From cd8211a385ece8c820183bbcfd06cddf2289cc7a Mon Sep 17 00:00:00 2001 From: Sam Minnee Date: Mon, 24 Nov 2008 04:47:37 +0000 Subject: [PATCH] Fixed Subsite::hasMainSitePermission() --- code/Subsite.php | 132 ++++++++++------------------------------------- 1 file changed, 26 insertions(+), 106 deletions(-) diff --git a/code/Subsite.php b/code/Subsite.php index 8b4998b..85b4fbe 100644 --- a/code/Subsite.php +++ b/code/Subsite.php @@ -1,24 +1,13 @@ 'Boolean', 'Theme' => 'Varchar', 'Domain' => 'Varchar', - // Used to hide unfinished/private subsites from public view. - // If unset, will default to 'IsPublic' => 'Boolean' ); @@ -45,61 +32,22 @@ class Subsite extends DataObject implements PermissionProvider { 'IsPublic' => 1, ); - /** - * @var string $base_domain If {@link Domain} is not set for this subsite instance, - * default to this domain (without subdomain or protocol prefix). - */ - static $base_domain; + static $base_domain, $default_subdomain; + static $cached_subsite = null; - /** - * @var string $default_subdomain If {@link Subdomain} is not set for this subsite instance, - * default to this domain (without domain or protocol prefix). - */ - static $default_subdomain; - - /** - * @var Subsite $cached_subsite Internal cache used by {@link currentSubsite()}. - */ - protected static $cached_subsite = null; - - /** - * @var array $allowed_domains Numeric array of all domains which are selectable for (without their subdomain-parts or http:// prefix) - */ public static $allowed_domains = array(); - - /** - * @var array $allowed_themes Numeric array of all themes which are allowed to be selected for all subsites. - * Corresponds to subfolder names within the /themes folder. By default, all themes contained in this folder - * are listed. - */ protected static $allowed_themes = array(); static function set_allowed_domains($domain){ if(is_array($domain)){ foreach($domain as $do){ - self::set_allowed_domains($do); + Subsite::set_allowed_domains($do); } }else{ self::$allowed_domains[] = $domain; } } - /** - * Returns all domains (without their subdomain parts) - * which are allowed to be combined to the full URL - * (subdomain.domain). If no custom domains are set through - * {@link set_allowed_domains()}, will fall back to the {@link base_domain()}. - * - * @return array - */ - static function allowed_domains() { - if(self::$allowed_domains && count(self::$allowed_domains)) { - return self::$allowed_domains; - } else { - return array(self::base_domain()); - } - } - static function set_allowed_themes($themes) { self::$allowed_themes = $themes; } @@ -124,9 +72,7 @@ class Subsite extends DataObject implements PermissionProvider { /** * Return the base domain for this set of subsites. - * You can set this by setting Subsite::$base_domain, otherwise it defaults to HTTP_HOST - * - * @return string Domain name (without protocol prefix). + * You can set this by setting Subsite::$Base_domain, otherwise it defaults to HTTP_HOST */ static function base_domain() { if(self::$base_domain) return self::$base_domain; @@ -135,9 +81,7 @@ class Subsite extends DataObject implements PermissionProvider { /** * Return the default domain of this set of subsites. Generally this will be the base domain, - * but you can also set Subsite::$default_subdomain to add a default prefix to this. - * - * @return string Domain name (without protocol prefix). + * but hyou can also set Subsite::$default_subdomain to add a default prefix to this */ static function default_domain() { if(self::$default_subdomain) return self::$default_subdomain . '.' . self::base_domain(); @@ -146,8 +90,6 @@ class Subsite extends DataObject implements PermissionProvider { /** * Return the domain of this site - * - * @return string Domain name including subdomain (without protocol prefix) */ function domain() { $base = $this->Domain ? $this->Domain : self::base_domain(); @@ -157,9 +99,7 @@ class Subsite extends DataObject implements PermissionProvider { else return $base; } - /** - * Show the configuration fields for each subsite - */ + // Show the configuration fields for each subsite function getCMSFields() { $fields = new FieldSet( new TabSet('Root', @@ -167,12 +107,12 @@ class Subsite extends DataObject implements PermissionProvider { new HeaderField($this->getClassName() . ' configuration', 2), new TextField('Title', 'Name of subsite:', $this->Title), new FieldGroup('URL', - new TextField('Subdomain',"Subdomain (without domain or protocol)", $this->Subdomain), - new DropdownField('Domain','.', ArrayLib::valuekey(self::allowed_domains()), $this->Domain) + new TextField('Subdomain',"", $this->Subdomain), + new DropdownField('Domain','.', ArrayLib::valuekey($this->stat('allowed_domains')), $this->Domain) ), // new TextField('RedirectURL', 'Redirect to