Breedlove: Silverstripe 3 - Unable to implement controller access security from CMS -

Tuesday 15 September 2015

Silverstripe 3 - Unable to implement controller access security from CMS -

good afternoon,

i'm still new silverstripe , i'm trying figure out simple tasks.

currently, i'm trying implement security restrictions page controller function created within dataobject , configured via cms.

however, whether or not grant user access view object, user sees anyhow.

see illustration below:

class mycomponent extends dataobject implements permissionprovider{   ///>... snippet not  total class ...    ///>@override   public function canview($member = null){        homecoming permission::check('component_view');   }//canview    /**    * \brief rest of permission functions follow same format above     * i.e: canedit, candelete, cancreate    */    ///>@override   function providepermissions(){       homecoming array(         'component_view' => 'can view component object',         'component_edit' => 'can edit component object',         'component_delete' => 'can delete component object',         'component_create' => 'can create component object',      );   }//providepermissions   }//class

okay, class above works great; can toggle permissions on|off within grouping user cms admin section.

here's problem at, see code below:

///>controller class snippet class my_controller extends page_controller{        public function listmycomponents(){           $components = mycomponent::get()->filter(array('status' => 'enable'));            ///>note: how can check see if user has access view component???           ///> i've tried, member::canview(member::currentuser()); doesn't work!             homecoming $components;       }//listmycomponents }//class  ///>ss template file snippet <% if listmycomponents %>    <% loop listmycomponents %>        $title    <% end_loop %> <% end_if %>

thanks assistance.

i've figured out. basically, can permission::check within controller well. see below code solution:

public function listmycomponents(){     $components = null;     if(permission::check('component_view')){        $components = mycomponent::get()->filter(array('status' => 'enable'));     }      homecoming $components; }//listmycomponents

thanks though, may have been researching solve this.

security controller content-management-system silverstripe

Breedlove

Tuesday 15 September 2015

Silverstripe 3 - Unable to implement controller access security from CMS -

No comments:

Post a Comment