Jump to content
a-ok

Is the API void of permissions/roles?

Recommended Posts

If I set the admin user in the backend to not have rights to create pages for a certain parent/child tree... can the API still publish/create? Is the API void of permissions/roles?

Share this post


Link to post
Share on other sites

From what I understand, you could create/publish pages regardless of roles/permissions. However, if you were to wrap the page creation in an if statement like :

if($user->hasPermission('permission-name', $page)) {
  // user has this permission, for this $page
}

then that person with the permission could perform whatever action you created.
 

  • Like 2

Share this post


Link to post
Share on other sites
4 hours ago, a-ok said:

Is the API void of permissions/roles?

it depends!
 

// ADD PAGE
// adding a page via API can be triggered by the guest user even if he has not the permission to add children under a specific parent (12464)
if ($user->isGuest()) $pages->add('contribution', 12464); // works

// VIEW PAGE or FIELD VALUE
// if guest user has not the view permission it depends on outputformatting
if ($user->isGuest()) var_dump($pages->get(12985)->title); // "I am the Page Title"
if ($user->isGuest()) var_dump($pages->get(12985)->of(true)->title); // NULL

// MODULES
// Call of a Module via API. User has not the permission to use the module
if ($user->isGuest()) $modules->get('MyModule')->execute(); // Fatal error: Exception: You do not have permission to execute this module (if debug mode is on/ 500 otherwise)
if ($user->isGuest()) $modules->getModule('MyModule', array('noPermissionCheck' => true))->execute(); // works!

 

  • Like 2

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...