I have two similar pages that need a menu link. Page 1 is shown to members of Group A. Page 2 is shown to everyone who is not a member of Group A. I have a "Guest" group which would include everyone who is not logged in. But some users are members of group A and Group B. I cannot figure out how to only show one link to them, based on whether they are a member of Group A or not. If I create an access level that includes only Group A and one that includes every other group and someone is in both groups, they will see both links, which is redundant since the pages are different versions of the same page. Any ideas?
We've got a similiar situation, and they way we got around it is to have another Usergroup called "GroupNotA". Then, we have a user plugin that we configure the UserGroups that are in play, and use the OnUserAfterSave event to insure everyone is conditionally in the correct user groups as shown in the code snippets below. With that, we can user menu items, etc. that are available to GroupA and GroupNotA.
myUserPlugin.xml
<field name="usergroup_a" type="usergroup" label="Group A" multiple="false" />
<field name="usergroup_not_a" type="usergroup" label="Group Not A" multiple="false" />
myUserPlugin.php
public function onUserBeforeSave($oldUser, $isnew, $newUser)
{
$UserGroupA = $this->params->get('usergroup_a');
$UserGroupNotA = $this->params->get('usergroup_not_a');
if(in_array(UserGroupA, $newUser['groups'])){
// Use IS in Group A - do nothing?
}else{
// Use is NOT in Group A - Add to group $UserGroupNotA
// add/remove from array $user['groups']
}
A word of caution though, the natural inclination was to use JUserHelper::addUserToGroup(), but it triggers OnUserAfterSave() again, so we went with direct manipulation of the Groups array.
A sample user plugin is installed with Joomla at plugins/user/example.php, and full documentation is available at Plugin/Events/User. Good Luck.
Note I just realized that we do this during a new user registration, so I'm altering the answer to use the event onUserBeforeSave(). I'm not sure that it will work as I originally suggested or not, but at least you have a starting point and the pieces to accomplish a solution.
Related
I want to invisible particular fields to stock manager and visible for stock user and Main Administrator(one of the stock manager).
for example:
<field name ="name_ids" groups="!group_stock_manager,group_stock_user"/>
It works but this field is not visible to the main administrator.
how I make visible this field to main administrator?
The thing is that group_stock_manager inherits from group_stock_userso you cannot restrict the first while allowing access to the second group. To solve it you may need to use other group different from group_stock_user to be able to isolate the permissions for group_stock_manager that will not be inherited from group_stock_user
Like Axel was saying you need to isolate the permissions. What you would need to do in your security definitions define the access rights to the field and use base.group_user.
Then create a new security group xml for people who can see and edit the field.
In SugarCRM 7.9 how we can change the maximum number of records to be displayed in a specific subpanel.
In Developer guide i have found that by changing the 'list_max_entries_per_subpanel' limit in config override we can change the records display limit for all subpanels but i want to have the effect only in my specific subpanel for example Contacts subpanel available in Accounts module.
I was interested to find out the answer to this too, so I did some digging and figured this out. As per your example of displaying a different number in the Contacts subpanel in Accounts, here's what you can do:
Add the following file to custom/modules/Contacts/clients/base/views/subpanel-list/subpanel-list.js
({
extendsFrom: "SubpanelListView",
initialize: function(options){
this._super("initialize", [options]);
if (this.context.get("parentModule") == "Accounts"){
this.context.set("limit",1);
}
}
})
If you'd like to know more specifically what's going on, I'll elaborate. Here's a breakdown of what's happening:
State that you're extending the standard subpanel list view.
Override the parent class' initialize function.
Call the parent initialize function (to ensure all superclass behaviour is respected)
If this (Contacts) subpanel has a parent module of Accounts (i.e. this subpanel is one of the ones displayed below the Accounts record view), then set the context property "limit" to the desired value.
I've tested this successfully by linking 3 contacts to an Account, and it only displayed 1, and subsequently linked 3 contacts to an Opportunity, and it showed all 3.
I created custom role for some users, and I assigned role to particular user with content tree limitation. Like on this image
Problem is that when that user log in, he get error like on this image. Roles are working, so user can see his assigned content tree and work with it.
How can I solved this first screen? Even redirection on his content tree would do the job.
Thank you :)
Make sure that the user you assigned the role to, also has a basic role to access basic contribution functions. I usually have a "backoffice user" role which is assigned to every contributor (or group), which includes (without any limitation) :
user/login on the admin siteaccess
content/read on at least the root node : you need to be able to get "through" that node (and others if needed) to see the ones under it
ezoe, ezjscore, ezmultiupload, ezfind, ezie etc
content/(edit|remove|...) on contents which is owned by the user himself or its group
Hope this helps
I need to create a User-Specific content page, I have registered users and I need to create a module/page/menu/feed or whatever that displays articles that are for only one or some users.
For example, in my site, I show to public some projects (articles redacted as some architecturing project) for example: news, finished projects, etc, some people register and can access to other content that is intended for registered users, for example: new projects that only registered clients would be interested, so far, I managed to make this work, but now, I have work that is for a specific user and he/she only can see it in his/her feed, for example: status of their project made by us, some galleries with photos of the work in progress, etc.
