I want to invisible particular fields to stock manager and visible for stock user and Main Administrator(one of the stock manager).
for example:
<field name ="name_ids" groups="!group_stock_manager,group_stock_user"/>
It works but this field is not visible to the main administrator.
how I make visible this field to main administrator?
The thing is that group_stock_manager inherits from group_stock_userso you cannot restrict the first while allowing access to the second group. To solve it you may need to use other group different from group_stock_user to be able to isolate the permissions for group_stock_manager that will not be inherited from group_stock_user
Like Axel was saying you need to isolate the permissions. What you would need to do in your security definitions define the access rights to the field and use base.group_user.
Then create a new security group xml for people who can see and edit the field.
Related
I have two similar pages that need a menu link. Page 1 is shown to members of Group A. Page 2 is shown to everyone who is not a member of Group A. I have a "Guest" group which would include everyone who is not logged in. But some users are members of group A and Group B. I cannot figure out how to only show one link to them, based on whether they are a member of Group A or not. If I create an access level that includes only Group A and one that includes every other group and someone is in both groups, they will see both links, which is redundant since the pages are different versions of the same page. Any ideas?
We've got a similiar situation, and they way we got around it is to have another Usergroup called "GroupNotA". Then, we have a user plugin that we configure the UserGroups that are in play, and use the OnUserAfterSave event to insure everyone is conditionally in the correct user groups as shown in the code snippets below. With that, we can user menu items, etc. that are available to GroupA and GroupNotA.
myUserPlugin.xml
<field name="usergroup_a" type="usergroup" label="Group A" multiple="false" />
<field name="usergroup_not_a" type="usergroup" label="Group Not A" multiple="false" />
myUserPlugin.php
public function onUserBeforeSave($oldUser, $isnew, $newUser)
{
$UserGroupA = $this->params->get('usergroup_a');
$UserGroupNotA = $this->params->get('usergroup_not_a');
if(in_array(UserGroupA, $newUser['groups'])){
// Use IS in Group A - do nothing?
}else{
// Use is NOT in Group A - Add to group $UserGroupNotA
// add/remove from array $user['groups']
}
A word of caution though, the natural inclination was to use JUserHelper::addUserToGroup(), but it triggers OnUserAfterSave() again, so we went with direct manipulation of the Groups array.
A sample user plugin is installed with Joomla at plugins/user/example.php, and full documentation is available at Plugin/Events/User. Good Luck.
Note I just realized that we do this during a new user registration, so I'm altering the answer to use the event onUserBeforeSave(). I'm not sure that it will work as I originally suggested or not, but at least you have a starting point and the pieces to accomplish a solution.
I created custom role for some users, and I assigned role to particular user with content tree limitation. Like on this image
Problem is that when that user log in, he get error like on this image. Roles are working, so user can see his assigned content tree and work with it.
How can I solved this first screen? Even redirection on his content tree would do the job.
Thank you :)
Make sure that the user you assigned the role to, also has a basic role to access basic contribution functions. I usually have a "backoffice user" role which is assigned to every contributor (or group), which includes (without any limitation) :
user/login on the admin siteaccess
content/read on at least the root node : you need to be able to get "through" that node (and others if needed) to see the ones under it
ezoe, ezjscore, ezmultiupload, ezfind, ezie etc
content/(edit|remove|...) on contents which is owned by the user himself or its group
Hope this helps
I need to create a User-Specific content page, I have registered users and I need to create a module/page/menu/feed or whatever that displays articles that are for only one or some users.
For example, in my site, I show to public some projects (articles redacted as some architecturing project) for example: news, finished projects, etc, some people register and can access to other content that is intended for registered users, for example: new projects that only registered clients would be interested, so far, I managed to make this work, but now, I have work that is for a specific user and he/she only can see it in his/her feed, for example: status of their project made by us, some galleries with photos of the work in progress, etc.
So, This feed must be a module/page/menu that shows articles with a specific category and for registered users. But I want to be able to post an article that is only intended for a specific user or a set of users and shows in this feed (module) or at least a whole new module that shows user-specific content without having to create a category and an access level for each user.
Is there an extension or plug-in that helps me do this?
you need to make do two things:
Make a new user-group (Users->User group) as a sub-group of
registered. Add the users that need the special permission to this
group.
