private function setPermissions()
{
/*
* This only covers permissions in 5.6+ They changed quite massively at
* that revision. Eventually, this package will have other branches for
* earlier versions.
*
* Not everything shown here will work with simple permissions. People
* will just be set as able to view or admin, the nuanced stuff about
* sub page permissions, etc will not be applied
*
* First off, we need to set up arrays of what people are allowed to do.
*/
$viewOnly = array('view_page');
$writePage = array('view_page', 'view_page_versions', 'edit_page_properties', 'edit_page_contents', 'approve_page_versions');
$adminPage = array('edit_page_speed_settings', 'edit_page_permissions', 'edit_page_theme', 'schedule_page_contents_guest_access', 'edit_page_type', 'delete_page', 'preview_page_as_user', 'delete_page_versions', 'move_or_copy_page', 'edit_page_type');
// Now to get the the group that we made for boilerplate
$bpGroup = Group::getByName("Boilerplate Admins");
// Then the current user, again, could be anyone
$u = new User();
$ui = UserInfo::getByID($u->getUserID());
// and our sample page
$bpPage = Page::getByPath('/boilerplate-sample');
if (is_object($bpPage) && is_a($bpPage, "Page")) {
// by passing in -1, we are saying that all permissions in the array are
// not allowed
//
// After some more digging, it seems like saying can't view doesn't
// work properly. It will hide the page from everyone. If you simply
// don't assign any permissions for them at all, then it works properly
// I don't get why that is, might be a bug.
//
// $bpPage->assignPermissions(Group::getByID(GUEST_GROUP_ID), $viewOnly, -1);
// $bpPage->assignPermissions(Group::getByID(REGISTERED_GROUP_ID), $viewOnly, -1);
$bpPage->assignPermissions(Group::getByID(ADMIN_GROUP_ID), $adminPage);
$bpPage->assignPermissions(Group::getByID(ADMIN_GROUP_ID), $writePage);
$bpPage->assignPermissions($bpGroup, $writePage);
$bpPage->assignPermissions($ui, $writePage);
// at this point, our page will let people edit, and others can't even view
// in order to allow sub-pages to be added by our admins, we'll need to get
// a _bit_ more complicated.
// this could probbly be cleaned up a little, to be more efficient
// first get the ctID of the page type we want them to be able to add
$bpID = CollectionType::getByHandle('boilerplate')->getCollectionTypeID();
// In order to allow the user to add sub pages, we need to do this
$bpAdminUserPE = UserPermissionAccessEntity::getOrCreate($ui);
$entities[] = $bpAdminUserPE;
// lets them add external links
$args = array();
$args['allowExternalLinksIncluded'][$bpAdminUserPE->getAccessEntityID()] = 1;
// I can't remember why it's "C" or what the other options are...
$args['pageTypesIncluded'][$bpAdminUserPE->getAccessEntityID()] = 'C';
// you can repeat this with as many different collection type IDs as you like
$args['ctIDInclude'][$bpAdminUserPE->getAccessEntityID()][] = $bpID;
// now to allow it for groups
$bpAdminPE = GroupPermissionAccessEntity::getOrCreate($bpGroup);
$entities[] = $bpAdminPE;
$args['allowExternalLinksIncluded'][$bpAdminPE->getAccessEntityID()] = 1;
$args['pageTypesIncluded'][$bpAdminPE->getAccessEntityID()] = 'C';
$args['ctIDInclude'][$bpAdminPE->getAccessEntityID()][] = $bpID;
// ordinary admins
$adminPE = GroupPermissionAccessEntity::getOrCreate(Group::getByID(ADMIN_GROUP_ID));
$entities[] = $adminPE;
$args['allowExternalLinksIncluded'][$adminPE->getAccessEntityID()] = 1;
$args['pageTypesIncluded'][$adminPE->getAccessEntityID()] = 'C';
$args['ctIDInclude'][$adminPE->getAccessEntityID()][] = $bpID;
// and now some crazy voodoo
$pk = PagePermissionKey::getByHandle('add_subpage');
$pk->setPermissionObject($bpPage);
$pt = $pk->getPermissionAssignmentObject();
$pa = $pk->getPermissionAccessObject();
if (!is_object($pa)) {
$pa = PermissionAccess::create($pk);
}
foreach ($entities as $pe) {
$pa->addListItem($pe, false, PagePermissionKey::ACCESS_TYPE_INCLUDE);
}
$pa->save($args);
$pt->assignPermissionAccess($pa);
// and now we set it so that sub-pages added under this page
// inherit the same permissions
$pkr = new ChangeSubpageDefaultsInheritancePageWorkflowRequest();
$pkr->setRequestedPage($bpPage);
// if you pass in 0, they will inherit from page type default
// permissions in the dashboard. That's what they would do anyway,
// if you don't do any of this stuff.
$pkr->setPagePermissionsInheritance(1);
$pkr->setRequesterUserID($u->getUserID());
$pkr->trigger();
}
}
$pkr->setPagePermissionsInheritance($_REQUEST['mode']);
$pkr->setRequesterUserID($u->getUserID());
$response = $pkr->trigger();
if (!$response instanceof WorkflowProgressResponse) {
$deferred = true;
}
}
$obj = new stdClass();
$obj->deferred = $deferred;
print Loader::helper('json')->encode($obj);
exit;
}
if ($_REQUEST['task'] == 'change_subpage_defaults_inheritance' && Loader::helper("validation/token")->validate('change_subpage_defaults_inheritance')) {
$deferred = false;
foreach ($pages as $c) {
$pkr = new ChangeSubpageDefaultsInheritancePageWorkflowRequest();
$pkr->setRequestedPage($c);
$pkr->setPagePermissionsInheritance($_REQUEST['inherit']);
$pkr->setRequesterUserID($u->getUserID());
$response = $pkr->trigger();
if (!$response instanceof WorkflowProgressResponse) {
$deferred = true;
}
}
$obj = new stdClass();
$obj->deferred = $deferred;
print Loader::helper('json')->encode($obj);
exit;
}
if ($_REQUEST['task'] == 'display_access_cell' && Loader::helper("validation/token")->validate('display_access_cell')) {
$pk = PermissionKey::getByID($_REQUEST['pkID']);