/**
* Update the permission set associated with $record DataObject
*
* @param DataObject $record
*/
public function saveInto(DataObjectInterface $record)
{
$fieldname = $this->name;
$managedClass = $this->managedClass;
// Remove all "privileged" permissions if the currently logged-in user is not an admin
$privilegedPermissions = Permission::config()->privileged_permissions;
if (!Permission::check('ADMIN')) {
foreach ($this->value as $id => $bool) {
if (in_array($id, $privilegedPermissions)) {
unset($this->value[$id]);
}
}
}
// remove all permissions and re-add them afterwards
$permissions = $record->{$fieldname}();
foreach ($permissions as $permission) {
$permission->delete();
}
if ($fieldname && $record && ($record->hasManyComponent($fieldname) || $record->manyManyComponent($fieldname))) {
if (!$record->ID) {
$record->write();
}
// We need a record ID to write permissions
$idList = array();
if ($this->value) {
foreach ($this->value as $id => $bool) {
if ($bool) {
$perm = new $managedClass();
$perm->{$this->filterField} = $record->ID;
$perm->Code = $id;
$perm->write();
}
}
}
}
}
