Forums / Developer / Permissions without modules

Permissions without modules

Author Message

Piotrek Karaś

Tuesday 03 June 2008 11:03:34 pm

Hi,

I need some sort of access/permission control over the datatypes I create, but it seems that the existing access control system is strictly based on modules and functions, and I haven't planned any...

1) Am I right about not being able to assign policies to anything else than module-related functions?
2) If so, do you think creating a module just to be able to assign some policies that will be used by datatype classes/templates would be a good idea?
3) Any other way of getting similar functionality?

Thanks!
Piotrek

--
Company: mediaSELF Sp. z o.o., http://www.mediaself.pl
eZ references: http://ez.no/partners/worldwide_partners/mediaself
eZ certified developer: http://ez.no/certification/verify/272585
eZ blog: http://ez.ryba.eu

Bruce Morrison

Wednesday 04 June 2008 12:26:41 am

Hi Piotrek

I'm not sure what you mean when you say <i>access/permission control over the datatypes I create</i> It sounds like you are talking about content class editing? ( but that doesn't makes sense )

You can use the permission system to control other actions. I used it in my recaptcha datatype to allow some users to bypass filling in the captcha. See André R's comment:
http://ez.no/developer/contribs/applications/recaptcha_ez4

Is this the kind of thing you are after?

cheers
Bruce

My Blog: http://www.stuffandcontent.com/
Follow me on twitter: http://twitter.com/brucemorrison
Consolidated eZ Publish Feed : http://friendfeed.com/rooms/ez-publish

Piotrek Karaś

Wednesday 04 June 2008 1:12:03 am

Hello Bruce,

Yes, I guess this is what I mean, but just to be sure and more precise:

I'm creating a custom datatype extension, which so far hasn't required any modules.

When in content object attribute and/or content class attribute edit mode, this datatype should behave differently depending on users permissions. For example some users will be allowed to modify one of the attribute's fields, some other users will not (having those fields disabled).

Of course, I most probably will be able to find some sort of substitute condition, for example current siteaccess (if 'admin', allow changes, otherwise deny), but it seems that it would be much better to use the access control for that purpose.

I am aware of how to define the $FunctionList variable, but I haven't seen it outside of module.php files...

Thanks,
Piotrek

PS. I am pretty sure that if I add a module for this extension, I will be able to get where I want to get, it's just the question of whether creating a module just for that is necessary...

--
Company: mediaSELF Sp. z o.o., http://www.mediaself.pl
eZ references: http://ez.no/partners/worldwide_partners/mediaself
eZ certified developer: http://ez.no/certification/verify/272585
eZ blog: http://ez.ryba.eu

Kristof Coomans

Wednesday 04 June 2008 2:44:13 am

Hi

http://ez.no/developer/contribs/hacks/attributeedit_policy is what you're looking for I guess. Although, the actual implementation might need some enhancements. I hope to get this incorporated soon or later in the kernel.

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org