( 'SilverStripe\\Security\\PermissionRoleCode.PermsError', 'Can\'t assign code "%s" with privileged permissions (requires ADMIN access)' ), $this->Code )); } return $result; } public function canCreate($member = null, $context = array()) { return Permission::check('APPLY_ROLES', 'any', $member); } public function canEdit($member = null) { return Permission::check('APPLY_ROLES', 'any', $member); } public function canDelete($member = null) { return Permission::check('APPLY_ROLES', 'any', $member); } }