Prevent editing fields or hide them completly for usergroups
Posted: 2024-07-10 13:42
One of my greatest wishes for Appgini is column based security out of the box. But since this seems to be a long way to achieve, there's a surprisingly easy way with a few lines of php and css. You just have to change the file «header-extras.php» in the hooks folder of your project.
The php part defines for which group this rule will be applied. In my case for the group «Lehrpersonen» (teachers). After the echo statement, everything is pure css. Some of the fields are completely hidden others read only. Consider, that this is not a secure method to prevent editing forms, it's still possible to see the content in the html source. It's more a usability hack then a secure method, but for my project it's good enough.
This is what the admin sees
This is what members of the group "Lehrpersonen" see.
The php part defines for which group this rule will be applied. In my case for the group «Lehrpersonen» (teachers). After the echo statement, everything is pure css. Some of the fields are completely hidden others read only. Consider, that this is not a secure method to prevent editing forms, it's still possible to see the content in the html source. It's more a usability hack then a secure method, but for my project it's good enough.
Code: Select all
<?php
$mi = getMemberInfo();
if ($mi['group'] == 'Lehrpersonen') {
echo "
<style type='text/css'>
.form-group.device-d_label {
pointer-events: none;
}
.form-group.device-d_oldlabel {
display: none;
}
.form-group.device-d_model {
pointer-events: none;
}
.form-group.device-d_state {
pointer-events: none;
display: none;
}
.form-group.device-d_room {
pointer-events: none;
}
.form-group.device-d_rollout {
pointer-events: none;
display: none;
}
.form-group.device-d_os {
pointer-events: none;
display: none;
}
.form-group.device-d_biossrn {
display: none;
}
.form-group.device-d_hash {
display: none;
}
</style>";
}This is what members of the group "Lehrpersonen" see.
