Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Data Model Questions /

SilverStripe 3.0 Model Admin/GridField Permission bug?


Reply


3 Posts   900 Views

Avatar
MarijnKampf

Community Member, 164 Posts

28 February 2013 at 11:45pm

I've created a DataObject and a Model Admin with matching permissions. I've created a user and added them to the Group "Used Cars Editor". See SecurityMain.png

I've noticed two potential bugs:
1. In the permission tab all items have a green checkbox (See attached SecurityPermissions.png)
2. The user can create a Used Car, but not view existing used cars. Eventhough the Data Model shows View 1 - 8 of 8 items, no items are shown in the GridField See: ModelAdminDataObject.png

Can anyone shed a light on whether I've missed something or whether these are bugs?

I've used the code below:

UsedCar.php

<?php
class UsedCar extends DataObject {
   
   /**
    * @var string
    */
   public static $description = 'Used Car';

   /**
    * @var array Fields on the user defined form page.
    */
   public static $db = array(
      "Make" => "Varchar",
      "Model" => "Varchar",
      "Mileage" => "Varchar",
      "Fuel" => "Enum('Diesel, Petrol, Hybrid, LPG, Biodiesel')",
      "RegistrationDate" => "Varchar",
      "Transmission" => "Enum('Manual, Automatic, DSG - Direct shift gearbox')",
      "NrDoors" => "Varchar",
      "Colour" => "Varchar",
      "Price" => "Varchar",
      "Sold" => "Boolean",
      "Description" => "Text",
      
      'SortOrder'=>'Int'
   );
   
   /**
    * @var array Default values of variables when this page is created
    */
   public static $defaults = array(
   );

   /**
    * @var Array
    */
   public static $has_one = array(
//      "Page" => "UsedCars",
   );

   /**
    * @var Array
    */
   public static $many_many = array(
      "Images" => "Image"      
   );
   
   public static $summary_fields = array(
      'Thumbnail',
      'Make' => 'Make',
      'Model' => 'Model',
      'Price' => 'Price',
      'hasSold',
   );
   
   static $searchable_fields = array(
      "Make" => "Varchar",
      "Model" => "Varchar",
      "Description" => "Text",
   );
   
   /** User permissions **/
   function canCreate($member) {
      if (Permission::check("USED_CARS")) return true;
   }

   function canEdit($member) {
      if (Permission::check("USED_CARS")) return true;
   }

   function canDelete($member) {
      if (Permission::check("USED_CARS")) return true;
   }

   public function hasSold() {
      if ($this->Sold) return "Sold";
      else return "No";
   }
   
   public function Link() {
      return "show/" . $this->ID;
   }
   
   public function Thumbnail($width = 150, $height = 150) {
      $img = $this->Images()->First();
      if ($img) return $img->SetRatioSize($width, $height);
      else return null;
   }
   
   public function AdditionalImages() {
      return $this->Images();
   }
   
public function getCMSFields() {
$fields = parent::getCMSFields();

      $fields->removeByName("SortOrder");
      $fields->removeByName("PageID");

      $f = new UploadField('Images', 'Photos');
      $fields->add($f);
      $f->setFolderName("used-cars");

return $fields;
}   
}

UsedCarsAdmin.php

<?php

class UsedCarsAdmin extends ModelAdmin {
   public $showImportForm = false;
   
public static $managed_models = array('UsedCar'); // Can manage multiple models
static $url_segment = 'usedcars'; // Linked as /admin/products/
static $menu_title = 'Used Cars';
}

class UsedCarsAdmin_Controller extends ContentController implements PermissionProvider {
   function providePermissions(){
      return array(
         "USED_CARS" => "Create/edit/delete 'Used Cars'",
      );
   }
}

Avatar
Willr

Forum Moderator, 5513 Posts

1 March 2013 at 7:58pm

Perhaps you need to define a canView() as well.

Avatar
MarijnKampf

Community Member, 164 Posts

1 March 2013 at 8:12pm

Thanks Willr, that fixed the second issue, a user can now edit/view the objects! I knew it would be something very simple, I think I had been staring at the issue too long!

Are other people seeing all green checkbox in the permissions tab? If so I'll open a ticket.