check() public method

権限チェックを行う
public check ( array $url, string $userGroupId ) : boolean
$url array
$userGroupId string
return boolean
 public function init()
 {
     parent::init();
     if (!Director::is_cli() && !Permission::check("ADMIN") && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
         return Security::permissionFailure();
     }
 }
Exemplo n.º 2
0
 public function init()
 {
     parent::init();
     if (!Director::is_cli() && !Permission::check('ADMIN')) {
         return Security::permissionFailure();
     }
 }
 function testModelAdminOpens()
 {
     $this->autoFollowRedirection = false;
     $this->logInAs('admin');
     $this->assertTrue((bool) Permission::check("ADMIN"));
     $this->assertEquals(200, $this->get('ModelAdminTest_Admin')->getStatusCode());
 }
 public function updateCMSFields(FieldSet $fields)
 {
     $service = singleton('WorkflowService');
     if ($effective = $service->getDefinitionFor($this->owner)) {
         $effectiveTitle = $effective->Title;
     } else {
         $effectiveTitle = _t('WorkflowApplicable.NONE', '(none)');
     }
     $allDefinitions = array(_t('WorkflowApplicable.INHERIT', 'Inherit from parent'));
     if ($definitions = $service->getDefinitions()) {
         $allDefinitions += $definitions->map();
     }
     $tab = $fields->fieldByName('Root') ? 'Root.Workflow' : 'BottomRoot.Workflow';
     $applyWorkflowField = null;
     $fields->addFieldToTab($tab, new HeaderField('AppliedWorkflowHeader', _t('WorkflowApplicable.APPLIEDWORKFLOW', 'Applied Workflow')));
     if (Permission::check('APPLY_WORKFLOW')) {
         $fields->addFieldToTab($tab, new DropdownField('WorkflowDefinitionID', _t('WorkflowApplicable.DEFINITION', 'Applied Workflow'), $allDefinitions));
     }
     $fields->addFieldToTab($tab, new ReadonlyField('EffectiveWorkflow', _t('WorkflowApplicable.EFFECTIVE_WORKFLOW', 'Effective Workflow'), $effectiveTitle));
     $fields->addFieldToTab($tab, new HeaderField('WorkflowLogHeader', _t('WorkflowApplicable.WORKFLOWLOG', 'Workflow Log')));
     $fields->addFieldToTab($tab, $logTable = new ComplexTableField($this->owner, 'WorkflowLog', 'WorkflowInstance', null, 'getActionsSummaryFields', sprintf('"TargetClass" = \'%s\' AND "TargetID" = %d', $this->owner->class, $this->owner->ID)));
     $logTable->setRelationAutoSetting(false);
     $logTable->setPermissions(array('show'));
     $logTable->setPopupSize(760, 420);
 }
 /**
  * Checks to see if the member can view or not
  * @param {int|Member} $member Member ID or instance to check
  * @return {bool} Returns boolean true if the member can view false otherwise
  */
 public function canView($member = null)
 {
     if (Permission::check('CODE_BANK_ACCESS', 'any', $member)) {
         return true;
     }
     return false;
 }
 public function onBeforeInit()
 {
     $host = GlobalNavSiteTreeExtension::get_toolbar_hostname();
     if ((isset($_REQUEST['regenerate_nav']) || isset($_REQUEST['flush'])) && $host == Director::protocolAndHost() && (Permission::check('ADMIN') || Director::isDev())) {
         GlobalNavSiteTreeExtension::create_static_navs();
     }
 }
Exemplo n.º 7
0
 function init()
 {
     parent::init();
     // Special case for dev/build: Defer permission checks to DatabaseAdmin->init() (see #4957)
     $requestedDevBuild = stripos($this->request->getURL(), 'dev/build') === 0;
     // We allow access to this controller regardless of live-status or ADMIN permission only
     // if on CLI.  Access to this controller is always allowed in "dev-mode", or of the user is ADMIN.
