A place for users and developers of the Xataface to discuss and receive support.
by philc » Fri Jan 28, 2011 5:03 pm
Hi, I know I've probably made some really basic error but I'd be grateful for some help. I've implemented a dashboard as per the tutorial and enabled permissions in conf.ini and ApplicationDelegate.php: [_auth] users_table=users username_column=username password_column=password - Code: Select all
<?php class conf_ApplicationDelegate {
function getPermissions(&$record){ // $record is a Dataface_Record object $auth =& Dataface_AuthenticationTool::getInstance(); $user =& $auth->getLoggedInUser(); if ( $user ) return Dataface_PermissionsTool::ALL(); else return Dataface_PermissionsTool::NO_ACCESS(); } function beforeHandleRequest(){ $app =& Dataface_Application::getInstance(); $query =& $app->getQuery(); if ( $query['-table'] == 'dashboard' and ($app->_conf['using_default_action']) ){ $query['-action'] = 'dashboard'; } }
} ?>
I've added the following to actions.ini: [dashboard] permission = view I've added the following in dashboard.php in the dashboard table folder: - Code: Select all
<?php
class tables_dashboard { function getPermissions(&$record){ // $record is a Dataface_Record object $auth =& Dataface_AuthenticationTool::getInstance(); $user =& $auth->getLoggedInUser(); if ( $user ) return Dataface_PermissionsTool::ALL(); else return Dataface_PermissionsTool::NO_ACCESS(); } } ?>
The dashboard works fine, but when not logged in although all the other tables request a login, the dashboard is available to any anymous user, with the dropdown lists populated. If I comment out the beforeHandleRequest method in ApplicationDelegate.php going to the dashboard tab then also requests a login. Thanks for a great tool and any advice you can give. Regards Phil
-
philc
-
- Posts: 8
- Joined: Fri Jan 28, 2011 4:20 pm
by shannah » Fri Jan 28, 2011 5:30 pm
Given these settings it should ask for login. I wonder if perhaps it's not picking up either the actions.ini or the dashboard delegate class files. Try putting some obvious syntax errors in the dashboard delegate class and see it it reports the errors (to confirm that it is picking it up).
Same with the actions.ini
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
by philc » Sat Jan 29, 2011 4:32 am
Thanks for the quick response. In turn I added garbage to the dashboard.php file in the tables/dashboard folder and then to the actions.ini in the <app> folder. In each case they produced the expected errors which went away when the garbage was removed. I was wondering, is there a way to output what Xataface thinks the current user's rights to the currently displayed view are? Playing around to try and get some insight I altered the dashboard delegate class to: - Code: Select all
<?php
class tables_dashboard { function getPermissions(&$record){ // $record is a Dataface_Record object $auth =& Dataface_AuthenticationTool::getInstance(); $user =& $auth->getLoggedInUser(); if ( $user ) return Dataface_PermissionsTool::ALL(); else { echo "No rights here"; return Dataface_PermissionsTool::NO_ACCESS(); } } } ?>
With that I get the string "No rights here" repeated multiple times across the top of the page before the dashboard view is displayed. Altering the code to: - Code: Select all
<?php
class tables_dashboard { function getPermissions(&$record){ // $record is a Dataface_Record object $auth =& Dataface_AuthenticationTool::getInstance(); $user =& $auth->getLoggedInUser(); $count = 0; if ( $user ) return Dataface_PermissionsTool::ALL(); else { $count++; echo "No rights here: $count"; return Dataface_PermissionsTool::NO_ACCESS(); } } } ?>
does the same, except that $count is 1 and doesn't increment each time the string is displayed. Thinking about that as I write it's of course obvious, the function is being called multiple times and $count zeroed each time. You can tell I'm not much of a coder! For the record the string is repeated 45 times. Is it normal for the function to be called so many times or is that indicative of a problem? Many thanks Phil
-
philc
-
- Posts: 8
- Joined: Fri Jan 28, 2011 4:20 pm
by philc » Sat Jan 29, 2011 4:35 am
For completeness my dashboard action is: - Code: Select all
<?php class actions_dashboard {
function handle(&$params){ $apps = df_get_records_array('applications', array()); $trusts = df_get_records_array('trusts', array()); $projects = df_get_records_array('projects', array()); df_display( array( 'applications'=>$apps, 'trusts'=>$trusts, 'projects'=>$projects ), 'dashboard.html'); } } ?>
and my dashboard template is: - Code: Select all
{use_macro file="Dataface_Main_Template.html"} {fill_slot name="main_column"} <h1>Welcome to the AVS Grant Application Database</h1> <p>This system allows you to manage projects and applications to trusts. Some common actions you may perform with this system include: <ul> <li><img src="{$ENV.DATAFACE_URL}/images/add_icon.gif"/> <a href="{$ENV.DATAFACE_SITE_HREF}?-table=trusts&-action=new"> Create new trust</a> </li> <li><img src="{$ENV.DATAFACE_URL}/images/edit.gif"/> Edit existing trust: <select onchange="window.location.href=this.options[this.selectedIndex].value"> <option value="">Select ...</option> {foreach from=$trusts item=trust} <option value="{$trust->getURL('-action=edit')}"> {$trust->getTitle()} </option> {/foreach} </select> </li> <li><img src="{$ENV.DATAFACE_URL}/images/add_icon.gif"/> <a href="{$ENV.DATAFACE_SITE_HREF}?