Adaptation of navigation to admin rights
Adaptation of navigation to admin rights
If the admin does not have viewing rights for a table, he cannot see the table page, but the link for the table remains in the dropdown navigation. For non-admin users everything is ok.
Re: Adaptation of navigation to admin rights
Hello Ahmed,
do you perhaps have a quick fix for this?
Thank you, Kai
do you perhaps have a quick fix for this?
Thank you, Kai
Re: Adaptation of navigation to admin rights
Hi,
is this fixed in the latest release?
Thank you very much.
is this fixed in the latest release?
Thank you very much.
Re: Adaptation of navigation to admin rights
Hmm ... the admin can't be configured to have permissions to a table revoked. There are checks in the generated code that automatically re-apply full access permissions to admin user if they are not present.

- DataTalk is an innovative AppGini plugin based on ChatGPT that allows you to interact with your AppGini database using natural language questions, without writing any SQL. Check the demo video
- Check our other plugins and get a generous discount of up to 30% when buying 2 or more plugins.
- Need personalized consulting on your specific app and customizations? Book an online call with me here.
Re: Adaptation of navigation to admin rights
Excuse me. I may have described it incorrectly. The admin cannot access the table. But the admin has the links for this tables in the navigation bar. However, there should be no links in the navigation bar that the admin cannot access. In other member groups (not admin) this works correctly and the links to tables without access are hidden in the navigation for members without access to this tables.
Re: Adaptation of navigation to admin rights
OK, let me clarify by a screen recording: https://cdn.bigprof.com/screencasts/adm ... evoked.mp4
(Sorry some part of the above video got corrupted during saving, but it is still viewable and explains the idea)
In the above video, I'm editing the admin group permissions to disable access to 'customers' table. This would "seem" to work temporarily; when I navigate to the users area and try accessing the customers table, I see an access denied error ... once I sign out then sign in again as admin, permissions to this table are fully restored automatically.
In brief, even if you revoke some permissions from admin group, this is only temporary, and full permissions are restored on the next login.
(Sorry some part of the above video got corrupted during saving, but it is still viewable and explains the idea)
In the above video, I'm editing the admin group permissions to disable access to 'customers' table. This would "seem" to work temporarily; when I navigate to the users area and try accessing the customers table, I see an access denied error ... once I sign out then sign in again as admin, permissions to this table are fully restored automatically.
In brief, even if you revoke some permissions from admin group, this is only temporary, and full permissions are restored on the next login.

- DataTalk is an innovative AppGini plugin based on ChatGPT that allows you to interact with your AppGini database using natural language questions, without writing any SQL. Check the demo video
- Check our other plugins and get a generous discount of up to 30% when buying 2 or more plugins.
- Need personalized consulting on your specific app and customizations? Book an online call with me here.
Re: Adaptation of navigation to admin rights
Thank you so much for your effort. Yes, I understand that. However, I need a configurable admin group for a specific reason. I have to ensure that unused admin groups cannot be utilized and do not appear in the navigation. I am using an Appgini app as a Windows app without logging in as an admin. Due to certain reasons, I cannot use the anonymous user.
Why does the admin group need to behave differently than the other individual groups?
Thanks much!
Why does the admin group need to behave differently than the other individual groups?
Thanks much!
Re: Adaptation of navigation to admin rights
I would like to ask changing appgini that we can set the table permissions for the admins group as well as for the other groups.
Thank you very much!
Thank you very much!
Re: Adaptation of navigation to admin rights
Hello Ahmed,
or can you tell me where the code is that sets the admin rights back to "all" after they have been changed.
I still need a solution to use the admin user with limited table rights (not all tables should be displayed in the navigation for the admin).
Thank you very much, Kai
or can you tell me where the code is that sets the admin rights back to "all" after they have been changed.
I still need a solution to use the admin user with limited table rights (not all tables should be displayed in the navigation for the admin).
Thank you very much, Kai
Re: Adaptation of navigation to admin rights
Sorry for the late reply. Try adding this code to
hooks/header-extras.php
:Code: Select all
<?php
// reset admin group permissions
$admin_group_id = sqlValue("SELECT `groupID` FROM `membership_groups` WHERE `name`='Admins'");
$eo = ['silentErrors' => true];
// repeat this query for each table you want to revoke admin permissions from
sql("INSERT INTO membership_grouppermissions SET
groupID = '{$admin_group_id}',
tableName = 'table_name', /* <-- change the table name here */
allowInsert = 0, allowView = 0, allowEdit = 0, allowDelete = 0
ON DUPLICATE KEY UPDATE {$same_fields}", $eo);
?>

- DataTalk is an innovative AppGini plugin based on ChatGPT that allows you to interact with your AppGini database using natural language questions, without writing any SQL. Check the demo video
- Check our other plugins and get a generous discount of up to 30% when buying 2 or more plugins.
- Need personalized consulting on your specific app and customizations? Book an online call with me here.
Re: Adaptation of navigation to admin rights
Hi Ahmed,
thank you very much for your effort. Unfortunately that doesn't change anything. I have adjusted the table name. Then I set the rights for this table to "no" in the admin. After the next login, the rights are set to "all" again. Above all, I need to remove the table link from the navigation also.
Kind regards, Kai
thank you very much for your effort. Unfortunately that doesn't change anything. I have adjusted the table name. Then I set the rights for this table to "no" in the admin. After the next login, the rights are set to "all" again. Above all, I need to remove the table link from the navigation also.
Kind regards, Kai
Re: Adaptation of navigation to admin rights
Hello Ahmed,
I looked into it more closely again. Unfortunately, it still doesn’t work. However, I found the following error message in the query logs:
INSERT INTO membership_grouppermissions SET
groupID = '2',
tableName = 'absence_de', /* <-- change the table name here */
allowInsert = 0, allowView = 0, allowEdit = 0, allowDelete = 0,
ON DUPLICATE KEY UPDATE
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'ON DUPLICATE KEY UPDATE' at line 5
This is my code:
Thank you very much!
I looked into it more closely again. Unfortunately, it still doesn’t work. However, I found the following error message in the query logs:
INSERT INTO membership_grouppermissions SET
groupID = '2',
tableName = 'absence_de', /* <-- change the table name here */
allowInsert = 0, allowView = 0, allowEdit = 0, allowDelete = 0,
ON DUPLICATE KEY UPDATE
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'ON DUPLICATE KEY UPDATE' at line 5
This is my code:
<?php
// reset admin group permissions
$admin_group_id = sqlValue("SELECT `groupID` FROM `membership_groups` WHERE `name`='Admins'");
$eo = ['silentErrors' => true];
// repeat this query for each table you want to revoke admin permissions from
sql("INSERT INTO membership_grouppermissions SET
groupID = '{$admin_group_id}',
tableName = 'absence_de', /* <-- change the table name here */
allowInsert = 0, allowView = 0, allowEdit = 0, allowDelete = 0
ON DUPLICATE KEY UPDATE {$same_fields}", $eo);
?>
Thank you very much!