     $canAccess = $requestedDevBuild || Director::isDev() || Director::is_cli() || Permission::check("ADMIN");
     if (!$canAccess) {
         return Security::permissionFailure($this);
     }
     // check for valid url mapping
     // lacking this information can cause really nasty bugs,
     // e.g. when running Director::test() from a FunctionalTest instance
     global $_FILE_TO_URL_MAPPING;
     if (Director::is_cli()) {
         if (isset($_FILE_TO_URL_MAPPING)) {
             $fullPath = $testPath = BASE_PATH;
             while ($testPath && $testPath != "/" && !preg_match('/^[A-Z]:\\\\$/', $testPath)) {
                 $matched = false;
                 if (isset($_FILE_TO_URL_MAPPING[$testPath])) {
                     $matched = true;
                     break;
                 }
                 $testPath = dirname($testPath);
             }
             if (!$matched) {
                 echo 'Warning: You probably want to define ' . 'an entry in $_FILE_TO_URL_MAPPING that covers "' . Director::baseFolder() . '"' . "\n";
             }
         } else {
             echo 'Warning: You probably want to define $_FILE_TO_URL_MAPPING in ' . 'your _ss_environment.php as instructed on the "sake" page of the doc.silverstripe.org wiki' . "\n";
         }
     }
 }
 /**
  * CMS Fields
  * @return FieldList
  */
 public function updateCMSFields(FieldList $fields)
 {
     if (!Permission::check("VIEW_SECTIONS")) {
         return $fields;
     }
     $SectionGrid = GridFieldConfig_RelationEditor::create()->removeComponentsByType('GridFieldAddNewButton')->addComponent(new GridFieldAddNewMultiClass())->addComponent(new GridFieldOrderableRows());
     $SectionGrid->getComponentByType('GridFieldAddExistingAutocompleter')->setSearchFields(array('AdminTitle', 'MenuTitle'))->setResultsFormat('$AdminTitle - $Type');
     $AvailableTypes = $this->AvailableSectionTypes();
     foreach ($AvailableTypes as $key => $value) {
         if ($value['selectable_option'] && !$value['limit_reached']) {
             $AvailableTypes[$key] = $value['type'];
         }
     }
     $SectionGrid->getComponentByType('GridFieldAddNewMultiClass')->setClasses($AvailableTypes);
     // Limit total sections
     $LimitSectionTotal = Config::inst()->get($this->owner->ClassName, 'LimitSectionTotal');
     if (isset($LimitSectionTotal) && $this->owner->Sections()->Count() >= $LimitSectionTotal) {
         // remove the buttons if we don't want to allow more records to be added/created
         $SectionGrid->removeComponentsByType('GridFieldAddNewButton');
         $SectionGrid->removeComponentsByType('GridFieldAddExistingAutocompleter');
         $SectionGrid->removeComponentsByType('GridFieldAddNewMultiClass');
     }
     if (!Permission::check("LINK_SECTIONS")) {
         $SectionGrid->removeComponentsByType('GridFieldAddExistingAutocompleter');
     }
     if (!Permission::check("REORDER_SECTIONS")) {
         $SectionGrid->removeComponentsByType('GridFieldOrderableRows');
     }
     if (!Permission::check("UNLINK_SECTIONS")) {
         $SectionGrid->removeComponentsByType('GridFieldDeleteAction');
     }
     $fields->addFieldToTab('Root.Section', GridField::create('Sections', 'Current Section(s)', $this->owner->Sections(), $SectionGrid));
     $fields->addFieldToTab('Root.Preview', UploadField::create('PreviewImage', 'Preview image')->setFolderName('Preview'));
     return $fields;
 }
Exemplo n.º 9
0
 /**
  * Loads the requirements, checks perms, etc. If an ID is in the URL, that becomes the
  * current folder.
