Member Access Permissions - assigned to a Category section editor.

7 posts by 3 authors in: Forums > CMS Builder
Last Post: June 8, 2020   (RSS)

By Mikey - June 4, 2020

Howdy folks,

I'm trying to assign set up an about us page that has "member type" access permissions. In the code below I have a "where" statement that looks for the permissions assigned to the current user, but this code throws an error. Anyone have any suggestions on how I can get this working?

  // load permissions
$paramsAboutRecords = array(
    'tableName'   => 'about_us',
	'categoryFormat' => 'showall',
	'where'       => '(access_permissions = "" OR access_permissions = "1")', // this is the default - we assume there is no logged in user, so show only public records.
);
if(@$CURRENT_USER['member_type'] == '2')
    { $paramsAboutRecords['where'] = '(access_permissions = "" OR access_permissions = "1" OR access_permissions = "2")'; }
if(@$CURRENT_USER['member_type'] == '3') 
    { $paramsAboutRecords['where'] = '(access_permissions = "" OR access_permissions = "1" OR access_permissions = "2" OR access_permissions = "3")'; }
if(@$CURRENT_USER['member_type'] == '4') 
    { $paramsAboutRecords['where'] = '(access_permissions = "" OR access_permissions = "1" OR access_permissions = "2" OR access_permissions = "3" OR access_permissions = "4")'; }
if(@$CURRENT_USER['member_type'] == '5') 
    { $paramsAboutRecords['where'] = '(access_permissions = "" OR access_permissions = "1" OR access_permissions = "5")'; }
if(@$CURRENT_USER['member_type'] == '6') 
    { $paramsAboutRecords['where'] = '(access_permissions = "" OR access_permissions = "1" OR access_permissions = "6")'; }
list($about_usNavRecords, $selectedCategory) = getCategories($paramsAboutRecords);
// end permissions

Thanks for any suggestions!

Zicky

By daniel - June 5, 2020

Hi Zicky,

I have a few questions to help narrow down the issue:

-What is the error being returned?
-By default, getCategories() does not support the "where" option - are you using a customized version of it?
-Can you add 'debugSql' => true to the $paramsAboutRecords array and let me know the output?

Thanks!

Daniel
Technical Lead
interactivetools.com

By Mikey - June 5, 2020 - edited: June 5, 2020

Hey Daniel,

No, this is not a customized version.

I added the debugSql => true to the paramsAboutRecords. Below is the output I get... but it never gets to the debugSql output part.

Category Viewer (about_us) errors
Unknown option 'where' specified
Valid option names are: (tableName, useSeoUrls, debugSql, selectedCategoryNum, categoryFormat, loadUploads, defaultCategory, rootCategoryNum, ulAttributes, ulAttributesCallback, liAttributesCallback, loadCreatedBy, ignoreHidden)

Zicky

By gkornbluth - June 6, 2020

Hi Zicky,

Don't know if this will help, but I've attached the code that I've used to restrict access in an organization. It references a list field in the accounts table with the various permission levels for each member.

There are also some recipes in the CMSB Cookbook http://www.thecmsbcookbook.com in the website membership plugin section that might give you some ideas.

Best,

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php
Attachments:

access.php 10K

By daniel - June 8, 2020

Hi Zicky,

Yes - I see now; since getCategories() doesn't support the 'where' option, the next best method would likely be to filter the results after they're returned. That could look something like this:

// load all category records
$paramsAboutRecords = array(
  'tableName'   => 'about_us',
  'categoryFormat' => 'showall',
);
list($about_usNavRecords, $selectedCategory) = getCategories($paramsAboutRecords);

// loop through records
foreach ($about_usNavRecords as $key => $record) {
  
  if (@$CURRENT_USER['member_type'] == '2') {
    
    if ($record['access_permission'] != '' && $record['access_permission'] != '1' && $record['access_permission'] != '2') {
      unset($about_usNavRecords[ $key ]);
    }
    
  }

  ...
  
}

You would need to add the remainder of the logic for the other member_types. The main difference in logic with this approach is that instead of "if the record does contain the correct access_permission: return it", this uses "if the record doesn't contain the correct access_permission: remove it"

Let me know if this helps - or if you have any other questions.

Thanks!

Daniel
Technical Lead
interactivetools.com

By gkornbluth - June 8, 2020

Hey Zicky,

Glad you got it sorted out. 

Thanks for posting your result.

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php