mirror of
https://github.com/silverstripe/silverstripe-reports
synced 2024-10-22 11:05:53 +02:00
ENHANCEMENT Allowing to hide certain permission from showing in SecurityAdmin? through add_hidden_permission() (refactored from r92428) (from r92866)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@92879 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer
Sam Minnee
parent
73681b0afa
commit
b261d3cadc
@ -27,6 +27,11 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
||||
'EditForm'
|
||||
);
|
||||
|
||||
/**
|
||||
* @var Array
|
||||
*/
|
||||
static $hidden_permissions = array();
|
||||
|
||||
public function init() {
|
||||
parent::init();
|
||||
|
||||
@ -73,6 +78,10 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
||||
$form->setFields($readonlyFields);
|
||||
}
|
||||
|
||||
// Filter permissions
|
||||
$permissionField = $form->Fields()->dataFieldByName('Permissions');
|
||||
if($permissionField) $permissionField->setHiddenPermissions(self::$hidden_permissions);
|
||||
|
||||
return $form;
|
||||
}
|
||||
|
||||
@ -278,15 +287,36 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
||||
}
|
||||
|
||||
/**
|
||||
* the permissions represented in the $codes will not appearing in the form
|
||||
* containning {@link PermissionCheckboxSetField} so as not to be checked / unchecked.
|
||||
* @param $codes array of permission code
|
||||
* @return void
|
||||
* The permissions represented in the $codes will not appearing in the form
|
||||
* containing {@link PermissionCheckboxSetField} so as not to be checked / unchecked.
|
||||
*
|
||||
* @param $codes String|Array
|
||||
*/
|
||||
static function hide_permissions($codes){
|
||||
foreach($codes as $code){
|
||||
Permission::add_to_hidden_permissions($code);
|
||||
}
|
||||
static function add_hidden_permission($codes){
|
||||
if(is_string($codes)) $codes = array($codes);
|
||||
self::$hidden_permissions += $codes;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $codes String|Array
|
||||
*/
|
||||
static function remove_hidden_permission($codes){
|
||||
if(is_string($codes)) $codes = array($codes);
|
||||
self::$hidden_permissions = array_diff(self::$hidden_permissions, $codes);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Array
|
||||
*/
|
||||
static function get_hidden_permissions(){
|
||||
return self::$hidden_permissions;
|
||||
}
|
||||
|
||||
/**
|
||||
* Clear all permissions previously hidden with {@link add_hidden_permission}
|
||||
*/
|
||||
static function clear_hidden_permissions(){
|
||||
self::$hidden_permissions = array();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -36,16 +36,51 @@ class SecurityAdminTest extends FunctionalTest {
|
||||
$this->assertEquals($lines[1], '', "Empty export only has no content row");
|
||||
}
|
||||
|
||||
function testHidePermissions() {
|
||||
$permissionCheckboxSet = new PermissionCheckboxSetField('Permissions','Permissions','Permission','GroupID');
|
||||
$this->assertContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field());
|
||||
$this->assertContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field());
|
||||
function testAddHiddenPermission() {
|
||||
SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
|
||||
SecurityAdmin::hide_permissions(array('CMS_ACCESS_CMSMain','CMS_ACCESS_AssetAdmin'));
|
||||
$this->assertNotContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field());
|
||||
$this->assertNotContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field());
|
||||
// reset to defaults
|
||||
SecurityAdmin::clear_hidden_permissions();
|
||||
}
|
||||
|
||||
function testRemoveHiddenPermission() {
|
||||
SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
SecurityAdmin::remove_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertNotContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
|
||||
// reset to defaults
|
||||
SecurityAdmin::clear_hidden_permissions();
|
||||
}
|
||||
|
||||
function testClearHiddenPermission() {
|
||||
SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
SecurityAdmin::clear_hidden_permissions('CMS_ACCESS_ReportAdmin');
|
||||
$this->assertNotContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
|
||||
}
|
||||
|
||||
function testPermissionFieldRespectsHiddenPermissions() {
|
||||
$this->session()->inst_set('loggedInAs', $this->idFromFixture('Member', 'admin'));
|
||||
|
||||
$group = $this->objFromFixture('Group', 'admin');
|
||||
|
||||
SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
|
||||
$response = $this->get('admin/security/show/' . $group->ID);
|
||||
|
||||
$this->assertContains(
|
||||
'CMS_ACCESS_CMSMain',
|
||||
$response->getBody()
|
||||
);
|
||||
$this->assertNotContains(
|
||||
'CMS_ACCESS_ReportAdmin',
|
||||
$response->getBody()
|
||||
);
|
||||
|
||||
// reset to defaults
|
||||
SecurityAdmin::clear_hidden_permissions();
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
Loading…
Reference in New Issue
Block a user