  */
 public function init()
 {
     parent::init();
     if (!Permission::check("ADMIN") && !Permission::check("CMS_ACCESS_BrowseFiles")) {
         return Security::permissionFailure($this, _t('KickAssets.PERMISSIONFAIL', 'You do not have permission to access this section of the CMS.'));
     }
     Requirements::clear();
     Requirements::css('kickassets/css/core.css');
     Requirements::css('kickassets/css/kickassets.css');
     Requirements::javascript('kickassets/javascript/jquery.js');
     Requirements::javascript(THIRDPARTY_DIR . '/jquery-livequery/jquery.livequery.js');
     Requirements::javascript('kickassets/javascript/apprise/apprise-1.5.full.js');
     Requirements::javascript('kickassets/javascript/jquery.tooltip.js');
     Requirements::css('kickassets/javascript/apprise/apprise.css');
     Requirements::javascript('kickassets/javascript/kickassets_ui.js');
     Requirements::javascript('kickassets/javascript/chosen/chosen.jquery.js');
     Requirements::css('kickassets/javascript/chosen/chosen.css');
     Requirements::javascript('kickassets/javascript/jquery.form.js');
     Requirements::javascript('kickassets/javascript/kickassets.js');
     Requirements::css('kickassets/css/kickassets_ui.css');
     if ($this->getRequest()->param('ID')) {
         $this->currentFolder = DataObject::get_by_id("Folder", (int) $this->getRequest()->param('ID'));
         $this->currentPath = KickAssetUtil::relative_asset_dir($this->currentFolder->Filename);
     } else {
         $this->currentFolder = singleton('Folder');
         $this->currentPath = false;
     }
 }
 /**
  * @return bool
  */
 protected function authorize()
 {
     if (!Permission::check('ADMIN_SUMMIT_APP_FRONTEND_ADMIN')) {
         return false;
     }
     return $this->checkOwnAjaxRequest();
 }
 /**
  * Initialises the controller and ensures that only
  * ADMIN level users can access this controller
  */
 public function init()
 {
     parent::init();
     if (!Permission::check('ADMIN')) {
         return $this->httpError(403);
     }
 }
Exemplo n.º 12
0
 public function init()
 {
     parent::init();
     if (!Permission::check('CMS_ACCESS')) {
         Security::permissionFailure();
     }
 }
 public function index(SS_HTTPRequest $request)
 {
     if (!Director::isDev() && !Permission::check('CMS_ACCESS_CMSMain')) {
         return Security::permissionFailure($this);
     }
     if ($request->latestParam('ID')) {
         $templates = $this->templateArray();
         if (isset($templates[$request->latestParam('ID')])) {
             $next = false;
             $previous = false;
             $useNext = false;
             foreach ($templates as $k => $v) {
                 if ($useNext) {
                     $next = new ArrayData(array('Name' => $v['Name'], 'Link' => 'patterns/index/' . $k));
                     break;
                 }
                 if ($k == $request->latestParam('ID')) {
                     // mat
                     $useNext = true;
                 } else {
                     $previous = new ArrayData(array('Name' => $v['Name'], 'Link' => 'patterns/index/' . $k));
                 }
             }
             return $this->customise(new ArrayData(array('ClassName' => 'Pattern', 'IsPatternLab' => true, 'PreviousPattern' => $previous, 'NextPattern' => $next, 'PatternName' => $templates[$request->latestParam('ID')]['Name'], 'Patterns' => $this->renderWith(array($templates[$request->latestParam('ID')]['Template'])))))->renderWith($templates[$request->latestParam('ID')]['Template']);
         }
     }
     return $this->renderWith(array(__CLASS__, 'Page'));
 }
 /**
  * @param Member $member
  * @return boolean
  */
 public function canCreate($member = null)
 {
     if (!$member) {
         $member = Member::currentUser();
     }
     return false || Permission::check('ADMIN', 'any', $member) || Permission::check('CMS_ACCESS_AdvancedReportsAdmin', 'any', $member);
 }
Exemplo n.º 15
0
 public function init()
 {
     if (!Permission::check("ADMIN")) {
         Security::permissionFailure();
     }
     parent::init();
 }
 function canDeleteFromLive($members = null)
 {
     if (Permission::check('ADMIN')) {
         return true;
     }
     return false;
 }
 /**
  * SSCompactNavigator first checks if you are allowed to see the navigation bar, and if so, then checks
  * if third party templates have been specified. If so, it loads them, and provides them with the required
  * variables. If not, it loads the defaults instead.
