currentPageID(); if($id && $id != 'root') { $record = DataObject::get_by_id($this->stat('tree_class'), $id); if(!$record) return false; } if($id && is_numeric($id)) { $fields = $record->getCMSFields(); if($fields->hasTabSet()) { $fields->findOrMakeTab('Root.Import',_t('Group.IMPORTTABTITLE', 'Import')); $fields->addFieldToTab('Root.Import', new LiteralField( 'MemberImportFormIframe', sprintf( '', $this->Link('memberimport') ) ) ); if(Permission::check('APPLY_ROLES')) { $fields->addFieldToTab( 'Root.Roles', new LiteralField( 'RolesAddEditLink', sprintf( '

%s

', $this->Link('show/root'), // TODO This should include #Root_Roles to switch directly to the tab, // but tabstrip.js doesn't display tabs when directly adressed through a URL pragma _t('Group.RolesAddEditLink', 'Add/edit roles') ) ) ); } } $actions = new FieldSet( new FormAction('addmember',_t('SecurityAdmin.ADDMEMBER','Add Member')), new FormAction('save',_t('SecurityAdmin.SAVE','Save')) ); $form = new Form($this, "EditForm", $fields, $actions); $form->loadDataFrom($record); if(!$record->canEdit()) { $readonlyFields = $form->Fields()->makeReadonly(); $form->setFields($readonlyFields); } // Filter permissions $permissionField = $form->Fields()->dataFieldByName('Permissions'); if($permissionField) $permissionField->setHiddenPermissions(self::$hidden_permissions); $this->extend('updateEditForm', $form); } else { $form = $this->RootForm(); } return $form; } /** * @return FieldSet */ function RootForm() { $memberList = new MemberTableField( $this, "Members" ); // unset 'inlineadd' permission, we don't want inline addition $memberList->setPermissions(array('edit', 'delete', 'add')); $memberList->setRelationAutoSetting(false); $fields = new FieldSet( new TabSet( 'Root', new Tab('Members', singleton('Member')->i18n_plural_name(), $memberList, new LiteralField('MembersCautionText', sprintf('

