I'm trying to set Role (or permission) to my category in Laravel Backpack (newscrud).
I have added the field of Role in CategoryCrudController class and category_role table in DB and set relations in Category and Role models.
the relation data is now stored in the table, although the checkbox remains unchecked!
$this->crud->addField(
[
'label' => 'Roles',
'type' => 'checklist',
'name' => 'roles',
'entity' => 'roles',
'attribute' => 'name',
'model' => "Backpack\PermissionManager\app\Models\Role",
'pivot' => true,
]
);
Added role field
Now I want to allow the users with the granted role to use crud on the category's articles.
I know I can use hasRole and use denyAccess() in CrudController's setup function but it doesn't what I want.
public function setup(){
if (backpack_user()->hasRole('certainCategoryRole')) {
$this->crud->denyAccess([ 'delete','edit','write']);
}
}
I need to give articles operations access to users by their category's assigned role.
Can anyone help?
Thanx
Related
I have a CrudController created for a model using the Backpack Laravel Admin Library.
When I update the model it redirects me incorrectly to a 404 page with the message No query results for model [App\Models\Group].
It is redirecting me to the incorrect URL from what I can tell.
admin/group/261/ instead of admin/group/261/edit
The model also does not update.
I have the "Save and Edit" option set on the green save button. If I try to change this I get the same error, but it doesn't update.
I'm able to save every other model correctly.
The update method in the CrudController is just the following. I've removed all the extra code.
public function update(){
$response = $this->traitUpdate();
return $response;
}
Figured this out. It was because I was referencing the Primary Key -> 'id' in the fields within the Group Crud Controller.
$this->crud->addField([
'name' => 'id',
'type' => 'text',
'attributes' => ['disabled' => 'disabled'],
]);
u can use id, u need delete attribute 'disabled' like this:
[
'name' => 'id',
'label' => 'ID',
'attributes' => [
'readonly' => 'readonly',
],
],
scenario is crm with tables account, account_contact, contact and account_contact_role. The latter contains roles like 'project lead' or 'account manager' for the combos defined in the junction table.
My challenge is the account view, that is listing also the connected persons with their roles. I want my grid to show: Doe | John | employee.
The problem is now when the contact has 2+ entries in the junction table. How can I print the correct role for the row? As you can see in the code I solved it the static way which shows only 1 out of n times the correct value. Tried it with inner join without success. Is it a problem of the search in the model or with the access in the view?
the relation from the account model to the contacts:
public function getContacts($role = null)
{
// many-to-many
return $this->hasMany(ContactRecord::className(), ['id' => 'contact_id'])
->via('accountContacts')
->innerJoinWith(['accountContacts.role'])
->andWhere(['account_contact.account_id' => $this->id])
->andWhere(['account_contact_role.type' => $role])
;
}
the view
<?= \yii\grid\GridView::widget([
'dataProvider' => new \yii\data\ActiveDataProvider([
'query' => $model->getContacts('internal'),
'pagination' => false
]),
'columns' => [
'lastname',
'firstname',
[
'label' => 'Role',
'attribute' => 'accountContacts.0.role.name',
],
[
'class' => \yii\grid\ActionColumn::className(),
'controller' => 'contacts',
'header' => Html::a('<i class="glyphicon glyphicon-plus"></i> Add New', ['contact-records/create', 'account_id' => $model->id]),
'template' => '{update}{delete}',
]
]
]); ?>
defined relations are:
account has many accountContacts has one contact
accountContacts has one accountContactRole
Many thanks in advance!
You are showing account's contacts, so you have to list from Contact model.
Inside Contact model (or Contact ActiveQuery file):
public static function queryContactsFromAccountAndRole($account, $role = null)
{
// many-to-many
return ContactRecord::find()->innerJoinWith(['accountContacts' => function($q) use($account, $role) {
$q->innerJoinWith(['accountContactsRole'])
->andWhere(['account_contact.account_id' => $account->id])
->andWhere(['account_contact_role.type' => $role]);
}])
->andWhere(['account_contact.account_id' => $account->id]);
}
Now you have one record for each contact and the gridview will show all contacts.
I use Entrust before to control ACL in Laravel when my project is still Laravel 4, and now with Laravel 5.2 Entrust no longer work, especialy in route filtering.
And then I find this package and trying to use it, but still got a lot of question, so to make it more simple I will explain my use case when I use entrust:
First I want to make a permission for create, view, update and delete for article, in Entrust I will create permission like create_article, view_article, update_article and delete_article.
But now in Kodeine when I create permission there is "slug" so I tried to do this like in documentation say
$permUser = $permission->create([
'name' => 'article',
'slug' => [ // pass an array of permissions.
'create' => true,
'view' => true,
'update' => true,
'delete' => true
],
'description' => 'Manange article'
]);
So from what I read it will be just grouping all of my article permission into one place and there is slug with each parameters view, create, update, delete.
The problem I see is, if I want to make my users to only can view article, how to do that based on permission that I created up there?
Since from documentation the to assignPermission is only give permission name and that mean it will include all slug in there and it will be all true?
So if I want to make users only can view article I need to create something like
$permUser = $permission->create([
'name' => 'article_view',
'slug' => [ // pass an array of permissions.
'view' => true,
],
'description' => 'view article'
]);
And if I want to make users only can create article then I will mean I need to create
$permUser = $permission->create([
'name' => 'article_create',
'slug' => [ // pass an array of permissions.
'create' => true,
],
'description' => 'create article'
]);
then what's the point of slug - is it just pretty much the same like role but with parameter in slug?
