role system / hiding content / fetch function

Author Message

Georg Franz

Friday 28 November 2003 10:30:08 am

Hi,

ez 3.2.3:

I've made three sections:
Section 5: All content is readable
Section 6: All content is readable
Section 7: Content is only readable by editors

and added Policies to the roles "anonymous" and "editor"

I've assigned the sections to my node-tree:

Article-Folder (Section 5)
---Folder 1 (Section 5)
------Article 1
---Folder 2 (Section 6)
------Article 2
---Folder 3 (Section 7)
------Article 3

I make a menu in the template which displays the subfolders of the Article-folder.

fetch(content,list,hash(parent_node_id,$top_cat,
class_filter_type, "include",
class_filter_array, array(1),
sort_by,$top_cat_obj.sort_array))

The fetch-function returns also the "Folder 3" which is not readable by the anonymous user.

If an anonymous user clicks on the "Folder 3"-Link, he will get an access-denied message - which is fine.

But the anonymous user shouldn't see the "Folder 3"-Link.

So, is there a possibility (maybe a parameter of the fetch-function?) to tell the fetch-function that it should only returns "readable" content?

At the moment I am doing something like:

{section name="menu" loop=fetch(content,list,hash(parent_node_id,$top_cat,
class_filter_type, "include",
class_filter_array, array(1),
sort_by,$top_cat_obj.sort_array)) }
{section show=$:item.object.can_read}
<a class="menu" href={$:item.url_alias|ezroot}>{$:item.name}</a>
{/section}
{/section}

This isn't a good solution if I need e.g. the google navigator: If the fetch-function returns e.g. 30 objects and only 20 are readable by the current user I've to maintain the "offset" and the "list_count" vars.

So - have I overseen something or isn't it possible to exclude content in the fetch-function which is not readable?

(Similar problem in the search-template.)

Kind regards,
Emil.

Best wishes,
Georg.

--
http://www.schicksal.com Horoskop website which uses eZ Publish since 2004

Georg Franz

Sunday 30 November 2003 6:37:57 am

Hi,

today I've created a new role and a new user who is assigned to the role. And - I was surprised - the fetch function and the search were working as expected (they only have returned "readable" content).

The only difference: First I've created a policy for each section:
1) content / read / section 5
2) content / read / section 6
3) content / read / section 7
4) search *
5) login *

In that case - the search / fetch were returning "not readable" content.

Now I've deleted policy 1-3, my new policy list is:
1) search *
2) login *
3) content / read / section ( 5,6,7)

And - surprise, surprise - fetch and search are working as expected.

So, maybe there is a nasty bug somewhere in the role system?

(PS: Of course, I've removed the
{section show=$:item.object.can_read}
<a class="menu" href={$:item.url_alias|ezroot}>{$:item.name}</a>
{/section}
-Code in the templates)

Kind regards,
Emil.

Best wishes,
Georg.

--
http://www.schicksal.com Horoskop website which uses eZ Publish since 2004

Andrew Vorobyov

Thursday 02 June 2005 2:56:12 am

Have opposite problem...

I want to show several fields of the object that is located in Members area for anonymous users...

fetch('content','list') seems does'nt work because objects are located in Members only section

Please advise if you can!

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.