  */
 public function SSCompactNavigator()
 {
     if (Director::isDev() || Permission::check('CMS_ACCESS_CMSMain')) {
         $RenderTemplate = isset(CompactNavigator::$Template) ? CompactNavigator::$Template : $this->class;
         if (isset(CompactNavigator::$CssTheme)) {
             Requirements::css(CompactNavigator::$CssTheme);
         } else {
             Requirements::css('compactnavigator/css/CompactNavigator.css');
         }
         if (isset(CompactNavigator::$JsTheme)) {
             Requirements::javascript(CompactNavigator::$JsTheme);
         } else {
             Requirements::javascript('compactnavigator/scripts/CompactNavigator.js');
         }
         if (class_exists("CMSMain")) {
             $this->owner->cmsLink = Controller::join_links(singleton("CMSMain")->Link("edit"), "show");
         }
         $this->owner->adminLink = self::$adminLink;
         if ($date = Versioned::current_archived_date()) {
             $this->owner->DisplayMode = 'Archived';
             $this->owner->ArDate = Object::create('Datetime', $date, null);
         } else {
             $this->owner->DisplayMode = Versioned::current_stage();
         }
         return $this->owner->renderWith(array($RenderTemplate, 'CompactNavigatior'));
     }
 }
 /**
  */
 public function getCMSFields()
 {
     $fields = new FieldSet(new TabSet('Root'));
     $cmsUsers = Member::mapInCMSGroups()->getItems();
     if ($cmsUsers && $cmsUsers->count()) {
         $cmsUsers = $cmsUsers->map();
     } else {
         $cmsUsers = array();
     }
     $fields->addFieldToTab('Root.Main', new TextField('Title', _t('WorkflowDefinition.TITLE', 'Title')));
     $fields->addFieldToTab('Root.Main', new TextareaField('Description', _t('WorkflowDefinition.DESCRIPTION', 'Description')));
     $fields->addFieldToTab('Root.Main', new CheckboxSetField('Users', _t('WorkflowDefinition.USERS', 'Users'), $cmsUsers));
     $fields->addFieldToTab('Root.Main', new TreeMultiselectField('Groups', _t('WorkflowDefinition.GROUPS', 'Groups'), 'Group'));
     if (class_exists('AbstractQueuedJob')) {
         $before = _t('WorkflowDefinition.SENDREMINDERDAYSBEFORE', 'Send reminder email after ');
         $after = _t('WorkflowDefinition.SENDREMINDERDAYSAFTER', ' days without action.');
         $fields->addFieldToTab('Root.Main', new FieldGroup(_t('WorkflowDefinition.REMINDEREMAIL', 'Reminder Email'), new LabelField('ReminderEmailBefore', $before), new NumericField('RemindDays', ''), new LabelField('ReminderEmailAfter', $after)));
     }
     if ($this->ID && Permission::check('VIEW_ACTIVE_WORKFLOWS')) {
         $fields->addFieldToTab('Root.ActiveInstances', $active = new ComplexTableField($this, 'Instances', 'WorkflowInstance', array('Title' => 'Title', 'Target.Title' => 'Target Title', 'WorkflowStatus' => 'Status', 'CurrentAction.Title' => 'Current Action', 'LastEdited' => 'Last Actioned'), 'getInstanceManagementFields', '"WorkflowStatus" IN (\'Active\', \'Paused\')', '"LastEdited" DESC'));
         if (Permission::check('REASSIGN_ACTIVE_WORKFLOWS')) {
             $active->setPermissions(array('show', 'edit'));
         } else {
             $active->setPermissions(array('show'));
         }
         $fields->addFieldToTab('Root.Completed', $complete = new ComplexTableField($this, 'CompletedInstances', 'WorkflowInstance', array('Title' => 'Title', 'Target.Title' => 'Target Title', 'WorkflowStatus' => 'Status', 'CurrentAction.Title' => 'Current Action', 'LastEdited' => 'Last Actioned'), 'getActionsSummaryFields', '"WorkflowStatus" IN (\'Complete\', \'Cancelled\')', '"LastEdited" DESC'));
