API CHANGE Moved SecurityAdmin/AssetAdmin doAdd() and AddForm() methods into a common base implementation on LeftAndMain

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@92841 467b73ca-7a2a-4603-9d3b-597d59a354a9

code/AssetAdmin.php

@@ -36,8 +36,6 @@ class AssetAdmin extends LeftAndMain {
 	public static $apply_restrictions_to_admin = false;
 	
 	static $allowed_actions = array(
-		'doAdd',
-		'AddForm',
 		'deleteUnusedThumbnails',
 		'doUpload',
 		'getsubtree',
@@ -313,65 +311,6 @@ HTML;
 	//------------------------------------------------------------------------------------------//
 
 	// Data saving handlers
-
-	/**
-	 * @return Form
-	 */
-	function AddForm() {
-		$typeMap = array('Folder' => singleton($this->stat('tree_class'))->i18n_singular_name());
-		$typeField = new DropdownField('Type', false, $typeMap, 'Folder');
-		$form = new Form(
-			$this,
-			'AddForm',
-			new FieldSet(
-				new HiddenField('ParentID'),
-				$typeField->performReadonlyTransformation()
-			),
-			new FieldSet(
-				new FormAction('doAdd', _t('AssetAdmin_left.ss.GO','Go'))
-			)
-		);
-		$form->setValidator(null);
-		$form->addExtraClass('actionparams');
-		
-		return $form;
-	}
-
-	/**
-	 * Add a new folder and return its details suitable for ajax.
-	 */
-	public function doAdd($data, $form) {
-		$parentID = (isset($data['ParentID']) && is_numeric($data['ParentID'])) ? (int)$data['ParentID'] : 0;
-		$name = (isset($data['Name'])) ? basename($data['Name']) : _t('AssetAdmin.NEWFOLDER',"NewFolder");
-		
-		if($parentID) {
-			$parentObj = DataObject::get_by_id('File', $parentID);
-			if(!$parentObj || !$parentObj->ID) $parentID = 0;
-		}
-		
-		// Get the folder to be created		
-		if(isset($parentObj->ID)) $filename = $parentObj->FullPath . $name;
-		else $filename = ASSETS_PATH . '/' . $name;
-
-		// Actually create
-		if(!file_exists(ASSETS_PATH)) {
-			mkdir(ASSETS_PATH);
-		}
-		
-		$p = new Folder();
-		$p->ParentID = $parentID;
-		$p->Name = $p->Title = basename($filename);		
-		$p->write();
-
-		// Used in TinyMCE inline folder creation
-		if(isset($data['returnID'])) {
-			return $p->ID;
-		} else {
-			$form = $this->getEditForm($p->ID);
-			return $form->formHtmlContent();
-		}
-		
-	}
 		
 	/**
 	 * @return Form

code/LeftAndMain.php

@@ -52,6 +52,8 @@ class LeftAndMain extends Controller {
 		'EditForm',
 		'BatchActionsForm',
 		'batchactions',
+		'AddForm',
+		'doAdd'
 	);
 	
 	/**
@@ -819,6 +821,7 @@ JS;
 		
 		return $form;
 	}	
+	
 	/**
 	 * Returns a placeholder form, used by {@link getEditForm()} if no record is selected.
 	 * Our javascript logic always requires a form to be present in the CMS interface.
@@ -850,6 +853,66 @@ JS;
 		return $form;
 	}
 	
+	/**
+	 * @return Form
+	 */
+	function AddForm() {
+		$class = $this->stat('tree_class');
+		
+		$typeMap = array($class => singleton($class)->i18n_singular_name());
+		$typeField = new DropdownField('Type', false, $typeMap, $class);
+		$form = new Form(
+			$this,
+			'AddForm',
+			new FieldSet(
+				new HiddenField('ParentID'),
+				$typeField->performReadonlyTransformation()
+			),
+			new FieldSet(
+				new FormAction('doAdd', _t('AssetAdmin_left.ss.GO','Go'))
+			)
+		);
+		$form->setValidator(null);
+		$form->addExtraClass('actionparams');
+		
+		return $form;
+	}
+	
+	/**
+	 * Add a new group and return its details suitable for ajax.
+	 */
+	public function doAdd($data, $form) {
+		$class = $this->stat('tree_class');
+		
+		// check create permissions
+		if(!singleton($class)->canCreate()) return Security::permissionFailure($this);
+		
+		// check addchildren permissions
+		if(
+			singleton($class)->hasDatabaseField('Hierarchy') 
+			&& isset($data['ParentID'])
+			&& is_numeric($data['ParentID'])
+		) {
+			$parentRecord = DataObject::get_by_id($class, $data['ParentID']);
+			if(
+				$parentRecord->hasMethod('canAddChildren') 
+				&& !$parentRecord->canAddChildren()
+			) return Security::permissionFailure($this);
+		}
+		
+		$record = Object::create($class);
+		$form->saveInto($record);
+		$record->write();
+
+		// Used in TinyMCE inline folder creation
+		if(isset($data['returnID'])) {
+			return $record->ID;
+		} else {
+			$form = $this->getEditForm($record->ID);
+			return $form->formHtmlContent();
+		}
+	}
+	
 	/**
 	 * Batch Actions Handler
 	 */

code/SecurityAdmin.php

@@ -21,7 +21,6 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
 		'autocomplete',
 		'removememberfromgroup',
 		'savemember',
-		'AddForm',
 		'AddRecordForm',
 		'MemberForm',
 		'EditForm',
@@ -45,48 +44,6 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
 		
 		return $form;
 	}
-	
-	/**
-	 * @return Form
-	 */
-	function AddForm() {
-		$class = $this->stat('tree_class');
-		
-		$typeMap = array('Folder' => singleton($class)->i18n_singular_name());
-		$typeField = new DropdownField('Type', false, $typeMap, 'Folder');
-		$form = new Form(
-			$this,
-			'AddForm',
-			new FieldSet(
-				new HiddenField('ParentID'),
-				$typeField->performReadonlyTransformation()
-			),
-			new FieldSet(
-				new FormAction('doAdd', _t('AssetAdmin_left.ss.GO','Go'))
-			)
-		);
-		$form->setValidator(null);
-		$form->addExtraClass('actionparams');
-		
-		return $form;
-	}
-	
-	/**
-	 * Add a new group and return its details suitable for ajax.
-	 */
-	public function doAdd($data, $form) {
-		$parentID = (isset($data['ParentID']) && is_numeric($data['ParentID'])) ? (int)$data['ParentID'] : 0;
-		
-		if(!singleton($this->stat('tree_class'))->canCreate()) return Security::permissionFailure($this);
-		
-		$record = Object::create($this->stat('tree_class'));
-		$record->Title = _t('SecurityAdmin.NEWGROUP',"New Group");
-		$record->ParentID = $parentID;
-		$record->write();
-
-		$form = $this->getEditForm($record->ID);
-		return $form->formHtmlContent();
-	}
 
 	public function AddRecordForm() {
 		$m = Object::create('MemberTableField',