Xataface Forums

Put a face on your database
http://xataface.com/forum/

Read Only Permissions not working?

http://xataface.com/forum/viewtopic.php?f=4&t=3986

Page 1 of 1

PostPosted: Mon Mar 05, 2007 9:14 am
by mhertz
I am getting the error message "Permission to perform action 'list' denied.
Requires permission 'view' but only granted ''. " when trying to log in to my dataface site as 'Regular' or 'Read Only User'.

I have been going through the introduction and submission form tutorials. I have copied the application delegate class and the table delegate class provided in the form_tutorial files provided.

I am able to allow non-users to get to the new record table and submit the form. I am also able to allow Admin users to log in to a dataface site with view, edit and delete permissions.

But when I try to test Read Only access to the site, I get the error message above.

I have tried:
- changing the user table role types from the ones provided in the form-tutorial install.sql files from ('Regular','Admin') to caps ('REGULAR','ADMIN').
- adding a 'Read Only' and a 'READ ONLY' role to the user table
- recreating the user table using the role types provided in the getting started tutorial = `Role` ENUM('READ ONLY','NO ACCESS','ADMIN') DEFAULT 'READ ONLY'

I did get this to work when initially setting up the application. But I am not able to get it to work after going through the "building a submission form" tutorial".

Can you help me figure out where I am getting lost?

PostPosted: Mon Mar 05, 2007 12:33 pm
by shannah
Can you post your getPermissions() method? Tough to say what's going on without looking at it.

-steve

PostPosted: Mon Mar 05, 2007 3:46 pm
by mhertz
From conf/ApplicationDelegate.php:
getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
$role = $user->val('role');
if ( isAdmin($role) ) return Dataface_PermissionsTool::ALL();
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.
}

From tables/tablename/tablename.php:


getQuery();

if ( $query['-action'] == 'new'/* and (!$record || !$record->val('registrantid'))*/ ){
return Dataface_PermissionsTool::ALL();
} else {
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( $user and isAdmin($user->val('role'))){
return Dataface_PermissionsTool::ALL();
} else {
return Dataface_PermissionsTool::NO_ACCESS();
}
}
}

PostPosted: Mon Mar 05, 2007 3:49 pm
by mhertz
Wait, that got truncated. Let me retry:

function isAdmin($role){
return ($role == 'Admin');
}

class conf_ApplicationDelegate {

function getPermissions(&$record){
return Dataface_PermissionsTool::getRolePermissions('USER');
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
$role = $user->val('role');
if ( isAdmin($role) ) return Dataface_PermissionsTool::ALL();
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.
}

and
class tables_registrants {

function getPermissions(&$record){
$app =& Dataface_Application::getInstance();
$query =& $app->getQuery();

if ( $query['-action'] == 'new'/* and (!$record || !$record->val('registrantid'))*/ ){
return Dataface_PermissionsTool::ALL();
} else {
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( $user and isAdmin($user->val('role'))){
return Dataface_PermissionsTool::ALL();
} else {
return Dataface_PermissionsTool::NO_ACCESS();
}
}

PostPosted: Tue Mar 06, 2007 3:04 am
by shannah
One thing to note is that under no circumstances will any of your users receive read only permissions here.
You have set it up so that users will receive ALL permissions if either they are an admin, or they own the record - or they will have no access (won't even have view permissions).

if you want to give a user read only permissions then return:
Dataface_PermissionsTool::READ_ONLY();

-Steve

PostPosted: Tue Mar 06, 2007 10:00 am
by mhertz
Thanks. Sorry, not really a programmer.

What I really want to do is give the logged in user the permissions that correspond to their role. I was focused on the comment in the applicationdelegate file from the form_tutorial files:
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.

...and just assumed that would take care if it. Of course, now it makes more sense.

I am assuming I should change that to:
return Dataface_PermissionsTool::getRolePermissions($role);
// Returns all of the permissions for the user's current role.

PostPosted: Tue Mar 06, 2007 12:39 pm
by shannah
Yes. That is correct.
All times are UTC - 7 hours
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/