public function processRecord($record, $columnMap, &$results, $preview = false)
{
// We match by 'Code', the ID property is confusing the importer
if (isset($record['ID'])) {
unset($record['ID']);
}
$objID = parent::processRecord($record, $columnMap, $results, $preview);
$group = DataObject::get_by_id($this->objectClass, $objID);
// set group hierarchies - we need to do this after all records
// are imported to avoid missing "early" references to parents
// which are imported later on in the CSV file.
if (isset($record['ParentCode']) && $record['ParentCode']) {
$parentGroup = DataObject::get_one('SilverStripe\\Security\\Group', array('"Group"."Code"' => $record['ParentCode']));
if ($parentGroup) {
$group->ParentID = $parentGroup->ID;
$group->write();
}
}
// set permission codes - these are all additive, meaning
// existing permissions arent cleared.
if (isset($record['PermissionCodes']) && $record['PermissionCodes']) {
foreach (explode(',', $record['PermissionCodes']) as $code) {
$p = DataObject::get_one('SilverStripe\\Security\\Permission', array('"Permission"."Code"' => $code, '"Permission"."GroupID"' => $group->ID));
if (!$p) {
$p = new Permission(array('Code' => $code));
$p->write();
}
$group->Permissions()->add($p);
}
}
return $objID;
}
/**
* Deny the given permission code/arg to the given group
*
* @param int $groupID The ID of the group
* @param string $code The permission code
* @param string $arg Optional: The permission argument (e.g. a page ID).
* @returns Permission Returns the new permission object.
*/
public static function deny($groupID, $code, $arg = "any")
{
$perm = new Permission();
$perm->GroupID = $groupID;
$perm->Code = $code;
$perm->Type = self::DENY_PERMISSION;
// Arg component
switch ($arg) {
case "any":
break;
case "all":
$perm->Arg = -1;
break;
default:
if (is_numeric($arg)) {
$perm->Arg = $arg;
} else {
user_error("Permission::checkMember: bad arg '{$arg}'", E_USER_ERROR);
}
}
$perm->write();
return $perm;
}
