Jump to:

17452 Posts in 4473 Topics by 1971 members

Archive

SilverStripe Forums » Archive » Adding permissions / permission codes

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

Page: 1
Go to End
Author Topic: 1476 Views
  • dio5
    Avatar
    Community Member
    501 Posts

    Adding permissions / permission codes Link to this post

    It's not quite clear to me on how to add permissions/permission codes.
    AFAIK this is not possible from within the security section itself?

    Then I tried this on page.php:

    public function requireDefaultRecords()
       {
          parent::requireDefaultRecords();
          $code = "AUTHOR_BLOG";
          $AuthorGroup = DataObject::get_one("Group", "Code = 'authors'");
          if($AuthorGroup)
          {
             $auth_permission = DataObject::get_one("Permission", "GroupID = $AuthorGroup->ID AND Code = '{$code}'");
             if(!$auth_permission)
             {
                Permission::grant( $AuthorGroup->ID, $code );
             }
          }
       }


    Is this the recommended way to do to set this?

    It would make sense to set this in the backend security as an admin... (maybe it is but I didn't see it).

    Another thing that isn't clear to me is the 'optional ID' field in the permissions tab... ?

    To finish: why would I use Permission instead of just checking against a group code?

    I'm even running into the next problem with it:

    Let's say I have the method:

    function canCreate()
       {
             if ( Permission::check("AUTHOR_BLOG") && $this->class != "Article")
             {
                return false;   
             }
             else
             {
                return true;
             }
       }


    on my page.php. I want that authors can only create Article pagetypes. Then this is obviously not the way to do it, because now also Admins are restricted, because they have apparently all the permissions... so that would make me go back to checking for group-codes...

    or I would have to do:

    if ( Permission::check("AUTHOR_BLOG") && !Permission::check("ADMIN") && $this->class != "Article" )


    but wouldn't checking for groupcode not be faster?

    1476 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.