ENHANCEMENT Allowing to hide certain permission from showing in Secur…

…ityAdmin through add_hidden_permission() (refactored from r92428) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@92866 467b73ca-7a2a-4603-9d3b-597d59a354a9
silverstripe · Nov 21, 2009 · 7a1e3a9 · 7a1e3a9
1 parent 8e8f9c5
commit 7a1e3a9
Show file tree

Hide file tree

Showing 2 changed files with 81 additions and 16 deletions.
diff --git a/code/SecurityAdmin.php b/code/SecurityAdmin.php
@@ -26,6 +26,11 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
 		'EditForm',
 	);
 
+	/**
+	 * @var Array
+	 */
+	static $hidden_permissions = array();
+
 	public function init() {
 		parent::init();
 
@@ -42,6 +47,10 @@ function getEditForm($id = null) {
 			'action_save'
 		);
 
+		// Filter permissions
+		$permissionField = $form->Fields()->dataFieldByName('Permissions');
+		if($permissionField) $permissionField->setHiddenPermissions(self::$hidden_permissions);
+
 		return $form;
 	}
 
@@ -214,15 +223,36 @@ function providePermissions() {
 	}
 
 	/**
-	 * the permissions represented in the $codes will not appearing in the form
-	 * containning {@link PermissionCheckboxSetField} so as not to be checked / unchecked.
-	 * @param $codes array of permission code
-	 * @return void
+	 * The permissions represented in the $codes will not appearing in the form
+	 * containing {@link PermissionCheckboxSetField} so as not to be checked / unchecked.
+	 * 
+	 * @param $codes String|Array
 	 */
-	static function hide_permissions($codes){
-		foreach($codes as $code){
-			Permission::add_to_hidden_permissions($code);
-		}
+	static function add_hidden_permission($codes){
+		if(is_string($codes)) $codes = array($codes);
+		self::$hidden_permissions += $codes;
+	}
+
+	/**
+	 * @param $codes String|Array
+	 */
+	static function remove_hidden_permission($codes){
+		if(is_string($codes)) $codes = array($codes);
+		self::$hidden_permissions = array_diff(self::$hidden_permissions, $codes);
+	}
+
+	/**
+	 * @return Array
+	 */
+	static function get_hidden_permissions(){
+		return self::$hidden_permissions;
+	}
+
+	/**
+	 * Clear all permissions previously hidden with {@link add_hidden_permission}
+	 */
+	static function clear_hidden_permissions(){
+		self::$hidden_permissions = array();
 	}
 }
 

diff --git a/tests/SecurityAdminTest.php b/tests/SecurityAdminTest.php
@@ -36,16 +36,51 @@ function testEmptyGroupExport() {
 		$this->assertEquals($lines[1], '', "Empty export only has no content row");
 	}
 
-	function testHidePermissions() {
-		$permissionCheckboxSet = new PermissionCheckboxSetField('Permissions','Permissions','Permission','GroupID');
-		$this->assertContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field());
-		$this->assertContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field());
-
-		SecurityAdmin::hide_permissions(array('CMS_ACCESS_CMSMain','CMS_ACCESS_AssetAdmin'));
-		$this->assertNotContains('CMS_ACCESS_CMSMain', $permissionCheckboxSet->Field());
-		$this->assertNotContains('CMS_ACCESS_AssetAdmin', $permissionCheckboxSet->Field());
+	function testAddHiddenPermission() {
+		SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
+		$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
+
+		// reset to defaults
+		SecurityAdmin::clear_hidden_permissions();
+	}
+
+	function testRemoveHiddenPermission() {
+		SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
+		$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
+		SecurityAdmin::remove_hidden_permission('CMS_ACCESS_ReportAdmin');
+		$this->assertNotContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
+
+		// reset to defaults
+		SecurityAdmin::clear_hidden_permissions();
+	}
+
+	function testClearHiddenPermission() {
+		SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
+		$this->assertContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
+		SecurityAdmin::clear_hidden_permissions('CMS_ACCESS_ReportAdmin');
+		$this->assertNotContains('CMS_ACCESS_ReportAdmin', SecurityAdmin::get_hidden_permissions());
 	}
 
+	function testPermissionFieldRespectsHiddenPermissions() {
+		$this->session()->inst_set('loggedInAs', $this->idFromFixture('Member', 'admin'));
+
+		$group = $this->objFromFixture('Group', 'admin');
+
+		SecurityAdmin::add_hidden_permission('CMS_ACCESS_ReportAdmin');
+		$response = $this->get('admin/security/show/' . $group->ID);
+
+		$this->assertContains(
+			'CMS_ACCESS_CMSMain',
+			$response->getBody()
+		);
+		$this->assertNotContains(
+			'CMS_ACCESS_ReportAdmin',
+			$response->getBody()
+		);
+
+		// reset to defaults
+		SecurityAdmin::clear_hidden_permissions();
+	}
 }
 
 ?>