Related table permissions

5 views
Skip to first unread message

Paul Cipollone

unread,
Feb 14, 2021, 5:13:23 PMFeb 14
to Xataface
So based on docs and things I've been able to do thus far:
  • Enable a site-wide login page.
  • Create the user DB along with user ID's with defined permissions
  • Test these things (Read-only user can really just read-only, etc.)
  • Disabled the "Forgot Password" link in the sign-on page.
  • Removed the edit profile/change password link while in operation.
So...all is well, except for one lagging issue, which is what brought me down this rabbit-hole to start with. I have
a table (let's call it "Users"), with a related-record for sales people ("Sales"). Sales table is simple....a name, name
of the user that sales-rep represents, and a percentage value for commission. 

Ideally, we want everyone except admins to be able to edit/delete/add new sales reps. We want everyone to be able
to SEE the sales rep, but nothing else. Have a simple ApplicationDelegate for sitewide:

<?php
class conf_ApplicationDelegate {
   /**
    * Returns permissions array.  This method is called every time an action is  
    * performed to make sure that the user has permission to perform the action.
    * @param record A Dataface_Record object (may be null) against which we check
    *               permissions.
    * @see Dataface_PermissionsTool
    * @see Dataface_AuthenticationTool
    */
    function getPermissions(&$record){
        $auth =& Dataface_AuthenticationTool::getInstance();
        $user =& $auth->getLoggedInUser();
        if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
            // if the user is null then nobody is logged in... no access.
            // This will force a login prompt.
        $role = $user->val('Role');
        return Dataface_PermissionsTool::getRolePermissions($role);
            // Returns all of the permissions for the user's current role.
    }
}
?>

...a simple Users table:

|      1 | User  | User  | DELETE    |
|      2 | Admin | Admin | ADMIN     |
|      3 | RO    | RO    | READ ONLY |

...which functions correctly. Note that we want all the users to be able to edit/add to all other
tables, EXCEPT ONE.  No matter what I put in the permissions.ini file for that particular table, nothing takes
effect. If i log in as read-only I can't, but then again...I can't for ANY table at that point. Tried the obvious:

[User]
    view=1
    edit=0
    delete=0
[Admin]
    view=1
    edit=1
    delete=1

No luck. Trying to put the examples in the related-tables .PHP file (from here:  http://xataface.com/wiki/permissions.ini_file), 
has no effect either.

Would LOVE some advice on this...very close to having this exactly as needed, except for this one issue.

Steve Hannah

unread,
Feb 14, 2021, 5:17:24 PMFeb 14
to xata...@googlegroups.com
The permissions.ini file is only in the app root.  Not in individual tables.  

--
You received this message because you are subscribed to the Google Groups "Xataface" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xataface+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/xataface/c6d09d17-ee7d-41e7-bf18-bbff2ea3ee75o%40googlegroups.com.
--
Steve Hannah
Web Lite Solutions Corp.
Reply all
Reply to author
Forward
0 new messages