Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Data Model Questions /

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba

ModelAdmin & Security - Users Can View But Not Edit


Go to End
Reply


15 Posts   5266 Views

Avatar
mspacemedia

Community Member, 10 Posts

21 January 2011 at 5:23am

So, in theory I could use these classes to allow a registered member to add a single listing to a dataObject directory on the site by logging their member ID into that dataObject when they sign up. Then when they log back in I could check for their ID in the DO if it appears then they only get a canEdit(), canDelete() option?

If I wanted to allow them to upload something as long as they have paid - I guess I would need to create a separate field in their member details to state whether they had a paid subscription. If so, would the payments module be capable of populating that on return from the payment processor?

Look forward to hearing from you guys/girls on the possibility...

Avatar
Stefdv

Community Member, 110 Posts

16 March 2011 at 8:28am

Edited: 17/03/2011 12:39am

Sorry for bumping in ...

I have ( i think ) the same question.

I have a

 
Dog extends DataObject
static $has_one = array ('Breeder' => 'Breeder')
                                      

----
Breeder extends Member 

static $has_many = array('Dogs' =>'Dog');

When a Breeder logs in to ModelAdmin i want him to be allowed to edit his own Dogs, but not the others.

I think i need to do something with function CanEdit, but not sure how.

any idea ?
Never mind...Got it.

Avatar
moloko_man

Community Member, 72 Posts

28 May 2011 at 4:33am

Stefdv, how did you end up getting canEdit to work?

Avatar
swaiba

Forum Moderator, 1826 Posts

28 May 2011 at 6:20am

if it helps, this is how i do it...

function getCMSFields() {
	$fields = parent::getCMSFields();
	...
	$hasOneCTF = new HasOneComplexTableField($this,'HasOne','HasOne',null,null,'ID='.$this->HasOneID);
	$hasOneCTF->setPermissions(array('edit','show'));
	$hasOneCTF->Markable = false;
	$fields->addFieldToTab("Root.HasOne", $hasOneCTF);
	...
	return $fields;
}

Avatar
Stefdv

Community Member, 110 Posts

28 May 2011 at 7:27pm

Well, i'm not really sure how Swaiba does it. He helped me out a lot with all kind of things, but i just compare the current logged in breeder to the breeder of the current dog.


function canEdit()
	{
						  	if(!Permission::check('ADMIN'))
						  	{ 
         						if($this->BreederID == Member::currentUserID())
								{ return true; } 
      						} 
							else 
							{
		   						if(Permission::check('ADMIN'))
								{return true;} 
							}
	}

hope this helps.

Avatar
swaiba

Forum Moderator, 1826 Posts

28 May 2011 at 9:37pm

I think I missed the point on this one (I do that alot too!) the code I've got is for when there is a has_one on the form as a drop down, but instead I want to allow them to edit the information.

Avatar
SS_Learner

Community Member, 20 Posts

18 January 2013 at 6:16pm

Hi Totalnet

I have to added the permissions for my custom modules.I am trying to add more permission codes for delete, edit, view in a group in front of each module together to appear as checkboxes on the permissions tab for the user's group under security .So that depending on Edit/view/delete checkbox value i can add code into my module depending on what that group is allowed to do..
Hope you can help me with this..
Thanks

Go to Top