mirror of
https://github.com/silverstripe/silverstripe-reports
synced 2024-10-22 11:05:53 +02:00
BUG Fix regressions is SS_Report::canView
This commit is contained in:
parent
fc81b1f582
commit
36241d52a0
@ -310,7 +310,9 @@ class SS_Report extends ViewableData {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$extended = $this->extendedCan('canView', $member);
|
$extended = $this->extendedCan('canView', $member);
|
||||||
if($extended !== null) return $extended;
|
if($extended !== null) {
|
||||||
|
return $extended;
|
||||||
|
}
|
||||||
|
|
||||||
if($member && Permission::checkMember($member, array('CMS_ACCESS_LeftAndMain', 'CMS_ACCESS_ReportAdmin'))) {
|
if($member && Permission::checkMember($member, array('CMS_ACCESS_LeftAndMain', 'CMS_ACCESS_ReportAdmin'))) {
|
||||||
return true;
|
return true;
|
||||||
@ -319,6 +321,27 @@ class SS_Report extends ViewableData {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Helper to assist with permission extension
|
||||||
|
*
|
||||||
|
* {@see DataObject::extendedCan()}
|
||||||
|
*
|
||||||
|
* @param string $methodName Method on the same object, e.g. {@link canEdit()}
|
||||||
|
* @param Member|int $member
|
||||||
|
* @return boolean|null
|
||||||
|
*/
|
||||||
|
public function extendedCan($methodName, $member) {
|
||||||
|
$results = $this->extend($methodName, $member);
|
||||||
|
if($results && is_array($results)) {
|
||||||
|
// Remove NULLs
|
||||||
|
$results = array_filter($results, function($v) {return !is_null($v);});
|
||||||
|
// If there are any non-NULL responses, then return the lowest one of them.
|
||||||
|
// If any explicitly deny the permission, then we don't get access
|
||||||
|
if($results) return min($results);
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the name of this report, which
|
* Return the name of this report, which
|
||||||
|
@ -56,6 +56,26 @@ class ReportTest extends SapphireTest {
|
|||||||
$reportNames,
|
$reportNames,
|
||||||
'ReportTest_FakeTest_Abstract is NOT in reports list as it is abstract');
|
'ReportTest_FakeTest_Abstract is NOT in reports list as it is abstract');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testPermissions() {
|
||||||
|
$report = new ReportTest_FakeTest2();
|
||||||
|
|
||||||
|
// Visitor cannot view
|
||||||
|
Session::clear("loggedInAs");
|
||||||
|
$this->assertFalse($report->canView());
|
||||||
|
|
||||||
|
// Logged in user that cannot view reports
|
||||||
|
$this->logInWithPermission('SITETREE_REORGANISE');
|
||||||
|
$this->assertFalse($report->canView());
|
||||||
|
|
||||||
|
// Logged in with report permissions
|
||||||
|
$this->logInWithPermission('CMS_ACCESS_ReportAdmin');
|
||||||
|
$this->assertTrue($report->canView());
|
||||||
|
|
||||||
|
// Admin can view
|
||||||
|
$this->logInWithPermission('ADMIN');
|
||||||
|
$this->assertTrue($report->canView());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user