/** * {@inheritdoc} */ public function match(Transition $transition, Item $item, Context $context, ErrorCollection $errorCollection) { $permission = Permission::forWorkflowName($transition->getWorkflow()->getName(), 'contao-admin'); if ($this->user->hasPermission($permission)) { return true; } return parent::match($transition, $item, $context, $errorCollection); }
/** * Get all permissions of a specific workflow. * * @param \DataContainer $dataContainer The data container driver. * * @return array */ public function getWorkflowPermissions($dataContainer) { if (!$dataContainer->activeRecord || !$dataContainer->activeRecord->pid) { return array(); } $workflow = WorkflowModel::findBy('id', $dataContainer->activeRecord->pid); $options = array(); if ($workflow) { $permissions = deserialize($workflow->permissions, true); foreach ($permissions as $config) { $permission = WorkflowPermission::forWorkflowName($workflow->name, $config['name']); $options[(string) $permission] = $config['label'] ?: $config['name']; } } return $options; }
/** * Add a permission. * * @param string $permissionId The permission id. * @param string $group Permission group. * * @return $this */ public function addPermission($permissionId, $group) { $this->permissions[$group][] = Permission::forWorkflowName($this->workflowModel->name, $permissionId); return $this; }
/** * Create frontend member role. * * @param User $user The security user. * @param \User $contaoUser The contao user. * * @return void */ private function createFrontendMemberRole(User $user, \User $contaoUser) { $roleName = 'fe_member'; $roles = array(); $permissions = $this->getMemberPermissions($contaoUser); foreach ($permissions as $permissionName) { $permission = Permission::fromString($permissionName); $this->addPermissionToRole($roles, $roleName, $permission, $contaoUser, $user); } if (FE_USER_LOGGED_IN !== true) { $workflows = WorkflowModel::findAll(); if ($workflows->next()) { $permission = Permission::forWorkflowName($workflows->name, 'contao-guest'); $this->addPermissionToRole($roles, $roleName, $permission, $contaoUser, $user); } } }