inkredible Posted March 10, 2017 Posted March 10, 2017 Hello, I have already tried my luck in the development assistance area but I haven't got a response. I hope it is allowed to ask for help here though, as the documentation about Permissions is very short as well. I've got a frontend tabmenu which looks like this: I created a permissions page in my admincp which should allow admins to setup permissions for each tab (for example debug and administration tab should only be visible for groups who are allowed to see these tabs). In the table core_permission_index I can see one entry each tab and now I wonder how I can check if the loggedin user is allowed to see each tab. Questions: 1. How can I check inside of my templates if the user is allowed to access tab x? 2. How can I check inside of my controller if the user is allowed to access tab x? Code snippets are much appreciated.
bfarber Posted March 13, 2017 Posted March 13, 2017 Unless you are leveraging nodes here (I doubt it based on how you describe this), you will need to select the permissions and manually check. Look at system/Node/Model.php::can() to get an idea of how we check permissions for content items now (i.e. $forum->can( 'add' ) would check if the user has permission to add a topic in a forum). While there are some other checks in the method, the most important part for you to take away would be $permissions = $this->permissions(); if( $member instanceof \IPS\Member\Group ) { return ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] === '*' or ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] and in_array( $member->g_id, explode( ',', $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] ) ) ) ); } else { return ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] === '*' or ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] and $member->inGroup( explode( ',', $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] ) ) ) ); }
inkredible Posted March 13, 2017 Author Posted March 13, 2017 3 hours ago, bfarber said: Unless you are leveraging nodes here (I doubt it based on how you describe this), you will need to select the permissions and manually check. Look at system/Node/Model.php::can() to get an idea of how we check permissions for content items now (i.e. $forum->can( 'add' ) would check if the user has permission to add a topic in a forum). While there are some other checks in the method, the most important part for you to take away would be $permissions = $this->permissions(); if( $member instanceof \IPS\Member\Group ) { return ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] === '*' or ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] and in_array( $member->g_id, explode( ',', $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] ) ) ) ); } else { return ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] === '*' or ( $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] and $member->inGroup( explode( ',', $permissions[ 'perm_' . static::$permissionMap[ $permission ] ] ) ) ) ); } Ok I have implemented a protected function can() in my controller. As I described I've setup 5 permissions for my applications (each tab is one permission - http://img.imgland.net/VeSRWWW.png). How could I check the permissions for perm_type_id x?
bfarber Posted March 13, 2017 Posted March 13, 2017 If you look at nodes closer, they map the permission options in an array, and that's where the static::$permissionMap[ $permission ] comes in to play. So, $permissionMap may be a (static) class property like protected static $permissionMap = array( 'add' => 2, 'upload' = 3 ); And then you can check $node->can('add') which checks against "perm_2" from the database.
inkredible Posted March 13, 2017 Author Posted March 13, 2017 1 hour ago, bfarber said: If you look at nodes closer, they map the permission options in an array, and that's where the static::$permissionMap[ $permission ] comes in to play. So, $permissionMap may be a (static) class property like protected static $permissionMap = array( 'add' => 2, 'upload' = 3 ); And then you can check $node->can('add') which checks against "perm_2" from the database. I think you missunderstood me. I have got 5 different permission types I would like to handle (each tab one). Basically I can specify what groups can view or use specific parts of each tab. I checked the core_permission_index table and it seems like I can use the perm_type_id to check the permissions for every tab. Maybe this screenshot helps you to understand my issue of checking permissions for one specific tab:
bfarber Posted March 14, 2017 Posted March 14, 2017 You're going to have to roll your own code for it. With the node classes, they handle this by separating on a per-node basis based on the perm_type_id, but if you aren't leveraging the node classes there's going to be little in the way of helping you check those permissions. You'll need to write the code to do it based on the examples I showed you - sorry I don't have anything more concrete to offer.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.