Merge d3e25f3 into b0de8b3

silverstripe · Jun 8, 2017 · 4aa5cb9 · 4aa5cb9
2 parents b0de8b3 + d3e25f3
commit 4aa5cb9
Show file tree

Hide file tree

Showing 6 changed files with 216 additions and 18 deletions.
diff --git a/code/cms/DMSDocumentAddController.php b/code/cms/DMSDocumentAddController.php
@@ -316,4 +316,29 @@ public function getAllowedExtensions()
             )
         );
     }
+
+    /**
+     * Overrides the parent method to allow users with access to DMS admin to access this controller
+     *
+     * @param Member $member
+     * @return bool
+     */
+    public function canView($member = null)
+    {
+        if (!$member || !(is_a($member, 'Member')) || is_numeric($member)) {
+            $member = Member::currentUser();
+        }
+
+        if ($member &&
+            Permission::checkMember(
+                $member,
+                array(
+                    'CMS_ACCESS_DMSDocumentAdmin',
+                )
+            )
+        ) {
+            return true;
+        }
+        return parent::canView($member);
+    }
 }
diff --git a/code/cms/DMSDocumentAdmin.php b/code/cms/DMSDocumentAdmin.php
@@ -17,6 +17,7 @@ public function init()
     {
         parent::init();
         Requirements::javascript(DMS_DIR . '/javascript/DMSGridField.js');
+        Requirements::add_i18n_javascript(DMS_DIR . '/javascript/lang');
     }
     /**
      * Remove the default "add" button and replace it with a customised version for DMS

diff --git a/code/model/DMSDocument.php b/code/model/DMSDocument.php
@@ -116,7 +116,6 @@ public function canView($member = null)
         if (!$this->CanViewType || $this->CanViewType == 'Anyone') {
             return true;
         }
-
         if ($member && Permission::checkMember($member, array(
                 'ADMIN',
                 'SITETREE_EDIT_ALL',
@@ -198,6 +197,18 @@ public function canCreate($member = null)
             }
         }
 
+        // Do early admin check
+        if ($member &&
+            Permission::checkMember(
+                $member,
+                array(
+                    'CMS_ACCESS_DMSDocumentAdmin',
+                )
+            )
+        ) {
+            return true;
+        }
+
         return $this->canEdit($member);
     }
 
@@ -220,7 +231,7 @@ public function canDelete($member = null)
             }
         }
 
-        return $this->canView();
+        return $this->canEdit($member);
     }
 
     /**
@@ -838,8 +849,6 @@ public function getCMSFields()
             $this->addActionPanelTask('find-versions', 'Versions');
         }
 
-        $fields->add(LiteralField::create('BottomTaskSelection', $this->getActionTaskHtml()));
-
         $embargoValue = 'None';
         if ($this->EmbargoedIndefinitely) {
             $embargoValue = 'Indefinitely';
@@ -894,12 +903,19 @@ public function getCMSFields()
             FieldGroup::create($uploadField)->addExtraClass('replace'),
             FieldGroup::create($pagesGrid)->addExtraClass('find-usage'),
             FieldGroup::create($referencesGrid)->addExtraClass('find-references'),
-            FieldGroup::create($versionsGrid)->addExtraClass('find-versions'),
-            FieldGroup::create($this->getRelatedDocumentsGridField())->addExtraClass('find-relateddocuments'),
             FieldGroup::create($this->getPermissionsActionPanel())->addExtraClass('permissions')
         );
 
-        $actionsPanel->setName("ActionsPanel");
+        if ($this->canEdit()) {
+            $actionsPanel->push(FieldGroup::create($versionsGrid)->addExtraClass('find-versions'));
+            $actionsPanel->push(
+                FieldGroup::create($this->getRelatedDocumentsGridField())->addExtraClass('find-relateddocuments')
+            );
+        } else {
+            $this->removeActionPanelTask(array('find-versions', 'find-relateddocuments'));
+        }
+        $fields->add(LiteralField::create('BottomTaskSelection', $this->getActionTaskHtml()));
+        $actionsPanel->setName('ActionsPanel');
         $actionsPanel->addExtraClass('dmsdocument-actionspanel');
         $fields->push($actionsPanel);
 