-table=applications&-action=new"> Create new application</a> </li> <li><img src="{$ENV.DATAFACE_URL}/images/edit.gif"/> Edit existing application: <select onchange="window.location.href=this.options[this.selectedIndex].value"> <option value="">Select ...</option> {foreach from=$applications item=application} <option value="{$application->getURL('-action=edit')}"> {$application->getTitle()} </option> {/foreach} </select> </li> <li><img src="{$ENV.DATAFACE_URL}/images/add_icon.gif"/> <a href="{$ENV.DATAFACE_SITE_HREF}?-table=projects&-action=new"> Create new project</a> </li> <li><img src="{$ENV.DATAFACE_URL}/images/edit.gif"/> Edit existing project: <select onchange="window.location.href=this.options[this.selectedIndex].value"> <option value="">Select ...</option> {foreach from=$projects item=project} <option value="{$project->getURL('-action=edit')}"> {$project->getTitle()} </option> {/foreach} </select> </li> </ul> {/fill_slot} {/use_macro}
Phil
-
philc
-
- Posts: 8
- Joined: Fri Jan 28, 2011 4:20 pm
by philc » Sun Jan 30, 2011 2:51 pm
Just poking around trying to get some insight here. I've modified my beforeHandleRequest to be: - Code: Select all
function beforeHandleRequest(){ echo "bHR"; $app =& Dataface_Application::getInstance(); $query =& $app->getQuery(); if ( $query['-table'] == 'dashboard' and ($app->_conf['using_default_action']) ){ $query['-action'] = 'dashboard'; } }
Now when I view the dashboard page the 'bHR' string appears once before the multiple strings from the dashboard.php getPermissions function. I see from the description of beforeHandleRequest() that it is meant to run after access control. Does the fact that it is running before the getPermissions function indicate an issue? Cheers Phil
-
philc
-
- Posts: 8
- Joined: Fri Jan 28, 2011 4:20 pm
by shannah » Sun Jan 30, 2011 3:09 pm
This is normal. beforeHandleRequest runs after the authentication step - not the permissions step. getPermissions is called multiple times per request... it is call any time Xataface wants to find out if the user has permission to access any particular action, method, or element.
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
by philc » Sun Jan 30, 2011 3:55 pm
OK, thanks for clearing that up. Can you suggest any other debugging steps I could take to try and find out why I'm not getting the login page for the dashboard?
Thanks
Phil
-
philc
-
- Posts: 8
- Joined: Fri Jan 28, 2011 4:20 pm
by shannah » Mon Jan 31, 2011 11:10 am
I'm not sure what to suggest. Everything looks correct. What version of Xataface are you using?
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
by philc » Mon Jan 31, 2011 1:42 pm
I've got 1.2.6.
Phil
-
philc
-
- Posts: 8
- Joined: Fri Jan 28, 2011 4:20 pm
by shannah » Tue Feb 01, 2011 10:08 am
So if you manually specify both table and action to dashboard using the URL it gives you a login prompt?
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
by philc » Tue Feb 01, 2011 1:26 pm
If I manually enter this URL: - Code: Select all
http://localhost/trustsdb/index.php?-table=dashboard&-action=dashboard
I get to the dashboard, not the login screen. If I enter this URL: - Code: Select all
http://localhost/trustsdb/index.php?-table=dashboard&-action=view
I get the login screen. This is also true for e.g. -action=edit and -action=browse. Thanks Phil
-
philc
-
- Posts: 8
- Joined: Fri Jan 28, 2011 4:20 pm
by shannah » Tue Feb 01, 2011 1:36 pm
It really sounds like it's not picking up the action definition in your actions.ini file. Your definition - Code: Select all
[dashboard] permission=view
is the bit that closes off the dashboard action from public consumption. Try changing the action to: - Code: Select all
[dashboard] category=table_tabs
This should add a tab named "dashboard" to the tabs (e.g. details, list, find, dashboard). If that doesn't happen it would mean that it isn't picking up your actions.ini file....
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
by philc » Tue Feb 01, 2011 6:06 pm
Solved! (though some mystery remains) You were right that it was a problem with my actions.ini file. The rest of the file looked like this: - Code: Select all
[export_xml > export_xml] condition = 0
[view_xml > view_xml] condition = 0
[rss > rss] condition = 0
[record_rss > record_rss] condition = 0
[related_rss > related_rss] condition = 0
[related_xml > related_xml] condition = 0
[feed > feed] condition = 0
[xml_list > xml_list] condition = 0
which I remember putting in a while ago, early on in building my app, I guess to get rid of various feeds and output options. Commenting these lines out fixed the permissions problem with the dashboard. It does leave me with a couple of questions for my education if I may: - what is wrong with these lines that broke the file? - having commented them out the rss feeds etc are not showing up again (which is fine), I'm just wondering why not? Thanks for your help, and once again for such a great tool. You must put many hours in to this and it is very much appreciated. Regards Phil
-
philc
-
- Posts: 8
- Joined: Fri Jan 28, 2011 4:20 pm
by shannah » Tue Feb 01, 2011 6:36 pm
The file looks fine. Perhaps try adding the rules back one at a time and see which one breaks it.
-
shannah
-
- Posts: 4457
- Joined: Wed Dec 31, 1969 5:00 pm
Return to Xataface Users
Who is online
Users browsing this forum: No registered users and 14 guests
|