I know how to use Zend_Acl to allow certain resources to certain usergroups but how do i use it to allow only specific parts of the page to be shown? For example
I have a button to delete a post via AJAX on the page but i only want to show the button to Admins only. I can use Zend_Acl to block access to the controller post/delete but i can't use it to block the button from showing.
// in controller
$this->view->allow_delete_post = $acl->isAllowed($role, 'delete_post');
.
// in template
<? if ($this->allow_delete_post): ?>[button html]<? endif; ?>
Would that not do it?
You can also write a custom static ACL class which you can then call directly from within your view script.
Since ACL is normally handled at plugin level it means that if your visitor is seeing the view then ACL has already allowed the resource, therefor inside your view you can now do something like this...
if(My_Custom_Acl::getIsAllowed('some_resource', 'delete_post_action'){
I did not specify the role name in the custom getIsAllowed() method, because at this point ACL is already suppose to know the user's Identity and the Role.
Hope this helps
Although Christof gave a good solution, an alternative is to split the views. Although this starts to violate DRY, when you have about 200 different admin things/controls, it's getting heavy in the view - thus splitting the view with $this->render('view') and $this->render('edit') for permissions from the controller is sometimes easier. Then only the edit view script has the edit links. But again, it's DRY, so not optimal, but an alternative. I guess you have to weigh it up, which one is more DRY, repeating the ACL check or the stuff in 2 views...
Related
I am working on this web app (Laravel 8) in which users can choose their color themes. Basically, to make it simple, let's say each user can choose their primary_color.
On home page (which does not need authentication), the primary_color will come from config (whether user is authenticated or not). On authenticated pages, the primary_color comes from the users table (for the authenticated user). I also have a bunch of pages that use the guest layout if user is not authenticated, and the app layout if user is authenticated. Those would use the primary_color from config if user is not authenticated, and the primary_color chosen by the user if they are authenticated.
All those pages use some components (buttons, nav-links, etc) that need to know the primary_color.
I currently have this line on top of EACH php file that needs to know the primary_color:
$primary_color = (Auth::user() && Route::current()->getName() !== 'home') ? Auth::user()->config->color_theme : "yellow";
(Color "yellow" is hard coded here, just ignore it.)
I would love to avoid that much code replication, but i can't seem to find a way to share this variable from the layout (guest.blade.php or app.blade.php) to the page. I can't seem to be able to include a style.blade.php view that contains the variable, either. The variables declared in this included view do not exist in the rest of the page. I managed to pass the variable to components using a prop. It's not so nice, but it works fine. But it's not so nice, i'd rather use a cleaner solution.
But most importantly, how do i avoid having to copy the same bit of code on top of each page?
Thank you!
You can use view composers. Under the boot method of AppServiceProvider add the folowing code.
\Illuminate\Support\Facades\View::composer('*',function($view){
$userPrimaryColor = (Auth::user() && ! Route::is('home')) ? Auth::user()->config->color_theme : "yellow";
$view->with('primary_color', $userPrimaryColor);
});
The first argument * indicates that it needs to be shared to all the views. If you need those in few pages you can pass the list of pages as array
If you want to share data with all the views you can use laravel's view composer.
it can attach data to all view or multiple views simultaneously.
source: https://laravel.com/docs/5.0/views#view-composers
alternately: see here
https://www.digitalocean.com/community/tutorials/sharing-data-between-views-using-laravel-view-composers
I'm a developer and I am very confident with MVC pattern and have already developed a lot of webapp from scratch using php framework like symfony or yii.
I'm a little bit confused about joomla mvc and terminology and after googling a lot, read joomla book extensions guide, read on joomla website my doubt are still there.
What is confusing for me is the component mvc structure and how I have to set up "my way of think" about joomla mvc, for doing the things in the joomla way.
In particular I am used to reasoning in terms of controller/action (like in symfony and yii framework)
So the final list of all my webapp url will be
controller1/action1
controller1/action2
controller1/action3
controller2/action1
controller2/action2
Each controller's action will decide what view to render and what layout to use for showing the view.
In particular in these frameworks, the definition of a layout is exactly the mean of a layout. And the view is the "core part" of the page.
So I can have a view with a list of users and I can put this view inside a mobile layout or a desktop layout, or to build a view for mobile and put it only in the mobile layout and so on.
