3060 Posts in 864 Topics by 646 members
| Go to End | Next > | |
| Author | Topic: | 3584 Views |
-
ModelAdmin & Security - Users Can View But Not Edit
25 March 2009 at 7:41am
Hello,
I created a SS security group which has access to my model admin. The user who I put in this group can login to the admin interface and view model admin entries but cannot edit them or create new ones. How do I give read/write access to a model admin without giving full admin access?
Thank you,
Ben -
Re: ModelAdmin & Security - Users Can View But Not Edit
29 March 2009 at 2:46pm
You need to overwrite the canEdit() and canDelete() methods on your DataObject subclass - they default to checking for ADMIN permissions.
-
Re: ModelAdmin & Security - Users Can View But Not Edit
24 June 2010 at 8:14am
Where do I find the file to edit this?
-
Re: ModelAdmin & Security - Users Can View But Not Edit
24 June 2010 at 9:33am Last edited: 24 June 2010 9:59am
The file is the php you created with the DataObject class that is managed by ModelAdmin. e.g.
/* MyItem.php */
class MyItem extends DataObject{...
function canCreate($member){
if (Permission::check('ADMIN')) return true;
}
}That would allow only Admins to create a MyItem object, you can do the same for canEdit() canDelete() & canView()
You could also add a new permission and use that instead for more flexibility. e.g.
/* MyItemAdmin.php */
class MyItemAdmin_Controller extends ContentController implements PermissionProvider {...
function providePermissions(){
return array(
"CREATE_MYITEM" => "User Can Create a MyItem",
);
}
}
Then, the replace ADMIN in the previous example with CREATE_MYITEMYou can then add more permission codes for delete, edit, view and can even group them together as they appear on the permissions tab for the user's group in security - but that's another topic ;)
Rich
-
Re: ModelAdmin & Security - Users Can View But Not Edit
24 June 2010 at 10:36am
Thank you for the response. I will send this link to my programmer. I am always looking out for new things to do with SS. Been watching some videos and learning about the modeladmin - don't get it yet.
-
Re: ModelAdmin & Security - Users Can View But Not Edit
18 January 2011 at 12:45am Last edited: 18 January 2011 12:46am
A more extended option (*NYT* stands for Not Yet Translated):
public function providePermissions() {
return(array(
'CREATE_NEWS' => array(
'name' => _t($this->class . '.CREATE_NEWS', 'User can create Newsitems *NYT*'),
'category' => _t($this->class . '.NEWS_PERMISSIONS_CATEGORY', 'News permission *NYT*'),
'help' => _t($this->class . '.CREATE_NEWS_HELP', 'User can create Newsitems *NYT*'),
'sort' => 0,
),
'EDIT_NEWS' => array(
'name' => _t($this->class . '.EDIT_NEWS', 'User can edit Newsitems *NYT*'),
'category' => _t($this->class . '.NEWS_PERMISSIONS_CATEGORY', 'News permission *NYT*'),
'help' => _t($this->class . '.EDIT_NEWS_HELP', 'User can edit Newsitems *NYT*'),
'sort' => 1,
),
'DELETE_NEWS' => array(
'name' => _t($this->class . '.DELETE_NEWS', 'User can delete Newsitems *NYT*'),
'category' => _t($this->class . '.NEWS_PERMISSIONS_CATEGORY', 'News permission *NYT*'),
'help' => _t($this->class . '.DELETE_NEWS_HELP', 'User can delete Newsitems *NYT*'),
'sort' => 2,
),
));
} -
Re: ModelAdmin & Security - Users Can View But Not Edit
18 January 2011 at 1:34am
just a little extra info on the example in the previous post.
in the arrays for each permission, the 'category' is the group-title, and 'help' is the tooltip.
| 3584 Views | ||
| Go to Top | Next > |
