roles/permissions question

[geller]

Steve

As requested using the patched Table.php


function getPermissions(&$record){

// first get the currently logged in user

$auth =& Dataface_AuthenticationTool::getInstance();

$user =& $auth->getLoggedInUser();



// if no user is logged in, then we give no access

if ( !$user ) return Dataface_PermissionsTool::NO_ACCESS();



// check if the record is set. If the user performs a search

// that returns an empty set, then this record may be null.


// if ( !isset($record) ) return Dataface_PermissionsTool::READ_ONLY();



// If the logged in user has the same UserID as the restaurant, then

// this user is the owner of the restaurant.. he has full permissions.

echo "Record is .. "; print_r($record);echo Dataface_Error::printStackTrace();exit;

if ( $record->val('UserID') == $user->val('UserID') ) return Dataface_PermissionsTool::ALL();



// otherwise we give read only access

return Dataface_PermissionsTool::READ_ONLY();
}

Each of the queried tables have a UserID field as does the Users table.

When I leave the 'if no record' statement in I just get READ_ONLY access. I guess there is no 'valid' record returned for what ever reason but all looks fine from a user perspective.

The output.......

Record is .. On line 43 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/yourrestaurant/datafaceapi/conf/ApplicationDelegate.php in function printstacktrace()
On line 1767 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/Table.php in function getpermissions(,array(table9))
On line 128 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/PermissionsTool.php in function getpermissions(array())
On line 1019 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/Application.php in function getpermissions(dataface_table Object,array())
On line 1024 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/Application.php in function getpermissions()
On line 194 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/ActionTool.php in function checkpermission(view)
On line 1354 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/Table.php in function getactions(array(table9))
On line 71 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/ActionTool.php in function getactions(array(table9))
On line 84 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/ActionTool.php in function _loadtableactions(table9)
On line 699 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/Application.php in function getaction(array(table9,edit))
On line 1152 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/dataface-build/Dataface/Application.php in function handlerequest()
On line 14 of file /var/www/vhosts/eatout-iom.co.uk/httpdocs/yourrestaurant/datafaceapi/index.php in function display()

Hope this makes sense to you?

Graham

[shannah]

OK. We are interested in 2 pieces of information.
This is what you want to output for debugging:
What is $user
and What is $record

We know from the output above that $record is null (that is correct).
We don't know what $user is.
You will want to, at some point, do: echo $user.

If $user is an object, then all is well.
If $user is an array, then something is funky.
We know that user is not null because of the line (if !isset($user) )...

So far all that output looks right - like it is working.

-Steve

[geller]

Steve

$user is Object

But still getting :-

Fatal error: Call to a member function on a non-object in /var/www/vhosts/eatout-iom.co.uk/httpdocs/yourrestaurant/datafaceapi/conf/ApplicationDelegate.php on line 45

[shannah]

What is on line 45?

[geller]

if ( $record->val('UserID') == $user->val('UserID') ) return Dataface_PermissionsTool::ALL();

So if $record is 'null' I suppose the above statement cannot be true. I guess it is better than it being an array....... isn't it?

[shannah]

So at this point I guess we've concluded that:

1. $user is an object (it is not the culprit of the error)

2. Therefore $record must be the culprit.

3. The line if ( !isset($record) ) return Dataface_PermissionsTool::READ_ONLY();Ê ensures that $record is not null.

4. Perhaps $record is an empty stringÊ (definitely do an echo on $record to find out for sure).

One thing that may get this thing going is to change the line

if ( !isset($record) ) return Dataface_PermissionsTool::READ_ONLY();

to

if ( !$record ) return Dataface_PermissionsTool::READ_ONLY();

[geller]

Steve

$record is empty.

This is the bit I can't get my head around. How can I check if the user owns the record if I can't query the record that is trying to be edited yet the record is there when you remove the permissions?

if ( !$record ) return Dataface_PermissionsTool::READ_ONLY(); is controlling the permissions so all users only have read only access. Remove any getpermission() and the app works fine apart from there is no user record/owner authentication, which could lead to URL hacking.