@@ -1219,7 +1235,6 @@ protected function getRelatedDocumentsGridField()
         $addExisting->setResultsFormat('$Filename');
 
         $this->extend('updateRelatedDocumentsGridField', $gridField);
-
         return $gridField;
     }
 
@@ -1323,4 +1338,23 @@ public function getActionTaskHtml()
 
         return $html;
     }
+
+
+    /**
+     * Removes a single or multiple "action panel" tasks
+     *
+     * @param  string|array $panelKey
+     * @return $this
+     */
+    public function removeActionPanelTask($panelKey)
+    {
+        if (is_array($panelKey)) {
+            foreach ($panelKey as $key => $val) {
+                unset($this->actionTasks[$val]);
+            }
+        } else {
+            unset($this->actionTasks[$panelKey]);
+        }
+        return $this;
+    }
 }
diff --git a/code/model/DMSDocumentSet.php b/code/model/DMSDocumentSet.php
@@ -348,4 +348,56 @@ protected function validate()
         }
         return $result;
     }
+
+    public function canView($member = null)
+    {
+        return $this->getDMSDocumentSetPermissions($member);
+    }
+
+    public function canCreate($member = null)
+    {
+        return  $this->getDMSDocumentSetPermissions($member);
+    }
+
+    public function canEdit($member = null)
+    {
+        return $this->getDMSDocumentSetPermissions($member);
+    }
+
+    public function canDelete($member = null)
+    {
+        return $this->getDMSDocumentSetPermissions($member);
+    }
+
+    /**
+     * Checks if a then given (or logged in) member is either an ADMIN, SITETREE_EDIT_ALL or has access
+     * to the DMSDocumentAdmin module, in which case permissions is granted.
+     *
+     * To extend use the following from within an Extension subclass:
+     *
+     * <code>
+     * public function updateDMSDocumentSetPermissions($result)
+     * {
+     *     // Do something here
+     * }
+     * </code>
+     * @param Member $member
+     * @return bool
+     */
+    public function getDMSDocumentSetPermissions(Member $member = null)
+    {
+        if (!$member || !(is_a($member, 'Member')) || is_numeric($member)) {
+            $member = Member::currentUser();
+        }
+
+        $result = ($member &&
+            Permission::checkMember(
+                $member,
+                array('ADMIN', 'SITETREE_EDIT_ALL', 'CMS_ACCESS_DMSDocumentAdmin')
+            )
+        );
+
+        $this->extend('updateDMSDocumentSetPermissions', $result);
+        return (bool) $result;
+    }
 }
diff --git a/tests/DMSDocumentSetTest.php b/tests/DMSDocumentSetTest.php
@@ -244,4 +244,27 @@ public function testPageFieldRemovedWhenEditingInPageContext()
         $fields = $set->getCMSFields();
         $this->assertNull($fields->fieldByName('Root.Main.PageID'));
     }
+
+    /**
+     * Tests all crud permissions
+     */
+    public function testPermissions()
+    {
+        if ($member = Member::currentUser()) {
+            $member->logout();
+        }
+
+        $set = $this->objFromFixture('DMSDocumentSet', 'ds1');
+
+        $this->assertFalse($set->canCreate());
+        $this->assertFalse($set->canDelete());
+        $this->assertFalse($set->canEdit());
+        $this->assertFalse($set->canView());
+
+        $this->logInWithPermission('CMS_ACCESS_DMSDocumentAdmin');
+        $this->assertTrue($set->canCreate());
+        $this->assertTrue($set->canDelete());
+        $this->assertTrue($set->canEdit());
+        $this->assertTrue($set->canView());
+    }
 }
diff --git a/tests/DMSDocumentTest.php b/tests/DMSDocumentTest.php
@@ -50,6 +50,8 @@ public function testDocumentHasCmsFieldForManagingRelatedDocuments()
     {
         $document = $this->objFromFixture('DMSDocument', 'document_with_relations');
         $gridField = $this->getGridFieldFromDocument($document);
+        $this->assertInstanceOf('GridField', $gridField);
+
         $gridFieldConfig = $gridField->getConfig();
 
