/**
* Handles the add action for the given DataObject.
*
* @param $gridField GridField
* @param $actionName string
* @param $arguments mixed
* @param $data array
*
* @return null|SS_HTTPResponse
*
* @throws UnexpectedValueException
*/
public function handleAction(GridField $gridField, $actionName, $arguments, $data)
{
if ($actionName == 'add') {
$dbField = $this->getDataObjectField();
$objClass = $gridField->getModelClass();
/**
* @var DataObject $obj
*/
$obj = new $objClass();
if ($obj->hasField($dbField)) {
$obj->setCastedField($dbField, $data['gridfieldaddbydbfield'][$obj->ClassName][$dbField]);
if ($obj->canCreate()) {
$id = $gridField->getList()->add($obj);
if (!$id) {
$gridField->setError(_t('GridFieldAddByDBField.AddFail', 'Unable to save {class} to the database.', 'Unable to add the DataObject.', array('class' => get_class($obj))), 'error');
}
} else {
return Security::permissionFailure(Controller::curr(), _t('GridFieldAddByDBField.PermissionFail', 'You don\'t have permission to create a {class}.', 'Unable to add the DataObject.', array('class' => get_class($obj))));
}
} else {
throw new UnexpectedValueException(sprintf('Invalid field (%s) on %s.', $dbField, $obj->ClassName));
}
}
return null;
}
/**
* @return Form
*/
public function getEditForm($id = null, $fields = null)
{
if (!$id) {
$id = $this->currentPageID();
}
$form = parent::getEditForm($id);
$record = $this->getRecord($id);
if ($record && !$record->canView()) {
return Security::permissionFailure($this);
}
$newComments = Comment::get()->filter('Moderated', 0);
$newGrid = new CommentsGridField('NewComments', _t('CommentsAdmin.NewComments', 'New'), $newComments, CommentsGridFieldConfig::create());
$approvedComments = Comment::get()->filter('Moderated', 1)->filter('IsSpam', 0);
$approvedGrid = new CommentsGridField('ApprovedComments', _t('CommentsAdmin.ApprovedComments', 'Approved'), $approvedComments, CommentsGridFieldConfig::create());
$spamComments = Comment::get()->filter('Moderated', 1)->filter('IsSpam', 1);
$spamGrid = new CommentsGridField('SpamComments', _t('CommentsAdmin.SpamComments', 'Spam'), $spamComments, CommentsGridFieldConfig::create());
$newCount = '(' . count($newComments) . ')';
$approvedCount = '(' . count($approvedComments) . ')';
$spamCount = '(' . count($spamComments) . ')';
$fields = new FieldList($root = new TabSet('Root', new Tab('NewComments', _t('CommentAdmin.NewComments', 'New') . ' ' . $newCount, $newGrid), new Tab('ApprovedComments', _t('CommentAdmin.ApprovedComments', 'Approved') . ' ' . $approvedCount, $approvedGrid), new Tab('SpamComments', _t('CommentAdmin.SpamComments', 'Spam') . ' ' . $spamCount, $spamGrid)));
$root->setTemplate('CMSTabSet');
$actions = new FieldList();
$form = new Form($this, 'EditForm', $fields, $actions);
$form->addExtraClass('cms-edit-form');
$form->setTemplate($this->getTemplatesWithSuffix('_EditForm'));
if ($form->Fields()->hasTabset()) {
$form->Fields()->findOrMakeTab('Root')->setTemplate('CMSTabSet');
$form->addExtraClass('center ss-tabset cms-tabset ' . $this->BaseCSSClasses());
}
$this->extend('updateEditForm', $form);
return $form;
}
public function index(SS_HTTPRequest $request)
{
if (!Director::isDev() && !Permission::check('CMS_ACCESS_CMSMain')) {
return Security::permissionFailure($this);
}
if ($request->latestParam('ID')) {
$templates = $this->templateArray();
if (isset($templates[$request->latestParam('ID')])) {
$next = false;
$previous = false;
$useNext = false;
foreach ($templates as $k => $v) {
if ($useNext) {
$next = new ArrayData(array('Name' => $v['Name'], 'Link' => 'patterns/index/' . $k));
break;
}
if ($k == $request->latestParam('ID')) {
// mat
$useNext = true;
} else {
$previous = new ArrayData(array('Name' => $v['Name'], 'Link' => 'patterns/index/' . $k));
}
}
return $this->customise(new ArrayData(array('ClassName' => 'Pattern', 'IsPatternLab' => true, 'PreviousPattern' => $previous, 'NextPattern' => $next, 'PatternName' => $templates[$request->latestParam('ID')]['Name'], 'Patterns' => $this->renderWith(array($templates[$request->latestParam('ID')]['Template'])))))->renderWith($templates[$request->latestParam('ID')]['Template']);
