News:

Wondering if this will always be free?  See why free is better.

Main Menu

Apply permissions to custom actions

Started by Elijah Bliss, October 31, 2004, 05:32:54 PM

Previous topic - Next topic

Elijah Bliss

I am not sure if this is possible, but is it possible to apply permissions to custom actions?

Saying for example I only want a certain membergroup to access the chatroom, arcade, (a particular mod) etc. would that be difficult to accomplish?

[Unknown]

#1
Sources/ManagePermissions.php... look for:

function setPermissionLevel($level, $group, $board = 'null')

Inside you'll see a series of arrays.  Let's say we're adding an arcade_play permission:

Find:
// Standard - ie. members.  They can do anything Restrictive can.
$groupLevels['global']['standard'] = array_merge($groupLevels['global']['restrict'], array(


Add after:

'arcade_play',


This adds said permission to the "standard" set.  You can put it in any of the sets, just remember that they inherit downward.  It's a little more complicated for board permissions, but nearly the same.

Next, we're going to look under:

function loadAllPermissions()

Find:
$permissionList = array(
'membergroup' => array(
'general' => array(


Add after:
'arcade_play' => false,

This adds it to the "advanced" view of permissions, which makes it a lot easier to turn on/off/deny.

Now, in your arcade script, just do the following: (this will give them an error if they cannot 'arcade_view' ;).)

isAllowedTo('arcade_play');

You could also do something like:

if (allowedTo('arcade_play'))
echo 'Hi!!';


Notice the very crucial difference in function names.  Last, we want to add entries to the language file... Modifications.english.php:

$txt['cannot_arcade_play'] = 'Sorry, you\'re not allowed to play games in the arcade.';
$txt['permissionname_arcade_play'] = 'Play games in the arcade';
$txt['permissionhelp_arcade_play'] = 'This permission allows people to play games in the arcade.  Without it, they won't even be able to view games at all.';


Another good idea, when making a mod, is to insert the default permissions... for that, you might:

INSERT INTO {$db_prefix}permissions
(permission, ID_GROUP)
SELECT 'arcade_play', ID_GROUP
FROM {$db_prefix}membergroups
WHERE ID_GROUP != 3;

INSERT INTO {$db_prefix}permissions
(permission, ID_GROUP)
VALUES ('arcade_play', 0),
('arcade_play', -1);


Again, it's more complex for board permissions, but that's the general idea.

That's a sorta brief tutorial, but it's all you need to do.  I don't suppose you could tell me what you think?

-[Unknown]

Elijah Bliss

Quote from: [Unknown] on November 02, 2004, 12:31:30 AM
I don't suppose you could tell me what you think?

-[Unknown]

I think you ROCK dude.

This is this tutorial is the best one yet, followed by "smf custom actions" and "custom profile fields." Everything works perfectly. I don't plan on adding any other mods to the permissions systems, but I personally felt that the Arcade mod needed some form governing. I am continuously amazed on how easily SMF can be customized and tailored. It's a wrap for other forum software.

Elijah Bliss

One last question, I want to place a button to the arcade on the index template, and I'd prefer that it's visible to only those who are allowed to play the games.

I know for admin only access it would be ['is_admin'] but what would the variable be for member groups, ['is_allowed']?

[Unknown]

Well, that's specially filled in the source files to simplify things...

You probably want to just call the function there too, like:

if (allowedTo('arcade_play'))

SMF was made to be simple to tailor, that's the entire point ;)!

-[Unknown]

Elijah Bliss

Quote from: [Unknown] on November 02, 2004, 11:44:24 PM
Well, that's specially filled in the source files to simplify things...

You probably want to just call the function there too, like:

if (allowedTo('arcade_play'))

SMF was made to be simple to tailor, that's the entire point ;)!

-[Unknown]

That worked, thanks!

Søren Bjerg

Quote from: [Unknown] on November 02, 2004, 12:31:30 AM[...]

