News:

Wondering if this will always be free?  See why free is better.

Main Menu

Apply permissions to custom actions

Started by Elijah Bliss, October 31, 2004, 05:32:54 PM

Previous topic - Next topic

LFC4EVA

my members cannot access the arcade to play the games.

can someone help?

CapriSkye

can somebody please explain this?

$txt['cannot_arcade_play']
$txt['permissionname_arcade_play']
$txt['permissionhelp_arcade_play']


i understand arcade_play part, but are cannot_, permissionname_, permissionhelp_ constants?
i'm not quite understand how inefficient permission would output $txt['cannot_arcade_play'].

thanks!

[Unknown]

If you use this:

isAllowedTo('x');

And they haven't the permission, the following is automatically done:

fatal_lang_error('cannot_' . 'x');

Which loads the Errors language file, and displays the corresponding error message.  If you don't use isAllowedTo(), you may not have to specify that language entry.

The other two are purely for permissions management.  The permissionname one is the name of the permission, and the permissionhelp is additional information.  An example:

$txt['permissionname_identifier'] = 'Name';
$txt['permissionhelp_identifier'] = 'Additional information about the permission, like caveats to enabling or disabling it.';

So, yes, cannot_, permissionname_, and permissionhelp_ should all be exactly that, with the permission identifier (e.g. "arcade_play") appended on the end.

-[Unknown]

Søren Bjerg

#23
I can't seem to get this to work (new permissions are not even shown when managing permissions for a given membergroup [based on standard permissions type]), so does this work differently for 1.1 (Beta 3 Public)?

Sorry, I'm a tool... I found out where what I was doing failed :-[.




Hmm... and then again, maybe not.

I have this code...

require_once('../smf_api.php');

smf_loadSession();
smf_authenticateUser();

echo '<pre>';
echo $smf_user_info['memberName'];
echo '</pre>';

echo 'motd_update: ' . smf_allowedTo('motd_update');


...and while it picks up the user info of the user logged in well enough, it fails on the smf_allowedTo() function call, regardless of the user being primary or secondary member of a membergroup with permissions to motd_update - unless the user is an administrator.
RUNE HORDES dot INFO - SMF 1.1.10 w/ Custom Profile Mod... and various permissions hooks and template changes (new topic form).

Søren Bjerg

Phew! Wasn't my fault it didn't work this time. Getting more and more annoyed at the code not working, I began snooping around in the smf_api.php file, to see if I could figure out what might be wrong. That worked like a charm :).

This block of code...
Quoteif (!isset($smf_user_info['permissions']))
   {
      $result = smf_query("
         SELECT permission, addDeny
         FROM $smf_settings[db_prefix]permissions
         WHERE ID_GROUP IN (" . implode(', ', $smf_user_info['groups']) . ")", __FILE__, __LINE__);
      $removals = array();
      $smf_user_info['permissions'] = array();
      while ($row = mysql_fetch_assoc($request))
      {
         if (empty($row['addDeny']))
            $removals[] = $row['permission'];
         else
            $smf_user_info['permissions'][] = $row['permission'];
      }
      mysql_free_result($request);

...should be like this instead ($result instead of $request):
Quoteif (!isset($smf_user_info['permissions']))
   {
      $result = smf_query("
         SELECT permission, addDeny
         FROM $smf_settings[db_prefix]permissions
         WHERE ID_GROUP IN (" . implode(', ', $smf_user_info['groups']) . ")", __FILE__, __LINE__);
      $removals = array();
      $smf_user_info['permissions'] = array();
      while ($row = mysql_fetch_assoc($result))
      {
         if (empty($row['addDeny']))
            $removals[] = $row['permission'];
         else
            $smf_user_info['permissions'][] = $row['permission'];
      }
      mysql_free_result($result);

;D
RUNE HORDES dot INFO - SMF 1.1.10 w/ Custom Profile Mod... and various permissions hooks and template changes (new topic form).

Karmalakas

#25
Quote from: [Unknown] on June 13, 2005, 12:49:47 AM
If you use this:

isAllowedTo('x');

And they haven't the permission, the following is automatically done:

fatal_lang_error('cannot_' . 'x');

Which loads the Errors language file, and displays the corresponding error message.  If you don't use isAllowedTo(), you may not have to specify that language entry.