So, This feed must be a module/page/menu that shows articles with a specific category and for registered users. But I want to be able to post an article that is only intended for a specific user or a set of users and shows in this feed (module) or at least a whole new module that shows user-specific content without having to create a category and an access level for each user.
Is there an extension or plug-in that helps me do this?
you need to make do two things:
Make a new user-group (Users->User group) as a sub-group of
registered. Add the users that need the special permission to this
group.
Make a new access-level (Users->access-levels) and add you
new user-group to this access level
Set the access-level on the article(s) that you want to restrict access on.
The module should check the access-level before it displays it to the users, and only display the restricted articles to those that have the correct privileges.
The system don't really support what you ask for, but you could use the following setup:
Make a content-plugin (http://docs.joomla.org/J2.5:Creating_a_content_plugin). In the event onContentPrepareForm, you modify the created_by_alias-field to use it for your special user allowed to view this content article.
function onContentPrepareForm($form, $data){
// first check that context is right
// Then change the type of the field. This should allow to select
// the user when you create the article.
$form->getField('created_by_alias')->__set('type', 'user');
}
In the event onContentPrepareData, check if the data in the created_by_alias references a valid user in the user group your users shoud be in
public function onContentPrepare($context, $article, $params, $page){
// first check that context is right
//Then fetch the user data:
if(is_int($article->created_by_alias)){ // ( Optionally check if the article is in a specific category )
$db=JFactory::getDbo();
$currentuser=JFactory::getUser();
$allowedgroup=2; // the registered users group
$sql="select u.id from #__users inner join #__user_usergroup_map ug (u.id=ug.user_id) where ug.group_id={$allowedgroup}";
$db->setQuery($sql);
$user=$db->loadObject();
if($user->id==$currentuser){
$data->user=$user;
}
else{
//Unset the article content to prevent unothorized users from seeing the content.
unset($article);
}
}
Finally, create a module (http://docs.joomla.org/Creating_a_simple_module) that feeds articles for a particular user, containing at least:
$list=array();
$user=Jfactory::getUser();
if($user->id>0){
$sql="select * from #__content where created_by_alias={$user->id}";
// ( also add sql to check that the user has access,
// the article is published, the correct category etc)
$db=Jfactory::getDbo();
$db->setQuery($sql);
$list=$db->loadObjectList();
if(!count($list)) return;
}
else return;
print_r($list); // Prints the content articles
This scheme should protect unauthorized users from viewing the content of the articles ment for a specific user. The module should (after nicely outputting what you want to display) display a list of articles for the logged inn user. The module can link to the article in the normal way, and the authorized user will have access. So it should be "safe enough", and provide the functionality you need without too much hassle.
I'll try anotherone here:
You could just install a messageing system on your site. UddeIM is one such system. This will allow you to make specific content for your users. UddeIM can be configured so only administrators can send messages. There is also some modules for this component to show latest messages etc.
To be short, It's a website for an investigations lab.
I need to display specific content (lab report) to specific user. Users will be given a username and a password when leaving and will be asked to login on the website to access his/her report with the credentials given to him.
So , it's a "specific content" for "specific user" - Moving to 1.6 is not an option.
I have a solution in mind but involve a lot of core hacking and will take some time ... If any one been in a similar situation or have an idea in mind I would appreciate your help.
Ok, this can be done but it's going to take a little trickery to get there. First, you are going to need a way to post the lab reports and associate them with a user. I would use K2 for this since you can add the report as an attachment to an item. You can also add extra fields to K2, which would be the next step. You'll need an extra field where you can enter a user ID number that you will use to determine if a user is allowed to view the content.
There are several steps you will need to take to now filter the content so only the associated user can see it.
You will need to get the user ID once the user is logged in:
$user =& JFactory::getUser();
$usr_id = $user->get('id');
You'll need a menu item that links to a K2 Category where all the lab reports go.
You'll need a subtemplate with a modified category_item.php for that category that only displays the associate reports:
if($this->item->extra_fields[USER_ID_EXTRA_FIELD_NAME]==$usr_id){
all the category item stuff
}
You'll need a subtemplate with a modified item.php for the category that again blocks users other than the associated user, basically the same code as #3 to either display the content or an error message.
The only other way I can think of that you can accomplish this would be to use an ACL component with a group for each user.
The K2 method with subtemplates would not require any core hacks and will work with a little work.
You can achieve what you want with Flexicontent http://www.flexicontent.org/ and Flexiaccess
Flexicontent is a K2 type component and I use them interchangeably. With Flexiaccess you can create items that are only available to certain users.
No hacks required.
Bad News: That cant be done with standard Joomla 1.5 (without hacking)
Good News: You can use one of the free or commercial Extensions for Joomla to accomplish that. I would suggest for example:
Admin-User-Access
http://extensions.joomla.org/extensions/access-a-security/backend-a-full-access-control/9040
Or you can search for yourself:
http://extensions.joomla.org/extensions/access-a-security/backend-a-full-access-control