2007-07-19 12:40:05 +02:00
< ? php
2008-02-25 03:10:37 +01:00
/**
* Security section of the CMS
* @ package cms
* @ subpackage security
*/
2007-08-31 02:31:49 +02:00
class SecurityAdmin extends LeftAndMain implements PermissionProvider {
2008-10-08 01:27:07 +02:00
2008-11-02 22:27:55 +01:00
static $url_segment = 'security' ;
static $url_rule = '/$Action/$ID/$OtherID' ;
static $menu_title = 'Security' ;
2008-10-08 01:27:07 +02:00
static $tree_class = 'Group' ;
static $subitem_class = 'Member' ;
2008-02-25 03:10:37 +01:00
static $allowed_actions = array (
'addgroup' ,
'addmember' ,
'autocomplete' ,
'removememberfromgroup' ,
'savemember' ,
2008-08-09 05:54:55 +02:00
'AddRecordForm' ,
2009-02-03 04:46:15 +01:00
'MemberForm' ,
2010-02-11 01:43:23 +01:00
'EditForm' ,
'MemberImportForm' ,
2010-02-11 02:20:20 +01:00
'memberimport' ,
'GroupImportForm' ,
'groupimport' ,
2010-02-23 04:32:18 +01:00
'RootForm'
2008-02-25 03:10:37 +01:00
);
2007-07-19 12:40:05 +02:00
2009-11-21 12:11:26 +01:00
/**
* @ var Array
*/
static $hidden_permissions = array ();
2007-07-19 12:40:05 +02:00
public function init () {
parent :: init ();
2009-11-26 06:08:34 +01:00
Requirements :: javascript ( CMS_DIR . '/javascript/hover.js' );
ENHANCEMENT Introduced constants for system paths like /sapphire in preparation for a more flexible directory reorganisation. Instead of hardcoding your path, please use the following constants: BASE_PATH, BASE_URL, SAPPHIRE_DIR, SAPPHIRE_PATH, CMS_DIR, CMS_PATH, THIRDPARTY_DIR, THIRDPARTY_PATH, ASSETS_DIR, ASSETS_PATH, THEMES_DIR, THEMES_PATH
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@63154 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-27 18:02:38 +02:00
Requirements :: javascript ( THIRDPARTY_DIR . " /scriptaculous/controls.js " );
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
// needed for MemberTableField (Requirements not determined before Ajax-Call)
2009-03-10 22:59:19 +01:00
Requirements :: add_i18n_javascript ( SAPPHIRE_DIR . '/javascript/lang' );
ENHANCEMENT Introduced constants for system paths like /sapphire in preparation for a more flexible directory reorganisation. Instead of hardcoding your path, please use the following constants: BASE_PATH, BASE_URL, SAPPHIRE_DIR, SAPPHIRE_PATH, CMS_DIR, CMS_PATH, THIRDPARTY_DIR, THIRDPARTY_PATH, ASSETS_DIR, ASSETS_PATH, THEMES_DIR, THEMES_PATH
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@63154 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-27 18:02:38 +02:00
Requirements :: javascript ( SAPPHIRE_DIR . " /javascript/TableListField.js " );
Requirements :: javascript ( SAPPHIRE_DIR . " /javascript/TableField.js " );
Requirements :: javascript ( SAPPHIRE_DIR . " /javascript/ComplexTableField.js " );
Requirements :: javascript ( CMS_DIR . " /javascript/MemberTableField.js " );
Requirements :: css ( THIRDPARTY_DIR . " /greybox/greybox.css " );
Requirements :: css ( SAPPHIRE_DIR . " /css/ComplexTableField.css " );
2007-09-14 21:40:56 +02:00
2009-04-29 03:44:28 +02:00
Requirements :: javascript ( CMS_DIR . '/javascript/SecurityAdmin_left.js' );
Requirements :: javascript ( CMS_DIR . '/javascript/SecurityAdmin_right.js' );
ENHANCEMENT Introduced constants for system paths like /sapphire in preparation for a more flexible directory reorganisation. Instead of hardcoding your path, please use the following constants: BASE_PATH, BASE_URL, SAPPHIRE_DIR, SAPPHIRE_PATH, CMS_DIR, CMS_PATH, THIRDPARTY_DIR, THIRDPARTY_PATH, ASSETS_DIR, ASSETS_PATH, THEMES_DIR, THEMES_PATH
