Trace: » Embedding Permission based menu on a publish page » Create user account and send an email notification with newly created account details » Set view permissions depending on the System's Group of the user
You are here: Claromentis WIKI » Claromentis Help » InfoCapture » plugins » Set view permissions depending on the System's Group of the user
Translations of this page:

Set view permissions depending on the System's Group of the user

For basic information on plugins, please refer:Infocapture plugins

In this section we would see how to control view permissions depending on the System’s Group of the user. Here,

1. User in system’s Admin group can view and edit all issues

2. User in system’s User group can view and edit issues submitted by them and issues submitted by other users within the same system’s group

You can find the xml file of the test project here:

Lets suppose we have this test project with ID = 45

To achive the above things, we require two plugins:

1. plugin_45_check_issue_rights.php 

<?php
function hd_plugin_45_check_issue_rights($params)
{
	global $db;
	
	$system_group_id = 1;	//set the groupid of admin over here
	$system_users = array();
	$res = $db->query(new Query("SELECT userid FROM user_groups WHERE groupid=".$system_group_id));
	while (list($user_id) = $res->fetchRow())
	{
		$system_users[] = (int)$user_id;
	}
	if (in_array($_SESSION["SESSION_UID"], $system_users))
	{
		return true;
	}
 
	$groups = array();
	$res = $db->query(new Query("SELECT groupid FROM user_groups WHERE userid=".(int)$_SESSION["SESSION_UID"]));
	while (list($group_id) = $res->fetchRow())
	{
		$groups[] = (int)$group_id;
	}
 
	if (count($groups) == 0) 
	{
		return NULL;
	}
 
	$res = $db->query(new Query("SELECT userid FROM user_groups WHERE groupid IN (".implode(',', $groups).")"));
	$users = array();
	while (list($user_id) = $res->fetchRow())
	{
		$users[] = (int)$user_id;
	}
 
	if (count($users) == 0)	
	{
		return false; // impossible
	}
 
	return in_array($params["issue"]["reporter"], $users);
}
?>

2. plugin_45_view_issue_rights_sql_and.php 

<?php
function hd_plugin_45_view_issue_rights_sql_and($params)
{
	global $db;
 
	$system_group_id = 1;	//set admin group id over here
	$system_users = array();
	$res = $db->query(new Query("SELECT userid FROM user_groups WHERE groupid=".$system_group_id));
	while (list($user_id) = $res->fetchRow())
	{
		$system_users[] = (int)$user_id;
	}
	if (in_array($_SESSION["SESSION_UID"], $system_users))
	{
		return "TRUE";
	}
 
	$groups = array();
	$res = $db->query(new Query("SELECT groupid FROM user_groups WHERE userid=".(int)$_SESSION["SESSION_UID"]));
	while (list($group_id) = $res->fetchRow())
	{
		$groups[] = (int)$group_id;
 
	}
 
	if (count($groups) == 0) 
	{
		return NULL;
	}
 
	$res = $db->query(new Query("SELECT userid FROM user_groups WHERE groupid IN (".implode(',', $groups).")"));
	$users = array();
	while (list($user_id) = $res->fetchRow())
	{
		$users[] = (int)$user_id;
	}
 
	if (count($users) == 0)	
	{
		return "FALSE";
	}
 
	return "i.reporter IN (".implode(',', $users).")";
}
?>

If you login as a user from system’s User group, you should be able to view and edit issues submitted by you and the users from same system’s group

If you login as a user from system’s Admin group, you should be able to view and edit all issues

Discussion

 
help/infocapture/plugins/set_view_permissions.txt · Last modified: 07/06/2011 04:49 by sweta
 
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki