mirror of
https://github.com/silverstripe/silverstripe-reports
synced 2024-10-22 11:05:53 +02:00
BUGFIX Restored old permission code model, broken due to new controller structure. Introduced LeftAndMain::$required_permission_codes as a way to control permissions independently of subclasses, and "cluster" multiple classes under a single code.
This commit is contained in:
Ingo Schommer
parent
e938c60e9a
commit
e0a67a80c7
@ -6,7 +6,7 @@
|
|||||||
* @package cms
|
* @package cms
|
||||||
* @subpackage assets
|
* @subpackage assets
|
||||||
*/
|
*/
|
||||||
class AssetAdmin extends LeftAndMain {
|
class AssetAdmin extends LeftAndMain implements PermissionProvider{
|
||||||
|
|
||||||
static $url_segment = 'assets';
|
static $url_segment = 'assets';
|
||||||
|
|
||||||
@ -559,6 +559,16 @@ JS
|
|||||||
return $items;
|
return $items;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function providePermissions() {
|
||||||
|
$title = _t("AssetAdmin.MENUTITLE", LeftAndMain::menu_title_for_class($this->class));
|
||||||
|
return array(
|
||||||
|
"CMS_ACCESS_AssetAdmin" => array(
|
||||||
|
'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
|
||||||
|
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Delete multiple {@link Folder} records (and the associated filesystem nodes).
|
* Delete multiple {@link Folder} records (and the associated filesystem nodes).
|
||||||
|
|||||||
@ -2,8 +2,8 @@
|
|||||||
class CMSFileAddController extends AssetAdmin {
|
class CMSFileAddController extends AssetAdmin {
|
||||||
|
|
||||||
static $url_segment = 'assets/add';
|
static $url_segment = 'assets/add';
|
||||||
|
|
||||||
static $url_priority = 60;
|
static $url_priority = 60;
|
||||||
|
static $required_permission_codes = 'CMS_ACCESS_AssetAdmin';
|
||||||
|
|
||||||
// public function upload($request) {
|
// public function upload($request) {
|
||||||
// $formHtml = $this->renderWith(array('AssetAdmin_UploadContent'));
|
// $formHtml = $this->renderWith(array('AssetAdmin_UploadContent'));
|
||||||
|
|||||||
@ -553,7 +553,8 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
|
|||||||
$form->setTemplate($this->getTemplatesWithSuffix('_EditForm'));
|
$form->setTemplate($this->getTemplatesWithSuffix('_EditForm'));
|
||||||
|
|
||||||
// Use <button> to allow full jQuery UI styling
|
// Use <button> to allow full jQuery UI styling
|
||||||
foreach($actions->dataFields() as $action) $action->setUseButtonTag(true);
|
$actions = $actions->dataFields();
|
||||||
|
if($actions) foreach($actions as $action) $action->setUseButtonTag(true);
|
||||||
|
|
||||||
$this->extend('updateEditForm', $form);
|
$this->extend('updateEditForm', $form);
|
||||||
|
|
||||||
@ -1315,44 +1316,19 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Provide the permission codes used by LeftAndMain.
|
|
||||||
* Can't put it on LeftAndMain since that's an abstract base class.
|
|
||||||
*/
|
|
||||||
function providePermissions() {
|
function providePermissions() {
|
||||||
$classes = ClassInfo::subclassesFor('LeftAndMain');
|
$title = _t("CMSPagesController.MENUTITLE", LeftAndMain::menu_title_for_class('CMSPagesController'));
|
||||||
|
return array(
|
||||||
foreach($classes as $i => $class) {
|
"CMS_ACCESS_CMSMain" => array(
|
||||||
$title = _t("{$class}.MENUTITLE", LeftAndMain::menu_title_for_class($class));
|
'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
|
||||||
$perms["CMS_ACCESS_" . $class] = array(
|
|
||||||
'name' => sprintf(_t(
|
|
||||||
'CMSMain.ACCESS',
|
|
||||||
"Access to '%s' section",
|
|
||||||
PR_MEDIUM,
|
|
||||||
"Item in permission selection identifying the admin section. Example: Access to 'Files & Images'"
|
|
||||||
), $title, null),
|
|
||||||
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
|
|
||||||
);
|
|
||||||
}
|
|
||||||
$perms["CMS_ACCESS_LeftAndMain"] = array(
|
|
||||||
'name' => _t('CMSMain.ACCESSALLINTERFACES', 'Access to all CMS sections'),
|
|
||||||
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access'),
|
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access'),
|
||||||
'help' => _t('CMSMain.ACCESSALLINTERFACESHELP', 'Overrules more specific access settings.'),
|
'help' => _t(
|
||||||
'sort' => -100
|
|
||||||
);
|
|
||||||
|
|
||||||
$perms['CMS_ACCESS_CMSMain']['help'] = _t(
|
|
||||||
'CMSMain.ACCESS_HELP',
|
'CMSMain.ACCESS_HELP',
|
||||||
'Allow viewing of the section containing page tree and content. View and edit permissions can be handled through page specific dropdowns, as well as the separate "Content permissions".'
