Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

canView() permision Issue » Data Model Questions

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Data Model Questions /

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

canView() permision Issue

Go to End


4 Posts   1534 Views

Avatar
zenmonkey

Community Member, 545 Posts

9 July 2013 at 3:50am

I have a DataObject that needs specific permisions for a certain group. I'd like that group to be able to vew the object but not edit or create.

I've set the following permissions on the DataObject itself 

function canView($member = null) {
        if(!$member) $member = Member::currentUser();
		return $member->inGroups(array('administrators', "print-ads"));
    }
    
	function canEdit($member = false) {
		if(!$member) $member = Member::currentUser();
		return $member->inGroup('administrators');
	}
	
	function canCreate($member = false) {
		if(!$member) $member = Member::currentUser();
		return $member->inGroup('administrators');
	}

When logged is as a user in print-ads group I get the ModelAdmin for the object. The gridfield displays the object and the add button. The odd thing is the print-ad group can add a DataObject with the button (which it shouldn't) and it is unable to click on individual dataobjects in the gridfield to view teh details.

Avatar
cumquat

Community Member, 201 Posts

10 July 2013 at 7:56pm

Hi Zenmonkey,

I have started to use the 'implements PermissionProvider' method for dealing with permissions, then it's just a case of ticking the required boxes in the security group permissions page. example below, hope this helps.

 class Project extends DataObject  implements PermissionProvider {
   
  public static $db = array(
      'Name' => 'Varchar(100)',
      'DueDate' => 'Date',
      'ProposedBeta' => 'Date',
      'Notes' => 'Text'
			
  );
  public static $has_many =array (
	);
  public static $default_sort = "ID";
  public static $searchable_fields = array(
  );
  public static $summary_fields = array(
    'ID' => 'ID',
		'Name' => 'Name'
	);
	function getCMSFields() { 
		$fields = parent::getCMSFields();
		return $fields; 
	}
	public function providePermissions() {
    return array(
      'PROJECT_VIEW' => 'Read a project object',
      'PROJECT_EDIT' => 'Edit a project object',
      'PROJECT_DELETE' => 'Delete a project object',
      'PROJECT_CREATE' => 'Create a project object',
      'PROJECT_VIEWEXT' => 'Read a projects extended info',
    );
  }
	function SuperDuper($Member = null) {
    	return Permission::check('PROJECT_VIEWEXT');
	}
	function viewproject($Member = null) {
      return Permission::check('PROJECT_VIEW');
  }
  
}

Avatar
zenmonkey

Community Member, 545 Posts

11 July 2013 at 3:05am

I'll give it a try. I find the documention on that section isn't great and I was having a hard time wraping my head arround it

Avatar
cumquat

Community Member, 201 Posts

11 July 2013 at 3:13am

I know what you mean, it was a real eureka moment for me when I finally got it. The main thing is the implementation of the permission provider, then you create the permission types, and finally you create functions for those created permissions then you can use

<% if yourpermissiontype %>
Do/show something
<% end_if %>

In your templates.

Good luck.

Mick

Go to Top
Go to TopReturn to top