Admin for one table

A place to discuss development of the Xataface core.

Admin for one table

Postby tbeemster » Sun May 13, 2012 12:53 pm

I've been looking around to find some docs on this, but I couldn't find it, although I'm sure it must be somewhere :P

I have a site, which is maintained by one person - an ADMIN, but there is also a blog, so I want to add two more users, but they should only VIEW/EDIT the blog, nothing more and nothing less :D

Could anyone give me a tip on where to get started? Becuase I'm not sure where to start (delegate/permissions.ini/actions.ini/getPermissions etc.. :P)
tbeemster
 
Posts: 7
Joined: Sat Dec 17, 2011 3:04 pm

Re: Admin for one table

Postby shannah » Tue May 15, 2012 10:01 am

Is the blog a separate table? Each table has its own delegate class. Each delegate class can define a getPermissions() method the dictates which permissions are granted to which user.
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm

Re: Admin for one table

Postby tbeemster » Tue May 22, 2012 3:22 am

Yes (well there are like 2 tables involved), so I could, for example grant user 'READ ONLY' to have edit permission on the blog?
tbeemster
 
Posts: 7
Joined: Sat Dec 17, 2011 3:04 pm

Re: Admin for one table

Postby tbeemster » Mon Aug 06, 2012 12:27 pm

So, sorry for double posting. but I think I almost figured it out:

This is what I got:

permissions.ini

Code: Select all
[BLOG]
view=0
edit=0
delete=0


skvm_blog_post.php (Delegate class)

Code: Select all
<?php
class tables_skvm_blog_post {

    function post_time__display(&$record){
        return date('d-m-Y', strtotime($record->strval('post_time')));
    }

    function getPermissions(&$record){
        $user =& Dataface_AuthenticationTool::getInstance()->getLoggedInUser();
        if ( $user and $user->val('role') == 'ADMIN' ){
            return Dataface_PermissionsTool::getRolePermissions('ADMIN');
        } else if ( $user and $user->val('role') == 'BLOG'){
            return Dataface_PermissionsTool::READ_EDIT();
        }
        return Dataface_PermissionsTool::NO_ACCESS();
    }
}


This actually works (it gets in the else if statement from 'BLOG'. But for some reason it's still not shown. Is it possible, that the permissions.ini overrules the getPermissions?
tbeemster
 
Posts: 7
Joined: Sat Dec 17, 2011 3:04 pm

Re: Admin for one table

Postby shannah » Wed Aug 08, 2012 10:01 am

Looks like you may not be clear on the relationship between the permissions.ini file and the getPermissions() method. In your example you are defining a BLOG role in the permissions.ini file. This is just a set of permissions that can be referenced by name via the API. It is not inherently connected to your BLOG role in the users table 'role' field.

So in your case, when you write the code:
Code: Select all
else if ( $user and $user->val('role') == 'BLOG'){
            return Dataface_PermissionsTool::READ_EDIT();
        }


This isn't actually using your BLOG role that you created at all. It is just using the EDIT role (which is returned from the READ_EDIT() method).

Reading the logic of your delegate class, here is how your permissions work:
1. Admin users are granted all permissions from the ADMIN role.
2. BLOG users are granted READ and EDIT permissions. (i.e. users where the role field of their users record is BLOG)
3. All other users get no access to this table at all.

Your [BLOG] definition in the permissions.ini file is not used here at all. You could delete it and it would make no change.

-Steve
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm


Return to Xataface Developers

Who is online

Users browsing this forum: No registered users and 1 guest

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved