Xataface Forums

When I login with a role = ADMIN
I do not see the Control Panel link next to "My Profile" "Change Password" "Log Out"
What do I need to do to get the Control Panel? Here is my conf.ini file

;;Configuration settings for application
title="ccap2012"

[_database]
host="localhost"
name="ccap2012"
user="root"
password="root"

[_tables]
clients = "Clients"
Addresses = "Addresses"
dependents = "Dependents"
client_finance = "Client Finance"
visits = "Visits"
vouchers = "Vouchers"
clothing_appt = "Clothing Appts"
client_dependent = "Client Dependent"
volunteers = "Volunteers"
vendors = "Vendors"
states = "States"

[_auth]
users_table = volunteers
username_column = name
password_column = password

[_modules]
modules_ckeditor=modules/ckeditor/ckeditor.php
modules_htmlreports=modules/htmlreports/htmlreports.php

Access to the control panel is related to your application permissions. What does your getPermissions() method look like?

Here is my getPermissions function in ApplicationDelegate.php file
function getPermissions(&$record){
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
$role = $user->val('role');
return Dataface_PermissionsTool::getRolePermissions($role);
// Returns all of the permissions for the user's current role.
}

Oh.. forgot. The ADMIN role is basically just edit/read/delete permissions - everything you need to administer a record.
If you want ALL permissions, you should use:
Dataface_PermissionsTool::ALL();

As a best practice it is actually better to use ALL() for admins and NO_ACCESS() for everyone else at the application level. Then implement getPermissions() methods for each table that you want to to open up with more specific permissions. This way you won't accidentally open up access to a table for regular users (e.g. the users table etc..).

-Steve

thanks; worked like a charm