Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.


Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

Possible Improvement to Security?


6 Posts   1745 Views


10 July 2008 at 2:46am Community Member, 33 Posts


Maybe you can already do this, if so please let me know how, but at the minute in SilverStripe you can set the Access options for a page to be accessibly to a specific group. However this setting doesn't pass down to Secondary, Tertiary etc pages below that page.

Scenario, I want to create a group for a set of people to be able to edit one page and it's subsequent siblings. However if they create a page without setting the Access options to just be their group, people in other groups can edit that page.

Potential update to silverstripe?


10 July 2008 at 10:14am (Last edited: 10 July 2008 10:15am), Forum Moderator, 5511 Posts

Yes this would be a good feature - when you create a child page it defaults to the access info of the parent page.

Make a ticket on as it would be good to see this.


10 July 2008 at 10:30am (Last edited: 10 July 2008 10:40am), Forum Moderator, 921 Posts

Good point. I think, rather than it always default to it's parent access settings, there could be a checkbox (checked by default) which marks this has having inheritable access settings. If it's not checked, then subsequent pages that are created as children of the page don't inherit its settings.

For now, you can always create your own custom code to do this. For example:

function onBeforeWrite() {
   if($this->Parent()) {
      $this->EditorsGroup = $this->Parent()->EditorsGroup;

This code would set the "EditorsGroup" field in the SiteTree table to the parent page's EditorsGroup field, if the parent exists. This would obviously not do anything for the root level pages in the tree.

As willr said, please open a ticket on our open source tracker here: [url][/url]



24 July 2008 at 7:48pm Community Member, 33 Posts

I'm getting an Error: Forbidden when trying to create a new ticket for this? I've signed up.

So were do I add that code? In the constructor of the Page.php.


19 August 2008 at 9:24pm Community Member, 33 Posts

Were would I add in the onBeforeWrite function?


20 August 2008 at 7:39am Community Member, 712 Posts