New Module - User Permission Question

[dkittell]

Greetings,
I have written a new module based on the test module on the wiki. Following the detailed steps I was able to get this new module built fairly fast and easy. My only question is something that is eluding me at the moment and that would be how I can limit some of the functions based on user.

With the test module example you have add and delete buttons and then you have the view of the database rows.

What I'd like to do is based on user group or user is to remove the ability to add/delete buttons and the ability to only show records that that particular user has added in order to edit/delete

Based on what I see in the code the *.class.inc.php file in the classes folder would be the proper file to limit the viewing of the database records and it works when I put in hard coded data but I'm just missing the access level commands.

I'm sure it's something simple but again it's eluding me at the moment.

[WilmarVB]

Bear in mind that GO works in layers. These layers are reflected in the different files. The javascript/ExtJS files are for the GUI, which sends requests to json.php and action.php and receives responses from them. The php files usually use objects from classes in the module's 'classes' directory. The flow of information is, from database to end-user's GUI: mysql > database class > json.php/action.php > js files.

What I'd like to do is based on user group or user is to remove the ability to add/delete buttons

The easiest way, is javascript only. See the variable GO.settings for the write_permission setting, and use this to put the delete/add-buttons in an if-block. However, this is unsafe since this setting can be changed at client-side.

and the ability to only show records that that particular user has added in order to edit/delete

In a lot of GO database tables, there is the 'user_id' column, which points to the table go_users that records all your GO users. If you have such a user_id column in your table, you can do a mysql select query with the current user_id as a WHERE parameter. The current user's id can be accessed server-side with $GO_SECURITY->user_id, which is safely hidden away from the client. Including Group-Office.php in your script automatically creates $GO_SECURITY.

[dkittell]

Is there an easy way in the dialog and grid js files to look at the logged in userid?

On the dialog I want to be able to auto input their userid as well as the current datetime
On the grid I'd like to show only what the userid has setup

Thank you in advance for any help

[dkittell]

Read the WIKI a bit more and figured out what I was doing wrong as far as the userid but still having an issue with the current date time option.

I'll look again as it's likely to be in the wiki or in another module clearly defined.

[dkittell]

Is there a function or variable to get the logged in user group list?

I have changed a few things in my module that I'm working on to look for a group id to handle the permissions.

The purpose of this module is to allow authorized users to be able to add a person to a list to get a prepaid/free activation for a program that I wrote but I want to limit the amount of activations someone can set as well the program they can input a person for based on their group id.

For the most part I have it working on a hard set group id but would prefer to set it up so I can change that group id easier in the future.

My first thought is to do something like below (pseudo code)

Code: Select all

if $GO.GROUP_ID = 'All_Program_Access" then
    select program_id, program_name from ac_programs orderby program_name
end if

if $GO.GROUP_ID = 'Program_1" then
    select program_id, program_name from ac_programs where program_name = 'Program_1' orderby program_name
end if


I know I'm making this more complicated than it needs to be and it'd be simpler to simply copy the code and make a second module but I'd prefer to figure this one out.

Any assistance is appreciated and welcomed.

[dkittell]

I simplified things for now and made a copy of the module.

While the changes from the old way of creating modules are apparent and aggravating at the start it is proving to be a good change.

[Intermesh]

Why don't you use an acl like other modules do?

[dkittell]

I used basic acl but that doesn't help as the 2 users have the same functions it is just a different program to activate based on the login. Is there a function that will work from groups on the grid and dialog box?

[dkittell]

The basic idea is that I wanted to have one module that will work for two different programs and based on the group that I have a user in would give them the permission to add someone in for a specific program.

Example:
johndoe has permission for both programs. On the grid he would see both programs and when he adds someone he would get a pull down that offers both programs.
janedoe has permission for ProgramA. On the grid she would only see ProgramA and when she adds someone she would only see ProgramA in the pull down.

The functions that I knew in the old system don't appear to work the same or at all in this new system as it works with JavaScript functions as well now.

[lanbo]

I simplified things for now and made a copy of the module.

While the changes from the old way of creating modules are apparent and aggravating at the start it is proving to be a good change.

Is there a function that will work from groups on the grid and dialog box?