         $this->assertNotNull(
@@ -64,13 +66,25 @@ public function testDocumentHasCmsFieldForManagingRelatedDocuments()
         );
     }
 
+    /**
+     * Ensures that the DMS Document CMS Related and Versions fields are removed if user can't edit
+     */
+    public function testDocumentHasNoCMSFieldsForManagingRelatedDocumentsIfCantEdit()
+    {
+        $this->logInWithPermission('another-user');
+        $document = $this->objFromFixture('DMSDocument', 'doc-only-these-users');
+        $gridField = $this->getGridFieldFromDocument($document);
+        $this->assertNull($gridField);
+    }
+
     /**
      * Ensure that the related documents list does not include the current document itself
      */
     public function testGetRelatedDocumentsForAutocompleter()
     {
         $document = $this->objFromFixture('DMSDocument', 'd1');
         $gridField = $this->getGridFieldFromDocument($document);
+        $this->assertInstanceOf('GridField', $gridField);
 
         $config = $gridField->getConfig();
 
@@ -103,7 +117,6 @@ protected function getGridFieldFromDocument(DMSDocument $document)
                 break;
             }
         }
-        $this->assertInstanceOf('GridField', $gridField);
         return $gridField;
     }
 
@@ -121,6 +134,17 @@ public function testGetActionTaskHtml()
         $this->assertContains('<li class="ss-ui-button dmsdocument-action" data-panel="', $result);
         $this->assertContains('permission', $result);
         $this->assertContains('Example', $result);
+
+        // Test remove with array
+        $document->removeActionPanelTask(array('example', 'embargo'));
+        // Test remove with string
+        $document->removeActionPanelTask('find-usage');
+        $result = $document->getActionTaskHtml();
+
+        $this->assertNotContains('Example', $result);
+        $this->assertNotContains('embargo', $result);
+        $this->assertNotContains('find-usage', $result);
+
     }
 
     /*
@@ -142,11 +166,7 @@ public function testCanView()
     {
         /** @var DMSDocument $document */
         $document = $this->objFromFixture('DMSDocument', 'doc-logged-in-users');
-        // Make sure user is logged out
-        if ($member = Member::currentUser()) {
-            $member->logOut();
-        }
-
+        $this->logoutMember();
         // Logged out user test
         $this->assertFalse($document->canView());
 
@@ -178,10 +198,7 @@ public function testCanView()
      */
     public function testCanEdit()
     {
-        // Make sure user is logged out
-        if ($member = Member::currentUser()) {
-            $member->logOut();
-        }
+        $this->logoutMember();
 
         /** @var DMSDocument $document1 */
         $document1 = $this->objFromFixture('DMSDocument', 'doc-logged-in-users');
@@ -204,6 +221,52 @@ public function testCanEdit()
         $this->assertTrue($document2->canEdit($cableGuy));
     }
 
+    /**
+     * Tests delete permissions
+     */
+    public function testCanDelete()
+    {
+        $this->logoutMember();
+        /** @var DMSDocument $document1 */
+        $document1 = $this->objFromFixture('DMSDocument', 'doc-logged-in-users');
+
+        // Logged out user test
+        $this->assertFalse($document1->canDelete());
+
+        // Test editors can delete
+        $contentAuthor = $this->objFromFixture('Member', 'editor');
+        $this->assertTrue($document1->canDelete($contentAuthor));
+    }
+
+    /**
+     * Tests create permission
+     */
+    public function testCanCreate()
+    {
+        $this->logoutMember();
+        $document1 = $this->objFromFixture('DMSDocument', 'doc-logged-in-users');
+        $this->logInWithPermission('CMS_ACCESS_DMSDocumentAdmin');
+        // Test CMS access can create
+        $this->assertTrue($document1->canCreate());
+
+        $this->logoutMember();
+
+        // Test editors can create
+        $contentAuthor = $this->objFromFixture('Member', 'editor');
+        $this->assertTrue($document1->canCreate($contentAuthor));
+    }
+
+    /**
+     * Logs out any active member
+     */
+    protected function logoutMember()
+    {
+        // Make sure user is logged out
+        if ($member = Member::currentUser()) {
+            $member->logOut();
+        }
+    }
+
     /**
      * Test permission denied reasons for documents
      */