Jump to:

3459 Posts in 1064 Topics by 739 members

Data Model Questions

SilverStripe Forums » Data Model Questions » canView() permision Issue

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 402 Views
  • zenmonkey
    Avatar
    Community Member
    528 Posts

    canView() permision Issue Link to this post

    I have a DataObject that needs specific permisions for a certain group. I'd like that group to be able to vew the object but not edit or create.

    I've set the following permissions on the DataObject itself

    function canView($member = null) {
    if(!$member) $member = Member::currentUser();
          return $member->inGroups(array('administrators', "print-ads"));
    }

       function canEdit($member = false) {
          if(!$member) $member = Member::currentUser();
          return $member->inGroup('administrators');
       }
       
       function canCreate($member = false) {
          if(!$member) $member = Member::currentUser();
          return $member->inGroup('administrators');
       }

    When logged is as a user in print-ads group I get the ModelAdmin for the object. The gridfield displays the object and the add button. The odd thing is the print-ad group can add a DataObject with the button (which it shouldn't) and it is unable to click on individual dataobjects in the gridfield to view teh details.

  • cumquat
    Avatar
    Community Member
    197 Posts

    Re: canView() permision Issue Link to this post

    Hi Zenmonkey,

    I have started to use the 'implements PermissionProvider' method for dealing with permissions, then it's just a case of ticking the required boxes in the security group permissions page. example below, hope this helps.

    class Project extends DataObject implements PermissionProvider {

    public static $db = array(
    'Name' => 'Varchar(100)',
    'DueDate' => 'Date',
    'ProposedBeta' => 'Date',
    'Notes' => 'Text'
             
    );
    public static $has_many =array (
       );
    public static $default_sort = "ID";
    public static $searchable_fields = array(
    );
    public static $summary_fields = array(
    'ID' => 'ID',
          'Name' => 'Name'
       );
       function getCMSFields() {
          $fields = parent::getCMSFields();
          return $fields;
       }
       public function providePermissions() {
    return array(
    'PROJECT_VIEW' => 'Read a project object',
    'PROJECT_EDIT' => 'Edit a project object',
    'PROJECT_DELETE' => 'Delete a project object',
    'PROJECT_CREATE' => 'Create a project object',
    'PROJECT_VIEWEXT' => 'Read a projects extended info',
    );
    }
       function SuperDuper($Member = null) {
       return Permission::check('PROJECT_VIEWEXT');
       }
       function viewproject($Member = null) {
    return Permission::check('PROJECT_VIEW');
    }

    }

  • zenmonkey
    Avatar
    Community Member
    528 Posts

    Re: canView() permision Issue Link to this post

    I'll give it a try. I find the documention on that section isn't great and I was having a hard time wraping my head arround it

  • cumquat
    Avatar
    Community Member
    197 Posts

    Re: canView() permision Issue Link to this post

    I know what you mean, it was a real eureka moment for me when I finally got it. The main thing is the implementation of the permission provider, then you create the permission types, and finally you create functions for those created permissions then you can use

    <% if yourpermissiontype %>
    Do/show something
    <% end_if %>


    In your templates.

    Good luck.

    Mick

    402 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.