A place for users and developers of the Xataface to discuss and receive support.
by fbermudez » Thu Aug 10, 2006 8:55 am
I'm trying to set up autorisation for users access to tables and specific records. I do have a tag field in each table, and have added it to the Users table, so I can evaluate if a given users should or not access a given record.
However, I can«t find information about the permissions values that Dataface includes besides the ones inluded in the 0.5.x documentation, that don«t work......
Can anyone help me with what the standard permisions are for Dataface 0.6 ??? In Dataface 0.5.x, they were called ALL(), READ_ONLY(), etc... But for the
-
fbermudez
-
- Posts: 14
- Joined: Wed Dec 31, 1969 5:00 pm
by shannah » Thu Aug 10, 2006 9:47 am
Hi, The instructions for permissions can be found at http://framework.weblite.ca/documentation/tutorial/getting_started/permissionsThe ALL() and READ_ONLY() designators will still work in 0.6 also though. The preferred way is now to use the getRolePermissions() method. e.g. - Code: Select all
Dataface_PermissionsTool::getRolePermissions('READ ONLY'); Dataface_PermissionsTool::getRolePermissions('EDIT'); Dataface_PermissionsTool::getRolePermissions('EDIT AND DELETE');
You can check the permissions.ini file in the dataface directory to find out what roles exist. You can also add your own permissions.ini file to your application to define your own roles with specific permissions. But the old methods like: - Code: Select all
Dataface_PermissionsTool::ALL(); Dataface_PermissionsTool::READ_ONLY(); Dataface_PermissionsTool::NO_ACCESS();
will still work also. Hope this helps. Best regards Steve
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
by fbermudez » Sat Aug 12, 2006 12:01 pm
Hi, Steve
Thanks for the tip on Permissions the other day... It helped, except that I'am having problems matching the User loggedin with my table information...
That's the first question: I have this sentence:
if ( $record->getValue('eq_orden') == $user->getValue('us_eqp'))
that never goes thru.... and it's set correctly since it works well on Relationships. It maybe because I don«t get the difference between the val and getValue ???
The second question: I've been able to pretty much buckle everything up through Relationships, but what's killing me right now is the following:
I have a system where the users should only see, and manage, the information related to them. The logic is supported by a code in every record in every table... with relatioships it works well.
However, the first step, after login, doesn't have a record selected (I've selected browse as default action but the problem is the same with list), and the logged in user can select any other user record and navigate through the information. As a matter of fact I have created a Relationship on Users against it self, and that works, through the Relationship the user can only see its own record.
I'm pretty much convinced that there must be a place to specify this. I just need to indicate Dataface that the default record to be shown and selected after login, is the very same Users table record that has been validate with login.
Sorry for the bother, I'm sure that when I get your answer it'll be so obvious, that I'll turn red... But I've spent a couple of long nights going through code and I can't figurre it out.
Thanks a lot
FB
-
fbermudez
-
- Posts: 14
- Joined: Wed Dec 31, 1969 5:00 pm
by shannah » Sat Aug 12, 2006 12:20 pm
quote:--------- if ( $record->getValue('eq_orden') == $user->getValue('us_eqp'))
that never goes thru.... and it's set correctly since it works well on Relationships. It maybe because I don«t get the difference between the val and getValue ??? end quote--------
val() is just an alias for getValue(). One thing that I like to do to debug my app, is use print_r($record->strvals());
This will print out an array of all of the values in the given record so you can take a look at what it has.
For the second question, there's nothing built-in to select a particular record after login. However there are a couple of strategies that you can employ that work pretty well.
Option #1: Manipulate the $_GET and $_REQUEST variables at the beginning of your index.php script to impose a particular query. Dataface bases everything from its $_GET parameters, so manipulating these can make anything possible.
Option #2 (better): Create a custom action, say 'home' and make that your default action. You can do this in 2 ways: 1. create a folder named 'pages' in your application directory, and add a php script called home.php with the contents that you want to display in this action. This will be accessible by the name 'custom_home'. Make this your default action.
2. Use the standard instructions for adding custom actions in the getting started tutorial.
In the next preview release (soon to be released) I have added a number of "after action" triggers that will effectively allow you to redirect to any page you want after an action is completed (including the login action). This will present a better solution to this problem, but for now try one of the methods discussed above.
Hope this helps.
Best regards
Steve
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
by fbermudez » Tue Aug 15, 2006 5:15 am
Hi Steve:
Thanks again for your help and support... It's quite essential given that we don«t allow you much time for documentation.
For my first question I got the answer, the only global variable defined after Login is UserName, so basing my first control on it, instead of us_eqp, it works correctly.
For the second, I've follewed your instructions, created a home.php in pages directory, made a custom_ action, etc...
I've been able to get the record corresponding with the user legged in (Through UserName, but that doesn't bother much), and get it to he initial page after log in. Cursor en Home__2 Array ( [UserID] => 3 [UserName] => lorenzo [Password] => lorenzo [Role] => OWNER [us_eqp] => 23 )
Now, what I need is to display that record, in browse, not edit, and be able to make it the CURRENT record.
I've browsed through documentation, how to's etc... Tried lot's of combination, but the only one I get to work is,
$record=& df_get_record('Users', array('UserName'=>$_SESSION[UserName])); $form =& df_create_edit_record_form($record); $form->display();
Again thanks, for finding the time to help us all, specially with such basic questions.
FB
-
fbermudez
-
- Posts: 14
- Joined: Wed Dec 31, 1969 5:00 pm
by shannah » Tue Aug 15, 2006 10:29 am
For displaying a record in browse mode, it is probably best to just forward to the page you want to display. You can get the current' user's record with the Dataface_AuthenticationTool class ( http://dataface.weblite.ca/Dataface_AuthenticationTool), then use the getURL() method to obtain the url to that record. e.g.: - Code: Select all
$auth =& Dataface_AuthenticationTool::getInstance(); $user =& $auth->getLoggedInUser(); // returns a Dataface_Record object
$url = $user->getURL(); // browse mode url // $url = $user->getURL('-action=edit'); // edit mode url example // $url = $user->getURL('-action=related_records_list&-relationship=foo'); // related records of this record.
// now we forward to that url: header('Location: '.$url); exit;
Hope this helps a little.
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
by fbermudez » Tue Aug 15, 2006 10:42 am
Steve:
Don«t know exactly how to thank you.... It worked, exactly how I wanted it..... I've been lost in this for four loooong days.
Thanks, thanks, ....
-
fbermudez
-
- Posts: 14
- Joined: Wed Dec 31, 1969 5:00 pm
Return to Xataface Users
Who is online
Users browsing this forum: No registered users and 12 guests
|