}
}
return $this->renderWith(array(__CLASS__, 'Page'));
}
public function init()
{
parent::init();
if (!Permission::check('CMS_ACCESS')) {
Security::permissionFailure();
}
}
public function init()
{
if (!Permission::check("ADMIN")) {
Security::permissionFailure();
}
parent::init();
}
/**
* @return string
*/
public function install()
{
if (!Permission::check('ADMIN')) {
return Security::permissionFailure($this);
}
return $this->customise(array('Title' => 'Install Deploy Tools', 'Content' => '<p>Some instructions would be nice.</p>', 'Form' => $this->InstallForm()))->renderWith(array('Page', 'Page'));
}
public function getEditForm($id = null, $fields = null)
{
// TODO Duplicate record fetching (see parent implementation)
if (!$id) {
$id = $this->currentPageID();
}
$form = parent::getEditForm($id);
// TODO Duplicate record fetching (see parent implementation)
$record = $this->getRecord($id);
if ($record && !$record->canView()) {
return Security::permissionFailure($this);
}
$memberList = GridField::create('Members', false, Member::get(), $memberListConfig = GridFieldConfig_RecordEditor::create()->addComponent(new GridFieldButtonRow('after'))->addComponent(new GridFieldExportButton('buttons-after-left')))->addExtraClass("members_grid");
if ($record && method_exists($record, 'getValidator')) {
$validator = $record->getValidator();
} else {
$validator = Injector::inst()->get('Member')->getValidator();
}
$memberListConfig->getComponentByType('GridFieldDetailForm')->setValidator($validator);
$groupList = GridField::create('Groups', false, Group::get(), GridFieldConfig_RecordEditor::create());
$columns = $groupList->getConfig()->getComponentByType('GridFieldDataColumns');
$columns->setDisplayFields(array('Breadcrumbs' => singleton('Group')->fieldLabel('Title')));
$columns->setFieldFormatting(array('Breadcrumbs' => function ($val, $item) {
return Convert::raw2xml($item->getBreadcrumbs(' > '));
}));
$fields = new FieldList($root = new TabSet('Root', $usersTab = new Tab('Users', _t('SecurityAdmin.Users', 'Users'), $memberList, new LiteralField('MembersCautionText', sprintf('<p class="caution-remove"><strong>%s</strong></p>', _t('SecurityAdmin.MemberListCaution', 'Caution: Removing members from this list will remove them from all groups and the' . ' database')))), $groupsTab = new Tab('Groups', singleton('Group')->i18n_plural_name(), $groupList)), new HiddenField('ID', false, 0));
// Add import capabilities. Limit to admin since the import logic can affect assigned permissions
if (Permission::check('ADMIN')) {
$fields->addFieldsToTab('Root.Users', array(new HeaderField(_t('SecurityAdmin.IMPORTUSERS', 'Import users'), 3), new LiteralField('MemberImportFormIframe', sprintf('<iframe src="%s" id="MemberImportFormIframe" width="100%%" height="250px" frameBorder="0">' . '</iframe>', $this->Link('memberimport')))));
$fields->addFieldsToTab('Root.Groups', array(new HeaderField(_t('SecurityAdmin.IMPORTGROUPS', 'Import groups'), 3), new LiteralField('GroupImportFormIframe', sprintf('<iframe src="%s" id="GroupImportFormIframe" width="100%%" height="250px" frameBorder="0">' . '</iframe>', $this->Link('groupimport')))));
}
// Tab nav in CMS is rendered through separate template
$root->setTemplate('CMSTabSet');
// Add roles editing interface
if (Permission::check('APPLY_ROLES')) {
$rolesField = GridField::create('Roles', false, PermissionRole::get(), GridFieldConfig_RecordEditor::create());
$rolesTab = $fields->findOrMakeTab('Root.Roles', _t('SecurityAdmin.TABROLES', 'Roles'));
$rolesTab->push($rolesField);
}
$actionParam = $this->getRequest()->param('Action');
if ($actionParam == 'groups') {
$groupsTab->addExtraClass('ui-state-active');
} elseif ($actionParam == 'users') {
$usersTab->addExtraClass('ui-state-active');
} elseif ($actionParam == 'roles') {
$rolesTab->addExtraClass('ui-state-active');
