File tree Expand file tree Collapse file tree 7 files changed +85
-11
lines changed Expand file tree Collapse file tree 7 files changed +85
-11
lines changed Original file line number Diff line number Diff line change 1+ <?php
2+
3+ namespace Kirby \Permissions \Roles ;
4+
5+ use Kirby \Permissions \KirbyPermissions ;
6+
7+ class ClientRolePermissions extends KirbyPermissions
8+ {
9+ public static function make (): static
10+ {
11+ $ permissionsstatic ::from (true );
12+
13+ $ permissionsfile ->delete = false ;
14+ $ permissionslanguage ->delete = false ;
15+ $ permissionslanguageVariable ->delete = false ;
16+ $ permissionspage ->delete = false ;
17+ $ permissionsuser ->delete = false ;
18+
19+ return $ permissions
20+ }
21+ }
Original file line number Diff line number Diff line change @@ -24,16 +24,12 @@ public function isHomePage(): bool
2424 public function permissions (User null $ usernull ): PagePermissions
2525 {
2626 // get the default page permissions for the user
27- $ permissionsensure ($ userrole ()->permissions ()->page ();
27+ $ roleensure ($ userrole ();
28+ $ permissions$ rolepermissions ()->page ();
2829
29- // the unauthenticated user must not get any additional positive permissions later by accident
30- if ($ userrole ()->isNobody () === true ) {
31- return $ permissionsfrom (false );
32- }
33-
34- // the kirby superuser will always get full access
35- if ($ userrole ()->isKirby () === true ) {
36- return $ permissionsfrom (true );
30+ // the permissions for the generic power or weak users cannot be adjusted
31+ if ($ roleisNobody () === true || $ roleisKirby () === true ) {
32+ return $ permissions
3733 }
3834
3935 // apply page-specific rules and permissions
Original file line number Diff line number Diff line change @@ -34,8 +34,9 @@ public function name(): string
3434 public function permissions (): KirbyPermissions
3535 {
3636 return match (true ) {
37- $ this isAdmin () => KirbyPermissions::forAdmin (),
38- $ this isNobody () => KirbyPermissions::forNobody (),
37+ $ this isAdmin () => (new KirbyPermissions ())->wildcard (true ),
38+ $ this isKirby () => (new KirbyPermissions ())->wildcard (true ),
39+ $ this isNobody () => (new KirbyPermissions ())->wildcard (false ),
3940
4041 // load permissions from role/user blueprint here
4142 default => new KirbyPermissions ()
Original file line number Diff line number Diff line change 1+ <?php
2+
3+ use Kirby \Permissions \KirbyPermissions ;
4+
5+ class ClientRolePermissions extends KirbyPermissions
6+ {
7+ public static function factory (): static
8+ {
9+ $ permissionsstatic ::from (true );
10+
11+ $ permissionsfile ->delete = false ;
12+ $ permissionslanguage ->delete = false ;
13+ $ permissionslanguageVariable ->delete = false ;
14+ $ permissionspage ->delete = false ;
15+ $ permissionsuser ->delete = false ;
16+
17+ return $ permissions
18+ }
19+ }
Original file line number Diff line number Diff line change 1+ <?php
2+
3+ use Kirby \Permissions \KirbyPermissions ;
4+
5+ return function () {
6+ return KirbyPermissions::from (true );
7+ };
Original file line number Diff line number Diff line change 1+ <?php
2+
3+ use Kirby \Permissions \KirbyPermissions ;
4+
5+ return function () {
6+ $ permissionsfrom (true );
7+
8+ $ permissionsfile ->delete = false ;
9+ $ permissionslanguage ->delete = false ;
10+ $ permissionslanguageVariable ->delete = false ;
11+ $ permissionspage ->delete = false ;
12+ $ permissionsuser ->delete = false ;
13+
14+ return $ permissions
15+ };
Original file line number Diff line number Diff line change 1+ <?php
2+
3+ use Kirby \Permissions \KirbyPermissions ;
4+
5+ return function () {
6+ $ permissionsfrom (true );
7+
8+ $ permissionsfile ->delete = false ;
9+ $ permissionslanguage ->delete = false ;
10+ $ permissionslanguageVariable ->delete = false ;
11+ $ permissionspage ->delete = false ;
12+ $ permissionsuser ->delete = false ;
13+
14+ return $ permissions
15+ };
You can’t perform that action at this time.
0 commit comments