         $complete->setPermissions(array('show'));
     }
     return $fields;
 }
Exemplo n.º 19
0
 public function updateCMSFields(\FieldList $fields)
 {
     if (!Permission::check('ADMIN')) {
         Requirements::css(HIDE_HISTORY_BASE . '/css/hide-history.css');
     }
     parent::updateCMSFields($fields);
 }
Exemplo n.º 20
0
 public function getList()
 {
     if (Permission::check('ADMIN')) {
         return parent::getList();
     }
     return parent::getList()->filter(array('Approved' => false));
 }
 /**
  * Provides a GUI for the insert/edit shortcode popup
  * @return Form
  **/
 public function ShortcodeForm()
 {
     if (!Permission::check('CMS_ACCESS_CMSMain')) {
         return;
     }
     Config::inst()->update('SSViewer', 'theme_enabled', false);
     // create a list of shortcodable classes for the ShortcodeType dropdown
     $classList = ClassInfo::implementorsOf('Shortcodable');
     $classes = array();
     foreach ($classList as $class) {
         $classes[$class] = singleton($class)->singular_name();
     }
     // load from the currently selected ShortcodeType or Shortcode data
     $classname = false;
     $shortcodeData = false;
     if ($shortcode = $this->request->requestVar('Shortcode')) {
         $shortcode = str_replace("", '', $shortcode);
         //remove BOM inside string on cursor position...
         $shortcodeData = singleton('ShortcodableParser')->the_shortcodes(array(), $shortcode);
         if (isset($shortcodeData[0])) {
             $shortcodeData = $shortcodeData[0];
             $classname = $shortcodeData['name'];
         }
     } else {
         $classname = $this->request->requestVar('ShortcodeType');
     }
     if ($shortcodeData) {
         $headingText = _t('Shortcodable.EDITSHORTCODE', 'Edit Shortcode');
     } else {
         $headingText = _t('Shortcodable.INSERTSHORTCODE', 'Insert Shortcode');
     }
     // essential fields
     $fields = FieldList::create(array(CompositeField::create(LiteralField::create('Heading', sprintf('<h3 class="htmleditorfield-shortcodeform-heading insert">%s</h3>', $headingText)))->addExtraClass('CompositeField composite cms-content-header nolabel'), LiteralField::create('shortcodablefields', '<div class="ss-shortcodable content">'), DropdownField::create('ShortcodeType', 'ShortcodeType', $classes, $classname)->setHasEmptyDefault(true)->addExtraClass('shortcode-type')));
     // attribute and object id fields
     if ($classname) {
         if (class_exists($classname)) {
             $class = singleton($classname);
             if (is_subclass_of($class, 'DataObject')) {
                 if (singleton($classname)->hasMethod('get_shortcodable_records')) {
                     $dataObjectSource = $classname::get_shortcodable_records();
                 } else {
                     $dataObjectSource = $classname::get()->map()->toArray();
                 }
                 $fields->push(DropdownField::create('id', $class->singular_name(), $dataObjectSource)->setHasEmptyDefault(true));
             }
             if ($attrFields = $classname::shortcode_attribute_fields()) {
                 $fields->push(CompositeField::create($attrFields)->addExtraClass('attributes-composite'));
             }
         }
     }
     // actions
