Page Edit Per User Module - Specific PHP Selector for editable pages, Multi-User-System etc...

[Orkun]

Hello Processwire Community

Lets say I have a Multi-User-System where I can create/update as "normal" user new events, dates, multimediapages, imagepages etc....

As Admin I can create organisers(owners) and assign them respectively to specific users.

Module for creating/updating pages: Fredi - Friendly Frontend Editor

Scenario: Add new Imagepage under Multimedia > Images

Important Fields

select_organiser(FieldtypePage)(btw. this field is assigned to the user template)

PHP-Selector for "select_organiser"

if(wire('user')->isSuperuser()){
    return $pages->find("template=organiser");
}
else{
    return $pages->find("template=organiser, id=".wire('user')->select_organiser);
}

Templates

image-index(is assigned to Image-Page)

-> Fields: only title

- > images-index.php

Only show the image pages which has the same organiser like the current user.

<?php
$out .="<h3>$title verwalten</h3>

				<div class='span11'>
					<div class='btn-pos-1 add'>"
					.$fredi->setText("<i class='fa fa-plus'></i> Bild erfassen")->hideTabs("children|delete|settings")->addPage("image", "title|select_organiser", $pages->get(1153)).
					"</div>
					<table id='example' class='row-border' cellspacing='0' width='100%'>
				        <thead>
				            <tr>
				              <th>ID</th>
				              <th>Bildname</th>
				              <th>Bild</th>
				              <th>Beschreibung</th>
				              <th>Veranstalter</th>
				              <th>aktualisiert</th>
				              <th></th>
				              <th></th>

				            </tr>
				        </thead>

				        <tbody>";

					        if($user->isSuperuser()){
					        	$images = $pages->find("template=image");
					        }
					        else{
					        	
					        	$images = $pages->find("template=image, select_organiser=$user->select_organiser");
					        }
					     
					        foreach ($images as $i_item) {
					        	if($i_item->image){
					        		$thumb = $i_item->image->size(50, 50);
					        	}
					        	$out .= "<tr>
					        	         <td>{$i_item->id}</td>
					        	         <td>{$i_item->title}</td>
					        	         <td><a class='large_img' href='{$i_item->image->url}' ><img src='{$thumb->url}' /></a></td>
					        	         <td>{$i_item->image_body}</td>
					        	         <td>{$i_item->select_organiser->title}</td>
					        	         <td>".date('Y-m-d', $i_item->modified)."</td>
					        	         <td><a href='{$i_item->url}'><i class='fa fa-eye'></i></td>
					        	         <td>".$fredi->setText("<i class='fa fa-pencil'></i>")->renderAll($i_item)."</td>
					        	         </tr>";
					        }
		$out .= "		</tbody>
			    	</table>
				</div>";

images(is assinged to children-items of Image-Page)

-> Fields: title, image, image_body, select_organiser

-> images.php

At the beginnnig of the template it checks if the select_organiser of the current user is the same as the select_organiser of the current image page.

<?php
if($user->select_organiser == $page->select_organiser || $user->isSuperuser()){

$out .= "<h3>{$page->parent->title} Details</h3>
         <div class='span8'>
            <table class='detail-view table table-striped table-condensed'>";

            $out .= "<tr class='odd'><th>ID</th><td>{$page->id}</td></tr>";

            //get all fields:
            $all_fields = $page->fields;

            foreach($all_fields as $field){
          

                if($field->type == "FieldtypeImage"){
                     $out .= "<tr class='odd'><th>{$field->label}</th><td>{$page->get($field->name)->url}</td></tr>";
                }
                else if($field->type == "FieldtypePage"){
                     $out .= "<tr class='odd'><th>{$field->label}</th><td>{$page->get($field->name)->title}</td></tr>";
                }
                else{

                  $out .= "<tr class='odd'><th>{$field->label}</th><td>{$page->get($field->name)}</td></tr>";
               }
            }

            $out .= "<tr class='odd'><th>erstellt</th><td>".date("Y-m-d H:i:s", $page->created)."</td></tr>
                     <tr class='even'><th>aktualisiert</th><td>".date("Y-m-d H:i:s", $page->modified)."</td></tr>
            </table>
        </div>

        <div class='span3'>
            <div id='sidebar'>
                <ul class='well nav nav-list' id='yw1'>
                    <li class='nav-header nav-header'>Aktionen</li>
                    <li><a href='{$page->parent->url}'><i class='fa fa-list'></i> Bilder auflisten</a></li>
                    <li>".$fredi->setText("<i class='fa fa-pencil'></i> Bild bearbeiten")->renderAll($page)."</li>
                </ul>
                <br />        
            </div>
        </div>";

}
else{
    $session->redirect($error404->url);
}

The Problem of this System is that the user still can access to image-pages in the backend that dont have the same organiser. Its only view protected.

So finally my Question: Can i specifiy a PHP-Selector for the editable pages for the Page Edit Per User Module.

Like:

return $pages->find("template=images, id=".wire('user')->select_organiser);

So that the user can edit the image - pages which has the same organiser like him?

Pagetree Structure and some screenshots of the interfaces for visualization:

Pagetree Structure:

Home(Login-Page)

   - Dashboard(Intro-Page)

     -- Events(visible for superuser and user with role: company)

     -- Agenda/Dates(visible for superuser and user with role: company)

     -- Multimedia(visible for superuser and user with role: company)

       --- Images(template: image-index)

          ---- example-img.jpg(template: image)

          ...

       --- Videos

     -- Profile(visible for superuser and user with role: company)

     -- Organisers(Only visible for Superuser)

        --- Organiser-Profiles

           ---- XYZ AG

           ...

        --- Adresses

        --- Locations

     -- Settings(Only visible for Superuser)

     -- Logout

Image - Overview Page

Image - Detail Page

PS: Sorry for the long post

[Orkun]

I thought that i could bypass the problem, when I only give view permission to the users with the role "company" so that they cant access the backend. But the problem is then, that they cant create/update pages from the Frontent with the modal edit windows of fredi.