BUGFIX Restored old permission code model, broken due to new controller structure. Introduced LeftAndMain::$required_permission_codes as a way to control permissions independently of subclasses, and "cluster" multiple classes under a single code.

code/controllers/AssetAdmin.php

@@ -6,7 +6,7 @@
  * @package cms
  * @subpackage assets
  */
-class AssetAdmin extends LeftAndMain {
+class AssetAdmin extends LeftAndMain implements PermissionProvider{
 
 	static $url_segment = 'assets';
 	
@@ -559,6 +559,16 @@ JS
 		return $items;
 	}
 
+	function providePermissions() {
+		$title = _t("AssetAdmin.MENUTITLE", LeftAndMain::menu_title_for_class($this->class));
+		return array(
+			"CMS_ACCESS_AssetAdmin" => array(
+				'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
+				'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
+			)
+		);
+	}
+	
 }
 /**
  * Delete multiple {@link Folder} records (and the associated filesystem nodes).

code/controllers/CMSFileAddController.php

@@ -2,8 +2,8 @@
 class CMSFileAddController extends AssetAdmin {
 
 	static $url_segment = 'assets/add';
-
 	static $url_priority = 60;
+	static $required_permission_codes = 'CMS_ACCESS_AssetAdmin';
 	
 //	public function upload($request) {
 //		$formHtml = $this->renderWith(array('AssetAdmin_UploadContent'));

code/controllers/CMSMain.php

@@ -553,7 +553,8 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 		$form->setTemplate($this->getTemplatesWithSuffix('_EditForm'));
 
 		// Use <button> to allow full jQuery UI styling
-		foreach($actions->dataFields() as $action) $action->setUseButtonTag(true);
+		$actions = $actions->dataFields();
+		if($actions) foreach($actions as $action) $action->setUseButtonTag(true);
 
 		$this->extend('updateEditForm', $form);
 
@@ -1315,44 +1316,19 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 		);
 	}
 
-	/**
-	 * Provide the permission codes used by LeftAndMain.
-	 * Can't put it on LeftAndMain since that's an abstract base class.
-	 */
 	function providePermissions() {
-		$classes = ClassInfo::subclassesFor('LeftAndMain');
-
-		foreach($classes as $i => $class) {
-			$title = _t("{$class}.MENUTITLE", LeftAndMain::menu_title_for_class($class));
-			$perms["CMS_ACCESS_" . $class] = array(
-				'name' => sprintf(_t(
-					'CMSMain.ACCESS', 
-					"Access to '%s' section",
-					PR_MEDIUM,
-					"Item in permission selection identifying the admin section. Example: Access to 'Files & Images'"
-				), $title, null),
-				'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
-			);
-		}
-		$perms["CMS_ACCESS_LeftAndMain"] = array(
-			'name' => _t('CMSMain.ACCESSALLINTERFACES', 'Access to all CMS sections'),
+		$title = _t("CMSPagesController.MENUTITLE", LeftAndMain::menu_title_for_class('CMSPagesController'));
+		return array(
+			"CMS_ACCESS_CMSMain" => array(
+				'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
 				'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access'),
-			'help' => _t('CMSMain.ACCESSALLINTERFACESHELP', 'Overrules more specific access settings.'),
-			'sort' => -100
-		);
-
-		$perms['CMS_ACCESS_CMSMain']['help'] = _t(
+				'help' => _t(
 					'CMSMain.ACCESS_HELP',
 					'Allow viewing of the section containing page tree and content. View and edit permissions can be handled through page specific dropdowns, as well as the separate "Content permissions".'
+				),
+				'sort' => -99 // below "CMS_ACCESS_LeftAndMain", but above everything else
+			)
 		);
-		$perms['CMS_ACCESS_SecurityAdmin']['help'] = _t(
-			'SecurityAdmin.ACCESS_HELP',
-			'Allow viewing, adding and editing users, as well as assigning permissions and roles to them.'
-		);
-
-		if (isset($perms['CMS_ACCESS_ModelAdmin'])) unset($perms['CMS_ACCESS_ModelAdmin']);
-
-		return $perms;
 	}
 
