fetch list with limitation

Author Message

Xavier Dutoit

Monday 12 June 2006 10:10:57 am

Does anyone have fetched a list with a specific limitation set ?

My goal is to let the anonymous fetch the content of a specific folder and list it (view=line) as a user of the group "member" would have had the right to do it, but display a "you should register yourself" message once it try to read it (view full).

According to the doc

http://ez.no/doc/ez_publish/technical_manual/3_6/reference/modules/content/fetch_functions/list

This is possible. However, the documentation is kind of silent on what to pass as parameter to the limitation.

Any idea ?

Access override

The "limitations" parameter makes it possible to instruct the system to use an alternate set of access limitations instead of the ones that belong to the current user. This is typically useful when there is a need to fetch nodes that the current user does not have access to. All permission checking can be skipped by providing an empty array. It is also possible to provide arrays that dictate the access limitations of other users and/or virtual sets of limitations. The array follows an internal structure that will be documented in the future.

X+

http://www.sydesy.com

Kristof Coomans

Monday 12 June 2006 11:02:58 am

Hi Xavier

Related topic: http://ez.no/community/forum/setup_design/fetch_limitation_parameter . But it doesn't tell you what to use inside the array ;-)

You can modify eZContentObjectTreeNode::getLimitationList. Before it's last line...

return $limitationList;

...put something like this:

eZDebug::writeDebug( $limitationList );

...and now you can see the limitation list of the current user.

Or if we're going a bit further we end up in eZUser::hasAccessTo:

$accessArray =& eZRole::accessArrayByUserID( array_merge( $this->groups(), array( $userID ) ) );

You will find the limitation list in $accessArray['content']['read'].

It goes further in eZRole::accessArrayByUserID, which accepts an array of id's (user object id's and/or user group object id's). The problem with all these functions is that they use a caching mechanism ( in site.ini: [RoleSettings] EnableCaching ). Otherwise you could make a template operator or fetch function calling eZRole::accessArrayByUserID with whatever user group you want, and get the limitation list of that group back.

A quick hack would be the modification of eZRole::accessArrayByUserID

function accessArrayByUserID( $userIDArray, $enableCaching = null )

and if $enableCaching is a boolean then don't execute

$enableCaching = $ini->variable( 'RoleSettings', 'EnableCaching' );

It would be a small hack, but what you have to accomplish will be much easier (and dynamic, in case the policies of the "member" group change).

Good luck! And thanks in advance for sharing the hack & template operator / fetch function with us ;-)

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

Xavier Dutoit

Monday 12 June 2006 11:12:12 am

Hi Kristof,

Add one pint to the list of what's on my round for next time you come here ;)

Thanks for the hints.

Not sure I do get the logic of testing again the permissions on {node_view_gui }, and it's be great to be able to use them in my case.

Anyway, let's dig and see what I come up to.

X+

http://www.sydesy.com

Kristof Coomans

Monday 12 June 2006 11:45:33 pm

Not sure I do get the logic of testing again the permissions on {node_view_gui }, and it's be great to be able to use them in my case.

I'm not sure I'm following. Did I say something about that?

What you basically have to do:

{def $limitationArray=fetch( 'advancedrole', 'content_read_limitation_array', hash( 'object_id', $memberGroupID ) )
      $nodes=fetch('content','list',hash('parent_node_id',$someNodeID, 'limitation', $limitationArray))}
{foreach $nodes as $nd}
    {node_view_gui view='line' content_node=$nd}
{/foreach}
{undef $nodes $limitationArray}

The only thing you need is an advancedrole/content_read_limitation_array fetch function from which you can call eZRole::accessArrayByUserID or do something similar to fetch the function limitation list of a specific user.

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

Xavier Dutoit

Tuesday 13 June 2006 1:09:59 am

For those that follow,

I did test the node_view_gui and the limitation=array() and it works fine indeed. I misunderstood a post on the other thread in the forum you mentionned.

Magic Kristof has worked on the patch and extension he suggested (yes, another beer waiting for him ;). I'll test that and if I can make it work, he'll post it on the contribs.

X+

http://www.sydesy.com

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.