show all feature and ?permissions?

[generatedname]

Ok my problem is that I want the user to only see records that relate to them, even when they click "Show all"

I'll give a hypothetical situation:

Lets say you have a table of Employees: Name | ID | Title | Salary

And a table of users that login to the site: Username | Password | Title


and the Titles can be: Sales Associate, Manager, CEO

If someone logs in and the value for Title in the users table is "Manager", when they click Show All I want it to only show records that have "Manager" for Title in the Employees table.

Hope that example helps describe what I'm trying to do. Maybe a file name to alter, or if I can somehow use permissions to do this. Any help is appreciated!

Thanks,

Kurtis

[njw]

You should be able to do that using permissions. If you amend your hypothetical tables to use, say, AccessLevel as a numeric variable, then you can test for the access level on any record being = to (or even <= if you want a hierarchy) the AccessLevel on the User table. A Similar logic (with another variable) could be used for Departments to limit access to departments?

Neil

[generatedname]

Does the field have to be called AccessLevel? Can Dataface look at any similar named fields from the 2 tables automatically? Or will dataface look at similar named fields from the 2 tables to limit access to what can be seen? Is there a value somewhere that I can set for this? Is there conditions that I can add to it?

Thanks,

Kurtis

(filenames and snippets would help a great deal if possible, I'm just learning permissions and dataface)

[shannah]

Hi Kurtis,

Neil is right that you can do this with permissions. However using permissions it will still show the records in list view, it will just say "No Access" for each field.

Since you posted this, I have developed another solution that will work more seamlessly. It is based on the concept of allowing your to apply "security filters" to tables. Security filters are default conditions that are always applied to queries on that table.

I will be submitting a patch for this later today.

-Steve

[generatedname]

Much appreciation for that Steve. I'm glad you guys are able to help me so much. I'll keep posted for the patch.

Thanks again,

Kurtis

[shannah]

The patch has been posted.Ê I have uploaded both a new release (0.6.13) and patch files that can be used to upgrade your older versions to 0.6.13 without having to download the whole package.

For information about the new release and upgrade instructions see: http://framework.weblite.ca/downloads/pscproject.2006-03-16.2122236523/releases/0.6.13

For information about how to apply the security filters, see: http://framework.weblite.ca/documentation/manual/fields_ini/security_filters

Let me know if you have any questions.
-Steve

[generatedname]

Awesome! Thank you so much. Gonna upgrade to 6.13 and give this a crack.

Can't thank you enough!

Kurtis

[generatedname]

Sorry Steve, already I have a question about this. Is there a way to add conditions to this?

For example, lets say almost all users have a Title field, and this looks like it will work for making them only see results that match their title (using my hypothetical example). But for, say, an Admin, they will have a value like "No title". I don't want it to filter the admin to only see fields where Title = "No title", they need to see all of them.

Sorry to bother again so soon =(

-Kurtis

[shannah]

OK.. for this you'll need to use PHP.

Use the Dataface_Table::setSecurityFilter method inside the getPreferences() method in your application delegate class:

function getPreferences(){
ÊÊÊ $auth =& Dataface_AuthenticationTool::getInstance();
ÊÊÊ $user =& $auth->getLoggedInUser();
ÊÊÊ if ( !isAdmin($user) ){
ÊÊÊÊÊÊÊ $logEntryTable =& Dataface_Table::loadTable('log_entry')
ÊÊÊÊÊÊÊ $logEntryTable->setSecurityFilter(array('Title'=>$user->val('Title')));
ÊÊÊ }

ÊÊÊ // ... the rest of your get preferences... remember this method must return an array.

ÊÊÊ return array();

}

If you are going to do it this way, you don't use the [__filters__] designation in your fields.ini file.
-Steve

[shannah]

Note I put this snippet in the getPreferences() method not because it has to be there, but because it is a convenient place to put code that runs after authentication has been performed so that you can access user information.

[generatedname]

Note I put this snippet in the getPreferences() method not because it has to be there, but because it is a convenient place to put code that runs after authentication has been performed so that you can access user information.

which is where I will be putting this. Thanks again Steve, you are too helpful!
I'm glad I could inspire improvements to your already outstanding project.

-Kurtis

[shannah]

Just noticed a bug that prevents this method from taking effect.Ê I have uploaded a patch at http://framework.weblite.ca/development/issue-tracker/143

[generatedname]

Im getting the following error:

Parse error: syntax error, unexpected T_VARIABLE in .../conf/ApplicationDelegate.php on line 50


Line 50 reads:

$logEntryTable->setSecurityFilter(array('Manufacturer'=>$usermanu));




where $usermanu = $user->val('Manufacturer');

[shannah]

The problem is actually on the previous line.Ê Usually this is the result of forgetting to end the previous line in a semi-colon.

[generatedname]

Touche.

$logEntryTable =& Dataface_Table::loadTable('log_entry')

had no semi-colon in snippet, I didn't think to check heh. Thanks for catching that for me.