GuruMeditation Posted May 29, 2014 Share Posted May 29, 2014 Hi all, me again Please don't ask why I want to do this rather than to use the built in permission routines, but I really have my nutty professor reasons. If I add an option to a page called Allowed, and that option is a checkbox, would that be sufficient to be used as a permission for viewing a certain restricted part of a page? By this, I mean if I check for whether or not it's ticked? If it is ticked I allow them to see something, and if not I don't. Or am I missing something in regards to security? Link to comment Share on other sites More sharing options...
adrian Posted May 29, 2014 Share Posted May 29, 2014 If I understand correctly, it sounds fine. I am assuming you'll have a conditional in the template file for this page that will only render that portion of the page if the checkbox is checked? 1 Link to comment Share on other sites More sharing options...
GuruMeditation Posted May 30, 2014 Author Share Posted May 30, 2014 Exactly. I just wanted to know that these will basically work the same. If(theCheckboxForThisPortionIsChecked){ // Not logical I know, but you know what I mean? echo "Show this"; } if($user->hasPermission("forThisPortion")) { echo "Show this"; } Or does hasPermission have some hidden security features that the former doesn't? Link to comment Share on other sites More sharing options...
adrian Posted May 30, 2014 Share Posted May 30, 2014 The only difference I can think of is that an admin editor with the rights to edit the page with the checkbox could change this setting on you, whereas permission/role based restrictions require a higher level permission to change, but presumably this shouldn't really be an issue. 1 Link to comment Share on other sites More sharing options...
GuruMeditation Posted May 30, 2014 Author Share Posted May 30, 2014 Well I will be the only back-end admin on the site. All other editing will be via the front-end through pages and forms I've created. This is the reason I'm setting up an admin page with my own permissions (checkboxes), so that I can organise them better for myself. Link to comment Share on other sites More sharing options...
GuruMeditation Posted June 1, 2014 Author Share Posted June 1, 2014 Just a quick update, I've now got some code to show, to explain exactly what I mean. I've set up some pages which will act as forum categories. These use a template called forum_cat. I have also set up a page field called forum_access which is attached to this template. The forum_access field has the parent admin/access/Roles so that I can select which roles are allowed to view that forum category. $forumCategories = $pages->find("template=forum_cat"); foreach($forumCategories as $forumCategory) { foreach($forumCategory->forum_access as $forumAccess) { if($user->roles->has($forumAccess)) { echo $forumCategory->title; break; } } } } So back to the original question, is this just as safe as using a standard permission? I want to do it this way so that each forum category acts as a setting page for that particular category. Thanks again. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now