Frontend Permissions
| Author | Timo A. Hummel |
| Created | 20th May 2005 |
| Audience |
Site Integrators, Module Developers |
| Applies to |
Contenido 4.6 or later |
Frontend Permissions
|
| Author | Timo A. Hummel |
| Created | 20th May 2005 |
| Audience |
Site Integrators, Module Developers |
| Applies to |
Contenido 4.6 or later |
Contenido 4.6 introduces so-called frontend users. These users are splitted apart the regular backend users, because they should be seen and handled completely different as backend users. Frontend users themselves can't have permissions, all permissions are assigned to groups.
Frontend objects and permissions are designed to be very generic. Basically, the developer has to define:
- A class which defines how the object works
- Checks to make the permissions effective
Step by Step manual:
1. Think of a name for the object you're going to use. The name should be
lowercase. In this example, we're going to use "object".
2. If the folder "frontendlogic" in the plugins directory doesn't exist, create
it
3. Create a folder with the object name you're going to use in the folder "frontendlogic"
4. Create a file with the objectname and ".php" as extension. In our example,
you would have the path "plugins/frontendlogic/object/object.php".
5. Extend the class FrontendLogic. Your class name must have the name "frontendlogic_"
plus your object name, in our example it would be "frontendlogic_object".
6. Override the methods getFriendlyName(), listActions() and listItems().
You can find descriptions for these methods in the FrontendLogic phpDoc.
7. Define the object name in the variable $cfg['plugins']['frontendlogic'], e.g.
$cfg['plugins']['frontendlogic'][] = "object". You should place this in the file
config.local.php, so your changes are preserved during updates.
Test your object:
Login into Contenido. Go to the frontend groups, create a new group (or edit an existing). In the subnavigation beneath "Overview", you should see your object name which you defined in the method "getFriendlyName()". Click on it. In the list, you should see all actions you defined, and all items you return. Your administrators can now start to apply permissions to the items.
Checking permissions:
This is actually pretty easy. Create a new FrontendPermissionCollection-Item and use the method checkPerm() to query if a specific permission is set:
$myPermissionCheck = new FrontendPermissionCollection;
var_dump(
$myPermissionCheck->checkPerm(2, "object", "permissionname", "itemid"));
If you want to check for a global right, replace "itemid" with "__GLOBAL__".