Hi !
I would like to know some information about user permissions.
Suppose there are three user in my joomla CMS.
1, User John (Can fill a form, View, add, edit and delete his own records, but can not view or add, edit and delete Peter's Records.)
2, User Peter (Can fill a form, View, add, edit and delete his own records, but can not view or add, edit and delete John's Records.)
3, User Boss (Can fill a form, view, add, edit and delete his and all other users records)
How can I incorporate these setting to my choronoconnectivity?
Regards
CS
I would like to know some information about user permissions.
Suppose there are three user in my joomla CMS.
1, User John (Can fill a form, View, add, edit and delete his own records, but can not view or add, edit and delete Peter's Records.)
2, User Peter (Can fill a form, View, add, edit and delete his own records, but can not view or add, edit and delete John's Records.)
3, User Boss (Can fill a form, view, add, edit and delete his and all other users records)
How can I incorporate these setting to my choronoconnectivity?
Regards
CS
Hi CS,
build these rules in PHP and control the {edit_record} and {new_record} and {delete_record} in the body with few if statements๐
Regards
Max
build these rules in PHP and control the {edit_record} and {new_record} and {delete_record} in the body with few if statements๐
Regards
Max
OMG !
That would be too much coding ๐
That would be too much coding ๐
No, assuming the table has field called user_id so you can do it this way :
in this case, the $user->id is the logged in user's id, so this will show the edit link to the current record to the current logged in user only if he has the same id as the record!
adding the admin part will be alittle more piece of code!
Regards
Max
<?php if($row->user_id == $user->id){ ?>{edit_record} <?php } ?>in this case, the $user->id is the logged in user's id, so this will show the edit link to the current record to the current logged in user only if he has the same id as the record!
adding the admin part will be alittle more piece of code!
Regards
Max
Thanks a million MAX,
I'll look into this code and also the admin part tonite and will reply back with the result tomorrow.
:)
I'll look into this code and also the admin part tonite and will reply back with the result tomorrow.
:)
Hi,
you can look at the jos_core_acl_aro_groups table to see the group ids and then use $user->gid to get the current logged in user group id:
this iwll make sure that super admins only see the edit link!๐
Regards
Max
you can look at the jos_core_acl_aro_groups table to see the group ids and then use $user->gid to get the current logged in user group id:
<?php if($user->gid == 25){ ?>{edit_record} <?php } ?>this iwll make sure that super admins only see the edit link!๐
Regards
Max
Hi !
Thanks for the code MAX, just as i want.
Unfortunately, while using php logical operator "OR" (||) to allow publishers user group able to see the edit link. Its not working.
I am not good in php coding too ๐ถ
Thanks for the code MAX, just as i want.
Unfortunately, while using php logical operator "OR" (||) to allow publishers user group able to see the edit link. Its not working.
I am not good in php coding too ๐ถ
<?php if($user->gid == 25 || gid == 21){ ?>{edit_record} <?php } ?>
Hi CS,
your PHP syntax is wrong, you need to keep checking php.net or get an ebook for PHP at this point, it should be :
your PHP syntax is wrong, you need to keep checking php.net or get an ebook for PHP at this point, it should be :
($user->gid == 25) ||($user-> gid == 21)
Hi,
I did tried this code but its giving me error <?php if($user->gid == 25) ||($user-> gid == 21){ ?>{edit_record} <?php } ?>
Parse error: syntax error, unexpected T_BOOLEAN_OR in /home/giantino/public_html/mk/components/com_chronoconnectivity/chronoconnectivity.html.php(176) : eval()'d code on line 199
I tried code from http://www.w3schools.com/PHP/php_operators.asp
changed its a little bit to
this is working for super adminstrators but not for publishers.
I did tried this code but its giving me error <?php if($user->gid == 25) ||($user-> gid == 21){ ?>{edit_record} <?php } ?>
Parse error: syntax error, unexpected T_BOOLEAN_OR in /home/giantino/public_html/mk/components/com_chronoconnectivity/chronoconnectivity.html.php(176) : eval()'d code on line 199
I tried code from http://www.w3schools.com/PHP/php_operators.asp
changed its a little bit to
<?php if($user->gid == 25 || gid == 21){ ?>{edit_record} <?php } ?>this is working for super adminstrators but not for publishers.
Hi codeslayer,
Just odd typolets in there 'gid' isn't anything it needs to be $user->gid
Bob
Just odd typolets in there 'gid' isn't anything it needs to be $user->gid
<?php if ( ($user->gid == 25) || ($user->gid == 21) ) { ?>{edit_record} <?php } ?>Bob
Thanks Bob,
My mistake, I am trying to execute the code in the header section of chronoconectivity, for testing purpose.
its working in body section perfectly.