 }

code/controllers/CMSPageAddController.php

@@ -5,6 +5,7 @@ class CMSPageAddController extends CMSMain {
 	static $url_rule = '/$Action/$ID/$OtherID';
 	static $url_priority = 42;
 	static $menu_title = 'Add page';
+	static $required_permission_codes = 'CMS_ACCESS_CMSMain';
 	
 	function AddForm() {
 		$form = parent::AddForm();

code/controllers/CMSPageEditController.php

@@ -8,4 +8,5 @@ class CMSPageEditController extends CMSMain {
 	static $url_segment = 'page/edit';
 	static $url_rule = '/$Action/$ID/$OtherID';
 	static $url_priority = 41;
+	static $required_permission_codes = 'CMS_ACCESS_CMSMain';
 }

code/controllers/CMSPageHistoryController.php

@@ -10,6 +10,7 @@ class CMSPageHistoryController extends CMSMain {
 	static $url_rule = '/$Action/$ID/$VersionID/$OtherVersionID';
 	static $url_priority = 42;
 	static $menu_title = 'History';
+	static $required_permission_codes = 'CMS_ACCESS_CMSMain';
 	
 	static $allowed_actions = array(
 		'VersionsForm',

code/controllers/CMSPageSettingsController.php

@@ -6,10 +6,9 @@
 class CMSPageSettingsController extends CMSMain {
 
 	static $url_segment = 'page/settings';
-	
 	static $url_rule = '/$Action/$ID/$OtherID';
-	
 	static $url_priority = 42;
+	static $required_permission_codes = 'CMS_ACCESS_CMSMain';
 		
 	function getEditForm($id = null, $fields = null) {
 		$record = $this->getRecord($id ? $id : $this->currentPageID());

code/controllers/CMSPagesController.php

@@ -9,6 +9,7 @@ class CMSPagesController extends CMSMain {
 	static $url_rule = '/$Action/$ID/$OtherID';
 	static $url_priority = 41;
 	static $menu_title = 'Pages';	
+	static $required_permission_codes = 'CMS_ACCESS_CMSMain';
 	
 	function init() {
 		parent::init();

code/controllers/ReportAdmin.php

@@ -11,7 +11,7 @@
  * @package cms
  * @subpackage reports
  */
-class ReportAdmin extends LeftAndMain {
+class ReportAdmin extends LeftAndMain implements PermissionProvider {
 	
 	static $url_segment = 'reports';
 	
@@ -97,5 +97,15 @@ class ReportAdmin extends LeftAndMain {
 		FormResponse::load_form($this->EditForm()->forTemplate());
 		return FormResponse::respond();
 	}
+
+	function providePermissions() {
+		$title = _t("ReportAdmin.MENUTITLE", LeftAndMain::menu_title_for_class($this->class));
+		return array(
+			"CMS_ACCESS_ReportAdmin" => array(
+				'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
+				'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
+			)
+		);
+	}
 }
 

code/model/SiteTree.php

@@ -2660,7 +2660,7 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
 				'name' => _t('SiteTree.EDIT_ALL_DESCRIPTION', 'Edit any page'),
 				'category' => _t('Permissions.CONTENT_CATEGORY', 'Content permissions'),
 				'sort' => -50,
-				'help' => _t('SiteTree.EDIT_ALL_HELP', 'Ability to edit any page on the site, regardless of the settings on the Access tab.  Requires the "Access to Site Content" permission')
+				'help' => _t('SiteTree.EDIT_ALL_HELP', 'Ability to edit any page on the site, regardless of the settings on the Access tab.  Requires the "Access to \'Pages\' section" permission')
 			),
 			'SITETREE_REORGANISE' => array(
 				'name' => _t('SiteTree.REORGANISE_DESCRIPTION', 'Change site structure'),

lang/en_US.php

@@ -357,7 +357,7 @@ $lang['en_US']['SiteTree']['EDITHEADER'] = 'Who can edit this page?';
 $lang['en_US']['SiteTree']['EDITONLYTHESE'] = 'Only these people (choose from list)';
 $lang['en_US']['SiteTree']['EDITORGROUPS'] = 'Editor Groups';
 $lang['en_US']['SiteTree']['EDIT_ALL_DESCRIPTION'] = 'Edit any page';
-$lang['en_US']['SiteTree']['EDIT_ALL_HELP'] = 'Ability to edit any page on the site, regardless of the settings on the Access tab.  Requires the "Access to Site Content" permission';
+$lang['en_US']['SiteTree']['EDIT_ALL_HELP'] = 'Ability to edit any page on the site, regardless of the settings on the Access tab.  Requires the "Access to \'Pages\' section" permission';
 $lang['en_US']['SiteTree']['Editors'] = 'Editors Groups';
 $lang['en_US']['SiteTree']['HASBROKENLINKS'] = 'This page has broken links.';
 $lang['en_US']['SiteTree']['HOMEPAGEFORDOMAIN'] = array(