Xataface Forums

Hi Steve,

What can I do to restrict access to all records in a table except that which belongs to the logged in user with xataface.

Regards

Suppose you have a column in each record that records the username of the owner, called 'owner'.

Then in your delegate class:

Code: Select all

function getPermissions(&$record){
    $auth =& Dataface_AuthenticationTool::getInstance();
    $user =& $auth->getLoggedInUser();
    if ( $record and $user and $record->val('owner') == $user->val('username') ){
        return Dataface_PermissionsTool::ALL();
    }
    return Dataface_PermissionsTool::NO_ACCESS();
}


Unfortunately in list view it will still show all records, it will just say "NO ACCESS" to the records that you don't have access to.

You can correct this by adding a security filter.

In your delegate class:

Code: Select all

function init(&$table){
    $auth =& Dataface_AuthenticationTool::getInstance();
    $user =& $auth->getLoggedInUser();
    if ( $user ){
        $table->setSecurityFilter(array('owner'=>'='.$user->val('username')));
    }
}


Hi,
is this solution still working?

I try to allow my users to access only their data. But with this code i get this error:
Fatal error: Cannot redeclare init() (previously declared in /home/www/cwcity/hosting/i/r/irgps/htdocs/xataface-1.3.2/init.php:22) in /home/www/cwcity/hosting/i/r/irgps/htdocs/conf/ApplicationDelegate.php on line 20

Greetz

You need to implement init() inside of your delegate class so that it is a method of the delegate class and not a global function.

-Steve