mirror of
https://github.com/silverstripe/silverstripe-subsites
synced 2024-10-22 11:05:55 +02:00
Merge branch 'master' of git://github.com/halkyon/silverstripe-subsites into halkyon-master
This commit is contained in:
Sean Harvey
commit
d4faeac98f
@ -127,11 +127,9 @@ class LeftAndMainSubsites extends Extension {
|
|||||||
|
|
||||||
// Switch to a subsite that this user can actually access.
|
// Switch to a subsite that this user can actually access.
|
||||||
$member = Member::currentUser();
|
$member = Member::currentUser();
|
||||||
if ($member && Permission::check('ADMIN')) {
|
if($member && Permission::checkMember($member, 'ADMIN')) return true; // admin can access all subsites
|
||||||
return true; //admin can access all subsites
|
|
||||||
}
|
|
||||||
|
|
||||||
$sites = Subsite::accessible_sites("CMS_ACCESS_{$this->owner->class}")->map('ID', 'Title');
|
$sites = Subsite::accessible_sites("CMS_ACCESS_{$this->owner->class}", true)->map('ID', 'Title');
|
||||||
if(is_object($sites)) $sites = $sites->toArray();
|
if(is_object($sites)) $sites = $sites->toArray();
|
||||||
|
|
||||||
if($sites && !isset($sites[Subsite::currentSubsiteID()])) {
|
if($sites && !isset($sites[Subsite::currentSubsiteID()])) {
|
||||||
@ -144,7 +142,7 @@ class LeftAndMainSubsites extends Extension {
|
|||||||
$menu = CMSMenu::get_menu_items();
|
$menu = CMSMenu::get_menu_items();
|
||||||
foreach($menu as $candidate) {
|
foreach($menu as $candidate) {
|
||||||
if($candidate->controller != $this->owner->class) {
|
if($candidate->controller != $this->owner->class) {
|
||||||
$sites = Subsite::accessible_sites("CMS_ACCESS_{$candidate->controller}")->map('ID', 'Title');
|
$sites = Subsite::accessible_sites("CMS_ACCESS_{$candidate->controller}", true)->map('ID', 'Title');
|
||||||
if(is_object($sites)) $sites = $sites->toArray();
|
if(is_object($sites)) $sites = $sites->toArray();
|
||||||
|
|
||||||
if($sites && !isset($sites[Subsite::currentSubsiteID()])) {
|
if($sites && !isset($sites[Subsite::currentSubsiteID()])) {
|
||||||
|
|||||||
@ -308,8 +308,7 @@ JS;
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Only bother flushing caches if we've actually changed
|
Permission::flush_permission_cache();
|
||||||
if($subsiteID != self::currentSubsiteID()) Permission::flush_permission_cache();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -413,6 +412,7 @@ JS;
|
|||||||
$SQL_perms = join("','", $SQLa_perm);
|
$SQL_perms = join("','", $SQLa_perm);
|
||||||
$memberID = (int)$member->ID;
|
$memberID = (int)$member->ID;
|
||||||
|
|
||||||
|
// Count this user's groups which can access the main site
|
||||||
$groupCount = DB::query("
|
$groupCount = DB::query("
|
||||||
SELECT COUNT(\"Permission\".\"ID\")
|
SELECT COUNT(\"Permission\".\"ID\")
|
||||||
FROM \"Permission\"
|
FROM \"Permission\"
|
||||||
@ -422,8 +422,21 @@ JS;
|
|||||||
AND \"MemberID\" = {$memberID}
|
AND \"MemberID\" = {$memberID}
|
||||||
")->value();
|
")->value();
|
||||||
|
|
||||||
return ($groupCount > 0);
|
// Count this user's groups which have a role that can access the main site
|
||||||
|
$roleCount = DB::query("
|
||||||
|
SELECT COUNT(\"PermissionRoleCode\".\"ID\")
|
||||||
|
FROM \"Group\"
|
||||||
|
INNER JOIN \"Group_Members\" ON \"Group_Members\".\"GroupID\" = \"Group\".\"ID\"
|
||||||
|
INNER JOIN \"Group_Roles\" ON \"Group_Roles\".\"GroupID\"=\"Group\".\"ID\"
|
||||||
|
INNER JOIN \"PermissionRole\" ON \"Group_Roles\".\"PermissionRoleID\"=\"PermissionRole\".\"ID\"
|
||||||
|
INNER JOIN \"PermissionRoleCode\" ON \"PermissionRole\".\"ID\"=\"PermissionRoleCode\".\"RoleID\"
|
||||||
|
WHERE \"PermissionRoleCode\".\"Code\" IN ('$SQL_perms')
|
||||||
|
AND \"Group\".\"AccessAllSubsites\" = 1
|
||||||
|
AND \"MemberID\" = {$memberID}
|
||||||
|
")->value();
|
||||||
|
|
||||||
|
// There has to be at least one that allows access.
