Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

Data Model Questions /

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

ModelAdmin & Security - Users Can View But Not Edit


Go to End


15 Posts   6325 Views

Avatar
mspacemedia

Community Member, 12 Posts

21 January 2011 at 5:23am

So, in theory I could use these classes to allow a registered member to add a single listing to a dataObject directory on the site by logging their member ID into that dataObject when they sign up. Then when they log back in I could check for their ID in the DO if it appears then they only get a canEdit(), canDelete() option?

If I wanted to allow them to upload something as long as they have paid - I guess I would need to create a separate field in their member details to state whether they had a paid subscription. If so, would the payments module be capable of populating that on return from the payment processor?

Look forward to hearing from you guys/girls on the possibility...

Avatar
Stefdv

Community Member, 110 Posts

16 March 2011 at 8:28am

Edited: 17/03/2011 12:39am

Sorry for bumping in ...

I have ( i think ) the same question.

I have a

 
Dog extends DataObject
static $has_one = array ('Breeder' => 'Breeder')
                                      

----
Breeder extends Member 

static $has_many = array('Dogs' =>'Dog');

When a Breeder logs in to ModelAdmin i want him to be allowed to edit his own Dogs, but not the others.

I think i need to do something with function CanEdit, but not sure how.

any idea ?
Never mind...Got it.

Avatar
moloko_man

Community Member, 72 Posts

28 May 2011 at 4:33am

Stefdv, how did you end up getting canEdit to work?

Avatar
swaiba

Forum Moderator, 1899 Posts

28 May 2011 at 6:20am

if it helps, this is how i do it...

function getCMSFields() {
	$fields = parent::getCMSFields();
	...
	$hasOneCTF = new HasOneComplexTableField($this,'HasOne','HasOne',null,null,'ID='.$this->HasOneID);
	$hasOneCTF->setPermissions(array('edit','show'));
	$hasOneCTF->Markable = false;
	$fields->addFieldToTab("Root.HasOne", $hasOneCTF);
	...
	return $fields;
}

Avatar
Stefdv

Community Member, 110 Posts

28 May 2011 at 7:27pm

Well, i'm not really sure how Swaiba does it. He helped me out a lot with all kind of things, but i just compare the current logged in breeder to the breeder of the current dog.


function canEdit()
	{
						  	if(!Permission::check('ADMIN'))
						  	{ 
         						if($this->BreederID == Member::currentUserID())
								{ return true; } 
      						} 
							else 
							{
		   						if(Permission::check('ADMIN'))
								{return true;} 
							}
	}

hope this helps.

Avatar
swaiba

Forum Moderator, 1899 Posts

28 May 2011 at 9:37pm

I think I missed the point on this one (I do that alot too!) the code I've got is for when there is a has_one on the form as a drop down, but instead I want to allow them to edit the information.

Avatar
SS_Learner

Community Member, 20 Posts

18 January 2013 at 6:16pm

Hi Totalnet

I have to added the permissions for my custom modules.I am trying to add more permission codes for delete, edit, view in a group in front of each module together to appear as checkboxes on the permissions tab for the user's group under security .So that depending on Edit/view/delete checkbox value i can add code into my module depending on what that group is allowed to do..
Hope you can help me with this..
Thanks

Go to Top