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@63154 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-27 18:02:38 +02:00
Requirements :: javascript ( THIRDPARTY_DIR . " /greybox/AmiJS.js " );
Requirements :: javascript ( THIRDPARTY_DIR . " /greybox/greybox.js " );
2007-07-19 12:40:05 +02:00
}
2010-02-23 04:32:18 +01:00
function getEditForm ( $id = null ) {
if ( ! $id ) $id = $this -> currentPageID ();
2007-07-19 12:40:05 +02:00
2010-02-23 04:32:18 +01:00
if ( $id && $id != 'root' ) {
$record = DataObject :: get_by_id ( $this -> stat ( 'tree_class' ), $id );
if ( ! $record ) return false ;
}
if ( $id && is_numeric ( $id )) {
$fields = $record -> getCMSFields ();
if ( $fields -> hasTabSet ()) {
$fields -> findOrMakeTab ( 'Root.Import' , _t ( 'Group.IMPORTTABTITLE' , 'Import' ));
$fields -> addFieldToTab ( 'Root.Import' ,
new LiteralField (
'MemberImportFormIframe' ,
sprintf (
'<iframe src="%s" id="MemberImportFormIframe" width="100%%" height="400px" border="0"></iframe>' ,
$this -> Link ( 'memberimport' )
2010-02-11 02:20:20 +01:00
)
)
2010-02-23 04:32:18 +01:00
);
2010-03-25 23:44:33 +01:00
if ( Permission :: check ( 'APPLY_ROLES' )) {
$fields -> addFieldToTab (
'Root.Roles' ,
new LiteralField (
'RolesAddEditLink' ,
sprintf (
'<p class="add-role"><a href="%s">%s</a></p>' ,
$this -> Link ( 'show/root' ),
// TODO This should include #Root_Roles to switch directly to the tab,
// but tabstrip.js doesn't display tabs when directly adressed through a URL pragma
_t ( 'Group.RolesAddEditLink' , 'Add/edit roles' )
)
2010-03-10 03:59:24 +01:00
)
2010-03-25 23:44:33 +01:00
);
}
2010-02-23 04:32:18 +01:00
}
$actions = new FieldSet (
new FormAction ( 'addmember' , _t ( 'SecurityAdmin.ADDMEMBER' , 'Add Member' )),
new FormAction ( 'save' , _t ( 'SecurityAdmin.SAVE' , 'Save' ))
2010-02-11 02:20:20 +01:00
);
2010-02-23 04:32:18 +01:00
$form = new Form ( $this , " EditForm " , $fields , $actions );
$form -> loadDataFrom ( $record );
2010-02-11 02:20:20 +01:00
2010-02-23 04:32:18 +01:00
if ( ! $record -> canEdit ()) {
$readonlyFields = $form -> Fields () -> makeReadonly ();
$form -> setFields ( $readonlyFields );
}
// Filter permissions
$permissionField = $form -> Fields () -> dataFieldByName ( 'Permissions' );
if ( $permissionField ) $permissionField -> setHiddenPermissions ( self :: $hidden_permissions );
2010-02-11 02:02:34 +01:00
2010-02-11 02:21:45 +01:00
$this -> extend ( 'updateEditForm' , $form );
2010-02-23 04:32:18 +01:00
} else {
$form = $this -> RootForm ();
2009-04-29 03:44:28 +02:00
}
2010-02-23 04:32:18 +01:00
return $form ;
}
/**
* @ return FieldSet
*/
function RootForm () {
$memberList = new MemberTableField (
$this ,
" Members "
);
// unset 'inlineadd' permission, we don't want inline addition
2010-03-28 21:51:47 +02:00
$memberList -> setPermissions ( array ( 'edit' , 'delete' , 'add' ));
2010-02-23 04:32:18 +01:00
$memberList -> setRelationAutoSetting ( false );
2008-04-09 13:34:10 +02:00
2010-02-23 04:32:18 +01:00
$fields = new FieldSet (
new TabSet (
'Root' ,
new Tab ( 'Members' , singleton ( 'Member' ) -> i18n_plural_name (),
$memberList ,
new LiteralField ( 'MembersCautionText' ,
sprintf ( '<p class="caution-remove"><strong>%s</strong></p>' ,
_t (
'SecurityAdmin.MemberListCaution' ,
'Caution: Removing members from this list will remove them from all groups and the database'
)
)