-[Unknown]

I cannot get the error appear :(
Permission does what it should but no error text (just an empty window)
I've even tried to put $txt[cannot-..... to Errors.lang.php but it didn't work
AND even copyright disappears  :o

And one more thing:
Why do i have to put everything to Modification.lang.php ?
Cause i've tried puting $txt[..... to Action.lang.php but it doesn't appear even in admin > permissions

bjp

I try to do the same with FlashChat, but for this part I don't know how to do ? :

Now, in your arcade script, just do the following: (this will give them an error if they cannot 'arcade_view' .)

Copy to clipboardCode:
isAllowedTo('arcade_play');


Karmalakas

oh
i figured it out
i just couldn't realise that i have to put it right before function template_main()

:)

Karmalakas

hmmm
but it works only for guests
if i deny access to custom action for all membergroups so it means that only adminscan access it, right? But now it's only guests that can't view my custom action and all other members can :(
did i miss smth or what?

[Unknown]

Quote from: CRONUS on August 24, 2005, 06:56:58 AM
hmmm
but it works only for guests
if i deny access to custom action for all membergroups so it means that only adminscan access it, right? But now it's only guests that can't view my custom action and all other members can :(
did i miss smth or what?

What's the code you're using exactly?  Can you list all the changes you made?

-[Unknown]

Karmalakas

Quote from: [Unknown] on August 26, 2005, 01:12:40 AM
What's the code you're using exactly?  Can you list all the changes you made?

-[Unknown]

<?php
isAllowedTo
('view_mobiles');
function 
template_main()

global 
$context$settings$options$scripturl$modSettings$txt$db_prefix;

$catid $_GET['catid'];
$id $_GET[
........................
</
tr></table><br /><br />';

}
?>

[Unknown]

If in doubt, try:

var_dump(allowedTo('view_mobiles'));

Which should show:

bool(true)

Or:

bool(false)

-[Unknown]

Karmalakas


[Unknown]

For someone who is not an administrator, and should not be allowed the permission?

What shows if you go to their profile -> show permissions?

-[Unknown]

Karmalakas

I have a test user. He's in Regular members membergroup
I've checked the permissions at least 5 times - View mobiles is NOT checked

QuoteWhat shows if you go to their profile -> show permissions?
it shows:

view_mobiles
View mobiles data    Given by: Newbie

what's wrong? :(

[Unknown]

You're certain it's disallowed by the Newbie group too?

-[Unknown]

Karmalakas

i'm sorry but what do you mean?  :-[
if you're talking about:

Enable permissions for post count based groups

So it's unchecked
Newbie is post count group, right?
Or is there somewhere where i can disallow it by Nebie group?
I think i'm missing smth here ::)

Karmalakas

#37
Mainly i need two permissions for my mobile phones action:
to allow members 'view_mobiles' and 'edit_mobiles'
Ok here's what i have:

in source dir 'Aprasymai.php'
in theme dir 'Aprasymai.template.php'

in 'Aprasymai.template.php' there are functions:
function template_main()
function template_edit()

in main there's a link to edit mobile 'action=aprasymai;catid=xx;id=xx;sa=edit' which is shown only if a user has a permission to edit_mobiles. But if i go to this link as a guest it gives me
QuoteAn Error Has Occurred!   
Unable to load the 'main' template.
catid and id is for manufaturer and phone model


in 'ManagePermissions.php' i've added
// Standard - ie. members.  They can do anything Restrictive can.
$groupLevels['global']['standard'] = array_merge($groupLevels['global']['restrict'], array(
  'edit_mobiles',
'view_mobiles',

and
'mobiles' => array(
'edit_mobiles' => false,
'view_mobiles' => false,
)


so where should i paste these 'isAllowedTo.....' and 'if allowedTo....' ?

thanks

anyone? :(

nevermind
figured it out myself ;)

Julie

#38
Is there a way to ALWAYS deny guests from performing a certain action but still give admin the option of choosing only mods/admins/certain usergroups to have access?

Dannii

Just call is_not_guest before you check permissions.

Quotevoid is_not_guest(string message = '')
      - checks if the user is currently a guest, and if so asks them to
        login with a message telling them why.
      - message is what to tell them when asking them to login.
"Never imagine yourself not to be otherwise than what it might appear to others that what you were or might have been was not otherwise than what you had been would have appeared to them to be otherwise."

Advertisement: