diff --git a/src/GridFieldArchiveAction.php b/src/GridFieldArchiveAction.php index 7ac62cb4..7cbc9989 100644 --- a/src/GridFieldArchiveAction.php +++ b/src/GridFieldArchiveAction.php @@ -176,7 +176,7 @@ public function handleAction(GridField $gridField, $actionName, $arguments, $dat return; } - if (!$item->canArchive()) { + if (!$item->canDelete()) { throw new ValidationException( _t(__CLASS__ . '.ArchivePermissionsFailure', "No archive permissions") ); @@ -196,7 +196,7 @@ public function handleAction(GridField $gridField, $actionName, $arguments, $dat public function getArchiveAction($gridField, $record) { /* @var DataObject|Versioned $record */ - if (!$record->hasMethod('canArchive') || !$record->canArchive()) { + if (!$record->hasMethod('doArchive') || !$record->canDelete()) { return null; } diff --git a/src/Versioned.php b/src/Versioned.php index d6cafb1e..11d04ac7 100644 --- a/src/Versioned.php +++ b/src/Versioned.php @@ -1494,45 +1494,19 @@ protected function extendCanUnpublish() /** * Check if the current user is allowed to archive this record. - * If extended, ensure that both canDelete and canUnpublish are extended also * - * @param Member $member - * @return bool + * We're intentionally using the canDelete check for archiving, + * since there's no concept of "deleting" a versioned record + * and having separate permission checks was confusing and easy + * to forget. */ - public function canArchive($member = null) + public function canDelete($member = null): ?bool { - if (!$member) { - $member = Security::getCurrentUser(); - } - - // Standard mechanism for accepting permission changes from extensions - $owner = $this->owner; - $extended = $owner->extendedCan('canArchive', $member); - if ($extended !== null) { - return $extended; - } - - // Admin permissions allow - if (Permission::checkMember($member, "ADMIN")) { - return true; - } - - // Check if this record can be deleted from stage - if (!$owner->canDelete($member)) { - return false; - } - - // Check if we can delete from live - if (!$owner->canUnpublish($member)) { + // If the user isn't allowed to unpublish, they're definitely + // not allowed to archive live content. + if ($this->hasStages() && $this->isPublished() && !$this->getOwner()->canUnpublish($member)) { return false; } - - return true; - } - - protected function extendCanArchive() - { - // Prevent canArchive() extending itself return null; } @@ -1821,7 +1795,7 @@ public function publishSingle() /** * Removes the record from both live and stage * - * User code should call {@see canArchive()} prior to invoking this method. + * User code should call {@see canDelete()} prior to invoking this method. * * @return bool Success */ diff --git a/src/VersionedGridFieldItemRequest.php b/src/VersionedGridFieldItemRequest.php index 0ec3ecf8..ffcf835a 100644 --- a/src/VersionedGridFieldItemRequest.php +++ b/src/VersionedGridFieldItemRequest.php @@ -118,7 +118,7 @@ public function doArchive($data, $form) { /** @var Versioned|DataObject $record */ $record = $this->getRecord(); - if (!$record->canArchive()) { + if (!$record->canDelete()) { return $this->httpError(403); } @@ -293,7 +293,7 @@ protected function addVersionedButtons(DataObject $record, FieldList $actions) $canPublish = $record->canPublish(); $canUnpublish = $record->canUnpublish(); $canEdit = $record->canEdit(); - $canArchive = $record->canArchive(); + $canDelete = $record->canDelete(); // "save", supports an alternate state that is still clickable, but notifies the user that the action is not needed. $noChangesClasses = 'btn-outline-primary font-icon-tick'; @@ -377,7 +377,7 @@ protected function addVersionedButtons(DataObject $record, FieldList $actions) } // "archive" action - if (($isOnDraft || $isPublished) && $canArchive) { + if (($isOnDraft || $isPublished) && $canDelete) { // Replace "delete" action $actions->removeByName('action_doDelete'); $title = $isPublished