)
),
new Tab ( 'Import' , _t ( 'SecurityAdmin.TABIMPORT' , 'Import' ),
new LiteralField (
'GroupImportFormIframe' ,
sprintf (
'<iframe src="%s" id="GroupImportFormIframe" width="100%%" height="400px" border="0"></iframe>' ,
$this -> Link ( 'groupimport' )
)
2010-02-11 02:20:20 +01:00
)
)
2010-02-23 04:32:18 +01:00
),
// necessary for tree node selection in LeftAndMain.EditForm.js
new HiddenField ( 'ID' , false , 0 )
);
2010-03-10 03:59:24 +01:00
// Add roles editing interface
if ( Permission :: check ( 'APPLY_ROLES' )) {
$rolesCTF = new ComplexTableField (
$this ,
'Roles' ,
'PermissionRole'
);
2010-03-28 21:51:47 +02:00
$rolesCTF -> setPermissions ( array ( 'edit' , 'delete' ));
2010-03-10 05:06:32 +01:00
2010-03-10 03:59:24 +01:00
$rolesTab = $fields -> findOrMakeTab ( 'Root.Roles' , _t ( 'SecurityAdmin.TABROLES' , 'Roles' ));
$rolesTab -> push ( new LiteralField (
'RolesDescription' ,
''
));
$rolesTab -> push ( $rolesCTF );
}
2008-04-09 13:34:10 +02:00
$actions = new FieldSet (
2010-02-23 04:32:18 +01:00
new FormAction ( 'addmember' , _t ( 'SecurityAdmin.ADDMEMBER' , 'Add Member' ))
2008-04-09 13:34:10 +02:00
);
2010-02-11 02:20:20 +01:00
2010-03-02 21:37:25 +01:00
$this -> extend ( 'updateRootFormFields' , $fields , $actions );
2010-02-23 04:32:18 +01:00
$form = new Form (
$this ,
'EditForm' ,
$fields ,
$actions
);
2010-03-02 21:37:25 +01:00
2008-04-09 13:34:10 +02:00
return $form ;
2007-07-19 12:40:05 +02:00
}
2010-02-11 01:43:23 +01:00
public function memberimport () {
Requirements :: clear ();
Requirements :: css ( SAPPHIRE_DIR . '/css/Form.css' );
Requirements :: css ( CMS_DIR . '/css/typography.css' );
Requirements :: css ( CMS_DIR . '/css/cms_right.css' );
2010-02-11 03:35:16 +01:00
Requirements :: javascript ( THIRDPARTY_DIR . '/jquery/jquery.js' );
Requirements :: javascript ( THIRDPARTY_DIR . '/jquery-livequery/jquery.livequery.js' );
Requirements :: javascript ( SAPPHIRE_DIR . '/javascript/jquery_improvements.js' );
Requirements :: css ( CMS_DIR . '/css/MemberImportForm.css' );
2010-02-11 01:43:23 +01:00
Requirements :: javascript ( CMS_DIR . '/javascript/MemberImportForm.js' );
return $this -> renderWith ( 'BlankPage' , array (
'Form' => $this -> MemberImportForm ()
));
}
/**
* @ see SecurityAdmin_MemberImportForm
*
* @ return Form
*/
public function MemberImportForm () {
$group = $this -> currentPage ();
$form = new MemberImportForm (
$this ,
'MemberImportForm'
);
$form -> setGroup ( $group );
return $form ;
}
2010-02-11 02:20:20 +01:00
public function groupimport () {
Requirements :: clear ();
Requirements :: css ( SAPPHIRE_DIR . '/css/Form.css' );
Requirements :: css ( CMS_DIR . '/css/typography.css' );
Requirements :: css ( CMS_DIR . '/css/cms_right.css' );
2010-02-11 03:35:16 +01:00
Requirements :: javascript ( THIRDPARTY_DIR . '/jquery/jquery.js' );
Requirements :: javascript ( THIRDPARTY_DIR . '/jquery-livequery/jquery.livequery.js' );
Requirements :: javascript ( SAPPHIRE_DIR . '/javascript/jquery_improvements.js' );
Requirements :: css ( CMS_DIR . '/css/MemberImportForm.css' );
2010-02-11 02:20:20 +01:00
Requirements :: javascript ( CMS_DIR . '/javascript/MemberImportForm.js' );
return $this -> renderWith ( 'BlankPage' , array (
'Form' => $this -> GroupImportForm ()
));
}
/**
* @ see SecurityAdmin_MemberImportForm
*
* @ return Form
*/
public function GroupImportForm () {
$form = new GroupImportForm (
$this ,
'GroupImportForm'
);
return $form ;
}
