Tuesday 27 May 2003 3:21:30 am
I want to be able to allow users to edit their own User account and be able to test if they are logged in or if they are the Anonymous user until they do so. I don't want them to be able to read other users accounts so I have modified the Anonymous account to only be able to read user accounts if created by themselves. [ Read Class( User ) , Owner( Self ) ] I then modified the register.php to make the user own the account when they create it rather than use the 'ini' files preference. This works but then causes a new problem. The fetch('user','current_user') command will no longer tell me if the user is logged in or not as the role prevents the variables being accessed. Do I need to create a new function definition in the user class (similar to login) that allows me to specifically allow function access within the role for Anonymous user so that I can read the username and user id. Or are you addressing this in the 3.1 release? I have one other issue with modifying the register.php code. It seems to have created an issue with the 'can_read' variable not being set. Is there a better way to resolve this problem? The code change for register.php is as follows: After this section:
<literal>
// Create object by user 14 in section 1
$contentObject =& $class->instantiate( $userCreatorID, $defaultSectionID );
$objectID = $contentObject->attribute( 'id' );
//START: A bit of code to renumber the owner_id to the object id
// Modified to ensure that users created through registration own their own account.
// This means that they can then edit their account correctly and not be locked out.
$contentObject->setAttribute( 'owner_id', $contentObject->attribute( 'id' ) );
$contentObject->store();
eZDebug::writeWarning( "Content Owner ID changed to:", $contentObject->attribute( 'owner_id' ) );
// END:
</literal>
Code continues... Is this the right approach or is there a better way?
Thanks. Fats.
-- Stuart
[email protected]
http://www.grandmore.com
|