diff --git a/CHANGELOG.md b/CHANGELOG.md index ddb447d..1478f0e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Changelog +## [1.1.1](https://github.com/dynamic/silverstripe-products/tree/1.1.1) (2019-12-17) + +[Full Changelog](https://github.com/dynamic/silverstripe-products/compare/1.1.0...1.1.1) + +**Fixed bugs:** + +- CRITICAL BUG ProductCategory::getProductList\(\) doesn't check permissions [\#27](https://github.com/dynamic/silverstripe-products/issues/27) + +**Merged pull requests:** + +- BUGFIX check permissions before returning product list [\#28](https://github.com/dynamic/silverstripe-products/pull/28) ([muskie9](https://github.com/muskie9)) + ## [1.1.0](https://github.com/dynamic/silverstripe-products/tree/1.1.0) (2019-12-11) [Full Changelog](https://github.com/dynamic/silverstripe-products/compare/1.0.1...1.1.0) @@ -8,6 +20,10 @@ - ENHANCEMENT allow for videos in the product "Images" [\#25](https://github.com/dynamic/silverstripe-products/issues/25) +**Merged pull requests:** + +- ENHANCEMENT allow for Videos in product Images zone [\#26](https://github.com/dynamic/silverstripe-products/pull/26) ([muskie9](https://github.com/muskie9)) + ## [1.0.1](https://github.com/dynamic/silverstripe-products/tree/1.0.1) (2019-11-12) [Full Changelog](https://github.com/dynamic/silverstripe-products/compare/1.0.0...1.0.1) diff --git a/composer.json b/composer.json index f021db4..973932d 100644 --- a/composer.json +++ b/composer.json @@ -37,10 +37,5 @@ "process-timeout": 600 }, "minimum-stability": "dev", - "prefer-stable": true, - "extra": { - "branch-alias": { - "dev-master": "1.2.x-dev" - } - } + "prefer-stable": true } diff --git a/src/Page/Product.php b/src/Page/Product.php index df3b20a..e494808 100644 --- a/src/Page/Product.php +++ b/src/Page/Product.php @@ -16,6 +16,16 @@ class Product extends \Page { + /** + * @var + */ + private $image; + + /** + * @var + */ + private $has_images; + /** * @var string */ @@ -125,17 +135,26 @@ public function getCMSFields() return parent::getCMSFields(); } + /** + * @return bool + */ + public function setImage() + { + if ($this->getHasImages()) { + $this->image = $this->Images()->sort('SortOrder')->first(); + } + return $this; + } + /** * @return mixed */ public function getImage() { - if ($this->Images()->exists()) { - $image = $this->Images()->sort('SortOrder')->first(); - return $image; + if (!$this->image) { + $this->setImage(); } - - return false; + return $this->image; } /** @@ -151,4 +170,24 @@ public function getThumbnail() return false; } + + /** + * @return $this + */ + public function setHasImages() + { + $this->has_images = $this->Images()->exists(); + return $this; + } + + /** + * @return mixed + */ + public function getHasImages() + { + if (!$this->has_images) { + $this->setHasImages(); + } + return $this->has_images; + } } diff --git a/src/Page/ProductCategory.php b/src/Page/ProductCategory.php index c69a3da..d5d6520 100644 --- a/src/Page/ProductCategory.php +++ b/src/Page/ProductCategory.php @@ -2,8 +2,11 @@ namespace Dynamic\Products\Page; +use SilverStripe\CMS\Model\RedirectorPage; +use SilverStripe\CMS\Model\VirtualPage; use SilverStripe\Forms\FieldList; use SilverStripe\Forms\NumericField; +use SilverStripe\Security\Security; class ProductCategory extends \Page { @@ -67,6 +70,10 @@ public function getProductList() $this->extend('updateProductList', $products, $categories); + $products = $products->filterByCallback(function ($page) { + return $page->canView(Security::getCurrentUser()); + }); + return $products; } } diff --git a/tests/Page/ProductCategoryTest.php b/tests/Page/ProductCategoryTest.php index 6035e52..9e7824e 100644 --- a/tests/Page/ProductCategoryTest.php +++ b/tests/Page/ProductCategoryTest.php @@ -5,6 +5,7 @@ use Dynamic\Products\Page\ProductCategory; use SilverStripe\Dev\SapphireTest; use SilverStripe\Forms\FieldList; +use SilverStripe\Security\Member; class ProductCategoryTest extends SapphireTest { @@ -22,4 +23,31 @@ public function testGetCMSFields() $fields = $object->getCMSFields(); $this->assertInstanceOf(FieldList::class, $fields); } + + /** + * + */ + public function testGetProductList() + { + $this->markTestSkipped('Currently doesn\'t seem to respect the groups/members in automated tests'); + + $this->logOut(); + $member = $this->objFromFixture(Member::class, 'author'); + $this->logInAs(Member::get()->byID($member->ID)); + $categoryID = $this->objFromFixture(ProductCategory::class, 'restricted')->ID; + /** @var ProductCategory $category */ + $category = ProductCategory::get()->byID($categoryID); + + $this->assertEquals(2, $category->getProductList()->count()); + + $this->logOut(); + $member = $this->objFromFixture(Member::class, 'default'); + $this->logInAs(Member::get()->byID($member->ID)); + /** @var ProductCategory $category */ + $category = ProductCategory::get()->byID($categoryID); + + $this->assertEquals(1, $category->getProductList()->count()); + + $this->logOut(); + } } diff --git a/tests/fixtures.yml b/tests/fixtures.yml index dda74bf..9faa630 100644 --- a/tests/fixtures.yml +++ b/tests/fixtures.yml @@ -33,13 +33,26 @@ Dynamic\Products\Model\Brochure: Dynamic\Products\Page\ProductCategory: default: Title: 'Default Category' + restricted: + Title: 'Restricted Children' + CanViewType: 'Inherit' Dynamic\Products\Page\Product: one: Title: 'Product One' Brochures: =>Dynamic\Products\Model\Brochure.one + restrictedproduct: + Title: 'Restricted Product' + CanViewType: 'OnlyTheseUsers' + ViewerGroups: =>SilverStripe\Security\Group.content_authors + Parent: =>Dynamic\Products\Page\ProductCategory.restricted + nonrestrictedproduct: + Title: 'Non Restricted Product' + Parent: =>Dynamic\Products\Page\ProductCategory.restricted + CanViewType: 'Inherit' + Dynamic\Products\Page\ProductFileCollection: default: Title: 'Brochures' - ManagedClass: 'Dynamic\Products\Model\Brochure' \ No newline at end of file + ManagedClass: 'Dynamic\Products\Model\Brochure'