Jump to:

23483 Posts in 18976 Topics by 2878 members

General Questions

SilverStripe Forums » General Questions » Restricting Access to "Logged in users" not working

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 750 Views
  • TC81
    Avatar
    Community Member
    11 Posts

    Restricting Access to "Logged in users" not working Link to this post

    I'm running Silverstripe 2.4.3 on a reasonable size site (around 500 pages) and we've just noticed a weird problem. We have several custom page typed (about 20 or so) and for only one of them, the Access settings no longer seem to work. Regardless of what it is set to it allows anyone to access the page (logged in or not). This doesn't happen on standard "Pages" or on the other custom page type pages that I have checked. We need this page type to be restricted to logged in users as it contains premium content.

    Below is the code of the page:

    <?php
    /**
    * Defines the Song of the Week page type
    */
    class SongOfTheWeek extends Page {
       
       static $icon = 'mysite/images/icons/songstory';
       
       public static $db = array(
          'Writer' => 'Varchar(250)',
          'Show_UK' => 'Boolean',
          'Show_US' => 'Boolean'
                          );
       
       public static $has_one = array(
          'Artist' => 'ArtistPage',
          'MP3' => 'File',
          'PDFSheet' => 'File'
       );
       
       public static $has_many = array(
          'MediaPlayerTracks' => 'MediaPlayerTrack',
          );
       
       static $field_labels = array(
             'Title' => 'Song Title',   
             );
       
       function getCMSFields() {
          $fields = parent::getCMSFields();
          $fields->removeFieldFromTab("Root","Widgets");
          $fields->addFieldToTab('Root.Content.Main', new CheckboxField('Show_UK','Show on UK site?'), 'Content');
          $fields->addFieldToTab('Root.Content.Main', new CheckboxField('Show_US','Show on US site?'), 'Content');
          $fields->addFieldToTab("Root.Content.Main", new DropdownField('ArtistID', 'Artist', Dataobject::get('ArtistPage')->toDropdownMap('ID','Title')),'Content');
          $fields->addFieldToTab("Root.Content.Main", new TextField('Writer', 'Writer'),'Content');
          $fields->addFieldToTab('Root.Content.Main', new FileIFrameField('MP3','MP3 File for download'));
          $fields->addFieldToTab('Root.Content.Main', new FileIFrameField('PDFSheet','PDF Music sheet for download'));
          
          $MediaTable = new FileDataObjectManager(
             $this, // Controller
             'MediaPlayerTracks', // Source name
             'MediaPlayerTrack', // Source class
             'MP3', // File name on DataObject
             array(
                'Title' => 'Title',
                'Artist' => 'Artist'
             ), // Headings
             'getCMSFields_forPopup' // Detail fields (function name or FieldSet object)
             // Filter clause
             // Sort clause
             // Join clause
          );
          
          
          //$MediaTable = new HasManyFileManager($this, 'MediaPlayerTracks', 'TrackFile');
          
          $fields->addFieldToTab('Root.Content.MediaPlayer', $MediaTable);
          
          return $fields;
       }
    }

    class SongOfTheWeek_Controller extends Page_Controller {
    }

    ?>

    I don't know if it's connected, but I load these pages for display on the home page using the following code. I have been using this approach for well over a year and it never caused this issue before:

    function FreeSong() {
          $now = strtotime('now');
          $country = Session::get('KWCountry');
          if ($country == "US" || $country == "CA") {
                $freesong = DataObject::get('SongOfTheWeek', '"SongOfTheWeek_Live"."Expiry" >= NOW() AND "SongOfTheWeek_Live"."Embargo" <= NOW() AND ParentID = 227 AND Show_US = True ','','',1);            
             }
          else {                  
             $freesong = DataObject::get('SongOfTheWeek', '"SongOfTheWeek_Live"."Expiry" >= NOW() AND "SongOfTheWeek_Live"."Embargo" <= NOW() AND ParentID = 227 AND Show_UK = True','','',1);   
             }
          
          return $freesong;
       }

    I've drawn a blank so far - any help would be appreciated.

  • TC81
    Avatar
    Community Member
    11 Posts

    Re: Restricting Access to "Logged in users" not working Link to this post

    I managed to fix my own problem. It was caused by the Embargo Expiry Module. In case anyone else has the same issue in future the fix is to edit EmbargoExpiryDecorator.php to the following:

    <?php

    class EmbargoExpiryDecorator extends DataObjectDecorator {
       function extraStatics() {
          return array("db" => array('Embargo' => 'Datetime', 'Expiry' => 'Datetime'));
       }
       
       function canView($member) {
          if(Permission::checkMember($member, 'ADMIN')) {
             return true;
          }
          $now = strtotime('now');
          if($this->owner->Embargo && strtotime($this->owner->Embargo) > $now) {
             return false;
          } elseif($this->owner->Expiry && strtotime($this->owner->Expiry) < $now) {
             return false;
          } elseif($this->can("View")) {
             return true;
          } else {
             return false;
          }
       }
       
       function updateCMSFields(&$fields) {
          $tab = 'Root.Content.Times';
          
          $fields->addFieldToTab($tab, new PopupDateTimeField('Embargo', _t('EmbargoExpiryDecorator.EMBARGO', 'Embargo')));
          $fields->addFieldToTab($tab, new PopupDateTimeField('Expiry', _t('EmbargoExpiryDecorator.EXPIRY', 'Expiry')));
       }
    }

  • jamie
    Avatar
    Community Member
    4 Posts

    Re: Restricting Access to "Logged in users" not working Link to this post

    Actually, I was getting problems using
    $this->can("View") as a condition so I returned the result e.g.

       function canView($member) {
          if(Permission::checkMember($member, 'ADMIN')) {
             return true;
          }
          $now = strtotime('now');
          if($this->owner->Embargo && strtotime($this->owner->Embargo) > $now) {
             return false;
          } elseif($this->owner->Expiry && strtotime($this->owner->Expiry) < $now) {
             return false;
          }else{
        return $this->can("View");
        }
       }


    Anyone know why this is?

  • TC81
    Avatar
    Community Member
    11 Posts

    Re: Restricting Access to "Logged in users" not working Link to this post

    Sorry, yes... I meant to update this saying that my change still wasn't working right. It was allowing the user onto the page but displaying an error message on the page itself saying that they could view the content. I just disabled embargo / expiry on the site as the client neededma quick fix. I will try yours and see if it works correctly for me.

    750 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.