mirror of
https://github.com/silverstripe/silverstripe-subsites
synced 2024-10-22 11:05:55 +02:00
Allow ‘ADMIN’ and ‘CMS_ACCESS_LeftAndMain’ access to CMS. Fixes CWPBUG-113.
Previously, only the global ‘ADMIN’ permission was allowing users to bypass the stricter Permission check. We also need to allow the ‘CMS_ACCESS_LeftAndMain’ permission to bypass this check, as otherwise a user who is in a Group with the ‘Access to all CMS sections’ permission set (which only sets the CMS_ACCESS_LeftAndMain permission code and no others) would be denied access to the CMS for that sub site.
This commit is contained in:
parent
d21c92a9e3
commit
083194857e
@ -165,10 +165,16 @@ class LeftAndMainSubsites extends Extension {
|
||||
function canAccess() {
|
||||
// Admin can access everything, no point in checking.
|
||||
$member = Member::currentUser();
|
||||
if($member && Permission::checkMember($member, 'ADMIN')) return true;
|
||||
if($member &&
|
||||
(
|
||||
Permission::checkMember($member, 'ADMIN') || // 'Full administrative rights' in SecurityAdmin
|
||||
Permission::checkMember($member, 'CMS_ACCESS_LeftAndMain') // 'Access to all CMS sections' in SecurityAdmin
|
||||
)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Check if we have access to current section on the current subsite.
|
||||
$accessibleSites = $this->owner->sectionSites($member);
|
||||
$accessibleSites = $this->owner->sectionSites(true, "Main site", $member);
|
||||
if ($accessibleSites->count() && $accessibleSites->find('ID', Subsite::currentSubsiteID())) {
|
||||
// Current section can be accessed on the current site, all good.
|
||||
return true;
|
||||
|
Loading…
Reference in New Issue
Block a user