2007-07-19 12:40:05 +02:00
public function AddRecordForm () {
2008-08-10 23:41:10 +02:00
$m = Object :: create ( 'MemberTableField' ,
2007-07-19 12:40:05 +02:00
$this ,
2007-09-14 21:40:56 +02:00
" Members " ,
2007-07-19 12:40:05 +02:00
$this -> currentPageID ()
);
return $m -> AddRecordForm ();
}
/**
* Ajax autocompletion
*/
public function autocomplete () {
$fieldName = $this -> urlParams [ 'ID' ];
$fieldVal = $_REQUEST [ $fieldName ];
2008-02-25 03:10:37 +01:00
$result = '' ;
2009-07-17 04:23:57 +02:00
2008-12-04 23:38:58 +01:00
// Make sure we only autocomplete on keys that actually exist, and that we don't autocomplete on password
2009-07-17 04:23:57 +02:00
if ( ! singleton ( $this -> stat ( 'subitem_class' )) -> hasDatabaseField ( $fieldName ) || $fieldName == 'Password' ) return ;
2007-09-14 21:40:56 +02:00
2008-12-04 23:38:58 +01:00
$matches = DataObject :: get ( $this -> stat ( 'subitem_class' ), " \" $fieldName\ " LIKE '" . Convert::raw2sql($fieldVal) . "%' " );
2007-07-19 12:40:05 +02:00
if ( $matches ) {
$result .= " <ul> " ;
foreach ( $matches as $match ) {
2009-02-04 00:34:14 +01:00
if ( ! $match -> canView ()) continue ;
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
$data = $match -> FirstName ;
$data .= " , $match->Surname " ;
$data .= " , $match->Email " ;
$result .= " <li> " . $match -> $fieldName . " <span class= \" informal \" >( $match->FirstName $match->Surname , $match->Email )</span><span class= \" informal data \" > $data </span></li> " ;
}
$result .= " </ul> " ;
return $result ;
}
}
public function MemberForm () {
$id = $_REQUEST [ 'ID' ] ? $_REQUEST [ 'ID' ] : Session :: get ( 'currentMember' );
2009-02-03 03:50:25 +01:00
if ( $id ) return $this -> getMemberForm ( $id );
2007-07-19 12:40:05 +02:00
}
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
public function getMemberForm ( $id ) {
2009-02-03 03:50:25 +01:00
if ( $id && $id != 'new' ) $record = DataObject :: get_by_id ( 'Member' , ( int ) $id );
2007-07-19 12:40:05 +02:00
if ( $record || $id == 'new' ) {
$fields = new FieldSet (
new HiddenField ( 'MemberListBaseGroup' , '' , $this -> currentPageID () )
);
2007-09-14 21:40:56 +02:00
2009-02-03 03:50:25 +01:00
if ( $extraFields = $record -> getCMSFields ()) {
foreach ( $extraFields as $extra ) {
2007-07-19 12:40:05 +02:00
$fields -> push ( $extra );
2009-02-03 03:50:25 +01:00
}
}
2007-07-19 12:40:05 +02:00
2009-02-03 03:50:25 +01:00
$fields -> push ( $idField = new HiddenField ( 'ID' ));
$fields -> push ( $groupIDField = new HiddenField ( 'GroupID' ));
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
$actions = new FieldSet ();
2009-02-03 03:50:25 +01:00
$actions -> push ( new FormAction ( 'savemember' , _t ( 'SecurityAdmin.SAVE' )));
2007-09-14 21:40:56 +02:00
2009-02-03 03:50:25 +01:00
$form = new Form ( $this , 'MemberForm' , $fields , $actions );
2007-07-19 12:40:05 +02:00
if ( $record ) $form -> loadDataFrom ( $record );
$idField -> setValue ( $id );
$groupIDField -> setValue ( $this -> currentPageID ());
2009-02-04 00:34:14 +01:00
if ( $record && ! $record -> canEdit ()) {
$readonlyFields = $form -> Fields () -> makeReadonly ();
$form -> setFields ( $readonlyFields );
}
2007-07-19 12:40:05 +02:00
return $form ;
}
}
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
function savemember () {
$data = $_REQUEST ;
$className = $this -> stat ( 'subitem_class' );
$id = $_REQUEST [ 'ID' ];
if ( $id == 'new' ) $id = null ;
