Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
Midnight Modding Posted April 8, 2018 Posted April 8, 2018 Aren't they automatically checked if the url do= matches the restriction key add/edit/manage/delete? I do see it manually checked in files in function execute(), but I assume that is just to be sure it checks it for the various methods that don't match the key? So i wouldn't need to do my own check in function add(), for instance, if I have a restriction for add?
Midnight Modding Posted April 8, 2018 Author Posted April 8, 2018 Just noticed someone linking to rikki's documentation that said add/edit/delete is auto checked for NODES. So if I am not extending \IPS\Node\Controller, I guess it won't auto check then?
bfarber Posted April 9, 2018 Posted April 9, 2018 We check ACP restrictions against modules automatically, but anything else (i.e. "Can add ____" and "Can delete ____") you need to check manually.
Midnight Modding Posted April 9, 2018 Author Posted April 9, 2018 When you say against modules, you mean only the _manage one? Obviously, for nodes, it checks add, move, edit with the various built in methods, as well, but I am talking about when simply extending the dispatcher controller instead of the node one. I so often get acp restrictions and front end permissions all mixed up for some reason.
bfarber Posted April 10, 2018 Posted April 10, 2018 Look at applications/core/modules/admin/members/members.php as an example. We don't explicitly check a permission to access the page (because this is tied into the module-level permission), but we do for adding, editing, deleting, etc.
Midnight Modding Posted April 14, 2018 Author Posted April 14, 2018 Why does the permissions edit form have checkmarks next to things when permissions were not even set? Since the person who added the node did not have permission to set permissions, none were done, but for me if I click the permissions lock icon it brings them up with checkmarks in them as if they were set! I even var dumped the permissions for that node and all said NULL. I can see having checkmarks in default places when ADDING a node, but when editing one, it should have them only where they currently are set to.
bfarber Posted April 16, 2018 Posted April 16, 2018 On 4/14/2018 at 2:08 AM, Midnight Modding said: Why does the permissions edit form have checkmarks next to things when permissions were not even set? Since the person who added the node did not have permission to set permissions, none were done, but for me if I click the permissions lock icon it brings them up with checkmarks in them as if they were set! I even var dumped the permissions for that node and all said NULL. I can see having checkmarks in default places when ADDING a node, but when editing one, it should have them only where they currently are set to. This happens if there is no permission row at all saved....in this case the system thinks you are in the middle of adding a new node and is setting recommended permissions on the form with the expectation you are about to save and continue. Moving forward a row is then stored and you wouldn't run into this issue.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.