Add page-publish permission for those that want it (like @StrategyGamer…

…). Note that PW won't use it unless you specifically add a permission named 'page-publish' in Admin > Access > Permissions, and then assign it to a role.

wire/core/PageFinder.php

@@ -32,8 +32,8 @@ class PageFinder extends Wire {
 	 * @param Fieldgroups $fieldgroups
 	 *
 	 */
-	public function __construct($fieldgroups) {
-		$this->fieldgroups = $fieldgroups; 
+	public function __construct() {
+		$this->fieldgroups = $this->fuel('fieldgroups'); 
 	}
 
 	/**

wire/core/Pages.php

@@ -76,7 +76,7 @@ class Pages extends Wire {
 	public function __construct() {
 		$this->config = $this->fuel('config');
 		$this->templates = $this->fuel('templates'); 
-		$this->pageFinder = new PageFinder($this->fuel('fieldgroups')); 
+		$this->pageFinder = new PageFinder(); 
 		$this->sortfields = new PagesSortfields();
 	}
 
@@ -927,7 +927,7 @@ public function uncache(Page $page) {
 	public function uncacheAll() {
 
 		unset($this->pageFinder); 
-		$this->pageFinder = new PageFinder($this->fuel('fieldgroups')); 
+		$this->pageFinder = new PageFinder(); 
 
 		unset($this->sortfields); 
 		$this->sortfields = new PagesSortfields();

wire/modules/PagePermissions.module

@@ -23,7 +23,7 @@ class PagePermissions extends WireData implements Module {
 	public static function getModuleInfo() {
 		return array(
 			'title' => 'Page Permissions', 
-			'version' => 101, 
+			'version' => 102, 
 			'summary' => 'Adds various permission methods to Page objects that are used by Process modules.',
 			'permanent' => true, 
 			'singular' => true,
@@ -33,6 +33,7 @@ class PagePermissions extends WireData implements Module {
 
 	public function init() {
 		$this->addHook('Page::editable', $this, 'editable'); 
+		$this->addHook('Page::publishable', $this, 'publishable'); 
 		$this->addHook('Page::viewable', $this, 'viewable'); 
 		$this->addHook('Page::listable', $this, 'listable'); 
 		$this->addHook('Page::deleteable', $this, 'deleteable'); 
@@ -90,9 +91,24 @@ class PagePermissions extends WireData implements Module {
 		// if the user doesn't have page-edit permission, don't let them go further
 		if(!$user->hasPermission("page-edit", $page)) return false;
 
+		// now check if there is a page-publish permission in the system, and use it if so
+		$publish = $this->fuel('permissions')->get('page-publish'); 
+		if($publish->id) {
+
+			// if user has the page-publish permission here, then we're good
+			if($user->hasPermission('page-publish', $page)) return true; 
+
+			// if the page is unpublished then we're fine too
+			if($page->is(Page::statusUnpublished)) return true; 
+
+			// otherwise user cannot edit this page
+			return false;
+		}
+
 		return true; 
 	}
 
+
 	/**
 	 * Assuming the page is editable, is the given field name also editable?
 	 *
@@ -330,6 +346,39 @@ class PagePermissions extends WireData implements Module {
 		$event->return = $sortable;
 	}
 
+	/**
+	 * Is the page publishable by the current user?
+	 *
+	 * A field name may optionally be specified as the first argument, in which case the field on that page will also be checked for access. 
+	 *
+	 */
+	protected function publishable($event) {
+
+		$user = $this->fuel('user');
+		$event->return = true;
+
+		if($user->isSuperuser()) return;
+
+
+		// if page isn't editable, it certainly can't be publishable
+		if(!$this->editable($event)) {
+			$event->return = false;
+			return;
+		}
+
+		$page = $event->object; 
+
+		// if there is no page-publish permission, then it's publishable
+		$perm = wire('permissions')->get('page-publish'); 
+		if(!$perm->id) return;
+
+		// check if user has the permission assigned
+		if($user->hasPermission('page-publish', $page)) return;
+
+		// if we made it here, then page is not publishable
+		$event->return = false; 
+	}
+
 	/**
 	 * Can the user create pages from this template?
 	 *

wire/modules/Process/ProcessPageAdd/ProcessPageAdd.module

@@ -97,7 +97,18 @@ class ProcessPageAdd extends Process {
 		$isSuperuser = $this->fuel('user')->isSuperuser();
 		$user = $this->fuel('user');
 		$templates = array();
-		$parentEditable = $this->parent->editable();
+
+		if($this->parent->is(Page::statusUnpublished)) {
+			$parentEditable = $this->parent->editable();
+		} else {
+			// temporarily put the parent in an unpublished status so that we can check it from 
+			// the proper context: when page-publish permission exists, a page not not editable
+			// if a user doesn't have page-publish permission to it, even though it may still
+			// be editable if it was unpublished. 
+			$this->parent->addStatus(Page::statusUnpublished); 
+			$parentEditable = $this->parent->editable(); 
+			$this->parent->removeStatus(Page::statusUnpublished); 
+		}
 
 		foreach($this->fuel('templates') as $t) {
 

wire/modules/Process/ProcessPageEdit/ProcessPageEdit.module

@@ -114,10 +114,6 @@ class ProcessPageEdit extends Process {
 			}
 		}
 
-		if($this->page->is(Page::statusUnpublished)) {
-			// $this->message("This page is not published. You will have to publish this page before it is visible on the site."); 
-		}
-
 		return $this->renderEdit();
 	}
 