URL', $this->RedirectURL), - new CheckboxField('DefaultSite', 'Default site', $this->DefaultSite), - new CheckboxField('IsPublic', 'Enable public access', $this->IsPublic), + new CheckboxField('DefaultSite', 'Use this subsite as the default site', $this->DefaultSite), + new CheckboxField('IsPublic', 'Can access this subsite publicly?', $this->IsPublic), new DropdownField('Theme','Theme', $this->allowedThemes(), $this->Theme) ) @@ -190,9 +130,6 @@ class Subsite extends DataObject implements PermissionProvider { return $fields; } - /** - * @todo getClassName is redundant, already stored as a database field? - */ function getClassName() { return $this->class; } @@ -212,39 +149,24 @@ class Subsite extends DataObject implements PermissionProvider { JS; } - /** - * Gets the subsite currently set in the session. - * - * @uses ControllerSubsites->controllerAugmentInit() - * - * @param boolean $cache - * @return Subsite - */ - static function currentSubsite($cache = true) { - if(!self::$cached_subsite || !$cache) self::$cached_subsite = DataObject::get_by_id('Subsite', self::currentSubsiteID()); + static function currentSubsite() { + if(!self::$cached_subsite) self::$cached_subsite = DataObject::get_by_id('Subsite', self::currentSubsiteID()); return self::$cached_subsite; } /** * This function gets the current subsite ID from the session. It used in the backend so Ajax requests * use the correct subsite. The frontend handles subsites differently. It calls getSubsiteIDForDomain - * directly from ModelAsController::getNestedController. Only gets Subsite instances which have their - * {@link IsPublic} flag set to TRUE. - * - * @param boolean $cache - * @return int ID of the current subsite instance + * directly from ModelAsController::getNestedController. */ - static function currentSubsiteID($cache = true) { + static function currentSubsiteID() { $id = Session::get('SubsiteID'); - if($id === null) Session::set('SubsiteID', $id = self::getSubsiteIDForDomain($cache)); + if($id === null) Session::set('SubsiteID', $id = self::getSubsiteIDForDomain()); return (int)$id; } - /** - * @todo Object::create() shoudln't be overloaded with different parameters. - */ static function create($name) { $newSubsite = Object::create('Subsite'); $newSubsite->Title = $name; @@ -287,18 +209,10 @@ JS; Subsite::changeSubsite($this); } - /** - * @todo Possible security issue, don't grant edit permissions to everybody. - */ function canEdit() { return true; } - /** - * Get a matching subsite for the domain defined in HTTP_HOST. - * - * @return int Subsite ID - */ static function getSubsiteIDForDomain() { $domainNameParts = explode('.', $_SERVER['HTTP_HOST']); @@ -306,7 +220,7 @@ JS; $SQL_subdomain = Convert::raw2sql(array_shift($domainNameParts)); $SQL_domain = join('.', Convert::raw2sql($domainNameParts)); - + // $_REQUEST['showqueries'] = 1; $subsite = null; if(self::$use_domain) { $subsite = DataObject::get_one('Subsite',"`Subdomain` = '$SQL_subdomain' AND `Domain`='$SQL_domain' AND `IsPublic`=1"); @@ -356,19 +270,27 @@ SQL; return DataObject::get('Subsite', "`MemberID` = {$memberID}" . ($permissionCodes ? " AND `Permission`.`Code` IN ('$SQLa_permissionCodes')" : ''), '', "LEFT JOIN `Group` ON `Subsite`.`ID` = `SubsiteID` LEFT JOIN `Permission` ON `Group`.`ID` = `Permission`.`GroupID` LEFT JOIN `Group_Members` ON `Group`.`ID` = `Group_Members`.`GroupID`"); } + /** + * Returns true if the given user is able to access the main site (SubsiteID = 0) with the given permission code. + */ static function hasMainSitePermission($member = null, $permissionCodes = array('ADMIN')) { if(!is_array($permissionCodes)) user_error('Permissions must be passed to Subsite::hasMainSitePermission as an array', E_USER_ERROR); if(!$member) - $member = Member::currentMember(); + $member = Member::currentMember(); + + if(Permission::checkMember($member, "ADMIN")) return true; $SQLa_perm = Convert::raw2sql($permissionCodes); $SQL_perms = join("','", $SQLa_perm); $memberID = (int)$member->ID; // `SubsiteID` = 0 AND - return DB::query("SELECT COUNT(`Permission`.`ID`) FROM `Permission` LEFT JOIN `Group` ON `Group`.`ID` = `Permission`.`GroupID` LEFT JOIN `Group_Members` USING(`GroupID`) WHERE `Permission`.`Code` IN ('$SQL_perms') AND `MemberID` = {$memberID}")->value(); + return DB::query("SELECT COUNT(`Permission`.`ID`) FROM `Permission` + INNER JOIN `Group` ON `Group`.`ID` = `Permission`.`GroupID` AND `Group`.`SubsiteID` = 0 + INNER JOIN `Group_Members` USING(`GroupID`) + WHERE `Permission`.`Code` IN ('$SQL_perms') AND `MemberID` = {$memberID}")->value(); } function createInitialRecords() { @@ -471,8 +393,6 @@ SQL; /** * An instance of subsite that can be duplicated to provide a quick way to create new subsites. - * - * @package subsites */ class Subsite_Template extends Subsite { /**