public function canView($member = null)
{
$parent = $this->Parent();
if ($parent && $parent->ID) {
return $parent->canView($member);
}
return parent::canView($member);
}
public function canView($member = null)
{
$this->beforeExtending(__FUNCTION__, function ($member = null) {
if ($this->Parent && $this->Parent->canView($member)) {
return true;
}
});
return parent::canView($member);
}
/**
* Standard SS method
* @param Member $member
* @return Boolean
*/
public function canView($member = null)
{
if (Permission::checkMember($member, Config::inst()->get("EcommerceRole", "admin_permission_code"))) {
return true;
}
if (!$this->InternalUseOnly) {
if ($this->Order()) {
if ($this->Order()->MemberID == $member->ID) {
return true;
}
}
}
return parent::canView($member);
}
/**
* Builds an item edit form. The arguments to getCMSFields() are the popupController and
* popupFormName, however this is an experimental API and may change.
*
* @todo In the future, we will probably need to come up with a tigher object representing a partially
* complete controller with gaps for extra functionality. This, for example, would be a better way
* of letting Security/login put its log-in form inside a UI specified elsewhere.
*
* @return Form
*/
public function ItemEditForm()
{
$list = $this->gridField->getList();
if (empty($this->record)) {
$controller = $this->getToplevelController();
$noActionURL = $controller->removeAction($_REQUEST['url']);
$controller->getResponse()->removeHeader('Location');
//clear the existing redirect
return $controller->redirect($noActionURL, 302);
}
$canView = $this->record->canView();
$canEdit = $this->record->canEdit();
$canDelete = $this->record->canDelete();
$canCreate = $this->record->canCreate();
if (!$canView) {
$controller = $this->getToplevelController();
// TODO More friendly error
return $controller->httpError(403);
}
$actions = new FieldList();
if ($this->record->ID !== 0) {
if ($canEdit) {
$actions->push(FormAction::create('doSave', _t('GridFieldDetailForm.Save', 'Save'))->setUseButtonTag(true)->addExtraClass('ss-ui-action-constructive')->setAttribute('data-icon', 'accept'));
}
if ($canDelete) {
$actions->push(FormAction::create('doDelete', _t('GridFieldDetailForm.Delete', 'Delete'))->setUseButtonTag(true)->addExtraClass('ss-ui-action-destructive action-delete'));
}
} else {
// adding new record
//Change the Save label to 'Create'
$actions->push(FormAction::create('doSave', _t('GridFieldDetailForm.Create', 'Create'))->setUseButtonTag(true)->addExtraClass('ss-ui-action-constructive')->setAttribute('data-icon', 'add'));
// Add a Cancel link which is a button-like link and link back to one level up.
$curmbs = $this->Breadcrumbs();
if ($curmbs && $curmbs->count() >= 2) {
$one_level_up = $curmbs->offsetGet($curmbs->count() - 2);
$text = sprintf("<a class=\"%s\" href=\"%s\">%s</a>", "crumb ss-ui-button ss-ui-action-destructive cms-panel-link ui-corner-all", $one_level_up->Link, _t('GridFieldDetailForm.CancelBtn', 'Cancel'));
$actions->push(new LiteralField('cancelbutton', $text));
}
}
$fields = $this->component->getFields();
if (!$fields) {
$fields = $this->record->getCMSFields();
}
// If we are creating a new record in a has-many list, then
// pre-populate the record's foreign key. Also disable the form field as
// it has no effect.
if ($list instanceof HasManyList) {
$key = $list->getForeignKey();
$id = $list->getForeignID();
if (!$this->record->isInDB()) {
$this->record->{$key} = $id;
}
if ($field = $fields->dataFieldByName($key)) {
$fields->makeFieldReadonly($field);
}
}
// Caution: API violation. Form expects a Controller, but we are giving it a RequestHandler instead.
// Thanks to this however, we are able to nest GridFields, and also access the initial Controller by
// dereferencing GridFieldDetailForm_ItemRequest->getController() multiple times. See getToplevelController
// below.