|
||||||
|
return ($groupCount + $roleCount > 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -514,14 +527,14 @@ JS;
|
|||||||
|
|
||||||
if(!$subsites && $rolesSubsites) return $rolesSubsites;
|
if(!$subsites && $rolesSubsites) return $rolesSubsites;
|
||||||
|
|
||||||
|
$subsites = new ArrayList($subsites->toArray());
|
||||||
|
|
||||||
if($rolesSubsites) foreach($rolesSubsites as $subsite) {
|
if($rolesSubsites) foreach($rolesSubsites as $subsite) {
|
||||||
if(!$subsites->containsIDs(array($subsite->ID))) {
|
if(!$subsites->find('ID', $subsite->ID)) {
|
||||||
$subsites->push($subsite);
|
$subsites->push($subsite);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Include the main site
|
|
||||||
if(!$subsites) $subsites = new ArrayList();
|
|
||||||
if($includeMainSite) {
|
if($includeMainSite) {
|
||||||
if(!is_array($permCode)) $permCode = array($permCode);
|
if(!is_array($permCode)) $permCode = array($permCode);
|
||||||
if(self::hasMainSitePermission($member, $permCode)) {
|
if(self::hasMainSitePermission($member, $permCode)) {
|
||||||
@ -535,7 +548,6 @@ JS;
|
|||||||
}
|
}
|
||||||
|
|
||||||
self::$_cache_accessible_sites[$cacheKey] = $subsites;
|
self::$_cache_accessible_sites[$cacheKey] = $subsites;
|
||||||
|
|
||||||
|
|
||||||
return $subsites;
|
return $subsites;
|
||||||
}
|
}
|
||||||
|
|||||||
43
tests/SubsiteAdminFunctionalTest.php
Normal file
43
tests/SubsiteAdminFunctionalTest.php
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
class SubsiteAdminFunctionalTest extends FunctionalTest {
|
||||||
|
static $fixture_file = 'subsites/tests/SubsiteTest.yml';
|
||||||
|
static $use_draft_site = true;
|
||||||
|
|
||||||
|
protected $autoFollowRedirection = false;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Admin should be able to access all subsites and the main site
|
||||||
|
*/
|
||||||
|
function testAdminCanAccessAllSubsites() {
|
||||||
|
$member = $this->objFromFixture('Member', 'admin');
|
||||||
|
Session::set("loggedInAs", $member->ID);
|
||||||
|
|
||||||
|
$this->get('admin/pages?SubsiteID=0&ajax=1');
|
||||||
|
$this->get('admin');
|
||||||
|
$this->assertEquals(Subsite::currentSubsiteID(), '0', 'Can access main site');
|
||||||
|
|
||||||
|
$mainSubsite = $this->objFromFixture('Subsite_Template', 'main');
|
||||||
|
$this->get("admin/pages?SubsiteID={$mainSubsite->ID}&ajax=1");
|
||||||
|
$this->get('admin');
|
||||||
|
$this->assertEquals(Subsite::currentSubsiteID(), $mainSubsite->ID, 'Can access the subsite');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User which has AccessAllSubsites set to 1 should be able to access all subsites and main site,
|
||||||
|
* even though he does not have the ADMIN permission.