@@ -171,7 +167,7 @@ class ProcessPageEdit extends Process {
 			if($this->input->post->submit_publish || $this->input->post->submit_save) {
 
 				try {
-					if($this->input->post->submit_publish && $this->page->is(Page::statusUnpublished)) {
+					if($this->input->post->submit_publish && $this->page->is(Page::statusUnpublished) && $this->page->publishable()) {
 						$this->page->removeStatus(Page::statusUnpublished);
 						$message = sprintf($this->_('Published Page: %s'), $this->page->path); // Message shown when page is published
 					} else {
@@ -239,6 +235,8 @@ class ProcessPageEdit extends Process {
 		if($this->page->viewable() && !$this->input->get->modal) $form->append($this->buildFormView()); 
 
 		$field2 = null;
+		$saveName = '';
+
 		if($this->page->is(Page::statusUnpublished)) {
 
 			if(get_class($this->page) == 'Page') {
@@ -250,18 +248,21 @@ class ProcessPageEdit extends Process {
 				$field2->attr('value', $this->_('Save + Keep Unpublished')); // Button: save unpublished
 			}
 
-			$saveName = 'submit_publish';
+			// $saveName remains blank if page is not publishable
+			if($this->page->publishable()) $saveName = 'submit_publish';
 			$saveLabel = $this->_("Publish"); // Button: publish
 		} else {
 			$saveName = 'submit_save';
 			$saveLabel = $this->_("Save"); // Button: save
 		}
 
-		$field = $this->modules->get('InputfieldSubmit');
-		$field->attr('id+name', $saveName); 
-		$field->attr('class', $field->class . ' head_button_clone'); 
-		$field->attr('value', $saveLabel); 
-		$form->append($field); 
+		if($saveName) { 
+			$field = $this->modules->get('InputfieldSubmit');
+			$field->attr('id+name', $saveName); 
+			$field->attr('class', $field->class . ' head_button_clone'); 
+			$field->attr('value', $saveLabel); 
+			$form->append($field); 
+		}
 
 		if($field2) $form->append($field2); 
 
@@ -459,7 +460,7 @@ class ProcessPageEdit extends Process {
 		$statuses = array(); 
 		$statuses[Page::statusHidden] = $this->_('Hidden: Excluded from lists and searches'); // Settings: Hidden status checkbox label
 		if($this->user->hasPermission('page-lock', $this->page)) $statuses[Page::statusLocked] = $this->_('Locked: Not editable'); // Settings: Locked status checkbox label
-		if(!$this->page->template->noUnpublish) $statuses[Page::statusUnpublished] = $this->_('Unpublished: Not visible on site'); // Settings: Unpublished status checkbox label
+		if(!$this->page->template->noUnpublish && $this->page->publishable()) $statuses[Page::statusUnpublished] = $this->_('Unpublished: Not visible on site'); // Settings: Unpublished status checkbox label
 
 		if($this->config->advanced && $this->user->isSuperuser()) {
 			$statuses[Page::statusSystemID] = "System: Non-deleteable and locked ID (status not removeable via API)";
@@ -555,11 +556,18 @@ class ProcessPageEdit extends Process {
 
 		if(count($roles)) { 
 
+			$publishPermission = $this->fuel('permissions')->get('page-publish');
+
 			foreach($roles as $role) {
 				$permissions = '';	
 				$roleName = $role->name; 
 				if($roleName == 'guest') $roleName .= " " . $this->_('(everyone)'); // Identifies who guest is (everyone)
 				$permissions .= "page-view\n";
+
+				if($publishPermission->id && !$this->page->is(Page::statusUnpublished) && !$role->hasPermission('page-publish', $this->page)) {
+					continue; 
+				}
+
 				if($role->hasPermission('page-edit') && in_array($role->id, $editRoles)) { 
 					foreach($role->permissions as $permission) {
 						if($permission->name == 'page-view') continue;  // assumed
@@ -574,7 +582,6 @@ class ProcessPageEdit extends Process {
 				if(in_array($role->id, $createRoles)) {
 					$permissions .= "page-create\n";
 				}
-
 				$table->row(array($roleName, nl2br($permissions))); 
 			}
 
@@ -684,7 +691,8 @@ class ProcessPageEdit extends Process {
 
 		if(!is_array($status)) $status = array();
 
-		$statusFlags = array(Page::statusHidden, Page::statusUnpublished); 
+		$statusFlags = array(Page::statusHidden); 
+		if($this->page->publishable()) $statusFlags[] = Page::statusUnpublished; 
 		if($this->user->hasPermission('page-lock', $this->page)) $statusFlags[] = Page::statusLocked;
 
 		if($this->config->advanced && $this->user->isSuperuser()) {