Field__permissions Not Working?

A place for users and developers of the Xataface to discuss and receive support.

Field__permissions Not Working?

Postby lhat » Mon Aug 29, 2011 1:10 pm

Hi, All--

[update to previous post]
I must have something out of whack here. I've reviewed the docs on __field__permissions and fieldname__permissions in the effort to hide certain fields/columns in my XF application based on the user's level; my records each have group IDs and numeric level numbers; and I'm aiming to show the user his/her own records and in those records to hide certain columns (depending on the user's level). For myself and my admin users, I'm providing full access to all records.

I've been able to preselect the group's records based on log-in ID using the delegate class approach; but I'm not having luck with hiding fields using field__permissions.

In my tablename.php delegate file, I've got this for example:

Code: Select all
function init(&$users){
  $auth =& Dataface_AuthenticationTool::getInstance();
  $user =& $auth->getLoggedInUser();
    if ( !$user ) return Dataface_PermissionsTool::NO_ACCESS();
    $role = $user->val('Role');
    switch ($role){
      case 'ADMIN':
        return Dataface_PermissionsTool::ALL();
      case 'STAFF':
        return Dataface_PermissionsTool::ALL();
      default:
        $users->setSecurityFilter(array('Level'=>$user->val('Level'))); // limit display to records with matching level;
        $level = $user->val('Level');
        if ( $level == '2' )       // for users with level 2, hide the field called "Level" by turning off view, edit, & list perms;
            function Level__permissions(&$record) {   
              return array('view'=>0,'edit'=>0,'list'=>0);
            }
    }
  }


Alas, though this successfully differentiates users by role (admin vs. me vs. the default; this leaves the 'Level' field right where it sat, fully accessible to users with level 2!

I think I'm close here, but longing for the trip up the Wonkavator....
lhat
 
Posts: 40
Joined: Thu Aug 06, 2009 3:31 pm

Re: Field__permissions Not Working?

Postby ADobkin » Tue Aug 30, 2011 12:50 pm

These functions need to be defined directly under the table delegate class, not within an init function. Refer to these pages in the wiki:

http://xataface.com/wiki/Delegate_class_methods

http://xataface.com/wiki/__field__permissions

http://xataface.com/wiki/fieldname__permissions

Good luck!

Alan
ADobkin
 
Posts: 195
Joined: Mon Oct 22, 2007 7:31 pm
Location: Atlanta, GA, USA

Re: Field__permissions Not Working?

Postby lhat » Tue Aug 30, 2011 5:39 pm

Hi, Alan--

Thanks, but I don't think I understand: these are all in my tablename.php delegate class, the whole of which begins with
Code: Select all
class tables_tablename {
function init(&$users){
    Etc . . .

(I just truncated to save space.)

My goal is to activate these functions ("hiding" columns using field__permissions) according to the current user's level. Would I be able to do that if I placed the field__perm functions directly under the delegate class header, as it were outside the condition-checking loop?

My notion of the sequence is pretty simple minded: 1) grab the logged in userid and level; 2) search for a match between level and user's level with the switch statement, and 3) when the match is found, apply the corresponding field_perms.

Thanks again for any insight you may be able to offer. . .
lhat
 
Posts: 40
Joined: Thu Aug 06, 2009 3:31 pm

Re: Field__permissions Not Working?

Postby ADobkin » Tue Aug 30, 2011 6:36 pm

I meant that the field__permissions() function should be outside of / separate from the init function. The init function is useful for the security filter that you have implemented to restrict the records that are displayed to the user. However, it should not be used for the field__permissions function. That should be defined separately, such as:

Code: Select all
class tables_tablename {
    function init(&$users){
        ...
    }
    function Level__permissions(&$record) {   
        $auth =& Dataface_AuthenticationTool::getInstance();
        $user =& $auth->getLoggedInUser();
        $level = $user->val('Level');
        if ( $level == '2' )      // for users with level 2, hide the field called "Level" by turning off view, edit, & list perms;
            return array('view'=>0,'edit'=>0,'list'=>0);
    }
}


If that doesn't help, perhaps this wiki page might offer more guidance:

http://xataface.com/wiki/How_to_granula ... each_field

Alan
ADobkin
 
Posts: 195
Joined: Mon Oct 22, 2007 7:31 pm
Location: Atlanta, GA, USA

Re: Field__permissions Not Working/Solved!

Postby lhat » Tue Aug 30, 2011 8:41 pm

Alan--

Thanks very much--that was exactly what was blocking my progress; I really appreciate the help!
lhat
 
Posts: 40
Joined: Thu Aug 06, 2009 3:31 pm


Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 21 guests

Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved