/**
* @param String $name
* @param String $title
* @param String $managedClass
* @param String $filterField
* @param Group|SS_List $records One or more {@link Group} or {@link PermissionRole} records
* used to determine permission checkboxes.
* Caution: saveInto() can only be used with a single record, all inherited permissions will be marked readonly.
* Setting multiple groups only makes sense in a readonly context. (Optional)
*/
public function __construct($name, $title, $managedClass, $filterField, $records = null)
{
$this->filterField = $filterField;
$this->managedClass = $managedClass;
if ($records instanceof SS_List) {
$this->records = $records;
} elseif ($records instanceof Group) {
$this->records = new ArrayList(array($records));
} elseif ($records) {
throw new InvalidArgumentException('$record should be either a Group record, or a SS_List of Group records');
}
// Get all available codes in the system as a categorized nested array
$this->source = Permission::get_codes(true);
parent::__construct($name, $title);
}
/**
* @param String $name
* @param String $title
* @param String $managedClass
* @param String $filterField
* @param Group|DataObjectSet $records One or more {@link Group} or {@link PermissionRole} records
* used to determine permission checkboxes.
* Caution: saveInto() can only be used with a single record, all inherited permissions will be marked readonly.
* Setting multiple groups only makes sense in a readonly context. (Optional)
*/
function __construct($name, $title, $managedClass, $filterField, $records = null)
{
$this->filterField = $filterField;
$this->managedClass = $managedClass;
if (is_a($records, 'DataObjectSet')) {
$this->records = $records;
} elseif (is_a($records, 'DataObject')) {
$this->records = new DataObjectSet($records);
} elseif ($records) {
throw new InvalidArgumentException('$record should be either a Group record, or a DataObjectSet of Group records');
}
// Get all available codes in the system as a categorized nested array
$this->source = Permission::get_codes(true);
parent::__construct($name, $title);
}
public function onAfterWrite()
{
parent::onAfterWrite();
// TODO: should test if this is needed or not
if (!$this->owner->ID) {
return;
}
// Apply the subsite title to config
$siteconfig = $this->getSiteConfig();
if ($siteconfig) {
if ($siteconfig->Title == _t('Subsite.SiteConfigTitle', 'Your Site Name') && $this->owner->Title) {
$siteconfig->Title = $this->owner->Title;
$siteconfig->write();
}
}
// Make sure we have groups for this subsite
$groupName = $this->getAdministratorGroupName();
$group = self::getGroupByName($groupName);
if ($groupName && !$group) {
$group = new Group();
$group->Title = $groupName;
$group->AccessAllSubsites = false;
$group->write();
$group->Subsites()->add($this->owner);
// Apply default permissions to this group
$codes = array_unique(array_keys(Permission::get_codes(false)));
$default_permissions = Config::inst()->get('SubsiteExtension', 'admin_default_permissions');
foreach ($default_permissions as $p) {
if (in_array($p, $codes)) {
$po = new Permission(array('Code' => $p));
$po->write();
$group->Permissions()->add($po);
}
}
$group->write();
}
$membersGroupName = $this->getMembersGroupName();
$membersGroup = self::getGroupByName($membersGroupName);
if ($membersGroupName && !$membersGroup) {
$membersGroup = new Group();
$membersGroup->Title = $membersGroupName;
$membersGroup->AccessAllSubsites = true;
$membersGroup->write();
$membersGroup->Subsites()->add($this->owner);
$membersGroup->write();
}
}
/**
* Builds a comma separated list of human-readbale permissions for a given Member.
*
* @return string
*/
public function getPermissionsDescription()
{
if (class_exists('Subsite')) {
Subsite::disable_subsite_filter(true);
}
$permissionsUsr = Permission::permissions_for_member($this->owner->ID);
$permissionsSrc = Permission::get_codes(true);
sort($permissionsUsr);
$permissionNames = array();
foreach ($permissionsUsr as $code) {
$code = strtoupper($code);
foreach ($permissionsSrc as $k => $v) {
if (isset($v[$code])) {
$name = empty($v[$code]['name']) ? _t('MemberReportExtension.UNKNOWN', 'Unknown') : $v[$code]['name'];
$permissionNames[] = $name;
}
}
}
$result = $permissionNames ? implode(', ', $permissionNames) : _t('MemberReportExtension.NOPERMISSIONS', 'No Permissions');
if (class_exists('Subsite')) {
Subsite::disable_subsite_filter(false);
}
return $result;
}
public function testGetCodesUngrouped()
{
$codes = Permission::get_codes(false);
$this->assertArrayHasKey('SITETREE_VIEW_ALL', $codes);
}
function __construct($name, $title = "")
{
parent::__construct($name, $title, Permission::get_codes(true));
}
/**
* Example: Given a "group" "Admin" with permissions "Access to 'Pages' section" and "Access to 'Files' section"
*
* @Given /^(?:(an|a|the) )"group" "(?<id>[^"]+)" (?:(with|has)) permissions (?<permissionStr>.*)$/
*/
public function stepCreateGroupWithPermissions($id, $permissionStr)
{
// Convert natural language permissions to codes
preg_match_all('/"([^"]+)"/', $permissionStr, $matches);
$permissions = $matches[1];
$codes = \Permission::get_codes(false);
$group = $this->fixtureFactory->get('Group', $id);
if (!$group) {
$group = $this->fixtureFactory->createObject('Group', $id);
}
foreach ($permissions as $permission) {
$found = false;
foreach ($codes as $code => $details) {
if ($permission == $code || $permission == $details['name']) {
\Permission::grant($group->ID, $code);
$found = true;
}
}
if (!$found) {
throw new \InvalidArgumentException(sprintf('No permission found for "%s"', $permission));
}
}
}
