Jump to content

Page Edit Per User Module - Specific PHP Selector for editable pages, Multi-User-System etc...


Orkun
 Share

Recommended Posts

Hello Processwire Community

Lets say I have a Multi-User-System where I can create/update as "normal" user new events, dates, multimediapages, imagepages etc....

As Admin I can create organisers(owners) and assign them respectively to specific users.

Module for creating/updating pages: Fredi - Friendly Frontend Editor

Scenario: Add new Imagepage under Multimedia > Images

Important Fields

select_organiser(FieldtypePage)(btw. this field is assigned to the user template)

PHP-Selector for "select_organiser"

if(wire('user')->isSuperuser()){
    return $pages->find("template=organiser");
}
else{
    return $pages->find("template=organiser, id=".wire('user')->select_organiser);
}

Templates

image-index(is assigned to Image-Page)

-> Fields: only title

- > images-index.php

Only show the image pages which has the same organiser like the current user.

<?php
$out .="<h3>$title verwalten</h3>

				<div class='span11'>
					<div class='btn-pos-1 add'>"
					.$fredi->setText("<i class='fa fa-plus'></i> Bild erfassen")->hideTabs("children|delete|settings")->addPage("image", "title|select_organiser", $pages->get(1153)).
					"</div>
					<table id='example' class='row-border' cellspacing='0' width='100%'>
				        <thead>
				            <tr>
				              <th>ID</th>
				              <th>Bildname</th>
				              <th>Bild</th>
				              <th>Beschreibung</th>
				              <th>Veranstalter</th>
				              <th>aktualisiert</th>
				              <th></th>
				              <th></th>

				            </tr>
				        </thead>

				        <tbody>";

					        if($user->isSuperuser()){
					        	$images = $pages->find("template=image");
					        }
					        else{
					        	
					        	$images = $pages->find("template=image, select_organiser=$user->select_organiser");
					        }
					     
					        foreach ($images as $i_item) {
					        	if($i_item->image){
					        		$thumb = $i_item->image->size(50, 50);
					        	}
					        	$out .= "<tr>
					        	         <td>{$i_item->id}</td>
					        	         <td>{$i_item->title}</td>
					        	         <td><a class='large_img' href='{$i_item->image->url}' ><img src='{$thumb->url}' /></a></td>
					        	         <td>{$i_item->image_body}</td>
					        	         <td>{$i_item->select_organiser->title}</td>
					        	         <td>".date('Y-m-d', $i_item->modified)."</td>
					        	         <td><a href='{$i_item->url}'><i class='fa fa-eye'></i></td>
					        	         <td>".$fredi->setText("<i class='fa fa-pencil'></i>")->renderAll($i_item)."</td>
					        	         </tr>";
					        }
		$out .= "		</tbody>
			    	</table>
				</div>";

images(is assinged to children-items of Image-Page)

-> Fields: title, image, image_body, select_organiser

-> images.php

At the beginnnig of the template it checks if the select_organiser of the current user is the same as the select_organiser of the current image page.

<?php
if($user->select_organiser == $page->select_organiser || $user->isSuperuser()){

$out .= "<h3>{$page->parent->title} Details</h3>
         <div class='span8'>
            <table class='detail-view table table-striped table-condensed'>";

            $out .= "<tr class='odd'><th>ID</th><td>{$page->id}</td></tr>";

            //get all fields:
            $all_fields = $page->fields;

            foreach($all_fields as $field){
          

                if($field->type == "FieldtypeImage"){
                     $out .= "<tr class='odd'><th>{$field->label}</th><td>{$page->get($field->name)->url}</td></tr>";
                }
                else if($field->type == "FieldtypePage"){
                     $out .= "<tr class='odd'><th>{$field->label}</th><td>{$page->get($field->name)->title}</td></tr>";
                }
                else{

                  $out .= "<tr class='odd'><th>{$field->label}</th><td>{$page->get($field->name)}</td></tr>";
               }
            }

            $out .= "<tr class='odd'><th>erstellt</th><td>".date("Y-m-d H:i:s", $page->created)."</td></tr>
                     <tr class='even'><th>aktualisiert</th><td>".date("Y-m-d H:i:s", $page->modified)."</td></tr>
            </table>
        </div>

        <div class='span3'>
            <div id='sidebar'>
                <ul class='well nav nav-list' id='yw1'>
                    <li class='nav-header nav-header'>Aktionen</li>
                    <li><a href='{$page->parent->url}'><i class='fa fa-list'></i> Bilder auflisten</a></li>
                    <li>".$fredi->setText("<i class='fa fa-pencil'></i> Bild bearbeiten")->renderAll($page)."</li>
                </ul>
                <br />        
            </div>
        </div>";

}
else{
    $session->redirect($error404->url);
}

The Problem of this System is that the user still can access to image-pages in the backend that dont have the same organiser. Its only view protected.

So finally my Question: Can i specifiy a PHP-Selector for the editable pages for the Page Edit Per User Module.

Like:


return $pages->find("template=images, id=".wire('user')->select_organiser);

So that the user can edit the image - pages which has the same organiser like him?

Pagetree Structure and some screenshots of the interfaces for visualization:

Pagetree Structure:

Home(Login-Page)

   - Dashboard(Intro-Page)

     -- Events(visible for superuser and user with role: company)

     -- Agenda/Dates(visible for superuser and user with role: company)

     -- Multimedia(visible for superuser and user with role: company)

       --- Images(template: image-index)

          ---- example-img.jpg(template: image)

          ...

       --- Videos

     -- Profile(visible for superuser and user with role: company)

     -- Organisers(Only visible for Superuser)

        --- Organiser-Profiles

           ---- XYZ AG

           ...

        --- Adresses

        --- Locations

     -- Settings(Only visible for Superuser)

     -- Logout

Image - Overview Page

post-3125-0-57488000-1444212375_thumb.pn

Image - Detail Page

post-3125-0-88676900-1444212380_thumb.pn

PS: Sorry for the long post :P:lol:

Link to comment
Share on other sites

I thought that i could bypass the problem, when I only give view permission to the users with the role "company" so that they cant access the backend. But the problem is then, that they cant create/update pages from the Frontent with the modal edit windows of fredi.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...