Updated Group::canEdit() to only allow editing if you have CMS_ACCESS_SecurityAdmin access on the subsite that owns the group. This is useful for hiding 'global groups' from people that shouldn't edit them.

This commit is contained in:
Sam Minnee 2007-11-27 04:46:27 +00:00
parent ea1bb7aada
commit 1400ba00b0

View File

@ -44,6 +44,17 @@ class GroupSubsites extends DataObjectDecorator {
function augmentBeforeWrite() { function augmentBeforeWrite() {
if(!is_numeric($this->owner->ID) && !$this->owner->SubsiteID) $this->owner->SubsiteID = Subsite::currentSubsiteID(); if(!is_numeric($this->owner->ID) && !$this->owner->SubsiteID) $this->owner->SubsiteID = Subsite::currentSubsiteID();
} }
function alternateCanEdit() {
// Check the CMS_ACCESS_SecurityAdmin privileges on the subsite that owns this group
$oldSubsiteID = Session::get('SubsiteID');
Session::set('SubsiteID', $this->owner->SubsiteID);
$access = Permission::check('CMS_ACCESS_SecurityAdmin');
Session::set('SubsiteID', $oldSubsiteID);
return $access;
}
} }
?> ?>