mirror of
https://github.com/silverstripe/silverstripe-subsites
synced 2024-10-22 11:05:55 +02:00
Merge pull request #430 from creative-commoners/pulls/2.3/access-passed-member
FIX LeftAndMainSubsites::canAccess() now accepts a Member argument and falls back to the session member
This commit is contained in:
commit
b3bd51cb6c
@ -215,11 +215,16 @@ class LeftAndMainSubsites extends LeftAndMainExtension
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if the current controller is accessible for this user on this subsite.
|
* Check if the current controller is accessible for this user on this subsite.
|
||||||
|
*
|
||||||
|
* @param Member $member
|
||||||
*/
|
*/
|
||||||
public function canAccess()
|
public function canAccess(Member $member = null)
|
||||||
{
|
{
|
||||||
|
if (!$member) {
|
||||||
|
$member = Security::getCurrentUser();
|
||||||
|
}
|
||||||
|
|
||||||
// Admin can access everything, no point in checking.
|
// Admin can access everything, no point in checking.
|
||||||
$member = Security::getCurrentUser();
|
|
||||||
if ($member
|
if ($member
|
||||||
&& (Permission::checkMember($member, [
|
&& (Permission::checkMember($member, [
|
||||||
'ADMIN', // Full administrative rights
|
'ADMIN', // Full administrative rights
|
||||||
@ -238,10 +243,12 @@ class LeftAndMainSubsites extends LeftAndMainExtension
|
|||||||
/**
|
/**
|
||||||
* Prevent accessing disallowed resources. This happens after onBeforeInit has executed,
|
* Prevent accessing disallowed resources. This happens after onBeforeInit has executed,
|
||||||
* so all redirections should've already taken place.
|
* so all redirections should've already taken place.
|
||||||
|
*
|
||||||
|
* @param Member $member
|
||||||
*/
|
*/
|
||||||
public function alternateAccessCheck()
|
public function alternateAccessCheck(Member $member = null)
|
||||||
{
|
{
|
||||||
return $this->owner->canAccess();
|
return $this->owner->canAccess($member);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -9,6 +9,7 @@ use SilverStripe\CMS\Controllers\CMSPageEditController;
|
|||||||
use SilverStripe\Core\Config\Config;
|
use SilverStripe\Core\Config\Config;
|
||||||
use SilverStripe\Dev\FunctionalTest;
|
use SilverStripe\Dev\FunctionalTest;
|
||||||
use SilverStripe\Security\Member;
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Subsites\Extensions\LeftAndMainSubsites;
|
||||||
use SilverStripe\Subsites\Model\Subsite;
|
use SilverStripe\Subsites\Model\Subsite;
|
||||||
use SilverStripe\Subsites\State\SubsiteState;
|
use SilverStripe\Subsites\State\SubsiteState;
|
||||||
|
|
||||||
@ -100,4 +101,14 @@ class LeftAndMainSubsitesTest extends FunctionalTest
|
|||||||
$this->assertTrue($l->shouldChangeSubsite(CMSPageEditController::class, 1, 5));
|
$this->assertTrue($l->shouldChangeSubsite(CMSPageEditController::class, 1, 5));
|
||||||
$this->assertFalse($l->shouldChangeSubsite(CMSPageEditController::class, 1, 1));
|
$this->assertFalse($l->shouldChangeSubsite(CMSPageEditController::class, 1, 1));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testCanAccessWithPassedMember()
|
||||||
|
{
|
||||||
|
$memberID = $this->logInWithPermission('ADMIN');
|
||||||
|
$member = Member::get()->byID($memberID);
|
||||||
|
|
||||||
|
/** @var LeftAndMain&LeftAndMainSubsites $leftAndMain */
|
||||||
|
$leftAndMain = new LeftAndMain();
|
||||||
|
$this->assertTrue($leftAndMain->canAccess($member));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user