Permalink
Browse files

MINOR Removed unused SecurityAdmin->removememberfromgroup() (see Memb…

…erTableField)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113279 467b73ca-7a2a-4603-9d3b-597d59a354a9
  • Loading branch information...
1 parent 0c177bc commit f8fd60f02b1c1b3e2bda787fbb34d689484e5357 @chillu chillu committed with sminnee Nov 1, 2010
Showing with 4 additions and 19 deletions.
  1. +4 −19 code/SecurityAdmin.php
View
@@ -381,24 +381,6 @@ function addmember($className=null) {
return FormResponse::respond();
}
- public function removememberfromgroup() {
- $groupID = $this->urlParams['ID'];
- $memberID = $this->urlParams['OtherID'];
- if(is_numeric($groupID) && is_numeric($memberID)) {
- $member = DataObject::get_by_id('Member', (int) $memberID);
-
- if(!$member->canDelete()) return Security::permissionFailure($this);
-
- $member->Groups()->remove((int)$groupID);
-
- FormResponse::add("reloadMemberTableField();");
- } else {
- user_error("SecurityAdmin::removememberfromgroup: Bad parameters: Group=$groupID, Member=$memberID", E_USER_ERROR);
- }
-
- return FormResponse::respond();
- }
-
/**
* Return the entire site tree as a nested set of ULs.
* @return string Unordered list HTML
@@ -429,7 +411,10 @@ public function SiteTreeAsUL() {
return $siteTree;
}
- public function addgroup() {
+ public function addgroup($request) {
+ // Protect against CSRF on destructive action
+ if(!Form::get_security_token()->checkRequest($request)) return $this->httpError(400);
+
if(!singleton($this->stat('tree_class'))->canCreate()) return Security::permissionFailure($this);
$newGroup = Object::create($this->stat('tree_class'));

0 comments on commit f8fd60f

Please sign in to comment.