Members can only edit all or no one

Questions
1

Silverstripe Version:
4.7
Question:
Members can only edit all or have no acces at all. How can i change it so that all members can only edit himself and view all others?

Hi
As described in the question above, there is only the permission option “Access to ‘Security’ section”. If i allow this, then the member with this permission has access to all of the members and view, edit, create or even delete them and if i remove it, the member has not even access to his own entry.
How can i change this behaviour so every member can edit himself but only view others except for when you have the permissions to edit all others (like an admin rolel)?

Here is my MemberExtension Class:

<?php
use SilverStripe\Forms\DateField;
use SilverStripe\Forms\FieldList;
use SilverStripe\Forms\TextField;
use SilverStripe\ORM\DataExtension;
use SilverStripe\Security\Permission;

class MemberExtension extends DataExtension
{
    private static $db = [
        "BirthdayDate" => "Date",
        "City" => "Varchar",
        "Country" => "Varchar",
        "ZipCode" => "Varchar",
        "Street" => "Varchar",
        "StreetNumber" => "Varchar",
        "Latitude" => "Varchar",
        "Longitude" => "Varchar",
    ];

    private static $has_one = [];

    private static $has_many = [
        "MaterialOrders" => MaterialOrder::class,
        "Invoices" => Invoice::class,
    ];

    private static $many_many = [];

    private static $belongs_many_many = [];

    const CMS_PERMISSION_CODE = "CMS_ACCESS_" . __CLASS__;

    public function providePermissions()
    {
        $implodedClassName = strtolower(implode(" ", preg_split('/(?=[A-Z])/', __CLASS__)));
        $permissionsArr = [];
        foreach (["view", "edit", "delete", "create"] as $value) {
            $permissionsArr[strtoupper(self::CMS_PERMISSION_CODE . "_" . $value)] = [
                "name" => "Can $value $implodedClassName",
                "category" => "CMS administrate '" . __CLASS__ . "'",
                "help" => "Gives permissions to $value $implodedClassName",
            ];
        }
        return $permissionsArr;
    }

    public function canView($member = null)
    {
        return Permission::check(strtoupper(self::CMS_PERMISSION_CODE . "_VIEW"), "any", $member);
    }

    public function canEdit($member = null)
    {
        return Permission::check(strtoupper(self::CMS_PERMISSION_CODE . "_EDIT"), "any", $member);
    }

    public function canDelete($member = null)
    {
        return Permission::check(strtoupper(self::CMS_PERMISSION_CODE . "_DELETE"), "any", $member);
    }

    public function canCreate($member = null, $context = [])
    {
        return Permission::check(strtoupper(self::CMS_PERMISSION_CODE . "_CREATE"), "any", $member);
    }

    public function updateCMSFields(FieldList $fields)
    {
        $fields->addFieldToTab("Root.Main", DateField::create("BirthdayDate"), "Email");
        $fields->addFieldsToTab("Root.Address", [
            TextField::create("Street"),
            TextField::create("StreetNumber"),
            TextField::create("ZipCode"),
            TextField::create("City"),
            TextField::create("Country"),
            TextField::create("Latitude"),
            TextField::create("Longitude"),
        ]);
    }
}

And here is my mysite.yml:

---
Name: myproject
---
SilverStripe\Core\Manifest\ModuleManifest:
  project: app
Page:
  extensions:
    - DNADesign\Elemental\Extensions\ElementalPageExtension
SilverStripe\Security\Member:
  extensions:
    - MemberExtension
SilverStripe\ORM\FieldType\DBCurrency:
  currency_symbol: 'CHF'
2

I managed to solve it.

The “implements PermissionProvider” was missing and after that i only had to add the check $member->ID == $this->owner->ID to the “canEdit()” check.

Here is are the two changes:

class MemberExtension extends DataExtension implements PermissionProvider
public function canEdit($member = null)
{
    return (Permission::check(strtoupper(self::CMS_PERMISSION_CODE . "_EDIT"), "any", $member) || $member->ID == $this->owner->ID);
}