The final result about directory structure in my webapp is something similar to the following:
controllers/
controller1
controller2
controller3
models/
modelForTableA
modelForTableB
views/
controller1/
viewForAction1
viewForAction2
layouts/
mobileLayout.php
desktopLayout.php
and for me is very clear to understand.
So finally my questions are:
how would be the directory structure in joomla?
what are in joomla the definition of view, layout and task?
I need to clarify that I do not need an explaination about MVC works in general, but if I would achieve the same result as before, how I have to organize my code and my work?
Suppose that I want to build a component with the following "url"
userController/addUser
userController/editUser
userController/listUsers
userController/viewUserDetail
anotherController/addOperation
anotherController/editOperation
anotherController/myNonCrudOperation
Thank you very much
Routing in Joomla is slightly different. The SEF URLs are built from menu items, which in turn point to a View/Layout combination.
This turns things around: a controller is not bound to a specific View/Layout.
Let's make an example of the flow with the addUser functionality you mentioned as an example; I'll be referring to these files (but you'll have plenty more):
/controllers/user.php
/models/user.php
/views/useradd/view.html.php
/views/useradd/tmpl/default.php
/views/useradd/tmpl/default.xml
/controller.php
/router.php
As you can see the layouts are inside each view's tmpl folder.
router.php
Let's start from this last file: router.php defines our custom SEF rules so, after Joomla passes the call to our component (usually with the params
?option=com_componentname) we can takeover and interpret the URL as we wish. It is a bit hard to get started with but does provide the most flexibility and power. We don't really need to implement it at all for this simple example: so back to our registration now.
First step: show the "new user" form.
You would typically bind this to a menu item, pointing to the /views/useradd/tmpl/default.php; the /views/useradd/tmpl/default.xml contains the definition of the layout so it's available in the menu manager. Very often there is only one layout per view.
Control is passed to the view /views/useradd/view.html.php , and the view will then load an instance of its own model (automatically chosen based on the view name, you can load other models of course) to gather any initialization data.
The view then renders the layout, and presents it to the user.
The layout's responsibility includes generating a form with an appropriate action (endpoint) and security tokens if appropriate:
<form action="index.php?option=com_mycomponent">
<input type="hidden" task="user.save">
<?php echo JHtml::_('form.token');?>
as you see it doesn't really matter if you want to use <input or params on the url, and you can most often mix them.
Form interaction
For autocompletion the form may need to invoke some backend controller methods, i.e. the method emailAvailable() in the /controllers/user.php
It does not make sense to have such functionality indexed, so we'll invoke the method directly with a non-SEF url:
index.php?option=com_ourcomponent&task=user.emailAvailable
followed by any other parameter. This will work in both get and post.
The controller /controllers/user.php's emailAvailable() method will return a json structure and then invoke exit() as we don't want the CMS to kick in at all. An alternative solution is to add the param &format=json in the call.
{"email":"johndoe#example.com", "available":true}
Saving the data
When the user submits the form, processing is first handled by the controller since a task is specified. (see above task=user.save). Joomla will invoke the method save() in the controller /controllers/user.php.
This time, however, our controller is responsible for returning information to the user. After processing the data, it may choose to re-render the registration form showing an error, or a thank you page. In either case the controller simply sets the redirect, letting Joomla handle the rendering when appropriate.
$this->setRedirect(JRoute::_('index.php?option=com_yourcomponent&view=useradd', false));
More control
Each time a controller task is not specified, the display() method of the main controller is invoked. You can add custom logic there.
Joomla fires several events during a view rendering; these can be intercepted by a system plugin or - if you add in the calls - other kinds of plugins as well. You may even create your own types of plugins. Do not try to instantiate a view manually from a controller, as this may inhibit plugin firing.
Small insight,
1) Directory Structure
controllers/
controller1
controller2
controller3
models/
modelForTableA
modelForTableB
views/
layout1
2) View and layout and task
check this answer
3) More routing techniques with SEF.
Hope it helps.
solved with this. I cannot delete this question because there already exists other answer.
Could any moderator close or delete this? Thank you
https://joomla.stackexchange.com/questions/18774/joomla-terminology-view-layout-task-and-component-development/18799#18799
I have controller PlayerController and actions inside: View, Info, List.
So on urls "/Player/View" i get result with default Layout.
