public function providePermissions()
 {
     $perms = array("CMS_ACCESS_LeftAndMain" => array('name' => _t('CMSMain.ACCESSALLINTERFACES', 'Access to all CMS sections'), 'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access'), 'help' => _t('CMSMain.ACCESSALLINTERFACESHELP', 'Overrules more specific access settings.'), 'sort' => -100));
     // Add any custom ModelAdmin subclasses. Can't put this on ModelAdmin itself
     // since its marked abstract, and needs to be singleton instanciated.
     foreach (ClassInfo::subclassesFor('SilverStripe\\Admin\\ModelAdmin') as $i => $class) {
         if ($class == 'SilverStripe\\Admin\\ModelAdmin') {
             continue;
         }
         if (ClassInfo::classImplements($class, 'SilverStripe\\Dev\\TestOnly')) {
             continue;
         }
         // Check if modeladmin has explicit required_permission_codes option.
         // If a modeladmin is namespaced you can apply this config to override
         // the default permission generation based on fully qualified class name.
         $code = $this->getRequiredPermissions();
         if (!$code) {
             continue;
         }
         // Get first permission if multiple specified
         if (is_array($code)) {
             $code = reset($code);
         }
         $title = LeftAndMain::menu_title($class);
         $perms[$code] = array('name' => _t('CMSMain.ACCESS', "Access to '{title}' section", "Item in permission selection identifying the admin section. Example: Access to 'Files & Images'", array('title' => $title)), 'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access'));
     }
     return $perms;
 }
 public function testCanView()
 {
     $adminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
     $securityonlyuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'securityonlyuser');
     $allcmssectionsuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'allcmssectionsuser');
     // anonymous user
     $this->session()->inst_set('loggedInAs', null);
     $this->resetMenu();
     $menuItems = LeftAndMain::singleton()->MainMenu(false);
     $this->assertEquals($menuItems->column('Code'), array(), 'Without valid login, members cant access any menu entries');
     // restricted cms user
     $this->logInAs($securityonlyuser);
     $this->resetMenu();
     $menuItems = LeftAndMain::singleton()->MainMenu(false);
     $menuItems = $menuItems->column('Code');
     sort($menuItems);
     $this->assertEquals(array('Help', 'SilverStripe-Admin-CMSProfileController', 'SilverStripe-Admin-SecurityAdmin'), $menuItems, 'Groups with limited access can only access the interfaces they have permissions for');
     // all cms sections user
     $this->logInAs($allcmssectionsuser);
     $this->resetMenu();
     $menuItems = LeftAndMain::singleton()->MainMenu(false);
     $this->assertContains('SilverStripe-Admin-CMSProfileController', $menuItems->column('Code'), 'Group with CMS_ACCESS_SilverStripe\\Admin\\LeftAndMain permission can edit own profile');
     $this->assertContains('SilverStripe-Admin-SecurityAdmin', $menuItems->column('Code'), 'Group with CMS_ACCESS_SilverStripe\\Admin\\LeftAndMain permission can access all sections');
     $this->assertContains('Help', $menuItems->column('Code'), 'Group with CMS_ACCESS_SilverStripe\\Admin\\LeftAndMain permission can access all sections');
     // admin
     $this->logInAs($adminuser);
     $this->resetMenu();
     $menuItems = LeftAndMain::singleton()->MainMenu(false);
     $this->assertContains('SilverStripe-Admin-SecurityAdmin', $menuItems->column('Code'), 'Administrators can access Security Admin');
     $this->session()->inst_set('loggedInAs', null);
 }
 /**
  * Only show first element, as the profile form is limited to editing
  * the current member it doesn't make much sense to show the member name
  * in the breadcrumbs.
