Rather than duplicating the entire xataface permissions.ini file for your application, it is better to just override the permissions that you want to change in your application's permissions.ini file. E.g. if you want to override the USER role so that it cannot view records, you would:
- Code: Select all
[USER extends USER]
view=0
etc...
As far as the solution to your problem. You should create separate permissions.ini roles for each case. This can be confusing since we are using the term role to mean two different things:
1. A set of permissions in the permissions.ini file
2. A user's role with respect to the application (as stored in the users table).
You might create two roles:
USER DEFAULT : A role that provides permissions available to a user
USER OWNER : A role that provides permissions for the owner of a record.
Then your getPermissions() method might look something like:
- Code: Select all
function getPermissions(&$record){
// if this is the owner of the record then we give it the USER OWNER
// permission
$user = getUser(); // You created the getUser() function elsewhere
if ( $record and $user and $user->val('role') == 'USER' and $user->val('user_id') == $record->val('owner_id') ){
return Dataface_PermissionsTool::getRolePermissions('USER OWNER');
}
if ( $record and $user and $user->val('role') == 'USER' ){
return Dataface_PermissionsTool::getRolePermissions('USER DEFAULT');
}
// Otherwise just use default permissions
return null;
}
As for the search engines, I can look into sphider... I've tried quite a few things. Right now i just use a MySQL full-text index and it seems to work pretty well if you know the correct terms to look for. For example if you search for permissions or getPermissions or permissions.ini in this search it will come up with relevant documentation... Your question however is a little specific so it is hard for a search engine to come up with the answer based on just keywords....