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
if ( $id ) {
2009-03-17 23:20:03 +01:00
$record = DataObject :: get_by_id ( $className , $id );
2009-02-04 00:34:14 +01:00
if ( $record && ! $record -> canEdit ()) return Security :: permissionFailure ( $this );
2007-07-19 12:40:05 +02:00
} else {
2009-02-04 00:34:14 +01:00
if ( ! singleton ( $this -> stat ( 'subitem_class' )) -> canCreate ()) return Security :: permissionFailure ( $this );
2007-07-19 12:40:05 +02:00
$record = new $className ();
}
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
$record -> update ( $data );
$record -> ID = $id ;
$record -> write ();
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
$record -> Groups () -> add ( $data [ 'GroupID' ]);
FormResponse :: add ( " reloadMemberTableField(); " );
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
return FormResponse :: respond ();
}
function addmember ( $className = null ) {
$data = $_REQUEST ;
unset ( $data [ 'ID' ]);
2009-02-03 03:50:25 +01:00
if ( $className == null ) $className = $this -> stat ( 'subitem_class' );
2009-02-04 00:34:14 +01:00
if ( ! singleton ( $this -> stat ( 'subitem_class' )) -> canCreate ()) return Security :: permissionFailure ( $this );
2007-07-19 12:40:05 +02:00
$record = new $className ();
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
$record -> update ( $data );
$record -> write ();
2009-02-03 03:50:25 +01:00
2009-03-17 23:20:03 +01:00
if ( $data [ 'GroupID' ]) $record -> Groups () -> add (( int ) $data [ 'GroupID' ]);
2007-07-19 12:40:05 +02:00
FormResponse :: add ( " reloadMemberTableField(); " );
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
return FormResponse :: respond ();
}
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
public function removememberfromgroup () {
$groupID = $this -> urlParams [ 'ID' ];
$memberID = $this -> urlParams [ 'OtherID' ];
if ( is_numeric ( $groupID ) && is_numeric ( $memberID )) {
2009-02-03 03:50:25 +01:00
$member = DataObject :: get_by_id ( 'Member' , ( int ) $memberID );
2009-04-29 03:44:28 +02:00
2009-02-04 00:34:14 +01:00
if ( ! $member -> canDelete ()) return Security :: permissionFailure ( $this );
2009-04-29 03:44:28 +02:00
2009-03-17 23:20:03 +01:00
$member -> Groups () -> remove (( int ) $groupID );
2009-04-29 03:44:28 +02:00
2007-07-19 12:40:05 +02:00
FormResponse :: add ( " reloadMemberTableField(); " );
} else {
user_error ( " SecurityAdmin::removememberfromgroup: Bad parameters: Group= $groupID , Member= $memberID " , E_USER_ERROR );
}
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
return FormResponse :: respond ();
}
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
/**
2009-04-29 03:44:28 +02:00
* Return the entire site tree as a nested set of ULs .
* @ return string Unordered list < UL > HTML
2007-07-19 12:40:05 +02:00
*/
public function SiteTreeAsUL () {
2008-04-09 13:46:27 +02:00
$obj = singleton ( $this -> stat ( 'tree_class' ));
2009-04-29 03:44:28 +02:00
$obj -> markPartialTree ();
if ( $p = $this -> currentPage ()) $obj -> markToExpose ( $p );
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
// getChildrenAsUL is a flexible and complex way of traversing the tree
2009-04-29 03:44:28 +02:00
$siteTreeList = $obj -> getChildrenAsUL (
'' ,
2010-01-13 01:08:27 +01:00
'"<li id=\"record-$child->ID\" class=\"$child->class " . $child->markingClasses() . ($extraArg->isCurrentPage($child) ? " current" : "") . "\">" . ' .