[shannah]

OK.. something is wrong.Ê If the record set it not empty, then $record should not be empty - in general.Ê I think something may be gibbled with your install of Dataface.

I have just released 0.6.12 which consolidates all the latest patches.Ê Please try that one.Ê If it still fails, can you tar or zip up your app and send it to me (including SQL readout to create the tables) so that I can take a look and find out what is going on?
Thanks
Steve

[shannah]

Thanks Martin and Graham for pushing this issue.

I have found the problem and fixed it in the new version (0.6.12r1) available for download.

Best regards

Steve

[geller]

Steve

Just one further observation when using this particular getpermissions method is that in list view the delete all records function is no longer available. Is this an unavoidable consequence of the record by record authentication?

Cheers
Graham

[shannah]

the delete all records action is checked against the 'delete' permission for a table (as opposed to a record).Ê I.e. when it calls your getPermissions() method, $record will be null.Ê You can add handling for this in your getPermissions() method by returning appropriate users (administrators) ALL privileges even when $record is null.

-Steve

[geller]

Thanks again,got that one sorted.

Cheers
Graham

[maxmokeyev]

I would greatly appreciate a detailed instruction on how to implement record-level security.
I want to achieve the following:
When the user logs in, I want the program to check the users ROLE. If it is ADMIN the user gets full access to everything. If it is not ADMIN (say USER) the user gets view/edit access but only to the records that belong to the user. (Whether they belong or not can be checked by comparing any two fields in the USERS table and the MAIN table).
Basically, I read through this thread, and am still a little lost on how to do this.
(I know this might be asking a lot, but I have an Access app that I really want to put on the web, or at least part of it, and the reason for that is the ability to do record level security).

thanks.

[shannah]

First place to start would be:

http://framework.weblite.ca/documentation/tutorial/getting_started/permissions

Another tutorial that touches on permissions is here:
http://framework.weblite.ca/documentation/tutorial/submission_forms/permissions
If you translate your english description of permissions to PHP you would have:
1.Ê "I want the program to check the users ROLE. If it is ADMIN the user gets full access to everything."Ê ::
if ( $user->val('role') == 'ADMIN' ) return Dataface_PermissionsTool::ALL();
2. "If it is not ADMIN (say USER) the user gets view/edit access but only to the records that belong to the user."
if ( $user->val('userid') == $record->val('ownerid') ) return Dataface_PermissionsTool::ALL();
The only caveats are that you have to handle the cases where $user is null or $record is null - and do this before parts 1 and 2.
($user will be null only if the user is not logged in.Ê $record is null if we are checking table level permissions or if no record was found).
if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
if ( !isset($record) ){
ÊÊÊÊ // Actually you'll probably want to have separate cases in here for admins and regular users because you still need to give admins full access in this case.
}
Note:** I decided to give instructions that didn't involve a cut and paste snippet in this response because I think it will really help to understand how it works rather than just blindly cuting and pasting.
Hope this helps a little.
Best regards
Steve

[maxmokeyev]

So I tried following the logic you laid out (Thank you.)
Here is what I have:

function getPermissions(&$record){
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
if (!isset($record)) {
if ($user->val('Role')!='ADMIN')return Dataface_PermissionsTool::NO_ACCESS();
if ($user->val('Role')=='ADMIN') return Dataface_PermissionsTool::ALL();
}
if ($user->val('Role')=='ADMIN') return Dataface_PermissionsTool::ALL();
//If role is ADMIN the user gets full access to everything
if ($user->val('FullName') == $record->val('Agent')) return Dataface_PermissionTool::ALL();
// If not admin give access only to own records
}

However, it always thinks that $record is always NULL as it never gets to the last two IFs. If I comment out the "if(!isset($record))" part, I get the following error:

Fatal error: Call to a member function val() on a non-object in C:\Program Files\vtigercrm5\apache\htdocs\vtigerCRM\contacts\conf\ApplicationDelegate.php on line 27

Line 27 is: if ($user->val('FullName') == $record->val('Agent')) return Dataface_PermissionTool::ALL();

If, with those lines commented out, I log in as ADMIN, I get full access.

Thanks.