FYI, this is what i got so far:
I'm still at cleaning up the code but it works ;)
I created a new rule for cms members to only allow access to the Betrieb (customer) - Admin and assets.
My base-DataObject "Betrieb" (customer) implements PermissionProvider:
function canView($member = false) {
//Allow view on frontend for everyone
if (strpos('/'.Director::get_current_page()->Link(),'admin/') == false) return true;
//Get current member
if(!$member) $member = Member::currentUser();
//Allow view if member has assigned Betrieb or member is admin
$ret = false;
if($member) $ret = $member->Betrieb()->ID == $this->ID;
if(!$ret) return Permission::check('ADMIN');
return $ret;
}
function canEdit($member = false) {
//Get current member
if(!$member) $member = Member::currentUser();
//Allow edit if member has assigned Betrieb or member is admin
$ret = false;
if($member) $ret = $member->Betrieb()->ID == $this->ID;
if(!$ret) return Permission::check('ADMIN');
return $ret;
}
Extension to Member-Class:
class CustomMemberExtension extends DataExtension{
...
private static $has_one = array("Betrieb"=>"Betrieb");
...
//create Betrieb-Object on new member creation
function onBeforeWrite() {
parent::onBeforeWrite();
$this->owner->customTest = $this->owner->Betrieb()->ID;
if(!$this->owner->Betrieb()->ID){
$betrieb = new Betrieb();
$betrieb->write();
$betrieb->Ansprechperson = $this->owner->FirstName . ' ' . $this->owner->Surname;
$betrieb->write();
$this->owner->BetriebID = $betrieb->ID;
}
}
}
CustomLeftAndMain
Redirects to the assigned Betrieb-Object of a member (always, so he won't be able to navigate to the model admin)
class CustomLeftAndMain extends LeftAndMainExtension {
public function init() {
CMSMenu::remove_menu_item('Help');
//Check if not admin and member is logged in
if(!Permission::check('ADMIN') && $member = Member::currentUser()) {
//Remove Admin-Links
CMSMenu::remove_menu_item('BetriebAdmin');
CMSMenu::remove_menu_item('AssetAdmin');
//Redirect to members Betrieb-Object
$betrieb = $member->owner->Betrieb();
if(strpos($_SERVER["REQUEST_URI"], 'field/Betrieb/item') == false){
Controller::curr()->redirect(Director::baseURL().'admin/betriebe/Betrieb/EditForm/field/Betrieb/item/'.$betrieb->ID.'/edit');
}
//Add custom admin-link to LeftAndMain
$id = 'LinkToBetrieb';
$title = $member->getTitle();
// the link you want to item to go to
$link = '/admin/betriebe/Betrieb/EditForm/field/Betrieb/item/'.$betrieb->ID.'/edit';
$priority = 10;
$attributes = array();
CMSMenu::add_link($id, $title, $link, $priority, $attributes);
}
}
}
I also tried redirecting with a custom MemberLoginForm but it was replaced with the CustomLeftAndMain above:
class GoHomeLoginForm extends MemberLoginForm {
public function dologin($data) {
parent::dologin($data);
if(Controller::curr()->redirectedTo() and Member::currentUserID() ) {
$this->controller->response->removeHeader('Location');
$betrieb = Member::currentUser()->owner->Betrieb();
Controller::curr()->redirect(Director::baseURL().'admin/betriebe/Betrieb/EditForm/field/Betrieb/item/'.$betrieb->ID.'/edit');
}
}
}
I guess that's all for now, but I'm still trying to improve that code...
Thanks Nightjar for your help ;)