2009-11-27 03:11:34 +01:00
'"<a href=\"" . Controller::join_links(substr($extraArg->Link(),0,-1), "show", $child->ID) . "\" >" . $child->TreeTitle() . "</a>" ' ,
2009-04-29 03:44:28 +02:00
$this ,
true
);
// Wrap the root if needs be
$rootLink = $this -> Link () . 'show/root' ;
$rootTitle = _t ( 'SecurityAdmin.SGROUPS' , 'Security Groups' );
if ( ! isset ( $rootID )) {
$siteTree = " <ul id= \" sitetree \" class= \" tree unformatted \" ><li id= \" record-root \" class= \" Root \" ><a href= \" $rootLink\ " >< strong > { $rootTitle } </ strong ></ a > "
. $siteTreeList . " </li></ul> " ;
}
2007-07-19 12:40:05 +02:00
return $siteTree ;
}
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
public function addgroup () {
2009-02-04 00:34:14 +01:00
if ( ! singleton ( $this -> stat ( 'tree_class' )) -> canCreate ()) return Security :: permissionFailure ( $this );
2008-04-09 13:46:27 +02:00
$newGroup = Object :: create ( $this -> stat ( 'tree_class' ));
$newGroup -> Title = _t ( 'SecurityAdmin.NEWGROUP' , " New Group " );
$newGroup -> Code = " new-group " ;
$newGroup -> ParentID = ( is_numeric ( $_REQUEST [ 'ParentID' ])) ? ( int ) $_REQUEST [ 'ParentID' ] : 0 ;
$newGroup -> write ();
return $this -> returnItemToUser ( $newGroup );
2007-07-19 12:40:05 +02:00
}
2007-09-14 21:40:56 +02:00
2007-07-19 12:40:05 +02:00
public function EditedMember () {
2009-02-03 03:50:25 +01:00
if ( Session :: get ( 'currentMember' )) return DataObject :: get_by_id ( 'Member' , ( int ) Session :: get ( 'currentMember' ));
2007-07-19 12:40:05 +02:00
}
2007-09-14 21:40:56 +02:00
2007-08-31 02:31:49 +02:00
function providePermissions () {
return array (
2009-10-29 01:55:20 +01:00
'EDIT_PERMISSIONS' => array (
'name' => _t ( 'SecurityAdmin.EDITPERMISSIONS' , 'Manage permissions for groups' ),
2009-10-30 02:43:34 +01:00
'category' => _t ( 'Permissions.PERMISSIONS_CATEGORY' , 'Roles and access permissions' ),
2010-03-10 04:36:43 +01:00
'help' => _t ( 'SecurityAdmin.EDITPERMISSIONS_HELP' , 'Ability to edit Permissions and IP Addresses for a group. Requires the "Access to \'Security\' section" permission.' ),
2009-10-29 01:55:20 +01:00
'sort' => 0
2009-10-29 22:36:13 +01:00
),
'APPLY_ROLES' => array (
'name' => _t ( 'SecurityAdmin.APPLY_ROLES' , 'Apply roles to groups' ),
2009-10-30 02:43:34 +01:00
'category' => _t ( 'Permissions.PERMISSIONS_CATEGORY' , 'Roles and access permissions' ),
2010-03-10 04:36:43 +01:00
'help' => _t ( 'SecurityAdmin.APPLY_ROLES_HELP' , 'Ability to edit the roles assigned to a group. Requires the "Access to \'Security\' section" permission.' ),
2009-10-29 22:36:13 +01:00
'sort' => 0
2009-10-29 01:55:20 +01:00
)
2007-08-31 02:31:49 +02:00
);
}
2009-11-20 04:49:57 +01:00
/**
2009-11-21 12:11:26 +01:00
* The permissions represented in the $codes will not appearing in the form
* containing { @ link PermissionCheckboxSetField } so as not to be checked / unchecked .
*
* @ param $codes String | Array
2009-11-20 04:49:57 +01:00
*/
2009-11-21 12:11:26 +01:00
static function add_hidden_permission ( $codes ){
if ( is_string ( $codes )) $codes = array ( $codes );
2009-12-01 03:57:52 +01:00
self :: $hidden_permissions = array_merge ( self :: $hidden_permissions , $codes );
2009-11-21 12:11:26 +01:00
}
/**
* @ param $codes String | Array
*/
static function remove_hidden_permission ( $codes ){
if ( is_string ( $codes )) $codes = array ( $codes );
self :: $hidden_permissions = array_diff ( self :: $hidden_permissions , $codes );
}
/**
* @ return Array
*/
static function get_hidden_permissions (){
return self :: $hidden_permissions ;
}
/**
* Clear all permissions previously hidden with { @ link add_hidden_permission }
*/
static function clear_hidden_permissions (){
self :: $hidden_permissions = array ();
2009-11-20 04:49:57 +01:00
}
2007-07-19 12:40:05 +02:00
}
2009-02-03 04:46:15 +01:00
?>