Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Customising the CMS /

How do I set admins to only viewing/editing their own records


Reply


7 Posts   425 Views

Avatar
Arbee

Community Member, 21 Posts

7 July 2013 at 5:30am

I'm working in 2.4.5 in ModelAdmin. I have a number of tutors writing their own tutorials. When they enter the admin section I want them only to see their own tutorial records and not those of other tutors. How do I do that?

Avatar
swaiba

Forum Moderator, 1799 Posts

7 July 2013 at 7:33am

Disclaimer - this isn't *the* way to do it but *a* way - I'm looking to tidy in the move to SS3... With that said...

class MyAdmin extends ModelAdmin {
   static $managed_models = array('MyObject');
   static $collection_controller_class = "MyAdmin_CollectionController";
...
}

class MyAdmin_CollectionController extends ModelAdmin_CollectionController {

   function getSearchQuery($searchCriteria) {
      $query = parent::getSearchQuery($searchCriteria);

      if ($this->modelClass == 'MyObject'){
         $query->where[] = 'MyObject.MemberID='.Member::currentUserID();
      }

      return $query;
   }
}

Hope this helps

Avatar
Arbee

Community Member, 21 Posts

8 July 2013 at 5:20am

Edited: 08/07/2013 5:27am

Thanks so much for your help Swaiba!

So my code should look something like this. Am I missing anything? do I need anything for $searchCriteria?

class TutorEditAdmin extends ModelAdmin {
   
      static $managed_models = array('TutorEdit');
      static $collection_controller_class = "TutorEditAdmin_CollectionController";
      
      static $url_segment = 'tutorEdit';
      
      
   
   }

   class TutorEditAdmin_CollectionController extends ModelAdmin_CollectionController {

      function getSearchQuery($searchCriteria) {
         $query = parent::getSearchQuery($searchCriteria);

         if ($this->modelClass == 'TutorEdit'){
            $query->where[] = 'TutorEdit.MemberID='.Member::currentUserID();
         }

         return $query;
      }
   }

Avatar
swaiba

Forum Moderator, 1799 Posts

8 July 2013 at 2:11pm

Looks good and no you don't need to do anymore than pass $searchCriteria to parent::getSearchQuery(); to get the $query object

Avatar
dpde

Community Member, 14 Posts

8 July 2013 at 7:13pm

Edited: 08/07/2013 7:13pm

You should also implement the canEdit method for your tutorial dataobject.

Avatar
swaiba

Forum Moderator, 1799 Posts

8 July 2013 at 7:37pm

goo point dpde...

function canEdit () {return true;]
also canView

*maybe* canDelete

Avatar
dpde

Community Member, 14 Posts

8 July 2013 at 7:49pm

Edited: 09/07/2013 3:04am

Of course canDelete too.
Something like this should work (not tested):

public function canEdit($member) {
return (Permission::check('ADMIN') || $this->MemberID == $member->ID);
}

public function canDelete($member) {
return (Permission::check('ADMIN') || $this->MemberID == $member->ID);
}