Permissions: USER role for sign-up
15 posts
• Page 1 of 1
I'm trying to set-up a Sign-up form for users to register on a typical USERS table. I'd like to have it such that they can Add a new record, and also edit their own information. The 'USER' role seems to fit the bill for this from the documentation (http://framework.weblite.ca/documentation/tutorial/getting_started/permissions/). But I'm getting an error when calling Dataface_PermissionsTool.
Fatal error: Call to undefined method Dataface_PermissionsTool::user() The other roles, READ_ONLY(), ADMIN(), work fine. Here's the code... class tables_users { function getPermissions(&$record){ $auth =& Dataface_AuthenticationTool::getInstance(); $user =& $auth->getLoggedInUser(); if ( !isset($user) ) return Dataface_PermissionsTool::USER(); // if the user is null then nobody is logged in... no access. // This will force a login prompt. $role = $user->val('role'); return Dataface_PermissionsTool::getRolePermissions($role); // Returns all of the permissions for the user's current role. } }
Hi Dalcon,
There is no Dataface_PermissionsTool::USER() method. The ALL(), NO_ACCESS(), and READ_ONLY() methods are convenience methods for those common roles, but for a general role, you will need to do: Dataface_PermissionsTool::getRolePermissions('user'); Hope this helps. Steve
Gotcha, Thanks. I realized what I need now is to define my own role and permissions for certain types of users. I found that the default 'USER' role, does not have permission for the 'new' action...so I need a new role such that visitors would be able to register themselves (ie. add a new users record).
Gotcha, Thanks. I realized what I need now is to define my own role and permissions for certain types of users. I found that the default 'USER' role, does not have permission for the 'new' action...so I need a new role such that visitors would be able to register themselves (ie. add a new users record). hi dal and all: dal, if you have found a solution, could you write it up here, and also perhaps on your DATFACE HOMEPAGE? http://framework.weblite.ca/Members/dal
See the conf.ini in the webauction demo for an example of how to add registration to your app.
http://demo.weblite.ca/source-browser.php?-path=webauction i.e. just add allow_register=1 to the [_auth] section of your conf.ini file. You also need to make sure that public users have the 'new' permission for this to work. -Steve
how do i create a different role? Add a permissions.ini file to your application directory. You can add new roles by adding new sections to this file. E.g.
The syntax means that you are creating a new role named 'OWNER' that inherits all the permissions of the 'EDIT AND DELETE' role. You can check out the permissions.ini file in the dataface directory to see what existing roles there are to inherit from. If you wanted to customize the role to NOT allow delete, you could do:
If you wanted to create a role that was read only, but could also create new records you would do something like:
So for the problem at hand, you have identified 2 roles: 1. REGISTERED - any registered user can read or create new roles. 2. OWNER - the owner of a record can edit and delete that record. So you would have something like:
The next thing you have to do is reference these roles from inside your getPermissions() method.
Note that this snippet assumes that you have a field in your table called 'owner_id' that references the user that created the record. You can populate this field using a beforeInsert() trigger:
Hope this helps. -Steve
Whoops.. the example getPermissions() method won't work as desired because it handles the permissions for registered users before it handles permissions for owners. Since owners are always registered, the method will never even get to handle the owner case. Change to:
thanks, ik works (as usually )!
However, as it seems to be clear to understand, there is one thing I don't. where is the data saved? I thought this would be saved in the records table under owner_id, but this stays NULL. When i edit this data through dataface (the same user, owner in this case) to the owner id (I made a nice dropdown list with all owners) I get the following error message: Errors * Permission to perform action 'edit' denied. Requires permission 'edit' but only granted '1,1,1,1,1,1,1,1,1' the field owner_id is changed to the user_id I added, but the Owner can no longer edit this record again (in other words, he is not the owner anymore). the thing I want to create is that admins can change the owner and all users can see who is the owner and ofcourse the owner himself can edit the record..
I may not be understanding the question.Ê I think you are asking where the owner_id value that we set in the trigger gets saved.Ê It gets saved in the same record in the same table.Ê If it is not then the trigger isn't working the way we want. I know there was a bug that showed up only in PHP 4 that caused some triggers not to be picked up. Check the Dataface/IO.php file in your version.Ê Look for the fireEvent() method.Ê If it contains a call to the call_user_func() function, then you will need to replace the function with this one: function fireEvent($name, &$record){ÊÊÊ ÊÊÊ And that should get the trigger working properly.
Re: Permissions: USER role for sign-upSteve,
I think this broke something... > Ability to add a new record to a table // Deprecated.. see if this breaks anything!! > ;;add new record = Add New Record Tried to add 'Owner permissions to the users table... successfully removed the ability to delete records, but for the life of me, I can't get rid of the ability to add new records... if ( $user->val('UserName') == $record->val('UserName')) return Dataface_PermissionsTool::getRolePermissions('OWNER'); I can say this, creating a brand new role with specific permissions seems to work, but the OWNER role wont remove the new permission..... here's my (app)->permissions.ini [OWNER extends EDIT AND DELETE] navigate = 0 new = 0 add new record = 0 add new related record = 0 delete found = 0 delete = 0 delete found = 0 delete selected = 0 [OWNER1] navigate = 0 new = 0 add new record = 0 add new related record = 0 delete found = 0 delete = 0 delete found = 0 delete selected = 0 view in rss=1 view = 1 link = 1 list = 1 calendar = 1 view xml = 1 show all = 1 find = 1 ajax_load = 1 find_list = 1 find_multi_table = 1 rss = 1 export_csv = 1 export_xml = 1 export_json = 1 view related records=1 related records feed=1 expandable=1 edit = 1 add new record = 1 reorder_related_records = 1 import = 1 translate = 1 ajax_save = 1 ajax_form = 1 history = 1 edit_history = 1 update_set = 1 update_selected=1 select_rows = 1 Thanks for a great app!!! -Barry-
Re: Permissions: USER role for sign-upDid the forum strip some of your getPermissions() method? Can you post the whole method? My guess is that there's a problem in there somewhere.
-Steve
15 posts
• Page 1 of 1
Who is onlineUsers browsing this forum: No registered users and 22 guests |