From 47fa6c648163ad40f6ad585fde98fc132c37a2e9 Mon Sep 17 00:00:00 2001 From: Andrew Paxley Date: Thu, 15 Jun 2023 12:09:35 +1200 Subject: [PATCH] ENH add check for specific user inherited permission --- composer.json | 2 +- src/File.php | 16 ++++++++++++++-- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/composer.json b/composer.json index 3694f3a5..dd3b7a97 100644 --- a/composer.json +++ b/composer.json @@ -20,7 +20,7 @@ ], "require": { "php": "^8.1", - "silverstripe/framework": "^5", + "silverstripe/framework": "^5.1", "silverstripe/vendor-plugin": "^2", "symfony/filesystem": "^6.1", "intervention/image": "^2.7.2", diff --git a/src/File.php b/src/File.php index a6dfb855..017ca8fc 100644 --- a/src/File.php +++ b/src/File.php @@ -397,6 +397,14 @@ public function canView($member = null) return $member->inGroups($this->ViewerGroups()); } + // Specific users can view this file + if ($this->CanViewType === InheritedPermissions::ONLY_THESE_MEMBERS) { + if (!$member) { + return false; + } + return $this->ViewerMembers()->filter('ID', $member->ID)->count() > 0; + } + // Check default root level permissions return $this->getPermissionChecker()->canView($this->ID, $member); } @@ -423,7 +431,7 @@ public function canEdit($member = null) } // Delegate to parent if inheriting permissions - if ($this->CanEditType === 'Inherit' && $this->ParentID) { + if ($this->CanEditType === InheritedPermissions::INHERIT && $this->ParentID) { return $this->getPermissionChecker()->canEdit($this->ParentID, $member); } @@ -518,7 +526,11 @@ private function hasRestrictedPermissions(File $file): bool $id = $file->ID; $parentID = $file->ParentID; $canViewType = $file->CanViewType; - if (in_array($canViewType, [InheritedPermissions::LOGGED_IN_USERS, InheritedPermissions::ONLY_THESE_USERS])) { + if (in_array($canViewType, [ + InheritedPermissions::LOGGED_IN_USERS, + InheritedPermissions::ONLY_THESE_USERS, + InheritedPermissions::ONLY_THESE_MEMBERS, + ])) { self::$has_restricted_permissions_cache[$id] = true; return true; }