Restrict Access to some fields in Detail View

Discussions related to customizing hooks. Hooks are documented at http://bigprof.com/appgini/help/advanced-topics/hooks/
Post Reply
angus
Veteran Member
Posts: 128
Joined: 2020-05-28 22:27

Restrict Access to some fields in Detail View

Post by angus » 2020-06-22 14:23

Hello Board, I am trying to restrict access to allow only two groups to approve a record. I have checked the var dump and everything is coming through ok but the access is restricted for everyone and the two groups I want to allow also.

Can you help point me in the right direction?

Code: Select all

/* work out the group the person is in first and then restrict access to the approvals button for users */
                                $Group=sqlValue("Select table1.ID From membership_users Inner Join table2 On membership_users.memberID = table2.ID Inner Join table1 On table2.ID2 = table1.ID3 where membership_users.memberID='".$memberInfo['username']."'"); 
                                //var_dump($Group, $memberInfo); exit();
                                /* current user is not the allowed */
             if($memberInfo['group'] != $Group || $memberInfo['group'] !='FullAccess'){
                    $html .= <<<EOC
                                        <script>
                                              \$j(function(){
                                                                                                                                                                                  \$j('#Approval').select2('readonly', true),
                                                                                                                                                                                  \$j('#Notes').attr('readonly', true);
                                              })
                                        </script>
EOC;
             }

AppGini 22.13

pbottcher
AppGini Super Hero
AppGini Super Hero
Posts: 1635
Joined: 2018-04-01 10:12

Re: Restrict Access to some fields in Detail View

Post by pbottcher » 2020-06-22 17:45

Hi,

it looks like you try to have an own group handling. Did you check the standard-group permissions for the user?

Maybe you can just add an alert inside your script to see if it is called.
Any help offered comes with the best of intentions. Use it at your own risk. In any case, please make a backup of your existing environment before applying any changes.

angus
Veteran Member
Posts: 128
Joined: 2020-05-28 22:27

Re: Restrict Access to some fields in Detail View

Post by angus » 2020-06-22 19:26

Hi Pbottcher, to get round the restriction of appgini only allowing 1 person per group I made some adjustments. Everyone is on there own group. I then created a function to copy the record to the correct groups, all groups have correct permissions.
AppGini 22.13

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: Restrict Access to some fields in Detail View

Post by jsetzer » 2020-06-22 20:01

... restriction of appgini only allowing 1 person per group ...
I guess you mean 1 group per person instead.

You can have (almost) unlimited users per group.
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

angus
Veteran Member
Posts: 128
Joined: 2020-05-28 22:27

Re: Restrict Access to some fields in Detail View

Post by angus » 2020-06-22 20:13

sorry what I meant was 1 record cant appear in more than one group. In my scenario I have 3 groups who need to be able to view/edit the record.

getting back to my main issue though (as I have the groups working, people can see what they should, people can edit what they should) I want to restrict access to certain fields to certain groups? Not sure why this doesnt work?

Code: Select all

/* work out the group the person is in first and then restrict access to the approvals button for users */
                                $Group=sqlValue("Select table1.ID From membership_users Inner Join table2 On membership_users.memberID = table2.ID Inner Join table1 On table2.ID2 = table1.ID3 where membership_users.memberID='".$memberInfo['username']."'"); 
                                //var_dump($Group, $memberInfo); exit();
                                /* current user is not the allowed */
             if($memberInfo['group'] != $Group || $memberInfo['group'] !='FullAccess'){
                    $html .= <<<EOC
                                        <script>
                                              \$j(function(){
                                                                                                                                                                                  \$j('#Approval').select2('readonly', true),
                                                                                                                                                                                  \$j('#Notes').attr('readonly', true);
                                              })
                                        </script>
EOC;
             }

AppGini 22.13

pbottcher
AppGini Super Hero
AppGini Super Hero
Posts: 1635
Joined: 2018-04-01 10:12

Re: Restrict Access to some fields in Detail View

Post by pbottcher » 2020-06-22 20:52

did you put an alert in your function to see if is called?
Any help offered comes with the best of intentions. Use it at your own risk. In any case, please make a backup of your existing environment before applying any changes.

angus
Veteran Member
Posts: 128
Joined: 2020-05-28 22:27

Re: Restrict Access to some fields in Detail View

Post by angus » 2020-06-23 07:19

Yes it does get called Pbottcher,
AppGini 22.13

angus
Veteran Member
Posts: 128
Joined: 2020-05-28 22:27

Re: Restrict Access to some fields in Detail View

Post by angus » 2020-06-23 08:56

I should add if I have just one group in the restriction it works but does not work with 2 for some reason?
AppGini 22.13

pbottcher
AppGini Super Hero
AppGini Super Hero
Posts: 1635
Joined: 2018-04-01 10:12

Re: Restrict Access to some fields in Detail View

Post by pbottcher » 2020-06-23 19:47

So what is the logic to when the code shall be executed?

If the user is in a group not equal to $group or not equal to FullAccess?
Any help offered comes with the best of intentions. Use it at your own risk. In any case, please make a backup of your existing environment before applying any changes.

angus
Veteran Member
Posts: 128
Joined: 2020-05-28 22:27

Re: Restrict Access to some fields in Detail View

Post by angus » 2020-06-23 20:13

thats right Pbottcher, it is in the hooks dv. user is in a group not equal to $group or not equal to FullAccess. I just not sure why its not working?
AppGini 22.13

pbottcher
AppGini Super Hero
AppGini Super Hero
Posts: 1635
Joined: 2018-04-01 10:12

Re: Restrict Access to some fields in Detail View

Post by pbottcher » 2020-06-24 05:41

Hi,

thanks for the information. So I guess it is a logic issue.

Try

Code: Select all

if($memberInfo['group'] != $Group && $memberInfo['group'] !='FullAccess'){
instead.
Any help offered comes with the best of intentions. Use it at your own risk. In any case, please make a backup of your existing environment before applying any changes.

User avatar
onoehring
AppGini Super Hero
AppGini Super Hero
Posts: 1156
Joined: 2019-05-21 22:42
Location: Germany
Contact:

Re: Restrict Access to some fields in Detail View

Post by onoehring » 2020-06-24 13:34

Hi Angus,

you may also want to take a look into my Column-Value-Based Fields Permission extension (see footer). With this you can hide records from users based on certain criteria (a value of some field). If your records get approved, this could mean, they get a different status in the column on which the permissions are based.

Olaf

angus
Veteran Member
Posts: 128
Joined: 2020-05-28 22:27

Re: Restrict Access to some fields in Detail View

Post by angus » 2020-06-27 19:06

Pbottcher, it does seem to work with the AND but I admit it confuses me why this works to be honest.

Olaf, I was not aware of this, I will give it a go, thank you!
AppGini 22.13

Post Reply