Skip to content

Commit

Permalink
ENH add check for specific user inherited permission
Browse files Browse the repository at this point in the history
  • Loading branch information
andrewandante committed Jun 26, 2023
1 parent 981dd3b commit fa8975c
Showing 1 changed file with 30 additions and 2 deletions.
32 changes: 30 additions & 2 deletions src/File.php
Original file line number Diff line number Diff line change
Expand Up @@ -397,6 +397,14 @@ public function canView($member = null)
return $member->inGroups($this->ViewerGroups());
}

// Specific users can view this file
if ($this->CanViewType === InheritedPermissions::ONLY_THESE_MEMBERS) {
if (!$member) {
return false;
}
return \in_array($member->ID, $this->ViewerMembers()->column('ID'), true);
}

// Check default root level permissions
return $this->getPermissionChecker()->canView($this->ID, $member);
}
Expand All @@ -423,10 +431,26 @@ public function canEdit($member = null)
}

// Delegate to parent if inheriting permissions
if ($this->CanEditType === 'Inherit' && $this->ParentID) {
if ($this->CanEditType === InheritedPermissions::INHERIT && $this->ParentID) {
return $this->getPermissionChecker()->canEdit($this->ParentID, $member);
}

// Specific user groups can edit this file
if ($this->CanEditType === InheritedPermissions::ONLY_THESE_USERS) {
if (!$member) {
return false;
}
return $member->inGroups($this->EditorGroups());
}

// Specific users can edit this file
if ($this->CanEditType === InheritedPermissions::ONLY_THESE_MEMBERS) {
if (!$member) {
return false;
}
return \in_array($member->ID, $this->EditorMembers()->column('ID'), true);
}

// Check inherited permissions
return $this->getPermissionChecker()->canEdit($this->ID, $member);
}
Expand Down Expand Up @@ -518,7 +542,11 @@ private function hasRestrictedPermissions(File $file): bool
$id = $file->ID;
$parentID = $file->ParentID;
$canViewType = $file->CanViewType;
if (in_array($canViewType, [InheritedPermissions::LOGGED_IN_USERS, InheritedPermissions::ONLY_THESE_USERS])) {
if (in_array($canViewType, [
InheritedPermissions::LOGGED_IN_USERS,
InheritedPermissions::ONLY_THESE_USERS,
InheritedPermissions::ONLY_THESE_MEMBERS,
])) {
self::$has_restricted_permissions_cache[$id] = true;
return true;
}
Expand Down

0 comments on commit fa8975c

Please sign in to comment.