Now, I am going further more to give "EDIT" permission to the user who actually submitted the form, beside "publisher" and "super administrator" groups.
Is there anything wrong in the above code ? its not giving any errors while executing but also its not showing "Edit" link on the only records that the user has submitted.
Any ideas, please ?
My mistake, I am trying to execute the code in the header section of chronoconectivity, for testing purpose.
its working in body section perfectly.
Now, I am going further more to give "EDIT" permission to the user who actually submitted the form, beside "publisher" and "super administrator" groups.
<?php
$loggeduser='{cf_user_id}';
if(($row->user_id==$loggeduser)||($user->gid==21)||($user->gid==25)){ ?>
{edit_record}
<?php
}?>
Is there anything wrong in the above code ? its not giving any errors while executing but also its not showing "Edit" link on the only records that the user has submitted.
Any ideas, please ?
Hi codeslayer,
Looks OK but a better test might be: $user->id == $row->user_id
If it's not working then echo out the values of the variables to check what the tests are comparing.
Bob
Looks OK but a better test might be: $user->id == $row->user_id
If it's not working then echo out the values of the variables to check what the tests are comparing.
Bob
Unfortunatly, its not working either.
Its not printing the results of these to variables.
and
I have tried this too. Even this one is not working.
Any idea or any other way I could achieve the goal?
Its not printing the results of these to variables.
{cf_user_id}and
<?php $loggeduser =& JFactory::getUser();
echo '<h1>Your User ID is ' . $loggeduser->get('id') . '</h1>'; ?>
<?php
if(('{cf_user_id}' == $row->user_id)||($user->gid==21)||($user->gid==25)){ ?>
{edit_record}
<?php
I have tried this too. Even this one is not working.
Any idea or any other way I could achieve the goal?
Hi CS,
sorry but what are you expecting to get with {cf_user_id} ?? and this piece of code is not logical for me:
what are you trying to test here ? there is something wrong in this code!
Regards
Max
sorry but what are you expecting to get with {cf_user_id} ?? and this piece of code is not logical for me:
('{cf_user_id}' == $row->user_id)what are you trying to test here ? there is something wrong in this code!
Regards
Max
HI Max,
It worked for me. As I need to give access to the user "A" who submitted the form, also able to edit his submitted record, while other user "B" from same group may not able to edit User "A" record.
As you know "cf_user_id" is created by default while creating table from Form Management in ChronoForms.
It stores, as it says, the user ID of the one, who submitted that particular form entry.
The actual code worked for me is:
HEADER
The problem has been solved !
Thanks to you and Bob, for your time and superb support. ๐
Best regards
CS
It worked for me. As I need to give access to the user "A" who submitted the form, also able to edit his submitted record, while other user "B" from same group may not able to edit User "A" record.
As you know "cf_user_id" is created by default while creating table from Form Management in ChronoForms.
It stores, as it says, the user ID of the one, who submitted that particular form entry.
The actual code worked for me is:
HEADER
<?php
$loggeduser = & JFactory::getUser();
echo $loggeduser->id;
?><?php
if(($row->cf_user_id==$loggeduser->id)||($user->gid==21)||($user->gid==25)){ ?>
{edit_record}
<?php
}?>The problem has been solved !
Thanks to you and Bob, for your time and superb support. ๐
Best regards
CS
Hi codeslayer,
Max is correct in that the {cf_user_id} in curly brackets won't work as this isn't a form field. They way you have it as $row->cf_user_id to take the value from the database table is fine.
Glad you've got it resolved.
Bob
Max is correct in that the {cf_user_id} in curly brackets won't work as this isn't a form field. They way you have it as $row->cf_user_id to take the value from the database table is fine.
Glad you've got it resolved.
Bob
Hi Guys,
Thanks for all the great info on these forums,
it is making chronoforms and connectivity great to work with.....
I need to ask a question regarding this thread......
I have all read/write/edit/delete permissions set to editor so registered users have no access rights.
I would like to have certain records available for some registered users.
Is there a way to implement a drop down multi-select of all website registered users in the header or body code,
So when a particular registered user is selected in the form, they can access and edit (not delete) the record?
Thanks everyone for your help,
Michael
Thanks for all the great info on these forums,
it is making chronoforms and connectivity great to work with.....
I need to ask a question regarding this thread......
I have all read/write/edit/delete permissions set to editor so registered users have no access rights.
I would like to have certain records available for some registered users.
Is there a way to implement a drop down multi-select of all website registered users in the header or body code,
So when a particular registered user is selected in the form, they can access and edit (not delete) the record?
