Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Customising the CMS /

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba

How do I set admins to only viewing/editing their own records


Go to End
Reply


7 Posts   661 Views

Avatar
Arbee

Community Member, 23 Posts

7 July 2013 at 5:30am

I'm working in 2.4.5 in ModelAdmin. I have a number of tutors writing their own tutorials. When they enter the admin section I want them only to see their own tutorial records and not those of other tutors. How do I do that?

Avatar
swaiba

Forum Moderator, 1837 Posts

7 July 2013 at 7:33am

Disclaimer - this isn't *the* way to do it but *a* way - I'm looking to tidy in the move to SS3... With that said...

class MyAdmin extends ModelAdmin {
	static $managed_models = array('MyObject');
	static $collection_controller_class = "MyAdmin_CollectionController";
...
}

class MyAdmin_CollectionController extends ModelAdmin_CollectionController {

	function getSearchQuery($searchCriteria) {
		$query = parent::getSearchQuery($searchCriteria);

		if ($this->modelClass == 'MyObject'){
			$query->where[] = 'MyObject.MemberID='.Member::currentUserID();
		}

		return $query;
	}
}

Hope this helps

Avatar
Arbee

Community Member, 23 Posts

8 July 2013 at 5:20am

Edited: 08/07/2013 5:27am

Thanks so much for your help Swaiba!

So my code should look something like this. Am I missing anything? do I need anything for $searchCriteria?

class TutorEditAdmin extends ModelAdmin {

static $managed_models = array('TutorEdit');
static $collection_controller_class = "TutorEditAdmin_CollectionController";

static $url_segment = 'tutorEdit';

}

class TutorEditAdmin_CollectionController extends ModelAdmin_CollectionController {

function getSearchQuery($searchCriteria) {
$query = parent::getSearchQuery($searchCriteria);

if ($this->modelClass == 'TutorEdit'){
$query->where[] = 'TutorEdit.MemberID='.Member::currentUserID();
}

return $query;
}
}

Avatar
swaiba

Forum Moderator, 1837 Posts

8 July 2013 at 2:11pm

Looks good and no you don't need to do anymore than pass $searchCriteria to parent::getSearchQuery(); to get the $query object

Avatar
dpde

Community Member, 14 Posts

8 July 2013 at 7:13pm

Edited: 08/07/2013 7:13pm

You should also implement the canEdit method for your tutorial dataobject.

Avatar
swaiba

Forum Moderator, 1837 Posts

8 July 2013 at 7:37pm

goo point dpde...

function canEdit () {return true;]
also canView

*maybe* canDelete

Avatar
dpde

Community Member, 14 Posts

8 July 2013 at 7:49pm

Edited: 09/07/2013 3:04am

Of course canDelete too.
Something like this should work (not tested):

public function canEdit($member) {
  return (Permission::check('ADMIN') || $this->MemberID == $member->ID);
}

public function canDelete($member) {
  return (Permission::check('ADMIN') || $this->MemberID == $member->ID);
}