Make a new access-level (Users->access-levels) and add you
new user-group to this access level
Set the access-level on the article(s) that you want to restrict access on.
The module should check the access-level before it displays it to the users, and only display the restricted articles to those that have the correct privileges.
The system don't really support what you ask for, but you could use the following setup:
Make a content-plugin (http://docs.joomla.org/J2.5:Creating_a_content_plugin). In the event onContentPrepareForm, you modify the created_by_alias-field to use it for your special user allowed to view this content article.
function onContentPrepareForm($form, $data){
// first check that context is right
// Then change the type of the field. This should allow to select
// the user when you create the article.
$form->getField('created_by_alias')->__set('type', 'user');
}
In the event onContentPrepareData, check if the data in the created_by_alias references a valid user in the user group your users shoud be in
public function onContentPrepare($context, $article, $params, $page){
// first check that context is right
//Then fetch the user data:
if(is_int($article->created_by_alias)){ // ( Optionally check if the article is in a specific category )
$db=JFactory::getDbo();
$currentuser=JFactory::getUser();
$allowedgroup=2; // the registered users group
$sql="select u.id from #__users inner join #__user_usergroup_map ug (u.id=ug.user_id) where ug.group_id={$allowedgroup}";
$db->setQuery($sql);
$user=$db->loadObject();
if($user->id==$currentuser){
$data->user=$user;
}
else{
//Unset the article content to prevent unothorized users from seeing the content.
unset($article);
}
}
Finally, create a module (http://docs.joomla.org/Creating_a_simple_module) that feeds articles for a particular user, containing at least:
$list=array();
$user=Jfactory::getUser();
if($user->id>0){
$sql="select * from #__content where created_by_alias={$user->id}";
// ( also add sql to check that the user has access,
// the article is published, the correct category etc)
$db=Jfactory::getDbo();
$db->setQuery($sql);
$list=$db->loadObjectList();
if(!count($list)) return;
}
else return;
print_r($list); // Prints the content articles
This scheme should protect unauthorized users from viewing the content of the articles ment for a specific user. The module should (after nicely outputting what you want to display) display a list of articles for the logged inn user. The module can link to the article in the normal way, and the authorized user will have access. So it should be "safe enough", and provide the functionality you need without too much hassle.
I'll try anotherone here:
You could just install a messageing system on your site. UddeIM is one such system. This will allow you to make specific content for your users. UddeIM can be configured so only administrators can send messages. There is also some modules for this component to show latest messages etc.
In Manage Customers tab, by default last 20 registered users are listed with their emails. I would like to hide the list or change it only 1. This is being done to make sure that call center agents are not easily copying customer's email information.
I am very new to this so, if its not too much trouble, provide full path to the file.
Steve
You might want to go a slightly different direction, by developing a set of permissions for your Agents, so that perhaps they can't access the email in the first place, if you don't want them to see that information.
If you want to modify the page size, you can rewrite this class
Mage_Adminhtml_Block_Customer_Grid
And you'll want to override this method:
protected function _preparePage()
{
parent::_preparePage();
$this->getCollection()->setPageSize(1);
}
You may also want to get rid of the pagination dropdown in
app/design/adminhtml/default/default/template/widget/grid.phtml
because it will be confusing for them to see it but when they use it for it to not function.
I need to retrieve a list of Active Directory users and their attributes using Delphi 2010.
I've seen a few similar questions on SO (e.g. Delphi - Find primary email address for an Active Directory user), but they all seem to require the user name before any additional information can be retrieved.
I had written an article for [The Delphi Magazine] way back when..... if you have access to a backlog of those magazines, it's in issue no. 62 (October 2000) - unfortunately, it seems those back issues aren't available for purchase anymore :-(
It's too long of an article and a code sample to post here.... basically it's about wrapping the IDirectorySearch interface in a nicer Delphi-like shell. You pass in a base container where to search, you define an LDAP filter, and you define a set of attributes you're interested in - then you search and get back basically an enumerator for the results, which you can get one by one.
In the end, I discovered TJvObjectPickerDialog, part of JVCL. It wraps the Windows Select Object dialog and does everything I need with very little coding. Just set the required properties and call execute. The selected user objects are returned along with the attributes that you set in the 'Attributes' property.