Thanks everyone for your help,
Michael
Hi Michael,
I have a partial answer for you.
You can identify logged in users OK with this code in the header
What I'm not sure of is whether you want to control at the user level or the group level; or if yoiu can set access here as opposed to filters in the the extension parameters.
Bob
I have a partial answer for you.
You can identify logged in users OK with this code in the header
<?php
$user =& JFactory::getUser();
$user->id . . .// gets the user id
$user->gid . . . // gets the user group
. . .
?>What I'm not sure of is whether you want to control at the user level or the group level; or if yoiu can set access here as opposed to filters in the the extension parameters.
Bob
Hi Michael,
you want those special users be able to read or write or edit or delete ??
Max
you want those special users be able to read or write or edit or delete ??
Max
Hi Bob and Max,
Thanks for your replies,
Form - Registered Users Dropdown Multiple Selection Access Rights
Yes, I would like the selected registered users to be able to read / edit / but NOT DELETE
the particular record they have been given access too.
Situation: All in house staff will be given default author permissions for forms and DB ( full access rights ).
Website will register users manually, no registration forms etc.
In house staff need to give certain registered users access to particular files.
When a registered user has access they need to be able to read / edit but not delete the DB file.
Also registered user does not see or have access to the Registered Users Dropdown Multiple Selection Access Rights.
I guess it would be similar to what is found in DOCMAN. Where you can assign individual users access rights to documents.
Hope I made sense, please let me know if I need to clarify,
Thank you for your time,
Michael
Thanks for your replies,
Form - Registered Users Dropdown Multiple Selection Access Rights
Yes, I would like the selected registered users to be able to read / edit / but NOT DELETE
the particular record they have been given access too.
Situation: All in house staff will be given default author permissions for forms and DB ( full access rights ).
Website will register users manually, no registration forms etc.
In house staff need to give certain registered users access to particular files.
When a registered user has access they need to be able to read / edit but not delete the DB file.
Also registered user does not see or have access to the Registered Users Dropdown Multiple Selection Access Rights.
I guess it would be similar to what is found in DOCMAN. Where you can assign individual users access rights to documents.
Hope I made sense, please let me know if I need to clarify,
Thank you for your time,
Michael
Hi Michael,
the easy answer to this is to switch the {edit_record} and the body area code with PHP to show either the edit link or the body of the connection!
Cheers
Max
the easy answer to this is to switch the {edit_record} and the body area code with PHP to show either the edit link or the body of the connection!
Cheers
Max
Im trying to set up the edit link to the Chronoconnectivity but when I allow all Registered users to be as Editors group in frontend, then any registered user can in frontend edit all the records, even those the other users made.
I tried to implement this code into the body section but nothing changed:
It still shows the "Edit record" link for all records no matter which registred user is logged in.
Do you know where is the problem?
I tried to implement this code into the body section but nothing changed:
<?php if($row->cf_user_id == $user->id){ ?>{edit_record} <?php } ?>It still shows the "Edit record" link for all records no matter which registred user is logged in.
Do you know where is the problem?
Hi medaacek,
You may need to add $user =& JFactory::getUser(); to access the user object?
Bob
You may need to add $user =& JFactory::getUser(); to access the user object?
Bob
Hi medaacek,
I think that the code you put (<?php if($row->cf_user_id == $user->id){ ?>{edit_record} <?php } ?>) cannot work because the sequence "if" does not work if it is broken into two parts (by closing and then reopening the call to the php).
Unfortunately, the mambot {edit_record} does not work inside the php code (as do work the fields marked with {}).
I found a trick that works, but I still have a little problem.
My need is this:
1 - I want that the general public only see the list of records without the ability to edit them.
2 - I want that the user actually logged-in can see all the records but can edit only the records created personally by him .
To achieve this I did the following:
In "Body":
At the top: <? global $ my; ?>
At the point where I want to see the link for the edition:
<?
if ($ myRow->uid == $ my->id) {
echo "<a href=http://www.my_site.org/index.php?option=com_chronoconnectivity&connectionname=my_chronoconnectivity&task=editrecord&cids=$MyRow->id&Itemid=my_cf_number>Edit Record</a> " ;
}?>
- uid is the id number of the user who created the record
- My->id is the id number of the currently logged
- put the name of your site instead of http://www.my_site.org
- put the name of your chronoconnectivity instead of my_chronoconnectivity
- put the number of the chronoform for creating/editing your table instead of my_cf_number
The code checks whether the actually loged-in is the same person who created the record (the two id coincide) and then show the link for the edition only to records that were created by the user currently logged.
