Skip to content

Commit

Permalink
Improve permissions flexibility
Browse files Browse the repository at this point in the history
  • Loading branch information
dizzystuff committed Jul 3, 2021
1 parent 60b3d21 commit 7f510aa
Show file tree
Hide file tree
Showing 2 changed files with 74 additions and 24 deletions.
57 changes: 44 additions & 13 deletions src/Model/MenuItem.php
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,14 @@
use SilverStripe\Forms\OptionsetField;
use SilverStripe\Forms\Tab;
use SilverStripe\Forms\TreeDropdownField;
use SilverStripe\Security\Permission;
use SilverStripe\Security\PermissionProvider;
use SilverStripe\Versioned\Versioned;
use Symbiote\GridFieldExtensions\GridFieldAddNewMultiClass;
use Symbiote\GridFieldExtensions\GridFieldOrderableRows;
use UncleCheese\DisplayLogic\Forms\Wrapper;

class MenuItem extends SuperLink
class MenuItem extends SuperLink implements PermissionProvider
{
const SUBMENU_SITETREE = 'sitetree';
const SUBMENU_MANUAL = 'manual';
Expand Down Expand Up @@ -308,33 +310,62 @@ public function CMSEditLink()

public function canView($member = null)
{
if ($this->ParentID) {
return $this->Parent()->canView($member);
$can = Permission::checkMember($member, 'MANAGE_MENUITEMS');
if ($can) {
if ($this->ParentID) {
$can = $this->Parent()->canView($member, $context);
}
}
return $this->MenuSet()->canView($member);
return $can;
}

public function canEdit($member = null)
{
if ($this->ParentID) {
return $this->Parent()->canEdit($member);
$can = Permission::checkMember($member, 'MANAGE_MENUITEMS');
if ($can) {
if ($this->ParentID) {
$can = $this->Parent()->canEdit($member, $context);
}
}
return $this->MenuSet()->canEdit($member);
return $can;
}

public function canDelete($member = null)
{
if ($this->ParentID) {
return $this->Parent()->canDelete($member);
$can = Permission::checkMember($member, 'DELETE_MENUITEMS');
if ($can) {
if ($this->ParentID) {
$can = $this->Parent()->canDelete($member, $context);
}
}
return $this->MenuSet()->canDelete($member);
return $can;
}

public function canCreate($member = null, $context = [])
{
if ($this->ParentID) {
return $this->Parent()->canCreate($member, $context);
$can = Permission::checkMember($member, 'CREATE_MENUITEMS');
if ($can) {
if ($this->ParentID) {
$can = $this->Parent()->canCreate($member, $context);
}
}
return $this->MenuSet()->canEdit($member);
return $can;
}

public function providePermissions() {
return [
'MANAGE_MENUITEMS' => array(
'name' => 'Manage menu items',
'category' => 'Menus',
),
'CREATE_MENUITEMS' => array(
'name' => 'Create menu items',
'category' => 'Menus',
),
'DELETE_MENUITEMS' => array(
'name' => 'Delete menu items',
'category' => 'Menus',
)
];
}
}
41 changes: 30 additions & 11 deletions src/Model/MenuSet.php
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,14 @@
use SilverStripe\Forms\TabSet;
use SilverStripe\Forms\TextField;
use SilverStripe\ORM\DataObject;
use SilverStripe\Security\Permission;
use SilverStripe\Security\PermissionProvider;
use SilverStripe\Versioned\Versioned;
use SilverStripe\View\SSViewer;
use Symbiote\GridFieldExtensions\GridFieldAddNewMultiClass;
use Symbiote\GridFieldExtensions\GridFieldOrderableRows;

class MenuSet extends DataObject
class MenuSet extends DataObject implements PermissionProvider
{
private static $table_name = 'MenuSet';
private static $singular_name = 'Menu';
Expand Down Expand Up @@ -447,29 +449,46 @@ public function getCMSFields()

public function canCreate($member = null, $context = null)
{
return false;
return Permission::checkMember($member, 'CREATE_MENUSETS');
}

public function canDelete($member = null)
{
return false;
return Permission::checkMember($member, 'DELETE_MENUSETS');
}

public function canEdit($member = null)
{
$can = $this->Parent()->canEdit($member);
if ($can === false) {
return false;
$can = Permission::checkMember($member, 'MANAGE_MENUSETS');
if ($can) {
$can = $this->Parent()->canEdit($member);
}
return parent::canEdit($member);
return $can;
}

public function canView($member = null)
{
$can = $this->Parent()->canView($member);
if ($can === false) {
return false;
$can = Permission::checkMember($member, 'MANAGE_MENUSETS');
if ($can) {
$can = $this->Parent()->canView($member);
}
return parent::canView($member);
return $can;
}

public function providePermissions() {
return [
'MANAGE_MENUSETS' => array(
'name' => 'Manage menu sets',
'category' => 'Menus',
),
'CREATE_MENUSETS' => array(
'name' => 'Create menu sets',
'category' => 'Menus',
),
'DELETE_MENUSETS' => array(
'name' => 'Delete menu sets',
'category' => 'Menus',
)
];
}
}

0 comments on commit 7f510aa

Please sign in to comment.