Wow... this is great, and will certainly help me use the permissions system in a system I'm developing on my site flexibly; no need to hardcode a membergroup's ID in the code now :D.
RUNE HORDES dot INFO - SMF 1.1.10 w/ Custom Profile Mod... and various permissions hooks and template changes (new topic form).

anunlike

Hi.

I'm trying to do something like this as well. I've done everything said here, but I think I still need to make it apply specifically to the membergroup I'm setting this up for. So, where would I put the last step?:

INSERT INTO {$db_prefix}permissions
(permission, ID_GROUP)
SELECT 'arcade_play', ID_GROUP
FROM {$db_prefix}membergroups
WHERE ID_GROUP != 3;

INSERT INTO {$db_prefix}permissions
(permission, ID_GROUP)
VALUES ('arcade_play', 0),
('arcade_play', -1);

I'm not sure which file and where in the file I should put this(?).


Thanks.

Thantos

That would go into your add_settings.php file in the package

anunlike

Thanks.

But, I can't find 'add_settings.php' anywhere?

Thantos

Its part of the package.  If you aren't making a package out of it just manually query the database to insert those values

anunlike

#11
Thanks, but please go easy on me. I'm still new at this.

Saying "query the database" doesn't help. I need more detailed instructions to get anywhere.


No, I'm not making a package. I'm just trying to make it so that anyone who signs up with a certain username, which I've set up as 'member' and have it under a specific membergroup, has very limited permissions. I'm providing a public username and password for any guest to be able to preview the site with. Right now though, I'm trying to deny them the ability to access two areas (not the boards/forums) which will house various media to download.

I've put in all the above, except the last step. So, with the way it's set up now, I'm preventing anyone from accessing them and I think that all I need to do is to set the permissions to the specific membergroup that I want to resrict.

rkarnes

#12
I've followed the above steps and now I get this error:

I get this when does almost anything, including viewing the new section, viewing who, or views the index. I don't seem to get any errors from any guests ( of course they can't access the new section) and things appear to be working otherwise. I just get the errors showing up in the log. I'm sure it's something dumb I did (or maybe didn't do).

BTW I'm using version 1.0.3


Edit; Never mind I found what I did wrong, and it was stupid. :)

TIA

Reed

anunlike

I'm sorry to be pushy with this, but I'd really like to get this set up as soon as I can. I'm really wanting to get things going and to the best of my ability, I don't want anyone in this membergroup (reserved for one specific username) to have access to them. I just need the last bit (I think) of help to manually put in the values for that membergoup. If someone could just point the basics out, I should be able to figure the rest.

Thank you much again. Apologies for being impatient and demanding.

[Unknown]

I'm afraid I haven't the slightest idea what exactly you're asking...?

-[Unknown]

anunlike

Ok. LOL Apologies.

Basically I'm just wanting to restrict one membergroup (which will only have one username) from a certain area. This area is not the board / forum area, but a modded area, a downloads area ('Simple Download', I think it's called). Since it's not in the forums and the mod didn't put an option in the admin area (and I don't know how to do that myself), I can't do it through the admin area (not that I know of, anyway).

This username will be provided as a username that anyone can use to preview the site, before actually signing up themselves. So, basically, anyone will be able to use this username. As such, I'm trying to get it so that no one with this username will have access to this modded area. So far, I've gotten it so that the restriction works, but I don't have it set to the specific membergroup or username (whichever would work the best?).

Hope that clears it up.


Actually, now that I look at this thread, it's not exactly what my question relates to, but very close. I want to make this restriction of this modded area for this membergroup (single username). I hope this this thread was the most appropriate to ask for this in.

anunlike

Was that a clear enough explanation? Enough to get some help with it?

anunlike

Could I possibly get some help with this? Again, I'm not trying to be pushy and I understand people are busy. I was just hoping to be able to use this by now. I'd very much appreciate any help, soon...