As I wrote in your github issue, I suggest you to keep all your article permissions as you alredy have it, in one big group but all of them set to false (keep in mind that you may need to change your 'most_permissive_wins' variable in your acl config file). You can create a "child" group permission for your users role using Inheritance, setting to true all of those permissions your users need. You can then asign that child group to your users role (not the big one) and the user role tou your specific user. To clarify my answer, lets say you have this group:
$permArticles = $permission->create([
'name' => 'articles',
'slug' => [ // pass an array of permissions.
'create' => false,
'view' => false,
'update' => false,
'delete' => false,
],
'description' => 'All articles module permissions'
]);
then you can create something like:
$articlesPermUser = Permission::create([
'name' => 'articles.user',
'slug' => [ // an array of permissions only for student
'view' => true,
],
// we use permission inheriting.
'inherit_id' => $permArticles->getKey(),
'description' => 'user articles permissions'
]);
then you assign your new permission to your user role (I am assuming you alredy have a role name 'user'):
$userRole = Role::where('slug', 'user')->first();
$userRole->assignPermission('articles.user');
And finally you assign that role to... let say your logged user:
Auth::user()->assignRole($userRole);
You can also solve this problem by overwriting the permission, this could be done assigning a specific permission value to a user (but yes, you would need to do this for every single user in your app if needed, so I dont like this solution at all).
Lets say we keep our big group:
$permArticles = $permission->create([
'name' => 'articles',
'slug' => [ // pass an array of permissions.
'create' => false,
'view' => false,
'update' => false,
'delete' => false,
],
'description' => 'All articles module permissions'
]);
As this group says, any rol with your article permission assgined will not be able to do anything in your articles module. Lets say your user role alredy has this permission, but you want a certain user (lets say the logged one) be able to update an article. You can set the specific update permission value to true like so:
Auth::user()->addPermission('update.articles', true);
//or
Auth::user()->addPermission('articles', [
'update' => true,
]);
Thank you for the answer but over the time, I already find a perfect solution that match what I need. It is not much different from what I do in entrust.
So first I will just create a permission like this for view article
$class = 'article';
$permission = new Kodeine\Acl\Models\Eloquent\Permission();
$permUser = $permission->create([
'name' => $class.'_view',
'slug' => [
'view' => true,
],
'description' => 'View '.$class
]);
and then another one for example create article
$class = 'article';
$permission = new Kodeine\Acl\Models\Eloquent\Permission();
$permUser = $permission->create([
'name' => $class.'_create',
'slug' => [
'create' => true,
],
'description' => 'Create '.$class
]);
and later just assign those permission to user role, for example I want to make this user role to be can view article
$roleAdmin = Kodeine\Acl\Models\Eloquent\Role::where('name','=','user_1');
$roleAdmin->assignPermission('article_view');
I still don't understand about Inheritance feature, and I needed to do this quickly. It maybe not an ideal way, but it's works for me.
i am using " romanbican - bicon roles ", i don't see sufficient information for the " Creating Roles ",
code is available but i don't know where i paste this code, please suggest quick steps to implement permissions.
I used this same laravel package and simply created a new controller and route pointing to the the following controller methods:
public function getRoleAdmin()
{
$adminRole = Role::create([
'name' => 'Admin',
'slug' => 'admin',
'description' => 'System Administrator', // optional
'level' => 1, // optional, set to 1 by default
]);
}
public function getRoleModerator()
{
$moderatorRole = Role::create([
'name' => 'Forum Moderator',
'slug' => 'forum.moderator',
'description' => 'Forum Moderator',
'level' => 1,
]);
}
I then created a simple view with a button for each calling the appropriate route/controller/method to create either a new moderator or administrator role. You will see that calling Role::create simply creates a new record in the roles table with these attributes which you could easily perform with a standard DB call to insert into the table. I used the same approach for creating/deleting permissions.
I'd like to add some new attributes to the admin users in Magento. These users are different than customers (just to make it clear) and it's only possible to set their user/name/lastname/mail/pass, but I'd like to add a few new attributes.
To do so, I guess I can use the addattribute function, but I need to find out which is the id of these admin users. For example, if I want to add a new attribute to a customer, I can use a function like this:
$setup->addAttribute('customer','attribute_id', $attr );
So, in this case, 'customer' is the id for customers. How can I find out which id is used for admin users? (this question can be extended to "How can I find the different id for the different types of attributes in Magento?").
==There is a chance that there is no way to change this. I've taken a look at the admin_user table and it's quite simple, all fields are there. So maybe there are no attributes in this case.==
Thanks
You can find all such ids (entity ids) in the eav_entity_type table.
And yes, there is no record for admin user. Because all data about admin users are stored in flat tables but not in eav. So to add a new attribute to admin user, you need to add a new column in the admin_user table
You will need to add a column to the admin_user table.
$installer->getConnection()->addColumn($installer->getTable('admin/user'), 'location', array(
'type' => Varien_Db_Ddl_Table::TYPE_TEXT,
'length' => 256,
'nullable' => true,
'default' => null
));
Then, if you want to add/edit this field from the backend you need to rewrite the method Mage_Adminhtml_Block_Permissions_User_Edit_Tab_Main::_prepareForm and add a new element in there:
$fieldset->addField('location', 'select', array(
'name' => 'is_active',
'label' => Mage::helper('adminhtml')->__('location'),
'id' => 'is_active',
'title' => Mage::helper('adminhtml')->__('location'),
'class' => 'input-select',
'style' => 'width: 80px',
'options' => array('1' => Mage::helper('adminhtml')->__('Yes'), '0' => Mage::helper('adminhtml')->__('No')),
));
Clear the cache and it should work.
No option till 1.7
thats what i use in the template to show the sku to an specific user bit dirty but works fine:
<?php
//EGS SKU added for Power User
$_powerUser = 777;
if (Mage::getSingleton('customer/session')->getCustomer()->getId() == $_powerUser)
{
echo '<div class="price-from">' . $_product->getSku() . '</div>';
}
?>