I want to get result with different Layout on request "/External/View".
How can i achieve this?
Although you can override the layout from the controller as has been suggested in another answer, in my opinion this means the controllers are getting just too involved in determining what the UI will be. Best to leave this purely to the Views to decide.
The closest to what you're asking is to do this in your current "~/Views/_ViewStart.cshtml":
#{
if(Context.Request.Path.StartsWith("/External", StringComparison.OrdinalIgnoreCase))
Layout = "~/Views/_ExternalLayout.cshtml";
else
Layout = "~/Views/_Layout.cshtml";
}
Where "~/Views/_ExternalLayout.cshtml" is your alternative layout.
Might want to check the leading "/" is correct on there, I can't remember if it is.
If you put this in the existing _ViewStart, then any view that is being rendering in response to a url starting with "/External" will use this new layout, otherwise the 'normal' one will be used.
Another approach is to use the routing table to add a route value that can be used here to make a layout decision; but I've gone for this approach to keep it simple.
You can specify which layout should be used when returning a view inside your 'ExternalController' controller action.
return View("View", "~/Views/Shared/_AnotherLayout.cshtml")
Imagine I have a form (Page1.cshtml) with 1 link (LinkBrands). I also have a controller for Page1 (Page1Controller) and one for brands (BrandController). When the user clicks the link what is better to do:
LinkBrands-->Page1Controller-->BrandController (Page1Controller's action will redirect to BrandController)
OR
LinkBrands-->BrandController
Not sure what route is better. Any suggestions?
Usually you don't have a single controller per view. You would use multiple views or partial views all calling actions on the same related controller. I assume Brand is a separate entity from whatever else Page1 is trying to display, therefore it should probably use the BrandController directly but since there really isn't enough information to go on with your example as to what page1's function is I couldn't say what you are trying to relate.
If you need to capture information from the brand link as it relates to page1 then sure have it collect that in page1controller first before redirecting to brandcontroller to display a new view.
What does your Page1Controller do?? It seems as though you are defeating the purpose of the Model-View-Controller architecture and trying to form it back to the WebForms method with code-behind.
So without seeing what exactly your controllers are doing, I'd say your second option is best.
It all depends.
If you have to execute any logic in Page1Controller (saving data for instance) before displaying the second page, then you need to go by Page1Controller, and then go to BrandController:
LinkBrands-->Page1Controller-->BrandController
In case you just need to redirected to the second page (you do not need anything from Page1Controller, you do not need it to perform any action, and you can create a the model for second page in BrandController) then go with the second option:
LinkBrands-->BrandController
Hope this helps.
I'm not sure I'm going down the right path with this - and I am pretty new to routing, so if this is way off base, I apologize.
What I'm trying to accomplish is having a link at the bottom of the page where the site visitor can select mobile or full screen. I want them to be able to do this from any page. When they select either one, there could be any number of things happen - depending on where they are on the site (i.e. different views, functionality, etc).
Right now, I don't have Codeigniter configured to allow querystrings, which is the default behavior. So in order to pass a preference in a link, I need to do it using a url segment.
I was hoping to do something like:
<? if ($in_mobile_view): ?>
Mobile | Full Site
<? else: ?>
Mobile | Full Site
<? endif ?>
This works great when I am navigating to: /welcome/index/m or /calendar/view/m, etc. However, if I'm just at: /welcome/m or /m - where the index method of the controller should kick in, I get a 404 because it can't find the method - since it doesn't exist.
My thought was that via routing, I could configure Codeigniter to ignore the "m" and "f" strings and just operate as if they aren't in the url at all.
Is that a good way to go about this? If not, I'd love to hear other suggestions. If this is a decent way to go, I'd really appreciate if someone could point me in the right direction for routing.
Thanks for your time.
Why select this with the URL?
You can detect basic "is mobile" with the User Agent library. Take that value and set the session to whichever the User Agent suggests, then simply link to a controller that switches the user between mobile and full versions when clicked.
Run this in global code somewhere as a hook or a Base Controller.
if($this->user_agent->is_mobile() && ! $this->session->userdata('site_mode'))
{
$this->session->set_userdata('site_mode', $this->user_agent->is_mobile() ? 'mobile' : 'full');
}
Then you controller can just set the session to whatever based on what they have clicked.
/switch/mobile
/switch/full