From a96ab15af33a3ac38a61fc7b261c290fac8e4f7a Mon Sep 17 00:00:00 2001
From: Damian Mooyman <damian@silverstripe.com>
Date: Fri, 12 Aug 2016 15:55:47 +1200
Subject: [PATCH] API Fix issue with namespaced reports Add permission code to
 reports Fix include paths

---
 code/Report.php                           | 12 +++++++++++-
 code/ReportAdmin.php                      | 14 +++++++++++++-
 templates/Includes/ReportAdmin_Content.ss |  6 +++---
 3 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/code/Report.php b/code/Report.php
index 7f8d6c77..e5bedd9a 100644
--- a/code/Report.php
+++ b/code/Report.php
@@ -154,11 +154,21 @@ class SS_Report extends ViewableData
     {
         return Controller::join_links(
             ReportAdmin::singleton()->Link('show'),
-            get_class($this),
+            $this->sanitiseClassName(get_class($this)),
             $action
         );
     }
 
+	/**
+	 * Sanitise a model class' name for inclusion in a link
+	 *
+	 * @param string $class
+	 * @return string
+	 */
+	protected function sanitiseClassName($class) {
+		return str_replace('\\', '-', $class);
+	}
+
 
     /**
      * counts the number of objects returned
diff --git a/code/ReportAdmin.php b/code/ReportAdmin.php
index 72c927c2..9f5267ad 100644
--- a/code/ReportAdmin.php
+++ b/code/ReportAdmin.php
@@ -44,6 +44,8 @@ class ReportAdmin extends LeftAndMain implements PermissionProvider
      */
     protected $reportObject;
 
+    private static $required_permission_codes = 'CMS_ACCESS_ReportAdmin';
+
     public function init()
     {
         parent::init();
@@ -105,7 +107,7 @@ class ReportAdmin extends LeftAndMain implements PermissionProvider
 
     public function handleAction($request, $action)
     {
-        $this->reportClass = $request->param('ReportClass');
+        $this->reportClass = $this->unsanitiseClassName($request->param('ReportClass'));
 
         // Check report
         if ($this->reportClass) {
@@ -120,6 +122,16 @@ class ReportAdmin extends LeftAndMain implements PermissionProvider
         return parent::handleAction($request, $action);
     }
 
+	/**
+	 * Unsanitise a model class' name from a URL param
+	 *
+	 * @param string $class
+	 * @return string
+	 */
+	protected function unsanitiseClassName($class) {
+		return str_replace('-', '\\', $class);
+	}
+
     /**
      * Determine if we have reports and need
      * to display the "Reports" main menu item
diff --git a/templates/Includes/ReportAdmin_Content.ss b/templates/Includes/ReportAdmin_Content.ss
index 9ee88de3..cf123b0a 100644
--- a/templates/Includes/ReportAdmin_Content.ss
+++ b/templates/Includes/ReportAdmin_Content.ss
@@ -3,9 +3,9 @@
 	<div class="cms-content-header north">
 		<% with $EditForm %>
 			<div class="cms-content-header-info">
-				<% include BackLink_Button %>
+				<% include SilverStripe\\Admin\\BackLink_Button %>
 				<% with $Controller %>
-					<% include CMSBreadcrumbs %>
+					<% include SilverStripe\\Admin\\CMSBreadcrumbs %>
 				<% end_with %>
 			</div>
 		<% end_with %>
@@ -17,4 +17,4 @@
 
 	</div>
 
-</div>
\ No newline at end of file
+</div>