User Plugin
4 posts by 2 authors in: Forums > CMS Builder
Last Post: January 24, 2017 (RSS)
By nmsinc - January 23, 2017
I have a plugin that I need some help with. The object of the plugin is to give only users access to the file based on specific criteria within the file. If the criteria is not met, the request dies. Please see code below - I'm sure I missed something here!
Thanks - nmsinc
<?php
/*
Plugin Name: Access Control For Claim Submissions
Description: Checks to see if current user has access to current claim submission record.
Author: RBH
Version: 1.0
*/
addFilter('record_preedit','accessControlForClaimSubmission', null,3);
function accessControlForClaimSubmission( $tableName, $action, $record ){
global $CURRENT_USER;
if($tableName !='claims_submission'){return; }// only run on claims_submission table
if($action !='edit'){return; }// only run on edit
if($CURRENT_USER['member_company_accounts']== $record['member_company']
|| $CURRENT_USER['member_company_accounts']== $record['independent_company_name']
|| $CURRENT_USER['assigned_to']== $record['member_company']
|| $CURRENT_USER['assigned_to']== $record['independent_company_name']
|| $CURRENT_USER['isAdmin'])
{return; }
else
{
print "<br/>";
print ("ATTENTION ") ;
print $CURRENT_USER['fullname'];
die(" - You don't have ACCESS to this file!");
}
}
?>
By ross - January 24, 2017
Hi there.
I am not sure we'll be able to fully support a custom plugin like this in the forum so keep in mind that we may transition this into consulting.
For the time being, could you give me more detail about what's happening (or not happening) when the plugin runs.
Do you get errors? Does the wrong thing happening? Does nothing happen?
Basically, what happens and what you would rather happen instead.
Let me know.
Thanks!
Cheers,
Ross Fairbairn - Consulting
consulting@interactivetools.com
Hire me! Save time by getting our experts to help with your project.
Template changes, advanced features, full integration, whatever you
need. Whether you need one hour or fifty, get it done fast with
Priority Consulting: http://www.interactivetools.com/consulting/
By nmsinc - January 24, 2017
Hi Ross,
The idea is to prevent users from entering a record number in the URL within the CMS to a record that does not belong to the user or the company that the user works for.
If a user attempts to do so the plugin should simply report the access as not valid and die!
Nothing happens though. I'm not even sure that I have the correct hook - any help would be appreciated!
Thanks - - nmsinc
By ross - January 24, 2017
Hi there.
Got it. We'll need to move into consulting for this.
Could you email me via: consulting@interactivetools.com
Please include your FTP details and link to log into CMS Builder.
Thanks!
Cheers,
Ross Fairbairn - Consulting
consulting@interactivetools.com
Hire me! Save time by getting our experts to help with your project.
Template changes, advanced features, full integration, whatever you
need. Whether you need one hour or fifty, get it done fast with
Priority Consulting: http://www.interactivetools.com/consulting/