%s

', _t( 'SecurityAdmin.MemberListCaution', 'Caution: Removing members from this list will remove them from all groups and the database' ) ) ) ), new Tab('Import', _t('SecurityAdmin.TABIMPORT', 'Import'), new LiteralField( 'GroupImportFormIframe', sprintf( '', $this->Link('groupimport') ) ) ) ), // necessary for tree node selection in LeftAndMain.EditForm.js new HiddenField('ID', false, 0) ); // Add roles editing interface if(Permission::check('APPLY_ROLES')) { $rolesCTF = new ComplexTableField( $this, 'Roles', 'PermissionRole' ); $rolesCTF->setPermissions(array('edit', 'delete')); $rolesTab = $fields->findOrMakeTab('Root.Roles', _t('SecurityAdmin.TABROLES', 'Roles')); $rolesTab->push(new LiteralField( 'RolesDescription', '' )); $rolesTab->push($rolesCTF); } $actions = new FieldSet( new FormAction('addmember',_t('SecurityAdmin.ADDMEMBER','Add Member')) ); $this->extend('updateRootFormFields', $fields, $actions); $form = new Form( $this, 'EditForm', $fields, $actions ); return $form; } public function memberimport() { Requirements::clear(); Requirements::css(SAPPHIRE_DIR . '/css/Form.css'); Requirements::css(CMS_DIR . '/css/typography.css'); Requirements::css(CMS_DIR . '/css/cms_right.css'); Requirements::javascript(THIRDPARTY_DIR . '/jquery/jquery.js'); Requirements::javascript(THIRDPARTY_DIR . '/jquery-livequery/jquery.livequery.js'); Requirements::javascript(SAPPHIRE_DIR . '/javascript/jquery_improvements.js'); Requirements::css(CMS_DIR . '/css/MemberImportForm.css'); Requirements::javascript(CMS_DIR . '/javascript/MemberImportForm.js'); return $this->renderWith('BlankPage', array( 'Form' => $this->MemberImportForm() )); } /** * @see SecurityAdmin_MemberImportForm * * @return Form */ public function MemberImportForm() { $group = $this->currentPage(); $form = new MemberImportForm( $this, 'MemberImportForm' ); $form->setGroup($group); return $form; } public function groupimport() { Requirements::clear(); Requirements::css(SAPPHIRE_DIR . '/css/Form.css'); Requirements::css(CMS_DIR . '/css/typography.css'); Requirements::css(CMS_DIR . '/css/cms_right.css'); Requirements::javascript(THIRDPARTY_DIR . '/jquery/jquery.js'); Requirements::javascript(THIRDPARTY_DIR . '/jquery-livequery/jquery.livequery.js'); Requirements::javascript(SAPPHIRE_DIR . '/javascript/jquery_improvements.js'); Requirements::css(CMS_DIR . '/css/MemberImportForm.css'); Requirements::javascript(CMS_DIR . '/javascript/MemberImportForm.js'); return $this->renderWith('BlankPage', array( 'Form' => $this->GroupImportForm() )); } /** * @see SecurityAdmin_MemberImportForm * * @return Form */ public function GroupImportForm() { $form = new GroupImportForm( $this, 'GroupImportForm' ); return $form; } public function AddRecordForm() { $m = Object::create('MemberTableField', $this, "Members", $this->currentPageID() ); return $m->AddRecordForm(); } /** * Ajax autocompletion */ public function autocomplete() { $fieldName = $this->urlParams['ID']; $fieldVal = $_REQUEST[$fieldName]; $result = ''; // Make sure we only autocomplete on keys that actually exist, and that we don't autocomplete on password if(!singleton($this->stat('subitem_class'))->hasDatabaseField($fieldName) || $fieldName == 'Password') return; $matches = DataObject::get($this->stat('subitem_class'),"\"$fieldName\" LIKE '" . Convert::raw2sql($fieldVal) . "%'"); if($matches) { $result .= ""; return $result; } } public function MemberForm() { $id = $_REQUEST['ID'] ? $_REQUEST['ID'] : Session::get('currentMember'); if($id) return $this->getMemberForm($id); } public function getMemberForm($id) { if($id && $id != 'new') $record = DataObject::get_by_id('Member', (int) $id); if($record || $id == 'new') { $fields = new FieldSet( new HiddenField('MemberListBaseGroup', '', $this->currentPageID() ) ); if($extraFields = $record->getCMSFields()) { foreach($extraFields as $extra) { $fields->push( $extra ); } } $fields->push($idField = new HiddenField('ID')); $fields->push($groupIDField = new HiddenField('GroupID')); $actions = new FieldSet(); $actions->push(new FormAction('savemember', _t('SecurityAdmin.SAVE'))); $form = new Form($this, 'MemberForm', $fields, $actions); if($record) $form->loadDataFrom($record); $idField->setValue($id); $groupIDField->setValue($this->currentPageID()); if($record && !$record->canEdit()) { $readonlyFields = $form->Fields()->makeReadonly(); $form->setFields($readonlyFields); } return $form; } } function savemember() { $data = $_REQUEST; $className = $this->stat('subitem_class'); $id = $_REQUEST['ID']; if($id == 'new') $id = null; if($id) { $record = DataObject::get_by_id($className, $id); if($record && !$record->canEdit()) return Security::permissionFailure($this); } else { if(!singleton($this->stat('subitem_class'))->canCreate()) return Security::permissionFailure($this); $record = new $className(); } $record->update($data); $record->ID = $id; $record->write(); $record->Groups()->add($data['GroupID']); FormResponse::add("reloadMemberTableField();"); return FormResponse::respond(); } function addmember($className=null) { $data = $_REQUEST; unset($data['ID']); if($className == null) $className = $this->stat('subitem_class'); if(!singleton($this->stat('subitem_class'))->canCreate()) return Security::permissionFailure($this); $record = new $className(); $record->update($data); $record->write(); if($data['GroupID']) $record->Groups()->add((int)$data['GroupID']); FormResponse::add("reloadMemberTableField();"); return FormResponse::respond(); } public function removememberfromgroup() { $groupID = $this->urlParams['ID']; $memberID = $this->urlParams['OtherID']; if(is_numeric($groupID) && is_numeric($memberID)) { $member = DataObject::get_by_id('Member', (int) $memberID); if(!$member->canDelete()) return Security::permissionFailure($this); $member->Groups()->remove((int)$groupID); FormResponse::add("reloadMemberTableField();"); } else { user_error("SecurityAdmin::removememberfromgroup: Bad parameters: Group=$groupID, Member=$memberID", E_USER_ERROR); } return FormResponse::respond(); } /** * Return the entire site tree as a nested set of ULs. * @return string Unordered list