/** * @param String $name * @param String $title * @param String $managedClass * @param String $filterField * @param Group|SS_List $records One or more {@link Group} or {@link PermissionRole} records * used to determine permission checkboxes. * Caution: saveInto() can only be used with a single record, all inherited permissions will be marked readonly. * Setting multiple groups only makes sense in a readonly context. (Optional) */ public function __construct($name, $title, $managedClass, $filterField, $records = null) { $this->filterField = $filterField; $this->managedClass = $managedClass; if ($records instanceof SS_List) { $this->records = $records; } elseif ($records instanceof Group) { $this->records = new ArrayList(array($records)); } elseif ($records) { throw new InvalidArgumentException('$record should be either a Group record, or a SS_List of Group records'); } // Get all available codes in the system as a categorized nested array $this->source = Permission::get_codes(true); parent::__construct($name, $title); }
/** * @param String $name * @param String $title * @param String $managedClass * @param String $filterField * @param Group|DataObjectSet $records One or more {@link Group} or {@link PermissionRole} records * used to determine permission checkboxes. * Caution: saveInto() can only be used with a single record, all inherited permissions will be marked readonly. * Setting multiple groups only makes sense in a readonly context. (Optional) */ function __construct($name, $title, $managedClass, $filterField, $records = null) { $this->filterField = $filterField; $this->managedClass = $managedClass; if (is_a($records, 'DataObjectSet')) { $this->records = $records; } elseif (is_a($records, 'DataObject')) { $this->records = new DataObjectSet($records); } elseif ($records) { throw new InvalidArgumentException('$record should be either a Group record, or a DataObjectSet of Group records'); } // Get all available codes in the system as a categorized nested array $this->source = Permission::get_codes(true); parent::__construct($name, $title); }
public function onAfterWrite() { parent::onAfterWrite(); // TODO: should test if this is needed or not if (!$this->owner->ID) { return; } // Apply the subsite title to config $siteconfig = $this->getSiteConfig(); if ($siteconfig) { if ($siteconfig->Title == _t('Subsite.SiteConfigTitle', 'Your Site Name') && $this->owner->Title) { $siteconfig->Title = $this->owner->Title; $siteconfig->write(); } } // Make sure we have groups for this subsite $groupName = $this->getAdministratorGroupName(); $group = self::getGroupByName($groupName); if ($groupName && !$group) { $group = new Group(); $group->Title = $groupName; $group->AccessAllSubsites = false; $group->write(); $group->Subsites()->add($this->owner); // Apply default permissions to this group $codes = array_unique(array_keys(Permission::get_codes(false))); $default_permissions = Config::inst()->get('SubsiteExtension', 'admin_default_permissions'); foreach ($default_permissions as $p) { if (in_array($p, $codes)) { $po = new Permission(array('Code' => $p)); $po->write(); $group->Permissions()->add($po); } } $group->write(); } $membersGroupName = $this->getMembersGroupName(); $membersGroup = self::getGroupByName($membersGroupName); if ($membersGroupName && !$membersGroup) { $membersGroup = new Group(); $membersGroup->Title = $membersGroupName; $membersGroup->AccessAllSubsites = true; $membersGroup->write(); $membersGroup->Subsites()->add($this->owner); $membersGroup->write(); } }
/** * Builds a comma separated list of human-readbale permissions for a given Member. * * @return string */ public function getPermissionsDescription() { if (class_exists('Subsite')) { Subsite::disable_subsite_filter(true); } $permissionsUsr = Permission::permissions_for_member($this->owner->ID); $permissionsSrc = Permission::get_codes(true); sort($permissionsUsr); $permissionNames = array(); foreach ($permissionsUsr as $code) { $code = strtoupper($code); foreach ($permissionsSrc as $k => $v) { if (isset($v[$code])) { $name = empty($v[$code]['name']) ? _t('MemberReportExtension.UNKNOWN', 'Unknown') : $v[$code]['name']; $permissionNames[] = $name; } } } $result = $permissionNames ? implode(', ', $permissionNames) : _t('MemberReportExtension.NOPERMISSIONS', 'No Permissions'); if (class_exists('Subsite')) { Subsite::disable_subsite_filter(false); } return $result; }
public function testGetCodesUngrouped() { $codes = Permission::get_codes(false); $this->assertArrayHasKey('SITETREE_VIEW_ALL', $codes); }
function __construct($name, $title = "") { parent::__construct($name, $title, Permission::get_codes(true)); }
/** * Example: Given a "group" "Admin" with permissions "Access to 'Pages' section" and "Access to 'Files' section" * * @Given /^(?:(an|a|the) )"group" "(?<id>[^"]+)" (?:(with|has)) permissions (?<permissionStr>.*)$/ */ public function stepCreateGroupWithPermissions($id, $permissionStr) { // Convert natural language permissions to codes preg_match_all('/"([^"]+)"/', $permissionStr, $matches); $permissions = $matches[1]; $codes = \Permission::get_codes(false); $group = $this->fixtureFactory->get('Group', $id); if (!$group) { $group = $this->fixtureFactory->createObject('Group', $id); } foreach ($permissions as $permission) { $found = false; foreach ($codes as $code => $details) { if ($permission == $code || $permission == $details['name']) { \Permission::grant($group->ID, $code); $found = true; } } if (!$found) { throw new \InvalidArgumentException(sprintf('No permission found for "%s"', $permission)); } } }