/**
  * Relax the access permissions, so anyone who has access to any CMS subsite can access this controller.
  */
 public function canView($member = null)
 {
     if (parent::canView()) {
         return true;
     }
     if (Subsite::all_accessible_sites()->count() > 0) {
         return true;
     }
     return false;
 }
Пример #2
0
	/**
	 * Does the parent permission checks, but also
	 * makes sure that instantiatable subclasses of
	 * {@link Report} exist. By default, the CMS doesn't
	 * include any Reports, so there's no point in showing
	 *
	 * @param Member $member
	 * @return boolean
	 */
	function canView($member = null) {
		if(!$member && $member !== FALSE) $member = Member::currentUser();

		if(!parent::canView($member)) return false;

		$hasViewableSubclasses = false;
		foreach($this->Reports() as $report) {
			if($report->canView($member)) return true;
		}

		return false;
	}
 function canView()
 {
     if (self::$trusted_envs && !in_array(Director::get_environment_type(), self::$trusted_envs)) {
         return false;
     }
     if (self::$trusted_ips && !in_array($_SERVER['REMOTE_ADDR'], self::$trusted_ips)) {
         return false;
     }
     if (!self::$activated) {
         return false;
     }
     return parent::canView();
 }
Пример #4
0
 /**
  * Does the parent permission checks, but also
  * makes sure that instantiatable subclasses of
  * {@link Report} exist. By default, the CMS doesn't
  * include any Reports, so there's no point in showing
  *
  * @param Member $member
  * @return boolean
  */
 public function canView($member = null)
 {
     if (!$member && $member !== FALSE) {
         $member = Member::currentUser();
     }
     if (!parent::canView($member)) {
         return false;
     }
     if ($this->reportObject) {
         return $this->reportObject->canView($member);
     }
     foreach ($this->Reports() as $report) {
         if ($report->canView($member)) {
             return true;
         }
     }
     return false;
 }
Пример #5
0
	/**
	 * Does the parent permission checks, but also
	 * makes sure that instantiatable subclasses of
	 * {@link Report} exist. By default, the CMS doesn't
	 * include any Reports, so there's no point in showing
	 * 
	 * @param Member $member
	 * @return boolean
	 */
	function canView($member = null) {
		if(!$member && $member !== FALSE) {
			$member = Member::currentUser();
		}
		
		if(!parent::canView($member)) return false;
		
		$hasViewableSubclasses = false;
		$subClasses = array_values(ClassInfo::subclassesFor('SSReport'));
		foreach($subClasses as $subclass) {
			// Remove abstract classes and LeftAndMain
			$classReflection = new ReflectionClass($subclass);
			if($classReflection->isInstantiable() && $subclass != 'SSReport') {
				if(singleton($subclass)->canView()) $hasViewableSubclasses = true;
			}			
		}
		
		return $hasViewableSubclasses;
	}
 function testAlternateAccessCheck()
 {
     $admin = $this->objFromFixture("Member", "admin");
     $this->loginAs($admin);
     $ids = array();
     $subsite1 = $this->objFromFixture('Subsite', 'domaintest1');
     $subsite2 = $this->objFromFixture('Subsite', 'domaintest2');
     $subsite3 = $this->objFromFixture('Subsite', 'domaintest3');
     $ids[] = $subsite1->ID;
     $ids[] = $subsite2->ID;
     $ids[] = $subsite3->ID;
     $ids[] = 0;
     foreach ($ids as $id) {
         Subsite::changeSubsite($id);
         //switch to main site (subsite ID zero)
         $left = new LeftAndMain();
         $this->assertTrue($left->canView(), "Admin user can view subsites LeftAndMain with id = '{$id}'");
         $this->assertEquals($id, Subsite::currentSubsiteID(), "The current subsite has not been changed in the process of checking permissions for admin user.");
     }
 }
 function testAccessChecksDontChangeCurrentSubsite()
 {
     $admin = $this->objFromFixture("Member", "admin");
     $this->loginAs($admin);
     $ids = array();
     $subsite1 = $this->objFromFixture('Subsite', 'domaintest1');
     $subsite2 = $this->objFromFixture('Subsite', 'domaintest2');
     $subsite3 = $this->objFromFixture('Subsite', 'domaintest3');
     $ids[] = $subsite1->ID;
     $ids[] = $subsite2->ID;
     $ids[] = $subsite3->ID;
     $ids[] = 0;
     // Enable session-based subsite tracking.
     Subsite::$use_session_subsiteid = true;
     foreach ($ids as $id) {
         Subsite::changeSubsite($id);
         $this->assertEquals($id, Subsite::currentSubsiteID());
         $left = new LeftAndMain();
         $this->assertTrue($left->canView(), "Admin user can view subsites LeftAndMain with id = '{$id}'");
         $this->assertEquals($id, Subsite::currentSubsiteID(), "The current subsite has not been changed in the process of checking permissions for admin user.");
     }
 }
 /**
  * @param null $member
  * @return bool|int
  */
 public function canView($member = null)
 {
     if (!$member && $member !== false) {
         $member = Member::currentUser();
     }
     $codes = array();
     $extraCodes = $this->stat('required_permission_codes');
     if ($extraCodes !== false) {
         // allow explicit FALSE to disable subclass check
         if ($extraCodes) {
             $codes = array_merge($codes, (array) $extraCodes);
         } else {
             $codes[] = "CMS_ACCESS_{$this->class}";
         }
     }
     foreach ($codes as $code) {
         if (!Permission::checkMember($member, $code)) {
             return false;
         }
     }
     return parent::canView($member);
 }