Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

A couple of security questions...


Reply


3 Posts   1576 Views

Avatar
Louie

Community Member, 9 Posts

5 November 2008 at 11:22pm

Hey there! I'm quite new to silverstripe and is still trying to figure out my way around. anyway, i'm trying to have custom group forms (by making security groups in the cms) in which the members of each group can access certain web pages and its functions, but i'm having a bit trouble "separating" the groups from each other when i get into the templates. Put quite simply, for example, i want group A to do actions X and Y, but I want group B to do only action Y. Now, is there any way to make a simple if-else statement which returns true if a specific security group name is met:

(i.e. <% if CurrentMember.SecurityGroup = 'thisname' %> //do this, or something like that)

Second question, how can I add custom fields for the members in the security groups? Basically, i want to add another field called 'ranking points' aside from the firstname, surname, email, and password fields.

I'm so sorry i'm just a newbie in PHP, i'm trying out many things to figure out how to solve my problems but it seems that i have found no luck.

Avatar
Ingo

Forum Moderator, 801 Posts

29 November 2008 at 8:35pm

In the 2.3 release, you can use Controller::$allowed_actions to assign permission codes to specific controller methods. These permission codes can be granted to specific groups in admin/security. I've documented this on http://doc.silverstripe.com/doku.php?id=security#limiting_url-access_to_controller_methods

Avatar
Hamish

Community Member, 712 Posts

1 December 2008 at 9:17am

Second question, how can I add custom fields for the members in the security groups? Basically, i want to add another field called 'ranking points' aside from the firstname, surname, email, and password fields.

Have a look at [url=http://doc.silverstripe.com/doku.php?id=dataobjectdecorator]DataObject Decorators[/url]. These allow you to modify an DataObject with your own fields and logic.