Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Customising the CMS /

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

User Group permissions with complexTableField


Go to End


2 Posts   1908 Views

Avatar
Jimmis

Community Member, 4 Posts

1 February 2011 at 4:20pm

Hi there,

Im trying to setup usergroups to be able to access only certain pages.

The problem im having is that access to the tabbed sections of the pages are limited. (see attached).

The 'Edit' and 'Delete' buttons are blanked out.

is there a way I can customize these to allow access from any user.

NOTE: I have tried

	      $tablefield->setPermissions( array('edit', 'show', 'add'));

but that still didnt work.

Thanks in advance.
J

Attached Files
Avatar
SilverDan

Community Member, 5 Posts

6 July 2011 at 8:49pm

Not sure if you found a solution to this yet, but I had also run into this problem and finally set aside some time to work out how to solve.

The problem: By default, only members with full Admin access can edit/delete/add items in a complexTableField (or similar) relationship. Other users logging in would find the edit/delete buttons 'greyed-out' as per your screen-shot, and unable to perform the functions. The solution is to overload the canView, canEdit, canDelete and canCreate functions for your object. Here's how to do this:

In the related object (the has_many or many_many related class - can be extending Page or DataObject), include the following functions to override the standard permission checking process:

class MyObject extends DataObject {
	
	static $db = array();
	
	static $has_one = array(
		'Parent' => 'ParentClass'
	);
	
	function getCMSFields_ForPopup(){
		$fields = new FieldSet();
		// insert fields
		return $fields;
	}

// These functions below are where the magic happens!


	public function canCreate() {
		if (Permission::check("SITETREE_EDIT_ALL")) return true;
		return false;
	}
	public function canView() {
		if (Permission::check("SITETREE_VIEW_ALL")) return true;
		return false;
	}
	public function canEdit() {
		if (Permission::check("SITETREE_EDIT_ALL")) return true;
		return false;
	}
	public function canDelete() {
		if (Permission::check("SITETREE_EDIT_ALL")) return true;
		return false;
	}
}

This code is checking the permissions for the logged-in user and if they are set to edit CMS pages ('SITETREE_EDIT_ALL'), they can then be allowed to edit, delete and add items of this class type - the function returns true, and the complexTableField (and similar relational fields), will enable the relevant buttons.

Hope this helps!