Jump to content

Working with permissions

inkredible

By inkredible
in Developer Connection

Recommended Posts

inkredible Enthusiast

inkredible

Posted
Posted

Hello,

I have already tried my luck in the development assistance area but I haven't got a response. I hope it is allowed to ask for help here though, as the documentation about Permissions is very short as well.

I've got a frontend tabmenu which looks like this: -f2Kjkk.png

 

I created a permissions page in my admincp which should allow admins to setup permissions for each tab (for example debug and administration tab should only be visible for groups who are allowed to see these tabs). In the table core_permission_index I can see one entry each tab and now I wonder how I can check if the loggedin user is allowed to see each tab.

 

Questions:

1. How can I check inside of my templates if the user is allowed to access tab x?

2. How can I check inside of my controller if the user is allowed to access tab x?

Code snippets are much appreciated.

bfarber Grand Master

bfarber

Posted
Posted

Unless you are leveraging nodes here (I doubt it based on how you describe this), you will need to select the permissions and manually check. Look at system/Node/Model.php::can() to get an idea of how we check permissions for content items now (i.e. $forum->can( 'add' ) would check if the user has permission to add a topic in a forum). While there are some other checks in the method, the most important part for you to take away would be 

		$permissions = $this->permissions();

		if( $member instanceof \IPS\Member\Group )
		{
			return ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] === '*' or ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] and in_array( $member->g_id, explode( ',', $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] ) ) ) );
		}
		else
		{
			return ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] === '*' or ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] and $member->inGroup( explode( ',', $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] ) ) ) );
		}

 

inkredible Enthusiast

inkredible

Posted
  • Author
Posted
3 hours ago, bfarber said:

Unless you are leveraging nodes here (I doubt it based on how you describe this), you will need to select the permissions and manually check. Look at system/Node/Model.php::can() to get an idea of how we check permissions for content items now (i.e. $forum->can( 'add' ) would check if the user has permission to add a topic in a forum). While there are some other checks in the method, the most important part for you to take away would be 


		$permissions = $this->permissions();

		if( $member instanceof \IPS\Member\Group )
		{
			return ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] === '*' or ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] and in_array( $member->g_id, explode( ',', $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] ) ) ) );
		}
		else
		{
			return ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] === '*' or ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] and $member->inGroup( explode( ',', $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] ) ) ) );
		}

 

Ok I have implemented a protected function can() in my controller. As I described I've setup 5 permissions for my applications (each tab is one permission - http://img.imgland.net/VeSRWWW.png). How could I check the permissions for perm_type_id x?

bfarber Grand Master

bfarber

Posted
Posted

If you look at nodes closer, they map the permission options in an array, and that's where the static::$permissionMap[ $permission ] comes in to play. So, $permissionMap may be a (static) class property like 

protected static $permissionMap = array( 'add' => 2, 'upload' = 3 );

And then you can check $node->can('add') which checks against "perm_2" from the database.

inkredible Enthusiast

inkredible

Posted
  • Author
Posted
1 hour ago, bfarber said:

If you look at nodes closer, they map the permission options in an array, and that's where the static::$permissionMap[ $permission ] comes in to play. So, $permissionMap may be a (static) class property like 


protected static $permissionMap = array( 'add' => 2, 'upload' = 3 );

And then you can check $node->can('add') which checks against "perm_2" from the database.

I think you missunderstood me. I have got 5 different permission types I would like to handle (each tab one). Basically I can specify what groups can view or use specific parts of each tab. I checked the core_permission_index table and it seems like I can use the perm_type_id to check the permissions for every tab.

Maybe this screenshot helps you to understand my issue of checking permissions for one specific tab:

Hvg0yFI.png

bfarber Grand Master

bfarber

Posted
Posted

You're going to have to roll your own code for it. :) With the node classes, they handle this by separating on a per-node basis based on the perm_type_id, but if you aren't leveraging the node classes there's going to be little in the way of helping you check those permissions. You'll need to write the code to do it based on the examples I showed you - sorry I don't have anything more concrete to offer.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...