filter list by user

[silid]

i am trying to filter access to records by username, my delegate file says:

function getPermissions(&$record) {
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( !$user ) return Dataface_PermissionsTool::NO_ACCESS();
$role = $user->val('role');
if ( $role == 'ADMIN' ){
return Dataface_PermissionsTool::ALL();
} else if ( $record && $record->val('email_domain') == $user->val('username')) {
return Dataface_PermissionsTool::ALL();
} else {
return Dataface_PermissionsTool::READ_ONLY();
}
}

this stops editing of all files except the correct ones however i want to limit viewing of records.
if i change the line:
return Dataface_PermissionsTool::READ_ONLY();

to:
return Dataface_PermissionsTool::NO_ACCESS();

then the list won't display at all

any ideas?

[shannah]

Good question... Both "list" and "view" tabs only require the "view" permission. However, there is a workaround. Using the Dataface_Application::getQuery() method, you are able to access the user's request information. The '-action' element is always set in dataface even if it is not explicitly specified in the request. You can use this to return different permissions for different actions.

e.g.

Code: Select all

$app =& Dataface_Application::getInstance();
$query =& $app->getQuery();
if ( $query['-action'] == 'list' ){
    return Dataface_PermissionsTool::READ_ONLY();
} else {
    return Dataface_PermissionsTool::NO_ACCESS();
}


Hope this helps.

-Steve

[silid]

thanks for your reply, that does part of what i want, i perhaps didn't explain properly.

i also want the list view filtered to only show records associated with the logged in user.

do i need to do a custom mysql query? or use relationships to the user table?

any advice is appreciated.

thanks

si

[shannah]

Best to use relationships to the user table to do this and cut off access to the list view for users.

-Steve