|
||||||
|
*/
|
||||||
|
function testEditorCanAccessAllSubsites() {
|
||||||
|
$member = $this->objFromFixture('Member', 'editor');
|
||||||
|
Session::set("loggedInAs", $member->ID);
|
||||||
|
|
||||||
|
$this->get('admin/pages?SubsiteID=0&ajax=1');
|
||||||
|
$this->get('admin');
|
||||||
|
$this->assertEquals(Subsite::currentSubsiteID(), '0', 'Can access main site');
|
||||||
|
|
||||||
|
$mainSubsite = $this->objFromFixture('Subsite_Template', 'main');
|
||||||
|
$this->get("admin/pages?SubsiteID={$mainSubsite->ID}&ajax=1");
|
||||||
|
$this->get('admin');
|
||||||
|
$this->assertEquals(Subsite::currentSubsiteID(), $mainSubsite->ID, 'Can access the subsite');
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -110,3 +110,4 @@ class SubsiteAdminTest extends SapphireTest {
|
|||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -261,7 +261,7 @@ class SubsiteTest extends SapphireTest {
|
|||||||
$this->objFromFixture('Member', 'subsite1member'));
|
$this->objFromFixture('Member', 'subsite1member'));
|
||||||
$member1SiteTitles = $member1Sites->column("Title");
|
$member1SiteTitles = $member1Sites->column("Title");
|
||||||
sort($member1SiteTitles);
|
sort($member1SiteTitles);
|
||||||
$this->assertEquals(array('Subsite1 Template'), $member1SiteTitles);
|
$this->assertEquals('Subsite1 Template', $member1SiteTitles[0], 'Member can get to a subsite via a group');
|
||||||
|
|
||||||
$adminSites = Subsite::accessible_sites("CMS_ACCESS_CMSMain", false, null,
|
$adminSites = Subsite::accessible_sites("CMS_ACCESS_CMSMain", false, null,
|
||||||
$this->objFromFixture('Member', 'admin'));
|
$this->objFromFixture('Member', 'admin'));
|
||||||
@ -275,8 +275,14 @@ class SubsiteTest extends SapphireTest {
|
|||||||
'Test 2',
|
'Test 2',
|
||||||
'Test 3',
|
'Test 3',
|
||||||
), $adminSiteTitles);
|
), $adminSiteTitles);
|
||||||
|
|
||||||
|
$member2Sites = Subsite::accessible_sites("CMS_ACCESS_CMSMain", false, null,
|
||||||
|
$this->objFromFixture('Member', 'subsite1member2'));
|
||||||
|
$member2SiteTitles = $member2Sites->column("Title");
|
||||||
|
sort($member2SiteTitles);
|
||||||
|
$this->assertEquals('Subsite1 Template', $member2SiteTitles[0], 'Member can get to subsite via a group role');
|
||||||
}
|
}
|
||||||
|
|
||||||
function testhasMainSitePermission() {
|
function testhasMainSitePermission() {
|
||||||
$admin = $this->objFromFixture('Member', 'admin');
|
$admin = $this->objFromFixture('Member', 'admin');
|
||||||
$subsite1member = $this->objFromFixture('Member', 'subsite1member');
|
$subsite1member = $this->objFromFixture('Member', 'subsite1member');
|
||||||
|
|||||||
@ -39,6 +39,9 @@ SubsiteDomain:
|
|||||||
IsPrimary: 1
|
IsPrimary: 1
|
||||||
|
|
||||||
SiteTree:
|
SiteTree:
|
||||||
|
mainSubsitePage:
|
||||||
|
Title: MainSubsitePage
|
||||||
|
SubsiteID: 0
|
||||||
home:
|
home:
|
||||||
Title: Home
|
Title: Home
|
||||||
SubsiteID: =>Subsite_Template.main
