Author
|
Message
|
Kristof Coomans
|
Tuesday 11 April 2006 2:12:48 am
Hi guys I've made a hack to limit the editing of content objects to specific attributes.
You can download the modified files for eZ publish 3.7.5 at http://pubsvn.ez.no/community/trunk/hacks/attributeedit_policy/3.7.5 You can now use a new policy content/attributeedit with limitations to full classes or specific attributes. You still need the content/edit policy to edit an object. Note: only modified template for content/edit_attribute.tpl of the admin interface is provided. Please test it and let me know what you think about it. Have fun!
independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
|
Gabriel Ambuehl
|
Friday 14 April 2006 8:49:30 am
This is quite possibly the single most useful hack ever (and something that really SHOULD live in core). In my limited testing it worked perfectly. Thanks a lot for sharing this!
Visit http://triligon.org
|
Paulo Almeida
|
Friday 14 April 2006 9:28:53 am
I think this is great. An already expected policy. I haven't used this but.....How about integrate in ez trunk ?
PACPI.COM Internet Consulting
http://pacpi.com
|
Kristof Coomans
|
Sunday 16 April 2006 1:36:55 am
I'll try to make a patch for the trunk this week and send a mail to the sdk mailinglist to see if it can make it's way into the official trunk. I also had some extra policy function limitations in mind:
- ObjectStatus: Draft (e.g. when the attribute can be filled in once but can never be changed), Published - ClassGroup (maybe I'll patch the other content policies too)
- Section (like content/read)
- Subtrees (like content/read) - Nodes (like content/read) If you know any other useful limitation, please let me know.
independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
|
Kristof Coomans
|
Tuesday 18 April 2006 2:23:10 am
The modified files for the trunk were added together with limitations for objectStatus and Language.
independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
|
J-A Eberhard
|
Sunday 28 January 2007 2:54:42 am
How to install? I placed the extension, activated it, and went to http://mydomain.com/admin/role/policyedit/543 hoping to see the modified edit_attribute.tpl showing up, but none... Using 3.9.0 with ezwebin Thanks
Open Source Solution Provider
Open-Net Ltd Switzerland
http://www.open-net.ch
|
Kristof Coomans
|
Sunday 28 January 2007 4:04:58 am
This is not an extension. You need to replace the kernel files.
independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
|
kracker (the)
|
Sunday 28 January 2007 5:48:43 am
There is a node on eZpedia on this subject, feel free to add to it! <i>http://ezpedia.org/wiki/en/ez/attributeedit_policy</i> //kracker <i>The outro, thebroken--0004--ep4 @ 19:26</i>
Member since: 2001.07.13 || http://ezpedia.se7enx.com/
|
Yves B
|
Tuesday 20 February 2007 12:29:02 pm
Fixed in rev 1487 : The function fetchInput did not protect from value input or malicious post :
if ( $fetchInput == true &&
$contentObjectAttribute->canEdit() !== 1 )
{
$fetchInput == false; }
Changed "$fetchInput == false;" by "$fetchInput = false;" (only one equal sign) , then user inputs or posted values are really discarded.
|
J-A Eberhard
|
Tuesday 13 March 2007 1:01:10 am
Hi Kristof,
I Love the this extzension and would like to uses it in the context of User > Selfedit. I would like to control, attribute by attribute, what a user can edit about himself Could you give me some hints how I could achieve it. Thanks
Open Source Solution Provider
Open-Net Ltd Switzerland
http://www.open-net.ch
|
Kristof Coomans
|
Tuesday 13 March 2007 9:27:20 am
Hi J-A I think you can use it the same way as you do for other types of content objects, though I haven't tested this.
independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
|
J-A Eberhard
|
Tuesday 13 March 2007 1:23:35 pm
What I would like to have is the possibility to allow the user to edit specific attributes of it's own profile, then to link them to a validation workflow.
If I use the 'selfedit' policy of the 'user' module, the user can edit all it's attributes. I can choose to display only some attributes in the template, but it's not a very secure solution. If I use your policy under the 'content' module, I can specify which attributes can be edited but I cannot define a 'selfedit' policy (as the user is not the owner of it's object). What I'm searching is to know how to hack your contrib to have it working under the selfedit policy of the user module. Like that, If a user change one of it's field, I can launched a validation workflow and your placeusers to securely let the users select their own rights on eZ publish. Thanks to let me know your feeling, easy, hard or wrong way to do it!!!
Open Source Solution Provider
Open-Net Ltd Switzerland
http://www.open-net.ch
|
Kristof Coomans
|
Tuesday 13 March 2007 11:52:38 pm
You can use the owner limitation (value: self) for user objects too. Also see my comment on http://issues.ez.no/9416
independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
|
J-A Eberhard
|
Thursday 15 March 2007 9:06:17 am
[Solved]
I just forgot that users are objects like any other, works like a charm... Thanks
Open Source Solution Provider
Open-Net Ltd Switzerland
http://www.open-net.ch
|
Maurizio Betti
|
Saturday 28 April 2007 7:18:31 am
Hi, compliments for this wonderful hack! It Hope it will soon included in standard distribution. Best regards
Maurizio Betti
http://www.arsweb.it
http://www.hospes.it
|
Maurizio Betti
|
Saturday 28 April 2007 7:51:31 am
Hi, I'm just testing your hack, but I found an incompatibily error while using at the same time the "Automated user placement" workflow contrib ( http://ez.no/community/contribs/workflow/automated_user_placement_for_ez_publish_3_8 ). In detail, when I overwrite the php file under kernel/content/classes, and try to create new user from public site (with "Automated user placement" active), the system creates a void user (without name, surname, accont data, etc...). Any idea to fix it? I'm currently runs with eZ3.9.1 and php4.4 Any suggestion will be very appreciated.
Maurizio Betti
http://www.arsweb.it
http://www.hospes.it
|
Kristof Coomans
|
Sunday 29 April 2007 2:01:24 am
Hi Maurizio Are you sure this has something to do with the automated user placement workflow event? Did you put your workflow on the post-publish trigger? Please disable the workflow event and let us know if the problem is still there. Can you give me a detailed list of the policies you assigned to the anonymous user? Maybe the user doesn't have permission to modify the attributes of the user object (like the user account attribute) and the template used for user/register hasn't been modified to take this into account. Use $attribute.can_edit in your template code to check if edit is allowed for a specific object attribute $attribute. Good luck!
independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
|
Maurizio Betti
|
Sunday 29 April 2007 4:38:50 am
Hi Kristof, many thanks for your quick answer. I apologized for my mistake...as your suggestion I didn't assigned to anonymous user the permission to modify the attributes of the user object. Now everything seems goes right. Thank you again.
Maurizio Betti
http://www.arsweb.it
http://www.hospes.it
|
J-A Eberhard
|
Thursday 23 August 2007 2:27:09 pm
Hi Kristof,
I had you code running in an 3.9.2 version.
I did an upgrade to 3.9.3 and it's looking like that the function name (attributeedit) is not passed to the permission system. All edit screen have an error with
Module = content Function = I downgraded it to 3.9.2 and it's working again. Regards JAE
Open Source Solution Provider
Open-Net Ltd Switzerland
http://www.open-net.ch
|
Kristof Coomans
|
Friday 24 August 2007 1:06:02 am
Hi J-A It seems to work here. Are you sure you added all required changes? For your convenience, I've committed the patched files of 3.9.3 to svn: http://pubsvn.ez.no/community/trunk/hacks/attributeedit_policy/3.9.3/.
independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
|