}
$actions = new FieldList();
$form = Form::create($this, 'EditForm', $fields, $actions)->setHTMLID('Form_EditForm');
$form->addExtraClass('cms-edit-form');
$form->setTemplate($this->getTemplatesWithSuffix('_EditForm'));
// Tab nav in CMS is rendered through separate template
if ($form->Fields()->hasTabset()) {
$form->Fields()->findOrMakeTab('Root')->setTemplate('CMSTabSet');
}
$form->addExtraClass('center ss-tabset cms-tabset ' . $this->BaseCSSClasses());
$form->setAttribute('data-pjax-fragment', 'CurrentForm');
$this->extend('updateEditForm', $form);
return $form;
}
function init()
{
parent::init();
if (!Permission::check('ADMIN')) {
Security::permissionFailure();
}
}
public function init()
{
parent::init();
if (!Permission::check("VIEW_STYLEGUIDE")) {
Security::permissionFailure();
}
if (!$this->config()->service) {
$this->httpError(404);
}
$this->setService($this->config()->service);
$this->pageService = new StyleGuide\PageService($this);
// redirect to the first action route
if (!$this->request->param('Action')) {
$page = $this->pageService->getPages()->first();
$this->redirect($page->Link);
}
// if no template set on the action route then redirect to the first child
if (!$this->request->param('ChildAction') && !$this->pageService->getTemplate()) {
$page = $this->pageService->getActivePage();
if (isset($page->Children)) {
$childPage = $page->Children->first();
$this->redirect($childPage->Link);
}
}
// set the service
$this->setRequirements();
// load the fixture file
$this->loadFixture();
}
/**
* Uses $this->owner->request (a {@link SS_HTTPRequest} object) to determine which comment we want to unsubscribe
* the member from. If the current user isn't logged in, or is logged in as a different user, then we send them to
* the login screen.
*/
public function unsubscribenotification()
{
$request = $this->owner->getRequest();
$commentID = $request->param('ID');
$member = Member::currentUser();
if (!$commentID) {
$this->owner->httpError(403);
return;
}
$comment = Comment::get()->byID($commentID);
if (!$comment) {
$this->owner->httpError(403);
return;
}
if (!$member || $member->ID != $comment->AuthorID) {
return Security::permissionFailure($this->owner, array('default' => _t('CommentingControllerUserNotificationsExtension.DEFAULTFAIL', 'You must login to unsubscribe.'), 'alreadyLoggedIn' => _t('CommentingControllerUserNotificationsExtension.ALREADYLOGGEDINFAIL', 'You must login as the correct user (the user who submitted the comment) to continue.'), 'logInAgain' => _t('CommentingControllerUserNotificationsExtension.LOGINAGAINFAIL', 'You have been logged out. If you would like to login again, enter your credentials below.')));
}
// Currently logged in Member's ID matches the author of the comment, so we can unsubscribe them
// We want to find all comments posted to this object by this author, and unsubscribe all of them.
$allComments = Comment::get()->filter(array('BaseClass' => $comment->BaseClass, 'ParentID' => $comment->ParentID, 'NotifyOfUpdates' => true));
foreach ($allComments as $c) {
$c->NotifyOfUpdates = false;
$c->write();
}
// This sets a session var that can be queried on the page that we redirect the user back to, so that we can
// display a nice message to let the user know their unsubscription was successful.
Session::set('CommentUserNotificationsUnsubscribed', '1');
$this->owner->redirectBack();
}
public function init()
{
if (!Member::currentUserID() || !Permission::check($this->config()->access_permission)) {
return Security::permissionFailure($this);
}
parent::init();
}
/**
* Controller inititalisation
* Check if user is logged in, if not redirect to login form
*/
public function init()
{
parent::init();
if (!Member::currentUserID()) {
Security::permissionFailure();
}
}
function init()
{
parent::init();
// We allow access to this controller regardless of live-status or ADMIN permission only
// if on CLI. Access to this controller is always allowed in "dev-mode", or of the user is ADMIN.