$form = new Form($this, 'ItemEditForm', $fields, $actions, $this->component->getValidator());
$form->loadDataFrom($this->record, $this->record->ID == 0 ? Form::MERGE_IGNORE_FALSEISH : Form::MERGE_DEFAULT);
if ($this->record->ID && !$canEdit) {
// Restrict editing of existing records
$form->makeReadonly();
// Hack to re-enable delete button if user can delete
if ($canDelete) {
$form->Actions()->fieldByName('action_doDelete')->setReadonly(false);
}
} elseif (!$this->record->ID && !$canCreate) {
// Restrict creation of new records
$form->makeReadonly();
}
// Load many_many extraData for record.
// Fields with the correct 'ManyMany' namespace need to be added manually through getCMSFields().
if ($list instanceof ManyManyList) {
$extraData = $list->getExtraData('', $this->record->ID);
$form->loadDataFrom(array('ManyMany' => $extraData));
}
// TODO Coupling with CMS
$toplevelController = $this->getToplevelController();
if ($toplevelController && $toplevelController instanceof LeftAndMain) {
// Always show with base template (full width, no other panels),
// regardless of overloaded CMS controller templates.
// TODO Allow customization, e.g. to display an edit form alongside a search form from the CMS controller
$form->setTemplate('LeftAndMain_EditForm');
$form->addExtraClass('cms-content cms-edit-form center');
$form->setAttribute('data-pjax-fragment', 'CurrentForm Content');
if ($form->Fields()->hasTabset()) {
$form->Fields()->findOrMakeTab('Root')->setTemplate('CMSTabSet');
$form->addExtraClass('cms-tabset');
}
$form->Backlink = $this->getBackLink();
}
$cb = $this->component->getItemEditFormCallback();
if ($cb) {
$cb($form, $this);
}
$this->extend("updateItemEditForm", $form);
return $form;
}
public function view($request)
{
if (!$this->record->canView()) {
$this->httpError(403);
}
$controller = $this->getToplevelController();
$form = $this->ItemEditForm($this->gridField, $request);
$form->makeReadonly();
$data = new ArrayData(array('Backlink' => $controller->Link(), 'ItemEditForm' => $form));
$return = $data->renderWith($this->template);
if ($request->isAjax()) {
return $return;
} else {
return $controller->customise(array('Content' => $return));
}
}
/**
* Is this product viewable in the frontend?
*
* @param Member $member the current member
*
* @return bool
*
* @author Roland Lehmann <*****@*****.**>, Sebastian Diel <*****@*****.**>
* @since 20.02.2013
*/
public function canView($member = null)
{
$canView = parent::canView($member);
if (!$canView && $this->isActive) {
$canView = true;
}
if (!SilvercartTools::isBackendEnvironment()) {
if (!$this->isActive) {
$canView = false;
}
}
return $canView;
}
public function canView($member = null)
{
$method = __FUNCTION__;
$this->beforeExtending(__FUNCTION__, function ($member) use($method) {
if (!$this->checkIfHasGlobalMenuPermission($member)) {
return false;
}
if (singleton('SiteTree')->{$method}($member)) {
return true;
}
});
return parent::canView($member);
}
/**
* Return true or false as to whether a given user can access an object
*
* @param DataObject $node
* The object to check perms on
* @param string $perm
* The permission to check against
* @param Member $member
* The member to check - if not set, the current user is used
*
* @return type
*/
public function checkPerm(DataObject $node, $perm, $member = null)
{
// if the node doesn't use the extension, fall back to SS logic
if (!$node->hasExtension('Restrictable')) {
switch ($perm) {
case 'View':
return $node->canView($member);
case 'Write':
return $node->canEdit($member);
default:
return $node->can($perm, $member);
}
}
if (!$node) {
return false;
}
if (!$member) {
$member = singleton('SecurityContext')->getMember();
}
if (is_int($member)) {
$member = DataObject::get_by_id('Member', $member);
}
if (Permission::check('ADMIN', 'any', $member)) {
return true;
}
$permCache = $this->getCache();