The problem I have is this:
If I first use the normal system of the mambot {edit_record} and then change to the code above, it works fine. If I logout and login again then it gives me this error when I click on the link to edit the record: "You are not authorized to view this page, Row Edit Error". I saw that this text comes from file http://www.my_site.org / components / com_chronoconnectivity / libraries / connection.php).
Does anyone know how can I fix this?
Trick used by now:
I saw that if the mambot {edit_record} is present in "Body", the link created with my code works perfectly.
Then I put {edit_record} after any field and I put a blank space in "Edit Link Code", using "ย ".
Thus, finally, each logged-in user sees only the edit link in records created by him, the link works fine, and you do not see the link created by th mambot {edit_link}.
The trick works. Only if the logged-in user hover over the white space, the mose pointer is converted in the picture of the typical hand and if he clicks on it he can also edit the records than were not created by him.
So if anyone knows how to solve the problem in a "more elegant" sway, I would appreciate the information.
Thank you,
Gonzalo
I think that the code you put (<?php if($row->cf_user_id == $user->id){ ?>{edit_record} <?php } ?>) cannot work because the sequence "if" does not work if it is broken into two parts (by closing and then reopening the call to the php).
Unfortunately, the mambot {edit_record} does not work inside the php code (as do work the fields marked with {}).
I found a trick that works, but I still have a little problem.
My need is this:
1 - I want that the general public only see the list of records without the ability to edit them.
2 - I want that the user actually logged-in can see all the records but can edit only the records created personally by him .
To achieve this I did the following:
In "Body":
At the top: <? global $ my; ?>
At the point where I want to see the link for the edition:
<?
if ($ myRow->uid == $ my->id) {
echo "<a href=http://www.my_site.org/index.php?option=com_chronoconnectivity&connectionname=my_chronoconnectivity&task=editrecord&cids=$MyRow->id&Itemid=my_cf_number>Edit Record</a> " ;
}?>
- uid is the id number of the user who created the record
- My->id is the id number of the currently logged
- put the name of your site instead of http://www.my_site.org
- put the name of your chronoconnectivity instead of my_chronoconnectivity
- put the number of the chronoform for creating/editing your table instead of my_cf_number
The code checks whether the actually loged-in is the same person who created the record (the two id coincide) and then show the link for the edition only to records that were created by the user currently logged.
The problem I have is this:
If I first use the normal system of the mambot {edit_record} and then change to the code above, it works fine. If I logout and login again then it gives me this error when I click on the link to edit the record: "You are not authorized to view this page, Row Edit Error". I saw that this text comes from file http://www.my_site.org / components / com_chronoconnectivity / libraries / connection.php).
Does anyone know how can I fix this?
Trick used by now:
I saw that if the mambot {edit_record} is present in "Body", the link created with my code works perfectly.
Then I put {edit_record} after any field and I put a blank space in "Edit Link Code", using "ย ".
Thus, finally, each logged-in user sees only the edit link in records created by him, the link works fine, and you do not see the link created by th mambot {edit_link}.
The trick works. Only if the logged-in user hover over the white space, the mose pointer is converted in the picture of the typical hand and if he clicks on it he can also edit the records than were not created by him.
So if anyone knows how to solve the problem in a "more elegant" sway, I would appreciate the information.
Thank you,
Gonzalo
Im trying to set up the edit link to the Chronoconnectivity but when I allow all Registered users to be as Editors group in frontend, then any registered user can in frontend edit all the records, even those the other users made.
I tried to implement this code into the body section but nothing changed:
<?php if($row->cf_user_id == $user->id){ ?>{edit_record} <?php } ?>It still shows the "Edit record" link for all records no matter which registred user is logged in.
Do you know where is the problem?
Hi medaacek,
You may need to add $user =& JFactory::getUser(); to access the user object?
Bob
Hello all,
I also tried to implement this function.
hereafter my code included in Body :
<?php
$user = & JFactory::getUser();
echo $user->id;
if($user->id==$row->cf_user_id){ ?>
{edit_record}
<?php
}?>My problem is I don't have anything... when I tried to print $row->cf_user_id in my php code (echo $row->cf_user_id;) , I don't see anything. I guess the problem is linked to the variable $row which don't contain anything but how can I solve this ?
Hi Yann63,
I think that the main problem is that Max changed the code in the later ChronoConnectivity release. There were problems using $row as it was often used by other Joomla extensions so he switched to $MyRow. Try:
Bob
I think that the main problem is that Max changed the code in the later ChronoConnectivity release. There were problems using $row as it was often used by other Joomla extensions so he switched to $MyRow. Try:
<?php
$user = & JFactory::getUser();
if ( $user->id == $MyRow->cf_user_id ) {
?>
{edit_record}
<?php
}
?>Bob
This topic is locked and no more replies can be posted.
