Application Delegate Issue

[singersoll]

I am getting a "With Selected" "Copy" "Update" on each record when users are not logged in. I don't want users who are not logged in to have these tabs available. Best example is the Librarian demo when you are logged into the backend. I want to have the same results as this demo when you are not logged in. I have been able to eliminate this in my ApplicationDelegate.php but then don't get the other functionality I am looking for on the backend. Either the below is not correct or there is something else driving the result list.

getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::ADMIN();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
$role = $user->val('role');
if ( isAdmin($role) ) return Dataface_PermissionsTool::NO_ACCESS();
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.
}



function getPreferences(){
$app =& Dataface_Application::getInstance();
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( $user && isAdmin($user->val('role')) ){
return array();

} else {
return array(
'show_result_stats'=>0,
'show_jump_menu'=>0,
'show_result_controller'=>0,
'show_table_tabs'=>0,
'show_actions_menu'=>0,
'show_tables_menu'=>0,
'show_search'=>0,
'show_record_actions'=>0,
'show_recent_records_menu'=>0,
'show_record_tabs'=>0,
'show_record_tree'=>0,
'show_bread_crumbs'=>0);

}

}
}
?>

Any assistance would be appreciated.

Steve

[shannah]

getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::ADMIN();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
$role = $user->val('role');
if ( isAdmin($role) ) return Dataface_PermissionsTool::NO_ACCESS();
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.
}

It looks like you are doing the opposite of what you want to do here. You are giving people who aren't logged in full permissions. But those who are logged in are given no access.

Instead you probably want something like:

Code: Select all

if ( isset($user) ) return Dataface_PermissionsTool::ALL();
else return Dataface_PermissionsTool::READ_ONLY();



-Steve

[singersoll]

It appears I still don't get the picture here. My test site: http://167.154.2.203/inspection

(1) Below is my complete ApplicationDelegate.php file
(2) When not logged in I want users to not see the tabs "Copy" and "Update" for my inspection table. I simply want our internet users to be able to view the results of the inspections.
(3) When you login with credentials admin/password you see all as expected and all works fine. The inspectors and administrators can add/delete/update and do all the work that will be seen in the Results or Inspection table.

What am I missing?

TIA,
Steve


getLoggedInUser();
if ( !isset($user) ) return Dataface_PermissionsTool::ALL();
else return Dataface_PermissionsTool::READ_ONLY();
// if the user is null then nobody is logged in... no access.
// This will force a login prompt.
$role = $user->val('role');
if ( isAdmin($role) ) return Dataface_PermissionsTool::ALL();
return Dataface_PermissionsTool::NO_ACCESS();
// Returns all of the permissions for the user's current role.
}




function getPreferences(){
$app =& Dataface_Application::getInstance();
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( $user && isAdmin($user->val('role')) ){
return array();

} else {
return array(
'show_result_stats'=>0,
'show_jump_menu'=>0,
'show_result_controller'=>0,
'show_table_tabs'=>0,
'show_actions_menu'=>0,
'show_tables_menu'=>0,
'show_search'=>0,
'show_record_actions'=>0,
'show_recent_records_menu'=>0,
'show_record_tabs'=>0,
'show_record_tree'=>0,
'show_bread_crumbs'=>0);

}

}
}
?>

[shannah]

The forum tends to cut out pieces of your file.

A couple of things that jump right out at me though:

1. Your getPermissions() method is still a little off... it has contradictory and redundant instructions.

2. Your application is not behaving like this getPermissions() method instructs it to. Do you have getPermissions() defined in one of the tables' delegate classes that might be overriding this getPermissions() method?


a simple getPermissions() method that would allow logged in users to see everything, but public users to have read only permissions (i.e. no copy & update support) would be something like:

Code: Select all

function getPermissions(&$record){
    $auth =& Dataface_AuthenticationTool::getInstance();
    $user =& $auth->getLoggedInUser();
    if ( isset($user) ) return Dataface_PermissionsTool::ALL();
    else return Dataface_PermissionsTool::READ_ONLY();
}


Your existing getPermissions() method is literally telling Dataface to:
1. if ( !isset($user) ) return Dataface_PermissionsTool::ALL();
If the user is currently NOT logged in, we'll give him full permissions!

2. else return Dataface_PermissionsTool::READ_ONLY();
Otherwise (i.e. the user IS logged in), we give him read only access.

This is quite the opposite of what most sane applications would want to do.

In addition, it appears that your application is completely ignoring this method... so you must have a getPermissions() method defined in one of your table delegate classes that is providing full permissions to everyone.

-Steve