Row view based by a filed

Got something cool to share with AppGini users? Feel free to post it here!
Post Reply
fciprian
Veteran Member
Posts: 52
Joined: 2020-04-20 10:51

Row view based by a filed

Post by fciprian » 2021-11-24 08:06

Hello.
I have a situation and i need some help, please.
So i have 2 locations. A and B. And i have invoices table for locations A and B. Also i have table for locations A and B.
Invoice table:
1. Client (text insert)
2. Location (select from table Locations)
3. Price on invoice (text insert)

So i need that the manager from location A to have acces ONLY to rows selected the location A. And manager from location B to see and have ONLY the fileds that are selected location B.

Is that possible? To have 2 usernames on AppGini and each user to have acces to data only on their locations selection?

Thank you!

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: Row view based by a filed

Post by jsetzer » 2021-11-24 08:20

You can modify the WHERE-clause of the SQL-statement in TABLENAME_init()-function of hooks-file like this:

Example
List customers starting with 'a' AND email-address like *@gmail.*

Code: Select all

// file: hooks/customers.php
function customers_init(&$options, $memberInfo, &$args)
{
	// array of conditions. Will be AND-joined
	$conditions = [
		  "customers.name LIKE 'a%'"
		, "customers.email LIKE '%@gmail.%'"
		// you can add more conditions here
	];
	if (sizeof($conditions)) $options->QueryWhere .= ($options->QueryWhere ? " AND " : " WHERE ") . implode(" AND ", $conditions);
	return TRUE;
}
This can be a first step. You can filter out records which current user (getLoggedMemberID()) must not see. In many use cases this level of security is high enough.

But the app users will still be able to open the detail view of "forbidden" records if they only knew the record-ID. To avoid this you will have to check in TABLENAME_dv()-hook and deny access to Detail View.
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: Row view based by a filed

Post by jsetzer » 2021-11-24 08:37

If you need to check special permissions before opening Detail View, you can modify _dv hook in file hooks/TABLENAME-dv.js.

Example

Deny access if customer's name starts with 'a'

Code: Select all

function customers_dv($selectedID, $memberInfo, &$html, &$args)
{
	$tn = "customers";
	$allow_access = $selectedID && strtolower(substr(getRecord($tn, $selectedID)['name'], 0, 1)) == 'a';
	if (!$allow_access) die("<h1>Access denied</h1><a href=\"{$tn}_view.php\">Back</a>");
}
Result
chrome_mZdTGJ4CFa.png
chrome_mZdTGJ4CFa.png (25.31 KiB) Viewed 2087 times
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: Row view based by a filed

Post by jsetzer » 2021-11-24 11:09

Sorry, there was a small but important mistake in my previous post due to copy & paste:

Wrong filename
jsetzer wrote:
2021-11-24 08:37
[...] you can modify _dv hook in file hooks/TABLENAME-dv.js [...]
Correct filename
[...] you can modify _dv hook in file hooks/TABLENAME.php [...]
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

fciprian
Veteran Member
Posts: 52
Joined: 2020-04-20 10:51

Re: Row view based by a filed

Post by fciprian » 2021-12-07 08:31

Thank you for your time.
I understand. But maybe i was not to good in explination, sorry.

So i have a table Invoices. On that table i have Location, Name , etc. On Location i can select "Location A" and "Location B".
I need to filtrer when user A is logged to see rows that is selected "Location A" and when user B is logged to see rows that is selected "Location B".
I need to do this depending of what user is logged in (when acceses table Invoices)

Thank you verry much for your support. This forum helped me a lot!!!!
Thank you again!!!!!

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: Row view based by a filed

Post by jsetzer » 2021-12-07 10:04

You can use the code a starting point and write any SQL query you need.
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

Post Reply