|
SubsiteID: =>Subsite_Template.main
|
||||||
@ -75,11 +78,22 @@ SiteTree:
|
|||||||
Title: Contact Us
|
Title: Contact Us
|
||||||
SubsiteID: =>Subsite_Template.subsite2
|
SubsiteID: =>Subsite_Template.subsite2
|
||||||
|
|
||||||
|
PermissionRoleCode:
|
||||||
|
roleCode1:
|
||||||
|
Code: CMS_ACCESS_CMSMain
|
||||||
|
PermissionRole:
|
||||||
|
role1:
|
||||||
|
Title: role1
|
||||||
|
Codes: =>PermissionRoleCode.roleCode1
|
||||||
Group:
|
Group:
|
||||||
admin:
|
admin:
|
||||||
Title: Admin
|
Title: Admin
|
||||||
Code: admin
|
Code: admin
|
||||||
AccessAllSubsites: 1
|
AccessAllSubsites: 1
|
||||||
|
editor:
|
||||||
|
Title: Editor
|
||||||
|
Code: editor
|
||||||
|
AccessAllSubsites: 1
|
||||||
subsite1_group:
|
subsite1_group:
|
||||||
Title: subsite1_group
|
Title: subsite1_group
|
||||||
Code: subsite1_group
|
Code: subsite1_group
|
||||||
@ -99,10 +113,24 @@ Group:
|
|||||||
Title: allsubsitesauthors
|
Title: allsubsitesauthors
|
||||||
Code: allsubsitesauthors
|
Code: allsubsitesauthors
|
||||||
AccessAllSubsites: 1
|
AccessAllSubsites: 1
|
||||||
|
subsite1_group_via_role:
|
||||||
|
Title: subsite1_group_via_role
|
||||||
|
Code: subsite1_group_via_role
|
||||||
|
AccessAllSubsites: 1
|
||||||
|
Roles: =>PermissionRole.role1
|
||||||
Permission:
|
Permission:
|
||||||
admin:
|
admin:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
GroupID: =>Group.admin
|
GroupID: =>Group.admin
|
||||||
|
editor1:
|
||||||
|
Code: CMS_ACCESS_CMSMain
|
||||||
|
GroupID: =>Group.editor
|
||||||
|
editor2:
|
||||||
|
Code: SITETREE_VIEW_ALL
|
||||||
|
GroupID: =>Group.editor
|
||||||
|
editor3:
|
||||||
|
Code: VIEW_DRAFT_CONTENT
|
||||||
|
GroupID: =>Group.editor
|
||||||
accesscmsmain1:
|
accesscmsmain1:
|
||||||
Code: CMS_ACCESS_CMSMain
|
Code: CMS_ACCESS_CMSMain
|
||||||
GroupID: =>Group.subsite1_group
|
GroupID: =>Group.subsite1_group
|
||||||
@ -132,6 +160,12 @@ Member:
|
|||||||
Email: admin@test.com
|
Email: admin@test.com
|
||||||
Password: rangi
|
Password: rangi
|
||||||
Groups: =>Group.admin
|
Groups: =>Group.admin
|
||||||
|
editor:
|
||||||
|
FirstName: Editor
|
||||||
|
Surname: User
|
||||||
|
Email: editor@test.com
|
||||||
|
Password: rangi
|
||||||
|
Groups: =>Group.editor
|
||||||
subsite1member:
|
subsite1member:
|
||||||
Email: subsite1member@test.com
|
Email: subsite1member@test.com
|
||||||
Groups: =>Group.subsite1_group
|
Groups: =>Group.subsite1_group
|
||||||
@ -143,4 +177,7 @@ Member:
|
|||||||
Groups: =>Group.subsite1admins
|
Groups: =>Group.subsite1admins
|
||||||
allsubsitesauthor:
|
allsubsitesauthor:
|
||||||
Email: allsubsitesauthor@test.com
|
Email: allsubsitesauthor@test.com
|
||||||
Groups: =>Group.allsubsitesauthors
|
Groups: =>Group.allsubsitesauthors
|
||||||
|
subsite1member2:
|
||||||
|
Email: subsite1member2@test.com
|
||||||
|
Groups: =>Group.subsite1_group_via_role
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user