Jump to content

[SOLVED] custom template permissions


jploch
 Share

Recommended Posts

Hi folks,

is it possible to add custom template permissions like page-edit, e.g. page-edit-mymodule?
For a module I am buildinmg I want to be able to fine tune some functionalities on template level.

Link to comment
Share on other sites

Not sure exactly what you are wanting to achieve but, if it helps, here is some code I used to hook User::hasPagePermission. Obviously the context is specific to my app (a membership system), but maybe there are some useful ideas.

/**
 * PAGE PERMISSIONS
* Allow member users to edit etc. pages relevant to them (access via AIM in My NCOG)
 **/
wire()->addHookAfter('User::hasPagePermission', function(HookEvent $event) {
    // Get the object the event occurred on, if needed
    $user = $event->object;

    // An 'after' hook can retrieve and/or modify the return value
    $return = $event->return;

    // Get values of arguments sent to hook (if needed)
    $permission = $event->arguments(0);
    $p = $event->arguments(1);

    /* Your code here, perhaps modifying the return value */
    // Is it a page we need to customise access for?
    $templates = ['Membership', 'Member', 'Profile', 'Subscription', 'Payment', 'MemberShop', 'Booking', 'NewsItem'];
    $permissions = ['page-edit', 'page-add'];
    $currentUser = $this->users->getCurrentUser();
    if ($p and in_array($p->template, $templates) and $permission and in_array($permission, $permissions)) {
        if ($currentUser and $currentUser->isLoggedin()) {
            $this->log->save('debug', 'In hasPagePermission hook for Page = ' . $p . ', Permission = ' . $permission . '. Current user is ' . $currentUser);
            if ($currentUser->hasRole('member')) {
                $email = $currentUser->email;
                $memberPage = ($email and $email != '') ? $this->pages->get("has_parent=/memberships/, template=Member, email=$email") : null;
                if ($currentUser->memberOnly != 0) {
                    $return = false;
                    $this->log->save('debug', 'Member only');
                }

                // Member-only users can only access pages as defined below
                // Admin members will also have their normal permissions

                if ($memberPage and $memberPage->id) {
                    $membershipPage = $memberPage->parent;
                    $this->log->save('debug', 'Membership page = ' . $membershipPage->id);
                    $profilePage = $membershipPage->id ? $membershipPage->get("template=Profile, include=hidden") : null;
                    $siblings = $memberPage->siblings("template=Member, include=hidden"); // includes member page itself
                    $shops = $membershipPage->id ? $membershipPage->find("template=MemberShop, include=all") : null;
                    $currentSub = $membershipPage->id ? $membershipPage->latestSubscription() : null;
                    $subsPaymentPages = $membershipPage->id ? $membershipPage->find("template=Payment, parent=[template=Subscription], include=hidden") : null;
                    $draftNewsPages = $membershipPage->id ? $memberPage->find("template=NewsItem, include=all") : null;
                    $bookingPages = $membershipPage->id ? $membershipPage->find("template=Booking, include=hidden") : null;
                    $editablePages = new PageArray();
                    $addablePages = new PageArray();
                    $editablePages = $editablePages->add($membershipPage)->add($profilePage)->add($siblings)->add($currentSub)->add($shops)->add($subsPaymentPages)->add($draftNewsPages)->add($bookingPages);
                    $addablePages = $addablePages->add($membershipPage)->add($memberPage);  // pages where creation of children is allowed
                    $this->log->save('debug', 'Editable pages = ' . $editablePages->implode(', ', 'id'));
                    $this->log->save('debug', 'Addable pages = ' . $addablePages->implode(', ', 'id'));
                    if ($editablePages->has($p) and $permission == 'page-edit') $return = true;
                    if ($addablePages->has($p) and $permission == 'page-add') $return = true;
                }
            }
            $retStr = $return ? 'true' : 'false';
            $this->log->save('debug', 'Returning ' . $retStr);
        }
    }
    // Populate back return value, if you have modified it
    $event->return = $return;
});

 

  • Like 1
Link to comment
Share on other sites

@MarkE Thanks for your answer. I was looking for a way to create a new permission that the user can than enable per template in the backend. But I don't think it's possible. See Screenshot:
 

Bildschirmfoto 2022-08-11 um 10.44.07.png

Link to comment
Share on other sites

@MarkE It's a little complicated to explain 🙂
I Am working on a pagebuilder module, that makes it possible to visualy compose a page.

The page structure is defined by the items you add to your page. PageGrid creates a hidden page for every item that gets added to it (similar to how PageTable or Repeater Matrix work). Each item (a page) is based on a block template. A template can have multiple fields to hold your data (native ProcessWire templates and fields). 

Each item has an edit link that opens that page in an overlay, some fields also have inline edit capacity. Now I want to be able to have my own permissions beside page-edit to control if the edit link of that item is visible or not to certain users. The page-edit permission would enable inline editing (or editing in general) und my new permission would display the edit link. Hope that makes sense.

I think this could also be achived with multiple roles, so if use has role "edit-items" and the page-edit permission for that item template it will display the edit link. But I was just curoius if I could create those template permissions myself.

Link to comment
Share on other sites

6 hours ago, jploch said:

I think this could also be achived with multiple roles, so if use has role "edit-items" and the page-edit permission for that item template it will display the edit link.

That looks like the way to go to me. There's no way you can hack the Access Roles form as shown in your image, as all the relevant methods are protected an unhookable.

  • Like 1
Link to comment
Share on other sites

  • jploch changed the title to [SOLVED] custom template permissions

@MarkE I just found out, that it's easy to create permissions that are template based. The permission name must start with "page-". After you check the box on a template "Mangage edit access" (screenshot above), it becomes selectable under Access->Roles->Yourrole. You just have to click on the little arrow to open the settings first. Nice!

Bildschirmfoto 2022-08-15 um 09.54.21.png

  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...