131
onokazu
Re: who's online
  • 2003/10/8 12:46

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


It won't get updated on every request so as not to overload the server.



132
onokazu
Re: Problem with Xoops memberlist in Opera
  • 2003/10/6 0:24

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


This has been fixed in XOOPS 2.0.5 RC



133
onokazu
Re: existing avator overwrire by user upload avator image
  • 2003/10/5 14:28

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


Do you mean that all other users' images are overwritten and deleted?



134
onokazu
Re: A bug in options display in polls
  • 2003/10/5 14:26

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


This has been now fixed on CVS.



135
onokazu
Re: CP System admin icon is gone
  • 2003/10/5 14:10

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


There were similart posts regarding this problem. Please search the forums.



136
onokazu
Re: How to save 10K on each Xoops page
  • 2003/9/26 14:29

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


All javascript codes are moved to include/xoops.js now on CVS, and will use <script src=... to load the file.



137
onokazu
Re: Adding the group permission feature to your module
  • 2003/9/23 16:56

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


Yes, members of the webmasters group have access to any area within your site, just like a root user.



138
onokazu
Re: Adding the group permission feature to your module
  • 2003/9/19 9:55

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


I've just noticed that the length of a permission name can not exceed 50 characters.



139
onokazu
Re: Adding the group permission feature to your module
  • 2003/9/19 9:46

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


The same doc can be found here at wiki.xoops.org



140
onokazu
Adding the group permission feature to your module
  • 2003/9/19 5:18

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


Adding the group permission feature to your module

Requirements

XOOPS 2.0.4

or

XOOPS 2.0.x plus the following files:
/class/xoopsform/grouppermform.php
/modules/system/admin/groupperm.php
/include/functions.php included in 2.0.4


Admin side

Adding Permissions

Some initial settings
include '../../../include/cp_header.php';
include_once 
XOOPS_ROOT_PATH.'/class/xoopsform/grouppermform.php';
$module_id $xoopsModule->getVar('mid');


A list of items that we will be setting permissions to.
In most cases, this should be retrieved from DB. We use a static array here just for exemplification.
$item_list = array('1' => 'Category 1''2' => 'Category 2''3' => 'Category 3');


The title of the group permission form
$title_of_form 'Permission form for my module';


The name of permission which should be unique within the module
$perm_name 'Category Permission';


A short description of this permission
$perm_desc 'Select categories that each group is allowed to view';


Create and display the form
$form = new XoopsGroupPermForm($title_of_form$module_id$perm_name$perm_desc);
foreach (
$item_list as $item_id => $item_name) {
    
$form->addItem($item_id$item_name);
}
echo 
$form->render();


This will then display a form like below:

Resized Image

Permission settings submitted via the form will be stored in DB automatically by /modules/system/admin/groupperm.php.


Deleting Permissions

One final thing you need to do: whenever you delete an item from your module (e.g. delete a category, delete a topic), you need to delete all group permissions for this item.

You can do so with this function call:

xoops_groupperm_deletebymoditem ($module_id, $perm_name, $item_id);

$module_id -- Module ID (required)
$perm_name -- Name of permission (optional)
$item_id -- ID of a deleted item (optional)



User Side

Suppose that a user requests the contents of a category via the HTTP GET method. The variable $_GET['category_id'] will be used to identify the requested category.

Specify the permission we are going to check for. This must be one of the permission names created on the admin side.
$perm_name 'Category Permission';


The unique id of an item to check permissions for.
$perm_itemid intval($_GET['category_id']);


Get group ids that the current user belongs to.
if ($xoopsUser) {
    
$groups $xoopsUser->getGroups();
} else {
    
$groups XOOPS_GROUP_ANONYMOUS;
}


Get the current module ID.
$module_id $xoopsModule->getVar('mid');


Get the group permission handler.
$gperm_handler =& xoops_gethandler('groupperm');


Now check if the current user has access to the category by calling the checkRight() method of the handler class.
if ($gperm_handler->checkRight($perm_name$perm_itemid$groups$module_id)) {

    
// allowed, so display contents within the category

} else {

    
// not allowed, display an error message or redirect to another page

}




Advanced Topic

If the items that need to check permissions for have a parent-child tree structure, a parent ID for each of the items must be supplied as the 3rd parameter of the XoopsGroupForm::addItem() method.
By doing so the XoopsGroupForm class will generate a form with each items displayed in a tree view. It also ensures that a permission to an item is not added without giving the same permission to all of the parent items for that item.

Suppose that our categories have the following tree structure:

Category 1 (ID: 1)
--- Category 2 (ID: 2)
------ Category 3 (ID: 3)
------ Category 4 (ID: 4)
--------- Category 6 (ID: 6)
--- Category 5 (ID: 5)
------ Category 8 (ID: 8)
Category 7 (ID: 7)
--- Category 9 (ID: 9)
------ Category 14 (ID: 14)
Category 10 (ID: 10)
--- Category 11 (ID: 11)
--- Category 13 (ID: 13)
Category 12 (ID: 12)

The category structure above can be represented with an array as below:
$categories[1] = array('name' => 'Category 1''parent' => 0);
$categories[2] = array('name' => 'Category 2''parent' => 1);
$categories[3] = array('name' => 'Category 3''parent' => 2);
$categories[4] = array('name' => 'Category 4''parent' => 2);
$categories[5] = array('name' => 'Category 5''parent' => 1);
$categories[6] = array('name' => 'Category 6''parent' => 4);
$categories[7] = array('name' => 'Category 7''parent' => 0);
$categories[8] = array('name' => 'Category 8''parent' => 5);
$categories[9] = array('name' => 'Category 9''parent' => 7);
$categories[10] = array('name' => 'Category 10''parent' => 0);
$categories[11] = array('name' => 'Category 11''parent' => 10);
$categories[12] = array('name' => 'Category 12''parent' => 0);
$categories[13] = array('name' => 'Category 13''parent' => 10);
$categories[14] = array('name' => 'Category 14''parent' => 9);


When we add an item entry to the group permission form, we must supply its parent ID as the 3rd parameter
foreach ($categories as $cat_id => $cat_data)
{
    
$form->addItem($cat_id$cat_data['name'], $cat_data['parent']);
}


This will then generate a form like below:

Resized Image

When the form is submitted, the submitted data will be validated so that a permission to an item is not granted without giving the same permission to all the parent items of that item. The validation is done in both the client side (javascript) and the server side (php). Therefore on the user side of the module, there is no need to check permission for all the parent items of a requested item, but only for that requested item.





TopTop
« 1 ... 11 12 13 (14) 15 16 17 ... 22 »



Login

Who's Online

141 user(s) are online (77 user(s) are browsing Support Forums)


Members: 0


Guests: 141


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits