/** * Checks for permission-code CMS_ACCESS_SecurityAdmin. * If the group has ADMIN permissions, it requires the user to have ADMIN permissions as well. * * @param $member Member * @return boolean */ public function canEdit($member = null) { if (!$member || !is_a($member, 'SilverStripe\\Security\\Member') || is_numeric($member)) { $member = Member::currentUser(); } // extended access checks $results = $this->extend('canEdit', $member); if ($results && is_array($results)) { if (!min($results)) { return false; } } if ((bool) Permission::checkMember($member, "ADMIN") || Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin") && !Permission::get()->filter(array('GroupID' => $this->ID, 'Code' => 'ADMIN'))->exists()) { return true; } return false; }