  *
  * @param bool $unlinked
  * @return ArrayList
  */
 public function Breadcrumbs($unlinked = false)
 {
     $items = parent::Breadcrumbs($unlinked);
     return new ArrayList(array($items[0]));
 }
 /**
  * @param bool $unlinked
  * @return ArrayList
  */
 public function Breadcrumbs($unlinked = false)
 {
     $items = parent::Breadcrumbs($unlinked);
     // Show the class name rather than ModelAdmin title as root node
     $models = $this->getManagedModels();
     $params = $this->getRequest()->getVars();
     if (isset($params['url'])) {
         unset($params['url']);
     }
     $items[0]->Title = $models[$this->modelClass]['title'];
     $items[0]->Link = Controller::join_links($this->Link($this->sanitiseClassName($this->modelClass)), '?' . http_build_query($params));
     return $items;
 }
    public function schema($request)
    {
        // TODO Hardcoding schema until we can get GridField to generate a schema dynamically
        $treeClassJS = Convert::raw2js($this->config()->tree_class);
        $adminURL = Convert::raw2js(AdminRootController::admin_url());
        $json = <<<JSON
{
\t"id": "{$adminURL}campaigns\\/schema\\/EditForm",
\t"schema": {
\t\t"name": "EditForm",
\t\t"id": "Form_EditForm",
\t\t"action": "schema",
\t\t"method": "GET",
\t\t"attributes": {
\t\t\t"id": "Form_EditForm",
\t\t\t"action": "{$adminURL}campaigns\\/EditForm",
\t\t\t"method": "POST",
\t\t\t"enctype": "multipart\\/form-data",
\t\t\t"target": null
\t\t},
\t\t"data": [],
\t\t"fields": [{
\t\t\t"name": "ID",
\t\t\t"id": "Form_EditForm_ID",
\t\t\t"type": "Hidden",
\t\t\t"component": null,
\t\t\t"holderId": null,
\t\t\t"title": false,
\t\t\t"source": null,
\t\t\t"extraClass": "hidden form-group--no-label",
\t\t\t"description": null,
\t\t\t"rightTitle": null,
\t\t\t"leftTitle": null,
\t\t\t"readOnly": false,
\t\t\t"disabled": false,
\t\t\t"customValidationMessage": "",
\t\t\t"attributes": [],
\t\t\t"data": []
\t\t}, {
\t\t\t"name": "ChangeSets",
\t\t\t"id": "Form_EditForm_ChangeSets",
\t\t\t"type": "Custom",
\t\t\t"component": "GridField",
\t\t\t"holderId": null,
\t\t\t"title": "Campaigns",
\t\t\t"source": null,
\t\t\t"extraClass": null,
\t\t\t"description": null,
\t\t\t"rightTitle": null,
\t\t\t"leftTitle": null,
\t\t\t"readOnly": false,
\t\t\t"disabled": false,
\t\t\t"customValidationMessage": "",
\t\t\t"attributes": [],
\t\t\t"data": {
\t\t\t\t"recordType": "{$treeClassJS}",
\t\t\t\t"collectionReadEndpoint": {
\t\t\t\t\t"url": "{$adminURL}campaigns\\/sets",
\t\t\t\t\t"method": "GET"
\t\t\t\t},
\t\t\t\t"itemReadEndpoint": {
\t\t\t\t\t"url": "{$adminURL}campaigns\\/set\\/:id",
\t\t\t\t\t"method": "GET"
\t\t\t\t},
\t\t\t\t"itemUpdateEndpoint": {
\t\t\t\t\t"url": "{$adminURL}campaigns\\/set\\/:id",
\t\t\t\t\t"method": "PUT"
\t\t\t\t},
\t\t\t\t"itemCreateEndpoint": {
\t\t\t\t\t"url": "{$adminURL}campaigns\\/set\\/:id",
\t\t\t\t\t"method": "POST"
\t\t\t\t},
\t\t\t\t"itemDeleteEndpoint": {
\t\t\t\t\t"url": "{$adminURL}campaigns\\/set\\/:id",
\t\t\t\t\t"method": "DELETE"
\t\t\t\t},
\t\t\t\t"editFormSchemaEndpoint": "{$adminURL}campaigns\\/schema\\/DetailEditForm",
\t\t\t\t"columns": [
\t\t\t\t\t{"name": "Title", "field": "Name"},
\t\t\t\t\t{"name": "Changes", "field": "ChangesCount"},
\t\t\t\t\t{"name": "Description", "field": "Description"}
\t\t\t\t]
\t\t\t}
\t\t}, {
\t\t\t"name": "SecurityID",
\t\t\t"id": "Form_EditForm_SecurityID",
\t\t\t"type": "Hidden",
\t\t\t"component": null,
\t\t\t"holderId": null,
\t\t\t"title": "Security ID",
\t\t\t"source": null,
\t\t\t"extraClass": "hidden",
\t\t\t"description": null,
\t\t\t"rightTitle": null,
\t\t\t"leftTitle": null,
\t\t\t"readOnly": false,
\t\t\t"disabled": false,
\t\t\t"customValidationMessage": "",
\t\t\t"attributes": [],
\t\t\t"data": []
\t\t}],
\t\t"actions": []
\t}
}
JSON;
        $formName = $request->param('ID');
        if ($formName == 'EditForm') {
            $response = $this->getResponse();
            $response->addHeader('Content-Type', 'application/json');
            $response->setBody($json);
            return $response;
        } else {
            return parent::schema($request);
        }
    }
 public function Breadcrumbs($unlinked = false)
 {
     $crumbs = parent::Breadcrumbs($unlinked);
     // Name root breadcrumb based on which record is edited,
     // which can only be determined by looking for the fieldname of the GridField.