/* @var $permCache Zend_Cache_Core */
$key = $this->permCacheKey($node, $perm);
$userGrants = null;
if ($key) {
$userGrants = $permCache->load($key);
if (count($userGrants)) {
$userGrants = $this->sanitiseCacheData($userGrants);
}
}
if ($member && $userGrants && isset($userGrants[$perm][$member->ID])) {
return $userGrants[$perm][$member->ID];
}
// okay, we need to build up all the info we have about the node for permissions
$s = $this->realiseAllSources($node);
if (!$userGrants) {
$userGrants = array();
}
if (!isset($userGrants[$perm])) {
$userGrants[$perm] = array();
}
$result = null;
// if no member, just check public view
$public = $this->checkPublicPerms($node, $perm);
if ($public) {
$result = true;
}
// can return immediately
if (!$member) {
return $result;
}
if (is_null($result)) {
// see whether we're the owner, and if the perm we're checking is in that list
if ($this->checkOwnerPerms($node, $perm, $member)) {
$result = true;
}
}
$accessAuthority = '';
$directGrant = null;
$can = false;
if (is_null($result)) {
$filter = array('ItemID' => $node->ID, 'ItemType' => $node->class);
$existing = DataList::create('AccessAuthority')->filter($filter);
// get all access authorities for this object
$gids = isset($this->groups[$member->ID]) ? $this->groups[$member->ID] : null;
if (!$gids) {
$groups = $member ? $member->Groups() : array();
$gids = array();
if ($groups && $groups->Count()) {
$gids = $groups->map('ID', 'ID')->toArray();
}
$this->groups[$member->ID] = $gids;
}
$can = false;
$directGrant = 'NONE';
if ($existing && $existing->count()) {
foreach ($existing as $access) {
// check if this mentions the perm in question
$perms = $access->Perms->getValues();
if ($perms) {
if (!in_array($perm, $perms)) {
continue;
}
}
$grant = null;
$authority = $access->getAuthority();
if ($authority instanceof Group) {
if (isset($gids[$access->AuthorityID])) {
$grant = $access->Grant;
}
} elseif ($authority instanceof Member) {
if ($member->ID == $access->AuthorityID) {
$grant = $access->Grant;
}
} else {
// another mechanism that will require a lookup of members in a list
// TODO cache this
if ($authority instanceof ListOfMembers) {
$listMembers = $authority->getAllMembers()->map('ID', 'Title');
if (isset($listMembers[$member->ID])) {
$grant = $access->Grant;
}
}
}
if ($grant) {
// if it's deny, we can just break away immediately, otherwise we need to evaluate all the
// others in case there's another DENY in there somewhere
if ($grant === 'DENY') {
$directGrant = 'DENY';
// immediately break
break;
} else {
// mark that it's been granted for now
$directGrant = 'GRANT';
}
}
}
}
}
// return immediately if we have something
if ($directGrant === 'GRANT') {
$result = true;
}
if ($directGrant === 'DENY') {
$result = false;
}
// otherwise query our parents
if (is_null($result) && $node->InheritPerms) {
$permParents = $this->getEffectiveParents($node);
if (count($permParents) || $permParents instanceof IteratorAggregate) {
foreach ($permParents as $permParent) {
if ($permParent && $this->checkPerm($permParent, $perm, $member)) {
$result = true;
}
}
}
}
if (is_null($result)) {
$result = false;
}
$userGrants[$perm][$member->ID] = $result;
if ($key) {
$permCache->save($userGrants, $key);
}
return $result;
}
public function canView($member = null)
{
$this->beforeExtending(__METHOD__, function ($member) {
if (!$this->checkIfHasGlobalMenuPermission($member)) {
return false;
}
});
return parent::canView($member);
}
public function canView($member = null)
{
$first = $this->Pages()->first();
return $first ? $first->canView() : parent::canView($member);
}
public function canView($member = null)
{
$can = parent::canView($member);
return $can ? $can : Permission::check('CMS_ACCESS_FrontendAdmin');
}
/**
* Builds an item edit form. The arguments to getCMSFields() are the popupController and
* popupFormName, however this is an experimental API and may change.