     $actions = FieldList::create(array(FormAction::create('insert', _t('Shortcodable.BUTTONINSERTSHORTCODE', 'Insert shortcode'))->addExtraClass('ss-ui-action-constructive')->setAttribute('data-icon', 'accept')->setUseButtonTag(true)));
     // form
     $form = Form::create($this, "ShortcodeForm", $fields, $actions)->loadDataFrom($this)->addExtraClass('htmleditorfield-form htmleditorfield-shortcodable cms-dialog-content');
     if ($shortcodeData) {
         $form->loadDataFrom($shortcodeData['atts']);
     }
     $this->extend('updateShortcodeForm', $form);
     return $form;
 }
 public function getCMSFields()
 {
     $conf = SiteConfig::current_site_config();
     $themes = $conf->getAvailableThemes();
     $theme = new DropdownField('Theme', _t('Multisites.THEME', 'Theme'), $themes);
     $theme->setEmptyString(_t('Multisites.DEFAULTTHEME', '(Default theme)'));
     $fields = new FieldList(new TabSet('Root', new Tab('Main', new HeaderField('SiteConfHeader', _t('Multisites.SITECONF', 'Site Configuration')), new TextField('Title', _t('Multisites.TITLE', 'Title')), new TextField('Tagline', _t('Multisites.TAGLINE', 'Tagline/Slogan')), $theme, new HeaderField('SiteURLHeader', _t('Multisites.SITEURL', 'Site URL')), new OptionsetField('Scheme', _t('Multisites.SCHEME', 'Scheme'), array('any' => _t('Multisites.ANY', 'Any'), 'http' => _t('Multisites.HTTP', 'HTTP'), 'https' => _t('Multisites.HTTPS', 'HTTPS (HTTP Secure)'))), new TextField('Host', _t('Multisites.HOST', 'Host')), new MultiValueTextField('HostAliases', _t('Multisites.HOSTALIASES', 'Host Aliases')), new CheckboxField('IsDefault', _t('Multisites.ISDEFAULT', 'Is this the default site?')), new HeaderField('SiteAdvancedHeader', _t('Multisites.SiteAdvancedHeader', 'Advanced Settings')), TextareaField::create('RobotsTxt', _t('Multisites.ROBOTSTXT', 'Robots.txt'))->setDescription(_t('Multisites.ROBOTSTXTUSAGE', '<p>Please consult <a href="http://www.robotstxt.org/robotstxt.html" target="_blank">http://www.robotstxt.org/robotstxt.html</a> for usage of the robots.txt file.</p>')))));
     $devIDs = Config::inst()->get('Multisites', 'developer_identifiers');
     if (is_array($devIDs)) {
         if (!ArrayLib::is_associative($devIDs)) {
             $devIDs = ArrayLib::valuekey($devIDs);
         }
         $fields->addFieldToTab('Root.Main', DropdownField::create('DevID', _t('Multisites.DeveloperIdentifier', 'Developer Identifier'), $devIDs));
     }
     if (Multisites::inst()->assetsSubfolderPerSite()) {
         $fields->addFieldToTab('Root.Main', new TreeDropdownField('FolderID', _t('Multisites.ASSETSFOLDER', 'Assets Folder'), 'Folder'), 'SiteURLHeader');
     }
     if (!Permission::check('SITE_EDIT_CONFIGURATION')) {
         foreach ($fields->dataFields() as $field) {
             $fields->makeFieldReadonly($field);
         }
     }
     $this->extend('updateSiteCMSFields', $fields);
     return $fields;
 }
 public function init()
 {
     parent::init();
     if (!Permission::check('ADMIN')) {
         return Security::permissionFailure($this);
     }
 }
 function init()
 {
     parent::init();
     if (!Permission::check('ADMIN')) {
         Security::permissionFailure();
     }
 }
 /**
  * Provides a API for the preview embed content
  * @return HTML
  **/
 public function PreviewEmbedContent()
 {
     if (!Permission::check('CMS_ACCESS_CMSMain')) {
         return;
     }
     $params = $this->request->requestVars();
     $html = self::get_embed_content($params);
     /*if((isset($params['EmbedWidth']) && trim($params['EmbedWidth']) != '')
