Module version(s) affected
6.1
Description
When you give a group permission to edit only some pages this group can not create new pages or change the page type of the pages it can edit. In older version 5.4 and lower the group could still create pages or change the pages type of the pages it can edit.
How to reproduce
Install a clean 6.1. Create a group that can edit pages.
Then under settings, I change who can edit pages and create pages on the root to only Administrators.
Then under pages I change the "About Us" page that the group "Content Authors" can edit this pages and all pages under it inherit this permission from this page.
When I now log in with a user from the "Content Authors" I correctly can only edit the "About Us" page and the children of this page. But when I try to create a new page under "About Us" I can't do that. I also can't change any of the "Page types" of all the pages this group can edit.
In version 5.4 and older you could create new pages under the pages your group could edit, and you could also change the page type. What also works in 6.1 is the copy of a page with the right click. With that you can create a page, but still not change the page type. That is why I think it's a bug.
Possible Solution
I looked how it was in older version and it looks like the problem is the canCrate() function in the SiteTree. When I add the part back where canAddChildren() you can create new page under the pages you can edit and also change the page types. Expect, you can't change the page type of the top page and it also does not add back the right click option to create pages.
public function canCreate($member = null, $context = [])
{
if (!$member) {
$member = Security::getCurrentUser();
}
// Standard mechanism for accepting permission changes from extensions
$extended = $this->extendedCan(__FUNCTION__, $member, $context);
if ($extended !== null) {
return $extended;
}
// Check permission
if ($member && Permission::checkMember($member, "ADMIN")) {
return true;
}
// Check parent (added to context through CMSMain)
$parent = isset($context['Parent']) ? $context['Parent'] : null;
if (!$parent?->exists() || !($parent instanceof SiteTree)) {
// This doesn't necessarily mean we are creating a root page, but that
// we don't know if there is a parent, so default to this permission
return SiteConfig::current_site_config()->canCreateTopLevel($member);
}
.....
// Added this part
$strictParentInstance = ($parent && $parent instanceof SiteTree);
if ($strictParentInstance && $parent->exists()) {
return $parent->canAddChildren($member);
}
......
// If we haven't returned by now, resort to edit permissions
return $this->canEdit($member);
}I'm not fully sure that simply adding this back is correct, but in the testing I did not directly see a problem.
Additional Context
No response
Validations
Module version(s) affected
6.1
Description
When you give a group permission to edit only some pages this group can not create new pages or change the page type of the pages it can edit. In older version 5.4 and lower the group could still create pages or change the pages type of the pages it can edit.
How to reproduce
Install a clean 6.1. Create a group that can edit pages.
Then under settings, I change who can edit pages and create pages on the root to only Administrators.
Then under pages I change the "About Us" page that the group "Content Authors" can edit this pages and all pages under it inherit this permission from this page.
When I now log in with a user from the "Content Authors" I correctly can only edit the "About Us" page and the children of this page. But when I try to create a new page under "About Us" I can't do that. I also can't change any of the "Page types" of all the pages this group can edit.
In version 5.4 and older you could create new pages under the pages your group could edit, and you could also change the page type. What also works in 6.1 is the copy of a page with the right click. With that you can create a page, but still not change the page type. That is why I think it's a bug.
Possible Solution
I looked how it was in older version and it looks like the problem is the canCrate() function in the SiteTree. When I add the part back where canAddChildren() you can create new page under the pages you can edit and also change the page types. Expect, you can't change the page type of the top page and it also does not add back the right click option to create pages.
I'm not fully sure that simply adding this back is correct, but in the testing I did not directly see a problem.
Additional Context
No response
Validations
silverstripe/installer(with any code examples you've provided)