*
* @todo In the future, we will probably need to come up with a tigher object representing a partially
* complete controller with gaps for extra functionality. This, for example, would be a better way
* of letting Security/login put its log-in form inside a UI specified elsewhere.
*
* @return Form
*/
public function ItemEditForm()
{
$list = $this->gridField->getList();
if (empty($this->record)) {
$controller = $this->getToplevelController();
$url = $controller->getRequest()->getURL();
$noActionURL = $controller->removeAction($url);
$controller->getResponse()->removeHeader('Location');
//clear the existing redirect
return $controller->redirect($noActionURL, 302);
}
$canView = $this->record->canView();
$canEdit = $this->record->canEdit();
$canDelete = $this->record->canDelete();
$canCreate = $this->record->canCreate();
if (!$canView) {
$controller = $this->getToplevelController();
// TODO More friendly error
return $controller->httpError(403);
}
// Build actions
$actions = $this->getFormActions();
// If we are creating a new record in a has-many list, then
// pre-populate the record's foreign key.
if ($list instanceof HasManyList && !$this->record->isInDB()) {
$key = $list->getForeignKey();
$id = $list->getForeignID();
$this->record->{$key} = $id;
}
$fields = $this->component->getFields();
if (!$fields) {
$fields = $this->record->getCMSFields();
}
// If we are creating a new record in a has-many list, then
// Disable the form field as it has no effect.
if ($list instanceof HasManyList) {
$key = $list->getForeignKey();
if ($field = $fields->dataFieldByName($key)) {
$fields->makeFieldReadonly($field);
}
}
// Caution: API violation. Form expects a Controller, but we are giving it a RequestHandler instead.
// Thanks to this however, we are able to nest GridFields, and also access the initial Controller by
// dereferencing GridFieldDetailForm_ItemRequest->getController() multiple times. See getToplevelController
// below.
$form = new Form($this, 'ItemEditForm', $fields, $actions, $this->component->getValidator());
$form->loadDataFrom($this->record, $this->record->ID == 0 ? Form::MERGE_IGNORE_FALSEISH : Form::MERGE_DEFAULT);
if ($this->record->ID && !$canEdit) {
// Restrict editing of existing records
$form->makeReadonly();
// Hack to re-enable delete button if user can delete
if ($canDelete) {
$form->Actions()->fieldByName('action_doDelete')->setReadonly(false);
}
} elseif (!$this->record->ID && !$canCreate) {
// Restrict creation of new records
$form->makeReadonly();
}
// Load many_many extraData for record.
// Fields with the correct 'ManyMany' namespace need to be added manually through getCMSFields().
if ($list instanceof ManyManyList) {
$extraData = $list->getExtraData('', $this->record->ID);
$form->loadDataFrom(array('ManyMany' => $extraData));
}
// TODO Coupling with CMS
$toplevelController = $this->getToplevelController();
if ($toplevelController && $toplevelController instanceof LeftAndMain) {
// Always show with base template (full width, no other panels),
// regardless of overloaded CMS controller templates.
// TODO Allow customization, e.g. to display an edit form alongside a search form from the CMS controller
$form->setTemplate('LeftAndMain_EditForm');
$form->addExtraClass('cms-content cms-edit-form center');
$form->setAttribute('data-pjax-fragment', 'CurrentForm Content');
if ($form->Fields()->hasTabset()) {
$form->Fields()->findOrMakeTab('Root')->setTemplate('CMSTabSet');
$form->addExtraClass('cms-tabset');
}
$form->Backlink = $this->getBackLink();
}
$cb = $this->component->getItemEditFormCallback();
if ($cb) {
$cb($form, $this);
}
$this->extend("updateItemEditForm", $form);
return $form;
}
