search

Tastaturberuf / anyStores

Contao-Module: Organize any locations with geolocation search.
GNU Lesser General Public License v3.0
11 stars 7 forks source link

Handle permissions #47

Closed laufhannes closed 8 years ago

laufhannes commented 8 years ago

I want to set permissions for back end users for anystores' tables, i.e. 'normal' users must not delete a category or a single store. I don't see a way to achieve this with any standard settings?

My current solution is to add a callback

        'onload_callback' => array
        (
            array('tl_anystores', 'checkPermission')
        ),

and to forbid delete/deleteAll for non-admins:

    public function checkPermission()
    {
        if ($this->User->isAdmin)
        {
            return;
        }

        // Check current action
        switch (Input::get('act'))
        {
            case 'delete':
            case 'deleteAll':
                if (strlen(Input::get('act')))
                {
                    $this->log('Not enough permissions to '.Input::get('act').' anystores store', __METHOD__, TL_ERROR);
                    $this->redirect('contao/main.php?act=error');
                }
                break;
        }
    }

Still, this does not remove the action-icon and is harcoded.

Tastaturberuf commented 8 years ago

Nice, wäre natürlich schön wenn auch bestimmte Gruppen das könnten. Ich schau mir das mal im Core an und bau das schnellstmöglich ein.

Tastaturberuf commented 8 years ago

Ab 1.8.0 komplette Benutzerberechtigungen verfügbar