|
'Allow viewing of the section containing page tree and content. View and edit permissions can be handled through page specific dropdowns, as well as the separate "Content permissions".'
|
||||||
|
),
|
||||||
|
'sort' => -99 // below "CMS_ACCESS_LeftAndMain", but above everything else
|
||||||
|
)
|
||||||
);
|
);
|
||||||
$perms['CMS_ACCESS_SecurityAdmin']['help'] = _t(
|
|
||||||
'SecurityAdmin.ACCESS_HELP',
|
|
||||||
'Allow viewing, adding and editing users, as well as assigning permissions and roles to them.'
|
|
||||||
);
|
|
||||||
|
|
||||||
if (isset($perms['CMS_ACCESS_ModelAdmin'])) unset($perms['CMS_ACCESS_ModelAdmin']);
|
|
||||||
|
|
||||||
return $perms;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -5,6 +5,7 @@ class CMSPageAddController extends CMSMain {
|
|||||||
static $url_rule = '/$Action/$ID/$OtherID';
|
static $url_rule = '/$Action/$ID/$OtherID';
|
||||||
static $url_priority = 42;
|
static $url_priority = 42;
|
||||||
static $menu_title = 'Add page';
|
static $menu_title = 'Add page';
|
||||||
|
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||||
|
|
||||||
function AddForm() {
|
function AddForm() {
|
||||||
$form = parent::AddForm();
|
$form = parent::AddForm();
|
||||||
|
|||||||
@ -8,4 +8,5 @@ class CMSPageEditController extends CMSMain {
|
|||||||
static $url_segment = 'page/edit';
|
static $url_segment = 'page/edit';
|
||||||
static $url_rule = '/$Action/$ID/$OtherID';
|
static $url_rule = '/$Action/$ID/$OtherID';
|
||||||
static $url_priority = 41;
|
static $url_priority = 41;
|
||||||
|
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||||
}
|
}
|
||||||
@ -10,6 +10,7 @@ class CMSPageHistoryController extends CMSMain {
|
|||||||
static $url_rule = '/$Action/$ID/$VersionID/$OtherVersionID';
|
static $url_rule = '/$Action/$ID/$VersionID/$OtherVersionID';
|
||||||
static $url_priority = 42;
|
static $url_priority = 42;
|
||||||
static $menu_title = 'History';
|
static $menu_title = 'History';
|
||||||
|
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||||
|
|
||||||
static $allowed_actions = array(
|
static $allowed_actions = array(
|
||||||
'VersionsForm',
|
'VersionsForm',
|
||||||
|
|||||||
@ -6,10 +6,9 @@
|
|||||||
class CMSPageSettingsController extends CMSMain {
|
class CMSPageSettingsController extends CMSMain {
|
||||||
|
|
||||||
static $url_segment = 'page/settings';
|
static $url_segment = 'page/settings';
|
||||||
|
|
||||||
static $url_rule = '/$Action/$ID/$OtherID';
|
static $url_rule = '/$Action/$ID/$OtherID';
|
||||||
|
|
||||||
static $url_priority = 42;
|
static $url_priority = 42;
|
||||||
|
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||||
|
|
||||||
function getEditForm($id = null, $fields = null) {
|
function getEditForm($id = null, $fields = null) {
|
||||||
$record = $this->getRecord($id ? $id : $this->currentPageID());
|
$record = $this->getRecord($id ? $id : $this->currentPageID());
|
||||||
|
|||||||
@ -9,6 +9,7 @@ class CMSPagesController extends CMSMain {
|
|||||||
static $url_rule = '/$Action/$ID/$OtherID';
|
static $url_rule = '/$Action/$ID/$OtherID';
|
||||||
static $url_priority = 41;
|
static $url_priority = 41;
|
||||||
static $menu_title = 'Pages';
|
static $menu_title = 'Pages';
|
||||||
|
static $required_permission_codes = 'CMS_ACCESS_CMSMain';
|
||||||
|
|
||||||
function init() {
|
function init() {
|
