Page 1 of 1

Field Permissions Problem

PostPosted: Thu Oct 22, 2009 3:29 am
by dbaron2
Hello,

I have successfully implemented field level permissions using the function below, however when I add the line to set permissions based on another field (status_id) I get a fatal error:

Code: Select all
    function short_description__permissions(&$record){
        $auth =& Dataface_AuthenticationTool::getInstance();
        $user =& $auth->getLoggedInUser();
        $role = $user->val('user_role');
        if ($role == "ADMIN") return null;
        if ($role == "MANAGER") return null;
        if ($record->val('status_id') == "6") return array('edit'=>0);
        $user_type = $user->val('user_type');
        if ($user_type == "T") return null;
        if ($user_type == "E") return array('edit'=>0);
    }


Fatal error: Call to a member function val() on a non-object in...

What am I doing wrong?

PostPosted: Thu Oct 22, 2009 9:08 am
by shannah
In any permissions method you should always check if:
1. The user exists
2. The record exists

before calling methods on them.

E.g.

if you call

$user->val('..')

but user is null (which is possible if nobody is logged in yet), then you'll get a fatal error like this one. Better to do something like:

if ( $user and $user->val('..') ){
..
}

rather than

if ($user->val('..'){
..
}


Similar with $record, it could be null if its trying to find general permissions for a table and not on a particular record.

So instead of

if ( $record->val('...') )

use

if ( $record and $record->val('...') )


-Steve

PostPosted: Thu Oct 22, 2009 10:15 pm
by dbaron2
Thanks! Checking for $record object existence fixed my problem :-)