     // Note: Titles should be same titles as tabs in RootForm().
     $params = $this->getRequest()->allParams();
     if (isset($params['FieldName'])) {
         // TODO FieldName param gets overwritten by nested GridFields,
         // so shows "Members" rather than "Groups" for the following URL:
         // admin/security/EditForm/field/Groups/item/2/ItemEditForm/field/Members/item/1/edit
         $firstCrumb = $crumbs->shift();
         if ($params['FieldName'] == 'Groups') {
             $crumbs->unshift(new ArrayData(array('Title' => Group::singleton()->i18n_plural_name(), 'Link' => $this->Link('groups'))));
         } elseif ($params['FieldName'] == 'Users') {
             $crumbs->unshift(new ArrayData(array('Title' => _t('SecurityAdmin.Users', 'Users'), 'Link' => $this->Link('users'))));
         } elseif ($params['FieldName'] == 'Roles') {
             $crumbs->unshift(new ArrayData(array('Title' => _t('SecurityAdmin.TABROLES', 'Roles'), 'Link' => $this->Link('roles'))));
         }
         $crumbs->unshift($firstCrumb);
     }
     return $crumbs;
 }
Exemplo n.º 7
0
 /**
  * Get a map of all members in the groups given that have CMS permissions
  *
  * If no groups are passed, all groups with CMS permissions will be used.
  *
  * @param array $groups Groups to consider or NULL to use all groups with
  *                      CMS permissions.
  * @return Map Returns a map of all members in the groups given that
  *                have CMS permissions.
  */
 public static function mapInCMSGroups($groups = null)
 {
     if (!$groups || $groups->Count() == 0) {
         $perms = array('ADMIN', 'CMS_ACCESS_AssetAdmin');
         if (class_exists('SilverStripe\\CMS\\Controllers\\CMSMain')) {
             $cmsPerms = CMSMain::singleton()->providePermissions();
         } else {
             $cmsPerms = LeftAndMain::singleton()->providePermissions();
         }
         if (!empty($cmsPerms)) {
             $perms = array_unique(array_merge($perms, array_keys($cmsPerms)));
         }
         $permsClause = DB::placeholders($perms);
         /** @skipUpgrade */
         $groups = Group::get()->innerJoin("Permission", '"Permission"."GroupID" = "Group"."ID"')->where(array("\"Permission\".\"Code\" IN ({$permsClause})" => $perms));
     }
     $groupIDList = array();
     if ($groups instanceof SS_List) {
         foreach ($groups as $group) {
             $groupIDList[] = $group->ID;
         }
     } elseif (is_array($groups)) {
         $groupIDList = $groups;
     }
     /** @skipUpgrade */
     $members = Member::get()->innerJoin("Group_Members", '"Group_Members"."MemberID" = "Member"."ID"')->innerJoin("Group", '"Group"."ID" = "Group_Members"."GroupID"');
     if ($groupIDList) {
         $groupClause = DB::placeholders($groupIDList);
         $members = $members->where(array("\"Group\".\"ID\" IN ({$groupClause})" => $groupIDList));
     }
     return $members->sort('"Member"."Surname", "Member"."FirstName"')->map();
 }
 /**
  * Provide menu titles to the i18n entity provider
  */
 public function provideI18nEntities()
 {
     $cmsClasses = self::get_cms_classes();
     $entities = array();
     foreach ($cmsClasses as $cmsClass) {
         $defaultTitle = LeftAndMain::menu_title($cmsClass, false);
         $ownerModule = i18n::get_owner_module($cmsClass);
         $entities["{$cmsClass}.MENUTITLE"] = array($defaultTitle, 'Menu title', $ownerModule);
     }
     return $entities;
 }
 /**
  * Gets a JSON schema representing the current edit form.
  *
  * WARNING: Experimental API.
  *
  * @param HTTPRequest $request
  * @return HTTPResponse
  */
 public function schema($request)
 {
     $formName = $request->param('FormName');
     if ($formName !== 'fileHistoryForm') {
         return parent::schema($request);
     }
     // Get schema for history form
     // @todo Eventually all form scaffolding will be based on context rather than record ID
     // See https://github.com/silverstripe/silverstripe-framework/issues/6362
     $itemID = $request->param('ItemID');
     $version = $request->param('OtherItemID');
     $form = $this->getFileHistoryForm(['RecordID' => $itemID, 'RecordVersion' => $version]);
     // Respond with this schema
     $response = $this->getResponse();
     $response->addHeader('Content-Type', 'application/json');
     $schemaID = $this->getRequest()->getURL();
     return $this->getSchemaResponse($schemaID, $form);
 }