Jump to:

7939 Posts in 1472 Topics by 944 members

DataObjectManager Module

SilverStripe Forums » DataObjectManager Module » Restrict album view access by user?

Discuss the DataObjectManager module, and the related ImageGallery module.

Moderators: martimiz, UncleCheese, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 926 Views
  • redactuk
    Avatar
    Community Member
    115 Posts

    Restrict album view access by user? Link to this post

    I would like to create an image gallery, and in it create private albums for individual clients. So any one client would visit the gallery page and be prompted to login before seeing anything. When a client logs in, he/she will then ONLY be able to see an album/s that have specifically been assigned view permission for that client. Can anyone give me some suggestions as to how I might go about this?

    Note: From my initial investigation of user permissions it would seem you can only assign permissions by Group. If that's the case then I have no problem creation new group for each client, as there will only ever be a few clients/albums at one time.

    Any help/pointers appreciated

    Thanks

  • redactuk
    Avatar
    Community Member
    115 Posts

    Re: Restrict album view access by user? Link to this post

    Hi Uncle Cheese, could you spare a minute to comment on whether this is possible fairly easily or would it require extensive coding?

  • redactuk
    Avatar
    Community Member
    115 Posts

    Re: Restrict album view access by user? Link to this post

    or failing that let me know whether it might be considered a wish list item?

  • UncleCheese
    Avatar
    4085 Posts

    Re: Restrict album view access by user? Link to this post

    I don't think it would be too hard at all. Just subclass your ImageGalleryPage and ImageGalleryAlbum classses, and set the ImageGalleryPage subclass to have $albumClass = "YourAlbumClass";

    in the album subclass, add a has_one for Group, and create a canView() function to check the member's group against that of the album.

    and In the image gallery page controller subclasss, overload the album() function

    function album() {
    if( $this->CurrentAlbum()->canView() )
    return Security::permissionFailure($this, "Cannot access that album");
    return array();
    }

    Probably overload your Albums() method in the model, too, so you can hide ones that can't be viewed from the nav and so forth.. but the canView method might actually be enough, I'm not sure.

    926 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.