silverstripe - Restricting access to a certain Page Type based on group member is in? -

i working on project gym. have page type called gymlocationpage.

every gym have own gymlocationpage added admin - every gym have login each of gym managers. in security area have created group called gym manager , have added them group when member gets created.

when gym manager logs in, want them able view , edit their gym's gymlocationpage , no other pages/model admins etc.

how go doing particular page type , making sure current logged in user gets edit particular gym's page.

e.g

bob new yorks gym manager => can access new york's gym location page (can't see other gym locations or other pages etc).

---

john californias gym manager => can access californias gym location page (can't see other gym locations or other pages etc).

silverstripe has pretty nice permission management. can create permissions in code , add manually user group.

<?php class foo extends dataobject implements permissionprovider {      /**      * return map of permission codes add dropdown       * shown in security section of cms.      * array(      *   'view_site' => 'view site',      * );      */     public function providepermissions()     {         return [             'foo_manage' => [                 'name' => _t('foo.permission_manage_description', 'create, edit , delete foo items'),                 'category' => _t('permissions.foo_category', 'foo'),             ],             'foo_create' => [                 'name' => _t('foo.permission_create_description', 'create foo items'),                 'category' => _t('permissions.foo_category', 'foo'),             ]         ];     } } 

in dataobject or page type can check different can methods define user can view, can edit, can delete etc... that.

canview() "accessing" page in frontend, canedit() editing in backend.

/**  * @param null $member  * @return bool  */ public function canview($member = null) {     //this method accessing / viewing page.     return true; }  /**  * @param null $member  * @return bool  */ public function cancreate($member = null) {     $parent = parent::cancreate($member);      $manage = permission::check('foo_manage', 'any', $member);     $create = permission::check('foo_create', 'any', $member);      return $parent || $manage || $create; }  /**  * @param null $member  * @return bool  */ public function canedit($member = null) {     $member = $member ?: member::currentuser();     $parent = parent::cancreate($member);      $manage = permission::check('foo_manage', 'any', $member);      //you can check everyting here...     $owner = $member ? $this->ownerid == $member->id : false;      return $parent || $manage || $owner; }  /**  * @param null $member  * @return bool  */ public function candelete($member = null) {     $parent = parent::cancreate($member);      $manage = permission::check('foo_manage', 'any', $member);      return $parent || $manage;  }