Herman's Mixen

it ain't a package jet !!
just follow the instructions in install.txt
in the main mod zip or tar.gz
Met vriendelijke groet, The Burglar!

 House Mixes | Mixcloud | Any Intelligent fool can make things bigger, more complex, and more violent.
It takes a touch of genius - and a lot of courage - to move in the opposite direction. - Albert Einstein

Former Godfather of our dutch community ;)

anunlike

#19
Ah! I figured it out!  :D

Apparently, somehow, the entries in ManagePermissions.php were not entered in correctly. So, I changed them manually and the permission options are showing up now.

Thanks. Apologies for any confusions and annoyances. :-X

LFC4EVA

my members cannot access the arcade to play the games.

can someone help?

CapriSkye

can somebody please explain this?

$txt['cannot_arcade_play']
$txt['permissionname_arcade_play']
$txt['permissionhelp_arcade_play']


i understand arcade_play part, but are cannot_, permissionname_, permissionhelp_ constants?
i'm not quite understand how inefficient permission would output $txt['cannot_arcade_play'].

thanks!

[Unknown]

If you use this:

isAllowedTo('x');

And they haven't the permission, the following is automatically done:

fatal_lang_error('cannot_' . 'x');

Which loads the Errors language file, and displays the corresponding error message.  If you don't use isAllowedTo(), you may not have to specify that language entry.

The other two are purely for permissions management.  The permissionname one is the name of the permission, and the permissionhelp is additional information.  An example:

$txt['permissionname_identifier'] = 'Name';
$txt['permissionhelp_identifier'] = 'Additional information about the permission, like caveats to enabling or disabling it.';

So, yes, cannot_, permissionname_, and permissionhelp_ should all be exactly that, with the permission identifier (e.g. "arcade_play") appended on the end.

-[Unknown]

Søren Bjerg

#23
I can't seem to get this to work (new permissions are not even shown when managing permissions for a given membergroup [based on standard permissions type]), so does this work differently for 1.1 (Beta 3 Public)?

Sorry, I'm a tool... I found out where what I was doing failed :-[.




Hmm... and then again, maybe not.

I have this code...

require_once('../smf_api.php');

smf_loadSession();
smf_authenticateUser();

echo '<pre>';
echo $smf_user_info['memberName'];
echo '</pre>';

echo 'motd_update: ' . smf_allowedTo('motd_update');


...and while it picks up the user info of the user logged in well enough, it fails on the smf_allowedTo() function call, regardless of the user being primary or secondary member of a membergroup with permissions to motd_update - unless the user is an administrator.
RUNE HORDES dot INFO - SMF 1.1.10 w/ Custom Profile Mod... and various permissions hooks and template changes (new topic form).

Søren Bjerg

Phew! Wasn't my fault it didn't work this time. Getting more and more annoyed at the code not working, I began snooping around in the smf_api.php file, to see if I could figure out what might be wrong. That worked like a charm :).

This block of code...
Quoteif (!isset($smf_user_info['permissions']))
   {
      $result = smf_query("
         SELECT permission, addDeny
         FROM $smf_settings[db_prefix]permissions
         WHERE ID_GROUP IN (" . implode(', ', $smf_user_info['groups']) . ")", __FILE__, __LINE__);
      $removals = array();
      $smf_user_info['permissions'] = array();
      while ($row = mysql_fetch_assoc($request))
      {
         if (empty($row['addDeny']))
            $removals[] = $row['permission'];
         else
            $smf_user_info['permissions'][] = $row['permission'];
      }
      mysql_free_result($request);

...should be like this instead ($result instead of $request):
Quoteif (!isset($smf_user_info['permissions']))
   {
      $result = smf_query("
         SELECT permission, addDeny
         FROM $smf_settings[db_prefix]permissions
         WHERE ID_GROUP IN (" . implode(', ', $smf_user_info['groups']) . ")", __FILE__, __LINE__);
      $removals = array();
      $smf_user_info['permissions'] = array();
      while ($row = mysql_fetch_assoc($result))
      {
         if (empty($row['addDeny']))
            $removals[] = $row['permission'];
         else
            $smf_user_info['permissions'][] = $row['permission'];
      }
      mysql_free_result($result);

;D
RUNE HORDES dot INFO - SMF 1.1.10 w/ Custom Profile Mod... and various permissions hooks and template changes (new topic form).