||||||
parent::init();
|
parent::init();
|
||||||
|
|||||||
@ -11,7 +11,7 @@
|
|||||||
* @package cms
|
* @package cms
|
||||||
* @subpackage reports
|
* @subpackage reports
|
||||||
*/
|
*/
|
||||||
class ReportAdmin extends LeftAndMain {
|
class ReportAdmin extends LeftAndMain implements PermissionProvider {
|
||||||
|
|
||||||
static $url_segment = 'reports';
|
static $url_segment = 'reports';
|
||||||
|
|
||||||
@ -97,5 +97,15 @@ class ReportAdmin extends LeftAndMain {
|
|||||||
FormResponse::load_form($this->EditForm()->forTemplate());
|
FormResponse::load_form($this->EditForm()->forTemplate());
|
||||||
return FormResponse::respond();
|
return FormResponse::respond();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function providePermissions() {
|
||||||
|
$title = _t("ReportAdmin.MENUTITLE", LeftAndMain::menu_title_for_class($this->class));
|
||||||
|
return array(
|
||||||
|
"CMS_ACCESS_ReportAdmin" => array(
|
||||||
|
'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
|
||||||
|
'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -2660,7 +2660,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
|
|||||||
'name' => _t('SiteTree.EDIT_ALL_DESCRIPTION', 'Edit any page'),
|
'name' => _t('SiteTree.EDIT_ALL_DESCRIPTION', 'Edit any page'),
|
||||||
'category' => _t('Permissions.CONTENT_CATEGORY', 'Content permissions'),
|
'category' => _t('Permissions.CONTENT_CATEGORY', 'Content permissions'),
|
||||||
'sort' => -50,
|
'sort' => -50,
|
||||||
'help' => _t('SiteTree.EDIT_ALL_HELP', 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to Site Content" permission')
|
'help' => _t('SiteTree.EDIT_ALL_HELP', 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to \'Pages\' section" permission')
|
||||||
),
|
),
|
||||||
'SITETREE_REORGANISE' => array(
|
'SITETREE_REORGANISE' => array(
|
||||||
'name' => _t('SiteTree.REORGANISE_DESCRIPTION', 'Change site structure'),
|
'name' => _t('SiteTree.REORGANISE_DESCRIPTION', 'Change site structure'),
|
||||||
|
|||||||
@ -357,7 +357,7 @@ $lang['en_US']['SiteTree']['EDITHEADER'] = 'Who can edit this page?';
|
|||||||
$lang['en_US']['SiteTree']['EDITONLYTHESE'] = 'Only these people (choose from list)';
|
$lang['en_US']['SiteTree']['EDITONLYTHESE'] = 'Only these people (choose from list)';
|
||||||
$lang['en_US']['SiteTree']['EDITORGROUPS'] = 'Editor Groups';
|
$lang['en_US']['SiteTree']['EDITORGROUPS'] = 'Editor Groups';
|
||||||
$lang['en_US']['SiteTree']['EDIT_ALL_DESCRIPTION'] = 'Edit any page';
|
$lang['en_US']['SiteTree']['EDIT_ALL_DESCRIPTION'] = 'Edit any page';
|
||||||
$lang['en_US']['SiteTree']['EDIT_ALL_HELP'] = 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to Site Content" permission';
|
$lang['en_US']['SiteTree']['EDIT_ALL_HELP'] = 'Ability to edit any page on the site, regardless of the settings on the Access tab. Requires the "Access to \'Pages\' section" permission';
|
||||||
$lang['en_US']['SiteTree']['Editors'] = 'Editors Groups';
|
$lang['en_US']['SiteTree']['Editors'] = 'Editors Groups';
|
||||||
$lang['en_US']['SiteTree']['HASBROKENLINKS'] = 'This page has broken links.';
|
$lang['en_US']['SiteTree']['HASBROKENLINKS'] = 'This page has broken links.';
|
||||||
$lang['en_US']['SiteTree']['HOMEPAGEFORDOMAIN'] = array(
|
$lang['en_US']['SiteTree']['HOMEPAGEFORDOMAIN'] = array(
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user