mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 12:05:37 +00:00
92 lines
2.6 KiB
PHP
92 lines
2.6 KiB
PHP
<?php
|
|
|
|
namespace SilverStripe\Forms\GridField;
|
|
|
|
use SilverStripe\ORM\DataObject;
|
|
use SilverStripe\ORM\ValidationException;
|
|
use SilverStripe\Security\Member;
|
|
use SilverStripe\Security\Permission;
|
|
use SilverStripe\Security\Security;
|
|
|
|
/**
|
|
* Adds a delete action for the gridfield to remove a relationship from group.
|
|
* This is a special case where it captures whether the current user is the record being removed and
|
|
* prevents removal from happening.
|
|
*
|
|
* Class GroupGridFieldDeleteAction
|
|
* @package SilverStripe\Security
|
|
*/
|
|
class GridFieldGroupDeleteAction extends GridFieldDeleteAction
|
|
{
|
|
/**
|
|
* @var integer
|
|
*/
|
|
protected $groupID;
|
|
|
|
public function __construct($groupID)
|
|
{
|
|
$this->groupID = $groupID;
|
|
parent::__construct(true);
|
|
}
|
|
|
|
/**
|
|
*
|
|
* @param GridField $gridField
|
|
* @param DataObject $record
|
|
* @param string $columnName
|
|
* @return string the HTML for the column
|
|
*/
|
|
public function getColumnContent($gridField, $record, $columnName)
|
|
{
|
|
if ($this->canUnlink($record)) {
|
|
return parent::getColumnContent($gridField, $record, $columnName);
|
|
}
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* Handle the actions and apply any changes to the GridField
|
|
*
|
|
* @param GridField $gridField
|
|
* @param string $actionName
|
|
* @param mixed $arguments
|
|
* @param array $data - form data
|
|
* @throws ValidationException
|
|
*/
|
|
public function handleAction(GridField $gridField, $actionName, $arguments, $data)
|
|
{
|
|
$record = $gridField->getList()->find('ID', $arguments['RecordID']);
|
|
|
|
if (!$record || !$actionName == 'unlinkrelation' || $this->canUnlink($record)) {
|
|
parent::handleAction($gridField, $actionName, $arguments, $data);
|
|
return;
|
|
}
|
|
|
|
throw new ValidationException(
|
|
_t(__CLASS__ . '.UnlinkSelfFailure', 'Cannot remove yourself from this group, you will lose admin rights')
|
|
);
|
|
}
|
|
|
|
/**
|
|
* @param $record - the record of the User to unlink with
|
|
* @return bool
|
|
*/
|
|
protected function canUnlink($record)
|
|
{
|
|
$currentUser = Security::getCurrentUser();
|
|
if (($record instanceof Member && $record->ID === $currentUser->ID)
|
|
&& Permission::checkMember($record, 'ADMIN')
|
|
) {
|
|
$adminGroups = array_intersect(
|
|
$record->Groups()->column(),
|
|
Permission::get_groups_by_permission('ADMIN')->column()
|
|
);
|
|
|
|
if (count($adminGroups) === 1 && array_search($this->groupID, $adminGroups) !== false) {
|
|
return false;
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
}
|