$canAccess = Director::isDev() || Director::is_cli() || Permission::check("ADMIN");
if (!$canAccess) {
return Security::permissionFailure($this, "This page is secured and you need administrator rights to access it. " . "Enter your credentials below and we will send you right along.");
}
// check for valid url mapping
// lacking this information can cause really nasty bugs,
// e.g. when running Director::test() from a FunctionalTest instance
global $_FILE_TO_URL_MAPPING;
if (Director::is_cli()) {
if (isset($_FILE_TO_URL_MAPPING)) {
$fullPath = $testPath = $_SERVER['SCRIPT_FILENAME'];
while ($testPath && $testPath != "/" && !preg_match('/^[A-Z]:\\\\$/', $testPath)) {
$matched = false;
if (isset($_FILE_TO_URL_MAPPING[$testPath])) {
$matched = true;
break;
}
$testPath = dirname($testPath);
}
if (!$matched) {
echo 'Warning: You probably want to define ' . 'an entry in $_FILE_TO_URL_MAPPING that covers "' . Director::baseFolder() . '"' . "\n";
}
} else {
echo 'Warning: You probably want to define $_FILE_TO_URL_MAPPING in ' . 'your _ss_environment.php as instructed on the "sake" page of the doc.silverstripe.com wiki' . "\n";
}
}
}
function init()
{
parent::init();
if (!Permission::check("SHOPUSER_ACCOUNT")) {
Security::permissionFailure();
}
}
public function index($request)
{
$id = $request->param('ID');
$token = $request->getVar('token');
if (!$id || !ctype_digit($id)) {
$this->httpError(404, 'A member ID was not specified.');
}
$member = DataObject::get_by_id('Member', $id);
if (!$member) {
$this->httpError(404, 'The specified member could not be found.');
}
if (!$member->canEdit()) {
return Security::permissionFailure();
}
if ($token != $member->ValidationKey) {
$this->httpError(400, 'An invalid token was specified.');
}
if (!$member->NeedsApproval) {
$title = _t('MemberProfiles.ALREADYAPPROVED', 'Already Approved');
$content = _t('MemberProfiles.ALREADYAPPROVEDNOTE', 'This member has already been approved');
return $this->render(array('Title' => $title, 'Content' => "<p>{$content}</p>"));
}
$member->NeedsApproval = false;
$member->write();
$title = _t('MemberProfiles.MEMBERAPPROVED', 'Member Approved');
$content = _t('MemberProfiles.MEMBERAPPROVEDCONTENT', 'The member "%s" has been approved and can now log in.');
$content = sprintf($content, Convert::raw2xml("{$member->Name} <{$member->Email}>"));
return $this->render(array('Title' => $title, 'Content' => $content));
}
/**
* @return Form
*/
public function getEditForm($id = null, $fields = null)
{
if (!$id) {
$id = $this->currentPageID();
}
$form = parent::getEditForm($id);
$record = $this->getRecord($id);
if ($record && !$record->canView()) {
return Security::permissionFailure($this);
}
$commentsConfig = GridFieldConfig::create()->addComponents(new GridFieldFilterHeader(), new GridFieldDataColumns(), new GridFieldSortableHeader(), new GridFieldPaginator(25), new GridFieldDeleteAction(), new GridFieldDetailForm(), new GridFieldExportButton(), new GridFieldEditButton(), new GridFieldDetailForm());
$needs = new GridField('Comments', _t('CommentsAdmin.NeedsModeration', 'Needs Moderation'), Comment::get()->where('Moderated = 0'), $commentsConfig);
$moderated = new GridField('CommentsModerated', _t('CommentsAdmin.CommentsModerated'), Comment::get()->where('Moderated = 1'), $commentsConfig);
$fields = new FieldList($root = new TabSet('Root', new Tab('NeedsModeration', _t('CommentAdmin.NeedsModeration', 'Needs Moderation'), $needs), new Tab('Comments', _t('CommentAdmin.Moderated', 'Moderated'), $moderated)));
