Read Only Permissions not working?

A place for users and developers of the Xataface to discuss and receive support.

Postby mhertz » Mon Mar 05, 2007 9:14 am

I am getting the error message "Permission to perform action 'list' denied.
Requires permission 'view' but only granted ''. " when trying to log in to my dataface site as 'Regular' or 'Read Only User'.

I have been going through the introduction and submission form tutorials. I have copied the application delegate class and the table delegate class provided in the form_tutorial files provided.

I am able to allow non-users to get to the new record table and submit the form. I am also able to allow Admin users to log in to a dataface site with view, edit and delete permissions.

But when I try to test Read Only access to the site, I get the error message above.

I have tried:
- changing the user table role types from the ones provided in the form-tutorial install.sql files from ('Regular','Admin') to caps ('REGULAR','ADMIN').
- adding a 'Read Only' and a 'READ ONLY' role to the user table
- recreating the user table using the role types provided in the getting started tutorial = `Role` ENUM('READ ONLY','NO ACCESS','ADMIN') DEFAULT 'READ ONLY'

I did get this to work when initially setting up the application. But I am not able to get it to work after going through the "building a submission form" tutorial".

Can you help me figure out where I am getting lost?
mhertz
 
Posts: 9
Joined: Wed Dec 31, 1969 5:00 pm

Postby shannah » Mon Mar 05, 2007 12:33 pm

Can you post your getPermissions() method? Tough to say what's going on without looking at it.

-steve
--
Steve Hannah
@shannah78 (on twitter)
sjhannah.com blog
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm

Postby mhertz » Mon Mar 05, 2007 3:46 pm

From conf/ApplicationDelegate.php:
getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
$role = $user->val('role');
if ( isAdmin($role) ) return Dataface_PermissionsTool::ALL();
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.
}

From tables/tablename/tablename.php:


getQuery();

if ( $query['-action'] == 'new'/* and (!$record || !$record->val('registrantid'))*/ ){
return Dataface_PermissionsTool::ALL();
} else {
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( $user and isAdmin($user->val('role'))){
return Dataface_PermissionsTool::ALL();
} else {
return Dataface_PermissionsTool::NO_ACCESS();
}
}
}
mhertz
 
Posts: 9
Joined: Wed Dec 31, 1969 5:00 pm

Postby mhertz » Mon Mar 05, 2007 3:49 pm

Wait, that got truncated. Let me retry:

function isAdmin($role){
return ($role == 'Admin');
}

class conf_ApplicationDelegate {

function getPermissions(&$record){
return Dataface_PermissionsTool::getRolePermissions('USER');
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
$role = $user->val('role');
if ( isAdmin($role) ) return Dataface_PermissionsTool::ALL();
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.
}

and
class tables_registrants {

function getPermissions(&$record){
$app =& Dataface_Application::getInstance();
$query =& $app->getQuery();

if ( $query['-action'] == 'new'/* and (!$record || !$record->val('registrantid'))*/ ){
return Dataface_PermissionsTool::ALL();
} else {
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( $user and isAdmin($user->val('role'))){
return Dataface_PermissionsTool::ALL();
} else {
return Dataface_PermissionsTool::NO_ACCESS();
}
}
mhertz
 
Posts: 9
Joined: Wed Dec 31, 1969 5:00 pm

Postby shannah » Tue Mar 06, 2007 3:04 am

One thing to note is that under no circumstances will any of your users receive read only permissions here.
You have set it up so that users will receive ALL permissions if either they are an admin, or they own the record - or they will have no access (won't even have view permissions).

if you want to give a user read only permissions then return:
Dataface_PermissionsTool::READ_ONLY();

-Steve
--
Steve Hannah
@shannah78 (on twitter)
sjhannah.com blog
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm

Postby mhertz » Tue Mar 06, 2007 10:00 am

Thanks. Sorry, not really a programmer.

What I really want to do is give the logged in user the permissions that correspond to their role. I was focused on the comment in the applicationdelegate file from the form_tutorial files:
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.

...and just assumed that would take care if it. Of course, now it makes more sense.

I am assuming I should change that to:
return Dataface_PermissionsTool::getRolePermissions($role);
// Returns all of the permissions for the user's current role.
mhertz
 
Posts: 9
Joined: Wed Dec 31, 1969 5:00 pm

Postby shannah » Tue Mar 06, 2007 12:39 pm

Yes. That is correct.
--
Steve Hannah
@shannah78 (on twitter)
sjhannah.com blog
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm


Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 32 guests

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved