Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

Data Model Questions /

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

SilverStripe 3.0 Model Admin/GridField Permission bug?


Go to End


3 Posts   1545 Views

Avatar
MarijnKampf

Community Member, 176 Posts

28 February 2013 at 11:45pm

I've created a DataObject and a Model Admin with matching permissions. I've created a user and added them to the Group "Used Cars Editor". See SecurityMain.png

I've noticed two potential bugs:
1. In the permission tab all items have a green checkbox (See attached SecurityPermissions.png)
2. The user can create a Used Car, but not view existing used cars. Eventhough the Data Model shows View 1 - 8 of 8 items, no items are shown in the GridField See: ModelAdminDataObject.png

Can anyone shed a light on whether I've missed something or whether these are bugs?

I've used the code below:

UsedCar.php

<?php
class UsedCar extends DataObject {
	
	/**
	 * @var string
	 */
	public static $description = 'Used Car';

	/**
	 * @var array Fields on the user defined form page.
	 */
	public static $db = array(
		"Make" => "Varchar",
		"Model" => "Varchar",
		"Mileage" => "Varchar",
		"Fuel" => "Enum('Diesel, Petrol, Hybrid, LPG, Biodiesel')",
		"RegistrationDate" => "Varchar",
		"Transmission" => "Enum('Manual, Automatic, DSG - Direct shift gearbox')",
		"NrDoors" => "Varchar",
		"Colour" => "Varchar",
		"Price" => "Varchar",
		"Sold" => "Boolean",
		"Description" => "Text",
		
		'SortOrder'=>'Int'
	);
	
	/**
	 * @var array Default values of variables when this page is created
	 */ 
	public static $defaults = array(
	);

	/**
	 * @var Array
	 */
	public static $has_one = array(
//		"Page" => "UsedCars",
	);

	/**
	 * @var Array
	 */
	public static $many_many = array(
		"Images" => "Image"		
	);
	
	public static $summary_fields = array(
		'Thumbnail', 
		'Make' => 'Make',
		'Model' => 'Model',
		'Price' => 'Price',
		'hasSold',
	);
	
	static $searchable_fields = array(
		"Make" => "Varchar",
		"Model" => "Varchar",
		"Description" => "Text",
	);
	
	/** User permissions **/
	function canCreate($member) {
		if (Permission::check("USED_CARS")) return true;
	}

	function canEdit($member) {
		if (Permission::check("USED_CARS")) return true;
	}

	function canDelete($member) {
		if (Permission::check("USED_CARS")) return true;
	}

	public function hasSold() {
		if ($this->Sold) return "Sold";
		else return "No";
	}
	
	public function Link() {
		return "show/" . $this->ID;
	}
	
	public function Thumbnail($width = 150, $height = 150) {
		$img = $this->Images()->First();
		if ($img) return $img->SetRatioSize($width, $height);
		else return null;
	}
	
	public function AdditionalImages() {
		return $this->Images();
	}
	
  public function getCMSFields() {
    $fields = parent::getCMSFields();

		$fields->removeByName("SortOrder"); 
		$fields->removeByName("PageID"); 

		$f = new UploadField('Images', 'Photos');
		$fields->add($f);
		$f->setFolderName("used-cars");

    return $fields;
  }	
}

UsedCarsAdmin.php

<?php

class UsedCarsAdmin extends ModelAdmin {
	public $showImportForm = false;
	
  public static $managed_models = array('UsedCar'); // Can manage multiple models
  static $url_segment = 'usedcars'; // Linked as /admin/products/
  static $menu_title = 'Used Cars';
}

class UsedCarsAdmin_Controller extends ContentController implements PermissionProvider {
	function providePermissions(){
		return array(
			"USED_CARS" => "Create/edit/delete 'Used Cars'",
		);
	}
}

Avatar
Willr

Forum Moderator, 5523 Posts

1 March 2013 at 7:58pm

Perhaps you need to define a canView() as well.

Avatar
MarijnKampf

Community Member, 176 Posts

1 March 2013 at 8:12pm

Thanks Willr, that fixed the second issue, a user can now edit/view the objects! I knew it would be something very simple, I think I had been staring at the issue too long!

Are other people seeing all green checkbox in the permissions tab? If so I'll open a ticket.