$root->setTemplate('CMSTabSet');
$actions = new FieldList();
$form = new Form($this, 'EditForm', $fields, $actions);
$form->addExtraClass('cms-edit-form');
$form->setTemplate($this->getTemplatesWithSuffix('_EditForm'));
if ($form->Fields()->hasTabset()) {
$form->Fields()->findOrMakeTab('Root')->setTemplate('CMSTabSet');
$form->addExtraClass('center ss-tabset cms-tabset ' . $this->BaseCSSClasses());
}
$this->extend('updateEditForm', $form);
return $form;
}
public function transition($request)
{
if (!Member::currentUserID()) {
return Security::permissionFailure($this, _t('AdvancedWorkflowActionController.ACTION_ERROR', "You must be logged in"));
}
$id = $this->request->requestVar('id');
$transition = $this->request->requestVar('transition');
$instance = DataObject::get_by_id('WorkflowInstance', (int) $id);
if ($instance && $instance->canEdit()) {
$transition = DataObject::get_by_id('WorkflowTransition', (int) $transition);
if ($transition) {
if ($this->request->requestVar('comments')) {
$action = $instance->CurrentAction();
$action->Comment = $this->request->requestVar('comments');
$action->write();
}
singleton('WorkflowService')->executeTransition($instance->getTarget(), $transition->ID);
$result = array('success' => true, 'link' => $instance->getTarget()->AbsoluteLink());
if (Director::is_ajax()) {
return Convert::raw2json($result);
} else {
return $this->redirect($instance->getTarget()->Link());
}
}
}
if (Director::is_ajax()) {
$result = array('success' => false);
return Convert::raw2json($result);
} else {
$this->redirect($instance->getTarget()->Link());
}
}
function init()
{
parent::init();
if (!(Director::isDev() || Director::is_cli() || Permission::check("ADMIN"))) {
return Security::permissionFailure($this);
}
}
public function init()
{
parent::init();
if (!Director::is_cli() && !Permission::check("ADMIN") && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
return Security::permissionFailure();
}
}
function init()
{
parent::init();
// Special case for dev/build: Defer permission checks to DatabaseAdmin->init() (see #4957)
$requestedDevBuild = stripos($this->request->getURL(), 'dev/build') === 0;
// We allow access to this controller regardless of live-status or ADMIN permission only
// if on CLI. Access to this controller is always allowed in "dev-mode", or of the user is ADMIN.
$canAccess = $requestedDevBuild || Director::isDev() || Director::is_cli() || Permission::check("ADMIN");
if (!$canAccess) {
return Security::permissionFailure($this);
}
// check for valid url mapping
// lacking this information can cause really nasty bugs,
// e.g. when running Director::test() from a FunctionalTest instance
global $_FILE_TO_URL_MAPPING;
if (Director::is_cli()) {
if (isset($_FILE_TO_URL_MAPPING)) {
$fullPath = $testPath = BASE_PATH;
while ($testPath && $testPath != "/" && !preg_match('/^[A-Z]:\\\\$/', $testPath)) {
$matched = false;
if (isset($_FILE_TO_URL_MAPPING[$testPath])) {
$matched = true;
break;
}
$testPath = dirname($testPath);
}
if (!$matched) {
echo 'Warning: You probably want to define ' . 'an entry in $_FILE_TO_URL_MAPPING that covers "' . Director::baseFolder() . '"' . "\n";
}
} else {
echo 'Warning: You probably want to define $_FILE_TO_URL_MAPPING in ' . 'your _ss_environment.php as instructed on the "sake" page of the doc.silverstripe.org wiki' . "\n";
}
}
}
/**
* Loads the requirements, checks perms, etc. If an ID is in the URL, that becomes the
* current folder.