           ||(isset($params['EmbedHeight']) && trim($params['EmbedHeight']) != '')
           || (isset($params['EmbedFloat']) && trim($params['EmbedFloat']) != '')
           || (isset($params['EmbedCSSClass']) && trim($params['EmbedCSSClass']) != '')){
           $style = array();
           if(isset($params['EmbedWidth']) && trim($params['EmbedWidth']) != ''){
               $style[] = 'width:'.$params['EmbedWidth'].$params['EmbedWidthUnit'];
           }
           if(isset($params['EmbedHeight']) && trim($params['EmbedHeight']) != ''){
               $style[] = 'height:'.$params['EmbedHeight'].$params['EmbedHeightUnit'];
           }
           if(isset($params['EmbedFloat']) && trim($params['EmbedFloat']) != ''){
               $style[] = 'float:'.$params['EmbedFloat'];
           }
           if(count($style)){
               $style = "style='".implode(';', $style)."'";
           }
           else{
               $style = '';
           }
           $class = '';
           if(isset($params['EmbedCSSClass']) && trim($params['EmbedCSSClass']) != ''){
               $class = trim($params['EmbedCSSClass']);
           }
           $html = "<div class='embedcontent-block $class' $style>".$html."</div>";
       }*/
     return $html;
 }
 function init()
 {
     parent::init();
     if (!(Director::isDev() || Director::is_cli() || Permission::check("ADMIN"))) {
         return Security::permissionFailure($this);
     }
 }
 function init()
 {
     if (!Director::is_cli() && !Director::isDev() && !Permission::check("ADMIN")) {
         Security::permissionFailure();
     }
     parent::init();
 }
 /**
  * Return the title, description, keywords and language metatags.
  * 
  * @todo Move <title> tag in separate getter for easier customization and more obvious usage
  * 
  * @param boolean|string $includeTitle Show default <title>-tag, set to false for custom templating
  * @return string The XHTML metatags
  */
 public function MetaTags($includeTitle = true)
 {
     $tags = "";
     if ($includeTitle === true || $includeTitle == 'true') {
         $tags .= "<title>" . Convert::raw2xml($this->Title) . "</title>\n";
     }
     $generator = trim(Config::inst()->get('SiteTree', 'meta_generator'));
     if (!empty($generator)) {
         $tags .= "<meta name=\"generator\" content=\"" . Convert::raw2att($generator) . "\" />\n";
     }
     $charset = Config::inst()->get('ContentNegotiator', 'encoding');
     $tags .= "<meta http-equiv=\"Content-type\" content=\"text/html; charset={$charset}\" />\n";
     if ($this->MetaDescription) {
         $tags .= "<meta name=\"description\" content=\"" . Convert::raw2att($this->MetaDescription) . "\" />\n";
     }
     if ($this->ExtraMeta) {
         $tags .= $this->ExtraMeta . "\n";
     }
     if (Permission::check('CMS_ACCESS_CMSMain') && in_array('CMSPreviewable', class_implements($this)) && !$this instanceof ErrorPage) {
         $tags .= "<meta name=\"x-page-id\" content=\"{$this->ID}\" />\n";
         $tags .= "<meta name=\"x-cms-edit-link\" content=\"" . $this->CMSEditLink() . "\" />\n";
     }
     $this->extend('MetaTags', $tags);
     return $tags;
 }
 function init()
 {
     if (!Permission::check('ADMIN')) {
         Requirements::css('iq-security/css/iq-security.css');
     }
     Requirements::javascript('iq-security/javascript/iq-security.js');
 }
 /**
  * @return bool
  */
 protected function authorize()
 {
     if (!Permission::check('ADMIN_SUMMIT_APP_FRONTEND_ADMIN')) {
         return false;
     }
     return true;
 }