Permalink
Browse files

ENHANCEMENT Allowing to hide certain permission from showing in Secur…

…ityAdmin through add_hidden_permission() (refactored from r92428)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@92866 467b73ca-7a2a-4603-9d3b-597d59a354a9
  • Loading branch information...
1 parent 8e8f9c5 commit 7a1e3a9bdad7b1be5f164a704021b718709cdf6d @chillu chillu committed Nov 21, 2009
Showing with 81 additions and 16 deletions.
  1. +38 −8 code/SecurityAdmin.php
  2. +43 −8 tests/SecurityAdminTest.php
View
@@ -26,6 +26,11 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
'EditForm',
);
+ /**
+ * @var Array
+ */
+ static $hidden_permissions = array();
+
public function init() {
parent::init();
@@ -42,6 +47,10 @@ function getEditForm($id = null) {
'action_save'
);
+ // Filter permissions
+ $permissionField = $form->Fields()->dataFieldByName('Permissions');
+ if($permissionField) $permissionField->setHiddenPermissions(self::$hidden_permissions);
+
return $form;
}
@@ -214,15 +223,36 @@ function providePermissions() {
}
/**
- * the permissions represented in the $codes will not appearing in the form
- * containning {@link PermissionCheckboxSetField} so as not to be checked / unchecked.
- * @param $codes array of permission code
- * @return void
+ * The permissions represented in the $codes will not appearing in the form
+ * containing {@link PermissionCheckboxSetField} so as not to be checked / unchecked.
+ *
+ * @param $codes String|Array
*/
- static function hide_permissions($codes){
- foreach($codes as $code){
- Permission::add_to_hidden_permissions($code);
- }
+ static function add_hidden_permission($codes){
+ if(is_string($codes)) $codes = array($codes);
+ self::$hidden_permissions += $codes;
+ }
+
+ /**
+ * @param $codes String|Array
+ */
+ static function remove_hidden_permission($codes){
+ if(is_string($codes)) $codes = array($codes);
+ self::$hidden_permissions = array_diff(self::$hidden_permissions, $codes);
+ }
+
+ /**
+ * @return Array
+ */
+ static function get_hidden_permissions(){
+ return self::$hidden_permissions;
+ }
+
+ /**
+ * Clear all permissions previously hidden with {@link add_hidden_permission}
+ */
+ static function clear_hidden_permissions(){
+ self::$hidden_permissions = array();
}
}
@@ -36,16 +36,51 @@ function testEmptyGroupExport() {
$this->assertEquals($lines[1], '', "Empty export only has no content row");
}
- function testHidePermissions() {
- $permissionCheckboxSet = new PermissionCheckboxSetField('Permissions','Permissions','Permission','GroupID');
- $this->assertContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field());
- $this->assertContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field());
-
- SecurityAdmin::hide_permissions(array('CMS_ACCESS_CMSMain','CMS_ACCESS_AssetAdmin'));
- $this->assertNotContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field());
- $this->assertNotContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field());
+ function testAddHiddenPermission() {
+ SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
+ $this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
+
+ // reset to defaults
+ SecurityAdmin::clear_hidden_permissions();
+ }
+
+ function testRemoveHiddenPermission() {
+ SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
+ $this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
+ SecurityAdmin::remove_hidden_permission('CMS_ACCESS_ReportAdmin');
+ $this->assertNotContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
+
+ // reset to defaults
+ SecurityAdmin::clear_hidden_permissions();
+ }
+
+ function testClearHiddenPermission() {
+ SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
+ $this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
+ SecurityAdmin::clear_hidden_permissions('CMS_ACCESS_ReportAdmin');
+ $this->assertNotContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
}
+ function testPermissionFieldRespectsHiddenPermissions() {
+ $this->session()->inst_set('loggedInAs', $this->idFromFixture('Member', 'admin'));
+
+ $group = $this->objFromFixture('Group', 'admin');
+
+ SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
+ $response = $this->get('admin/security/show/' . $group->ID);
+
+ $this->assertContains(
+ 'CMS_ACCESS_CMSMain',
+ $response->getBody()
+ );
+ $this->assertNotContains(
+ 'CMS_ACCESS_ReportAdmin',
+ $response->getBody()
+ );
+
+ // reset to defaults
+ SecurityAdmin::clear_hidden_permissions();
+ }
}
?>

0 comments on commit 7a1e3a9

Please sign in to comment.