Granular model permissions on edit / create / delete etc

edited April 2012 in Feature Requests
Is it possible to specify granular permissions to users, ie 'a user can edit blocks, but cannot create new ones' ?

As far as I understood the 'permission' config field for modules allows for just one value :

permission : The name of the permission that users must be subscribed to to have access to the module.
from http://www.getfuelcms.com/user_guide/modules/simple

I think ideally this should be an array with various fields like

permission: array(
'create' => 'module/create',
'edit' => 'module/edit',
'delete' => 'module/delete',
'other' => 'module/ohter'
);
What do you think? Maybe in the next version?

Comments

  • edited 8:22AM
    If you look at the fuel/modules/fuel/config/fuel_moduels.php and look at the pages module config, you'll notice a similar array syntax. Instead of "/" though there are "_" and there is a no distinction between creating and editing but there is a permission for publish/unpublish.
  • edited April 2012
    ah so

    'permission' => array('edit' => 'pages', 'publish' => 'pages_publish', 'delete' => 'pages_delete'),

    this is possible??

    PS still, the difference between edit / create is kinda crucial. Maybe something to keep in mind for the upcoming version!
  • edited 8:22AM
    That is currently possible to do if you create the corresponding permissions {module}_{permission_type}) in the permissions module.

    We'll look into the create permission as well. It's a little tricky because of how related create and edit are (you redirect to edit after you create). Perhaps "create" allows you access to both the create and edit screen whereas edit just allows you to edit an existing page.
  • edited 8:22AM
    Hmm... actually, after looking at the module controller, I'm not sure if this is the case anymore.
Sign In or Register to comment.