Module permissions

Comments

• hacklan07

  March 2014 edited March 2014

  Even if I give a user all possible permissions, that user still doesn't see any modules. Only the super user is seeing the modules. I have also noticed that in MY_fuel_modules.php if I make the module names uppercase (i.e. "$config['modules']['Meetings'] = array(..." instead of "$config['modules']['meetings']=array(..." ), they do show up on the admin dashboard for the non-super users, but clicking on the module itself gives a preview or something of that module instead of displaying the module admin page.
• admin

  March 2014 edited 1:50PM

  The easiest way to setup permissions is to run the generate/simple command explained under the generate section in the documentation:
  php index.php fuel/generate/simple meetings
  http://docs.getfuelcms.com/modules/generate
• hacklan07

  March 2014 edited 1:50PM

  That sounds great, but I don't have command line access to the hosted website. So, I'm trying stick with things that I can replicate on the site after it goes live. Anything else I can try?
• hacklan07

  March 2014 edited 1:50PM

  I figured it out I was using "Meetings" in the Name field for the permission instead of "meetings". In the tutorial (http://docs.getfuelcms.com/modules/tutorial#permissions) doesn't say much about what the "Name" field should be. The other old tutorial says it should the the URI to the module. Both of these descriptions are not super clear, so for future fuel admins, the name should be the URI. I'll explain.
  
  The URI shouldn't the view that publicly shows the model, rather if your admin dashboard is at "mysite.com/fuel/dashboard" then the URI for a module called "Meetings" would be "meetings". Similarly, for a permission to edit the Meetings module, the URI would be "meetings/edit". Capitalization counts.
• hacklan07

  April 2014 edited 1:50PM

  Well, OK. I thought it was all working, but the meetings/create permission is not working. "mettings/publish", "meetings/edit", "meetings/delete" work. Upon closer look though, the "create" button is missing and when I manually try to navigate to /fuel/meetings/create it gives the following error:
  
  "You do not have permissions to complete this action."
  
  I tried to track it down in the FUEL core files a bit and here's what I've found:
  
  - in the Fuel_auth->has_permission( ) method, the $user_perms variable does contain the meetings/create permission:
  
  array (size=4)
  'id' => string '37' (length=2)
  'description' => string 'Meetings: Create' (length=16)
  'name' => string 'meetings/create' (length=15)
  'active' => string 'yes' (length=3)
  
  but, the $permission argument that gets passed in does not contain the meetings/create permission:
  
  $permission =
  array (size=3)
  'edit' => string 'meetings' (length=8)
  'publish' => string 'meetings_publish' (length=16)
  'delete' => string 'meetings_delete' (length=15)
  
  (so, then it's obviously this line:
  return (!empty($permission) AND !empty($user_perms[$permission]));
  that returns false and causes the user to "not have permission" to view the meetings/create page)
  
  I tracked down the mysql query that generates $user_perms, but I can't seem so find where the $permission variable originates from. Any idea why $permission would be lacking the 'create' permission but the $user_perms has it?
  
  Thanks!
• admin

  April 2014 edited 1:50PM

  Is there any special settings on the "meetings" module's permission parameter? The default value is array($this->module, 'create', 'edit', 'publish', 'delete', 'export'). Also, I'm assuming this user you are logged in as has that permission assigned to them under users correct?
• hacklan07

  April 2014 edited 1:50PM

  perfect. my permissions parameter in MY_fuel_modules did not include the 'create' parameter. Thanks!