*/
public function init()
{
parent::init();
if (!Permission::check("ADMIN") && !Permission::check("CMS_ACCESS_BrowseFiles")) {
return Security::permissionFailure($this, _t('KickAssets.PERMISSIONFAIL', 'You do not have permission to access this section of the CMS.'));
}
Requirements::clear();
Requirements::css('kickassets/css/core.css');
Requirements::css('kickassets/css/kickassets.css');
Requirements::javascript('kickassets/javascript/jquery.js');
Requirements::javascript(THIRDPARTY_DIR . '/jquery-livequery/jquery.livequery.js');
Requirements::javascript('kickassets/javascript/apprise/apprise-1.5.full.js');
Requirements::javascript('kickassets/javascript/jquery.tooltip.js');
Requirements::css('kickassets/javascript/apprise/apprise.css');
Requirements::javascript('kickassets/javascript/kickassets_ui.js');
Requirements::javascript('kickassets/javascript/chosen/chosen.jquery.js');
Requirements::css('kickassets/javascript/chosen/chosen.css');
Requirements::javascript('kickassets/javascript/jquery.form.js');
Requirements::javascript('kickassets/javascript/kickassets.js');
Requirements::css('kickassets/css/kickassets_ui.css');
if ($this->getRequest()->param('ID')) {
$this->currentFolder = DataObject::get_by_id("Folder", (int) $this->getRequest()->param('ID'));
$this->currentPath = KickAssetUtil::relative_asset_dir($this->currentFolder->Filename);
} else {
$this->currentFolder = singleton('Folder');
$this->currentPath = false;
}
}
public function edit()
{
if (!$this->canEditProfile()) {
return Security::permissionFailure($this, "You do not have permission to edit this profile.");
}
return array('Title' => "Edit Profile", 'Content' => '', 'Form' => $this->EditProfileForm());
}
public function preRequest(SS_HTTPRequest $request, Session $session, DataModel $model)
{
// Bootstrap session so that Session::get() accesses the right instance
$dummyController = new Controller();
$dummyController->setSession($session);
$dummyController->setRequest($request);
$dummyController->pushCurrent();
// Block non-authenticated users from setting the stage mode
if (!Versioned::can_choose_site_stage($request)) {
$permissionMessage = sprintf(_t("ContentController.DRAFT_SITE_ACCESS_RESTRICTION", 'You must log in with your CMS password in order to view the draft or archived content. ' . '<a href="%s">Click here to go back to the published site.</a>'), Convert::raw2xml(Controller::join_links(Director::baseURL(), $request->getURL(), "?stage=Live")));
// Force output since RequestFilter::preRequest doesn't support response overriding
$response = Security::permissionFailure($dummyController, $permissionMessage);
$session->inst_save();
$dummyController->popCurrent();
// Prevent output in testing
if (class_exists('SapphireTest', false) && SapphireTest::is_running_test()) {
throw new SS_HTTPResponse_Exception($response);
}
$response->output();
die;
}
Versioned::choose_site_stage();
$dummyController->popCurrent();
return true;
}
function init()
{
if (!Director::is_cli() && !Director::isDev() && !Permission::check("ADMIN")) {
Security::permissionFailure();
}
parent::init();
}
public function init()
{
parent::init();
if (!Director::is_cli() && !Permission::check('ADMIN')) {
return Security::permissionFailure();
}
}
/**
* Process all incoming requests passed to this controller, checking
* that the file exists and passing the file through if possible.
*/
public function handleRequest(SS_HTTPRequest $request, DataModel $model)
{
// Copied from Controller::handleRequest()
$this->pushCurrent();
$this->urlParams = $request->allParams();
$this->request = $request;
$this->response = new SS_HTTPResponse();
$this->setDataModel($model);
$url = array_key_exists('url', $_GET) ? $_GET['url'] : $_SERVER['REQUEST_URI'];
// remove any relative base URL and prefixed slash that get appended to the file path
// e.g. /mysite/assets/test.txt should become assets/test.txt to match the Filename field on File record
$url = Director::makeRelative(ltrim(str_replace(BASE_URL, '', $url), '/'));
$file = File::find($url);
if ($this->canDownloadFile($file)) {
// If we're trying to access a resampled image.
if (preg_match('/_resampled\\/[^-]+-/', $url)) {
// File::find() will always return the original image, but we still want to serve the resampled version.
$file = new Image();
$file->Filename = $url;
}
$this->extend('onBeforeSendFile', $file);
return $this->sendFile($file);
} else {
if ($file instanceof File) {
// Permission failure
Security::permissionFailure($this, 'You are not authorised to access this resource. Please log in.');
} else {
// File doesn't exist
$this->response = new SS_HTTPResponse('File Not Found', 404);
}
}
return $this->response;
}
public function init()
{
parent::init();
if (!Permission::check('ADMIN')) {
return Security::permissionFailure($this);
}
}
public function edit()
{
if (!$this->canEditOrganisation()) {
return Security::permissionFailure($this, "You do not have permission to edit this organisation.");
}
return array('Title' => 'Editing ' . $this->Title, 'Form' => $this->EditOrganisationForm());
}
public function init()
{
parent::init();
$res = Permission::check("ADMIN") || Permission::check("ADMIN_SUMMIT_APP") || Permission::check("ADMIN_SUMMIT_APP_SCHEDULE");
if (!$res) {
Security::permissionFailure();
}
}
function init()
{
parent::init();
if (!Permission::check('ADMIN')) {
return Security::permissionFailure();
}
TestRunner::use_test_manifest();
}
