options_list filtering by permissions

sevenfield

How would I go about filtering an options_list by permissions?

I've followed the simple modules tutorial and would like to modify it so that certain users can only select categories that are assigned to them. (i.e. A user in the finance dept. can only select the 'finance' category)

I've set up a categories_to_authors_model but I can't figure out how to filter the multi-select list in the article module so that it only shows the categories assigned to the selected author.

I would also like to do the same kind of filtering with the authors drop-down select menu....so a users can only select authors that they are allowed to.

Am I taking the wrong approach?

admin

You can overwrite the "options_list" method on your model and add additional active record query conditions like so:
function options_list($id, $name, $where, $order){ $this->db->where('xxxx', 'xxxx'); return parent::options_list($id, $name, $where, $order); }

sevenfield

Thanks so much. I'll give that a shot tomorrow.

sevenfield

I've managed to filter the options list by a specific category permission name but I can't figure out how to create a list of all the categories the current user has access to.

This is the options_list I've added to the categories model:
function options_list($id, $name, $where, $order){ if ($this->fuel_auth->has_permission('categories/finance')) { $this->db->where('name', 'Finance'); } return parent::options_list($id, $name, $where, $order); }

All of my category permissions have a naming convention that begins with 'categories/'. Is there a way to tap into that to create the list?

Really struggling with this....can anyone nudge me in the right direction?

admin

It sounds like you need to grab all category type permissions from the logged in user first and then loop through those to generate your query. Permissions for the logged in user can be obtained like so:
$this->fuel_auth->get_permissions()

sevenfield

Thanks. I get a 'call to undefined method' error with get_permissions()

sevenfield

Sorry, ignore that last comment.

sevenfield

Are there any examples someone could point me too regarding this? I'm just not sure how to loop through category type permissions and extract them.

This should be fairly easy but I just can't crack it.

admin

I haven't tested this, but what about something like below:
function options_list($id, $name, $where, $order) { $permissions = $this->fuel_auth->get_permissions(); $cat_permissions = array(); foreach($permissions as $key => $val) { if (preg_match('#^categories/#', $key)) { $cat = end(explode('/', $key)); $cat_permissions[] = $cat; } } $this->db->where_in('categories.name', $cat_permissions); return parent::options_list($id, $name, $where, $order); }

sevenfield

I'll try this tonight. I was headed down that path but was missing a few things...will let you know.
Thanks again.

sevenfield

This works perfectly when logged in as a non admin.

If logged in as admin, trying to edit categories or articles will throw missing argument errors as well as this MySQL error:

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 3

SELECT id, name FROM (categories) WHERE `categories`.`name` IN ()

Filename: C:\xampp\htdocs\otpp\fuel\codeigniter\database\DB_driver.php

Line Number: 330"

Any ideas?

admin

If you are an admin, you have permissions to everything and don't have permissions assigned to you, so you may want to wrap the "where_in" part of the statement with a check like so:
if ( ! $this->fuel_auth->is_super_admin()){ $this->db->where_in('categories.name', $cat_permissions); }

sevenfield

That fixed the articles module issues but editing or creating a category still throws errors:

1.Missing argument 3 for Categories_model::options_list()
2.Missing argument 4 for Categories_model::options_list()
3.Undefined variable: where
4.Undefined variable: order

The first 2 errors are being caught on the line that the new options_list function starts (in the category module) and the last 2 are on the line that returns the parent options_list.

sevenfield

Fixed it...just dropped $where and $order. Also had to typecast the permissions array.
Here's the code:
function options_list($id, $name) { $permissions = $this->fuel_auth->get_permissions(); $cat_permissions = array(); //typecast to array to avoid errors caused by no array data foreach((array) $permissions as $key => $val) { if (preg_match('#^categories/#', $key)) { $cat = end(explode('/', $key)); $cat_permissions[] = $cat; } } if ( ! $this->fuel_auth->is_super_admin()) { $this->db->where_in('categories.name', $cat_permissions); } return parent::options_list($id, $name); }

I really appreciate all the help.

Thanks,

Aaron

sevenfield

Modified this a bit so it wouldn't throw a MySQL error if the categories array is empty...

// overwrite options_list to display categories based on permission function options_list($id, $name) { $permissions = $this->fuel_auth->get_permissions(); $cat_permissions = array(); // typecast to array to avoid errors caused by no array data foreach((array) $permissions as $key => $val) { if (preg_match('#^categories/#', $key)) { $cat = end(explode('/', $key)); $cat_permissions[] = $cat; } else { // if no permissions or categories then present an empty list $cat = ''; $cat_permissions[] = $cat; } } if (!$this->fuel_auth->is_super_admin()) { $this->db->where_in('categories.name', $cat_permissions); } return parent::options_list($id, $name); }