Karmalakas

#25
Quote from: [Unknown] on June 13, 2005, 12:49:47 AM
If you use this:

isAllowedTo('x');

And they haven't the permission, the following is automatically done:

fatal_lang_error('cannot_' . 'x');

Which loads the Errors language file, and displays the corresponding error message.  If you don't use isAllowedTo(), you may not have to specify that language entry.

-[Unknown]

I cannot get the error appear :(
Permission does what it should but no error text (just an empty window)
I've even tried to put $txt[cannot-..... to Errors.lang.php but it didn't work
AND even copyright disappears  :o

And one more thing:
Why do i have to put everything to Modification.lang.php ?
Cause i've tried puting $txt[..... to Action.lang.php but it doesn't appear even in admin > permissions

bjp

I try to do the same with FlashChat, but for this part I don't know how to do ? :

Now, in your arcade script, just do the following: (this will give them an error if they cannot 'arcade_view' .)

Copy to clipboardCode:
isAllowedTo('arcade_play');


Karmalakas

oh
i figured it out
i just couldn't realise that i have to put it right before function template_main()

:)

Karmalakas

hmmm
but it works only for guests
if i deny access to custom action for all membergroups so it means that only adminscan access it, right? But now it's only guests that can't view my custom action and all other members can :(
did i miss smth or what?

[Unknown]

Quote from: CRONUS on August 24, 2005, 06:56:58 AM
hmmm
but it works only for guests
if i deny access to custom action for all membergroups so it means that only adminscan access it, right? But now it's only guests that can't view my custom action and all other members can :(
did i miss smth or what?

What's the code you're using exactly?  Can you list all the changes you made?

-[Unknown]

Karmalakas

Quote from: [Unknown] on August 26, 2005, 01:12:40 AM
What's the code you're using exactly?  Can you list all the changes you made?

-[Unknown]

<?php
isAllowedTo
('view_mobiles');
function 
template_main()

global 
$context$settings$options$scripturl$modSettings$txt$db_prefix;

$catid $_GET['catid'];
$id $_GET[
........................
</
tr></table><br /><br />';

}
?>

[Unknown]

If in doubt, try:

var_dump(allowedTo('view_mobiles'));

Which should show:

bool(true)

Or:

bool(false)

-[Unknown]

Karmalakas


[Unknown]

For someone who is not an administrator, and should not be allowed the permission?

What shows if you go to their profile -> show permissions?

-[Unknown]

Karmalakas

I have a test user. He's in Regular members membergroup
I've checked the permissions at least 5 times - View mobiles is NOT checked

QuoteWhat shows if you go to their profile -> show permissions?
it shows:

view_mobiles
View mobiles data    Given by: Newbie

what's wrong? :(

[Unknown]

You're certain it's disallowed by the Newbie group too?

-[Unknown]

Karmalakas

i'm sorry but what do you mean?  :-[
if you're talking about:

Enable permissions for post count based groups

So it's unchecked
Newbie is post count group, right?
Or is there somewhere where i can disallow it by Nebie group?
I think i'm missing smth here ::)

