tonyair/silverstripe-subsites
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-subsites synced 2024-06-26 06:29:31 +02:00
Code Issues Projects Releases Wiki Activity

API CHANGE Removed $permissionCodes parameter from Subsite->getSubsitesForMember() - was never used, and defaulted to ADMIN, which makes any permission control harder than it needs to be. The permission codes should be handled transparently by the Subsite class, not injected into calls as additional check.

Browse Source 
MINOR Cleaned up Subsite->changeSubsite()
MINOR Reformatted queries in Subsite class
This commit is contained in:
Ingo Schommer 2008-11-24 06:35:51 +00:00
parent c058679097
commit d175e494a5
1 changed files with 55 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
code/Subsite.php
View File

@ -255,29 +255,16 @@ JS;
}
/**
* Switch to another subsite
* @param $subsite Either the ID of the subsite, or the subsite object itself
* Switch to another subsite.
*
* @param int|Subsite $subsite Either the ID of the subsite, or the subsite object itself
*/
static function changeSubsite($subsite) {
// Debug::backtrace();
if(!$subsite) {
Session::set('SubsiteID', 0);
return;
}
if(is_object($subsite))
$subsite = $subsite->ID;
Session::set('SubsiteID', $subsite);
/*if(!is_object($subsite) && is_numeric($subsite))
$subsite = DataObject::get_by_id('Subsite', $subsite);
if($subsite)
Session::set('SubsiteID', $subsite->ID);*/
if(is_object($subsite)) $subsiteID = $subsite->ID;
elseif(is_numeric($subsite)) $subsiteID = $subsite;
else user_error('Subsite::changeSubsite(): Wrong format', E_USER_ERROR);
Session::set('SubsiteID', $subsiteID);
}
/**
@ -329,51 +316,59 @@ JS;
$SQL_permissionCodes = join("','", $SQL_permissionCodes);
$join = <<<SQL
LEFT JOIN `Group_Members` ON `Member`.`ID` = `Group_Members`.`MemberID`
LEFT JOIN `Group` ON `Group`.`ID` = `Group_Members`.`GroupID`
LEFT JOIN `Permission` ON `Permission`.`GroupID` = `Group`.`ID`
SQL;
return DataObject::get('Member', "`Group`.`SubsiteID` = $this->ID AND `Permission`.`Code` IN ('$SQL_permissionCodes')", '', $join);
return DataObject::get(
'Member',
"`Group`.`SubsiteID` = $this->ID AND `Permission`.`Code` IN ('$SQL_permissionCodes')",
'',
"LEFT JOIN `Group_Members` ON `Member`.`ID` = `Group_Members`.`MemberID`
LEFT JOIN `Group` ON `Group`.`ID` = `Group_Members`.`GroupID`
LEFT JOIN `Permission` ON `Permission`.`GroupID` = `Group`.`ID`"
);
}
static function getSubsitesForMember( $member = null, $permissionCodes = array('ADMIN')) {
if(!is_array($permissionCodes))
user_error('Permissions must be passed to Subsite::getSubsitesForMember as an array', E_USER_ERROR);
if(!$member)
$member = Member::currentMember();
/**
* Get all subsites.
*
* @return DataObjectSet Subsite instances
*/
static function getSubsitesForMember( $member = null) {
if(!$member) $member = Member::currentMember();
$memberID = (int)$member->ID;
$SQLa_permissionCodes = Convert::raw2sql($permissionCodes);
$SQLa_permissionCodes = join("','", $SQLa_permissionCodes);
if(self::hasMainSitePermission($member, $permissionCodes))
if(self::hasMainSitePermission($member)) {
return DataObject::get('Subsite');
else
return DataObject::get('Subsite', "`MemberID` = {$memberID}" . ($permissionCodes ? " AND `Permission`.`Code` IN ('$SQLa_permissionCodes')" : ''), '', "LEFT JOIN `Group` ON `Subsite`.`ID` = `SubsiteID` LEFT JOIN `Permission` ON `Group`.`ID` = `Permission`.`GroupID` LEFT JOIN `Group_Members` ON `Group`.`ID` = `Group_Members`.`GroupID`");
} else {
return DataObject::get(
'Subsite',
"`MemberID` = {$member->ID}",
'',
"LEFT JOIN `Group` ON `Subsite`.`ID` = `SubsiteID`
LEFT JOIN `Permission` ON `Group`.`ID` = `Permission`.`GroupID`
LEFT JOIN `Group_Members` ON `Group`.`ID` = `Group_Members`.`GroupID`"
);
}
}
static function hasMainSitePermission($member = null, $permissionCodes = array('ADMIN')) {
if(!is_array($permissionCodes))
user_error('Permissions must be passed to Subsite::hasMainSitePermission as an array', E_USER_ERROR);
if(!$member) $member = Member::currentMember();
if(Permission::checkMember($member, "ADMIN")) return true;
if(Permission::checkMember($member, "ADMIN")) return true;
$SQLa_perm = Convert::raw2sql($permissionCodes);
$SQL_perms = join("','", $SQLa_perm);
$memberID = (int)$member->ID;
return DB::query("SELECT COUNT(`Permission`.`ID`) FROM `Permission`
INNER JOIN `Group` ON `Group`.`ID` = `Permission`.`GroupID` AND `Group`.`SubsiteID` = 0
INNER JOIN `Group_Members` USING(`GroupID`)
WHERE `Permission`.`Code` IN ('$SQL_perms') AND `MemberID` = {$memberID}")->value();
}
DB::query("
SELECT COUNT(`Permission`.`ID`)
FROM `Permission`
INNER JOIN `Group` ON `Group`.`ID` = `Permission`.`GroupID` AND `Group`.`SubsiteID` = 0
INNER JOIN `Group_Members` USING(`GroupID`)
WHERE
`Permission`.`Code` IN ('$SQL_perms')
AND `MemberID` = {$memberID}
")->value(); }
function createInitialRecords() {
@ -431,10 +426,16 @@ SQL;
if(!$member) return new DataObjectSet();
$subsites = DataObject::get('Subsite',
"`Group_Members`.`MemberID` = $member->ID AND `Permission`.`Code` IN ($SQL_codes, 'ADMIN') AND Subdomain IS NOT NULL AND `Subsite`.Title != ''", '',
"LEFT JOIN `Group` ON (`SubsiteID`=`Subsite`.`ID` OR `SubsiteID` = 0) LEFT JOIN `Group_Members` ON `Group_Members`.`GroupID`=`Group`.`ID`
LEFT JOIN `Permission` ON `Group`.`ID`=`Permission`.`GroupID`");
$subsites = DataObject::get(
'Subsite',
"`Group_Members`.`MemberID` = $member->ID
AND `Permission`.`Code` IN ($SQL_codes, 'ADMIN')
AND Subdomain IS NOT NULL AND `Subsite`.Title != ''",
'',
"LEFT JOIN `Group` ON (`SubsiteID`=`Subsite`.`ID` OR `SubsiteID` = 0)
LEFT JOIN `Group_Members` ON `Group_Members`.`GroupID`=`Group`.`ID`
LEFT JOIN `Permission` ON `Group`.`ID`=`Permission`.`GroupID`"
);
return $subsites;
}