对数据对象的权限要求默认情况下,“管理员”权限。我平时只需添加一个扩展数据对象应当由非管理员可编辑的,是这样的:
class CanEditExtension extends DataExtension
{
public function canEdit($member){
return
Permission::check('CMS_ACCESS_CMSMain', 'any', $member)
|| Permission::check('CMS_ACCESS_LeftAndMain', 'any', $member);
}
public function canView($member){
return
Permission::check('CMS_ACCESS_CMSMain', 'any', $member)
|| Permission::check('CMS_ACCESS_LeftAndMain', 'any', $member);
}
public function canCreate($member = null){
return
Permission::check('CMS_ACCESS_CMSMain', 'any', $member)
|| Permission::check('CMS_ACCESS_LeftAndMain', 'any', $member);
}
public function canDelete($member = null){
return
Permission::check('CMS_ACCESS_CMSMain', 'any', $member)
|| Permission::check('CMS_ACCESS_LeftAndMain', 'any', $member);
}
}
然后,应用通过YAML配置扩展:
# in mysite/_config/config.yml
MyDataObject:
extensions:
- CanEditExtension
或者您可以直接在你的类指定扩展:
class MyDataObject extends DataObject
{
private static $extensions = array('CanEditExtension');
}
你可以设置PermissionProvider在数据对象和比设定什么都权限,你需要每CMS或做模型级权限一些动态的东西。如果它基本适合你的需要(canView,canEdit,canDelete,canCreate)到模型→第二链接。 https://docs.silverstripe.org/en/3.3/developer_guides/security/permissions/ https://docs.silverstripe.org/en/3.3/developer_guides/model/permissions/ – munomono
嗨,谢谢,但我忘了提到我正在使用Silverstripe 3.1 –
Maciej - 'PermissionProvider'仍然存在于3.1中,实际上它仍然存在于3.3中https://github.com/silverstripe/silverstripe-framework/blob/3.3/security/PermissionProvider.php – theruss