Karmalakas

#37
Mainly i need two permissions for my mobile phones action:
to allow members 'view_mobiles' and 'edit_mobiles'
Ok here's what i have:

in source dir 'Aprasymai.php'
in theme dir 'Aprasymai.template.php'

in 'Aprasymai.template.php' there are functions:
function template_main()
function template_edit()

in main there's a link to edit mobile 'action=aprasymai;catid=xx;id=xx;sa=edit' which is shown only if a user has a permission to edit_mobiles. But if i go to this link as a guest it gives me
QuoteAn Error Has Occurred!   
Unable to load the 'main' template.
catid and id is for manufaturer and phone model


in 'ManagePermissions.php' i've added
// Standard - ie. members.  They can do anything Restrictive can.
$groupLevels['global']['standard'] = array_merge($groupLevels['global']['restrict'], array(
  'edit_mobiles',
'view_mobiles',

and
'mobiles' => array(
'edit_mobiles' => false,
'view_mobiles' => false,
)


so where should i paste these 'isAllowedTo.....' and 'if allowedTo....' ?

thanks

anyone? :(

nevermind
figured it out myself ;)

Julie

#38
Is there a way to ALWAYS deny guests from performing a certain action but still give admin the option of choosing only mods/admins/certain usergroups to have access?

Dannii

Just call is_not_guest before you check permissions.

Quotevoid is_not_guest(string message = '')
      - checks if the user is currently a guest, and if so asks them to
        login with a message telling them why.
      - message is what to tell them when asking them to login.
"Never imagine yourself not to be otherwise than what it might appear to others that what you were or might have been was not otherwise than what you had been would have appeared to them to be otherwise."

hitsquaduk

ok im having problems witch is a first for smf i never have coding problems i have added the arcade with no problems and i also added the custom flashchat as well and that was not a problem and adding the buttons was not a problem i. i want to stop mods from seeing some buttons i added some flashchat admin buttons but at the moment admins and mods can see them i only want admins to see them??? how do i do this i tryed
['is_admin']
and the button did nto show at.
????

TechnoDragon

You can also add an extra functionality to your buttons on the menu by modifying the Subs.php

find:
// Set up the menu privileges.

add in the array:
    $context['allow_arcade'] = allowedTo('view_arcade');
or whatever your permission you create is.

This will make it so that if the permissions are not allowed, then the button won't show up either...
Don't tell me to get into shape...I have a shape...It is round!


hitsquaduk

well i fixed my button problem i know what i was doing wrong i think i was adding

if ($context['is_admin'])

echo '

now i added in globals $user_info;

and then to show the button to only admin i added

if ($user_info['is_admin'])

echo '

and that fixed that..lol.


im trying to add permissiotns for the shout box so far i have done it so guest can see shouts


     if ($user_info['is_guest'])

echo '
<tr class="', $alternate ? 'windowbg' : 'windowbg', '">
<td><b><center>Sorry only member can view the shout box</center></B> </td>';


else

foreach ($context['arc_shouts'] as $shout)


i added the permissions like said
and tryed


if (allowedTo('view_shouts'))
echo '
<tr class="', $alternate ? 'windowbg' : 'windowbg', '">
<td><b><center>Sorry only member can view the shout box</center></B> </td>';

else
foreach ($context['arc_shouts'] as $shout)



Dannii

else effects online one line unless you put the following code within { brackets }.
"Never imagine yourself not to be otherwise than what it might appear to others that what you were or might have been was not otherwise than what you had been would have appeared to them to be otherwise."

bigjoe11a

in my Sources/ManagePermissions.php file. I need to find this.

$permissionList = array(
      'membergroup' => array(
         'general' => array(

Well. the 'general' => array( is missing. Does this have to do with a new SMF install or what version is this for. I didn't see that listed.
SMF Forums http://www.df-barracks.com Where gamers go.

Arantor

That's certainly not how 2.0 does it. Look around line 1462 or thereabouts of ManagePermissions.php.
Holder of controversial views, all of which my own.

bigjoe11a

Thanks, I fount the right one, Yesterday and forgot about it. It's just I don't under stand this at all. So I'll have to see Kays about using his custom permissions mod.

I don't know what else to do
SMF Forums http://www.df-barracks.com Where gamers go.

Advertisement: