cotonti.com : help wanted with rights

ez

Vr, 31 Dec 2010 21:29:06 -0000

Hi Gert,

This was exactly what I was looking for...
I knew it had to be ez and that the info is already loaded..

thnx,

Leo

By the way.. What is if($category == 'a') ????

Added 1 hour 28 minutes later:

Hi Gert,

I just realized this is for sienna... and sed_auth_getmask is not there.

Can you tell me what to use for Genoa ??

thnx

GHengeveld

Vr, 31 Dec 2010 19:10:48 -0000

Loop through $usr['auth']['page'] to get the rights for each category.

None = 0
Read = 1
Write = 2
C1 = 4
C2 = 8
C3 = 16
C4 = 32
C5 = 64
Admin = 128

Value for auth is the sum of the allowed rights (so all rights = 255). C rights are custom rights, they become visible in adminpanel when you click 'more' at a rights configuration screen. C1 is used for pages with a file download (the members only download thing). In Siena C1 is also used for hidden users (if you have this right you can see hidden users).

Use cot_auth_getmask() to convert number into a readable mask, such as RW12345A (255) or RW (3). Then use (strpos($mask, 'R') !== FALSE) to check for read access.

$allowedcats = array();
foreach($usr['auth']['page'] as $category => $rights)
{
	if($category == 'a') continue;
	if(strpos(cot_auth_getmask($rights), 'R') !== FALSE)
	{
		$allowedcats[] = $category;
	}
}
$sqlcategories = implode(',', $allowedcats);

MIHDev

Vr, 31 Dec 2010 18:11:33 -0000

Ah ok, that makes sense, In this case you could use

Sed_Auth

function.

Have a look at List.Inc.Php for an example usage.
Something like this from List.inc.php:

list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = sed_auth('page', $c);
sed_block($usr['auth_read']);

From there you can pass in the $c var in a loop over the categories on the site.

ez

Vr, 31 Dec 2010 14:51:07 -0000

hi, thnx for your response... but

I do not want to make extra queries.. a lot off data is allready loaded when a user hits a site.
So I can probably use the arrays in the memory?.

Does Anyone have an answer ??

MIHDev

Vr, 31 Dec 2010 06:30:32 -0000

Hi Ez,

Ok, well as far as I know from the tables this query should do it, depends on the levels set as well (possibly).

Replace the Auth_GroupID = 1 with the GroupID you wish to view rights for.
Replace the Auth_Rights = 1 with >=1 for all rights from Read to Admin.

SELECT * FROM Sed_Auth WHERE Auth_GroupID = 1 AND Auth_Code = 'Page' AND Auth_Rights = 1

Use the Auth_Option to filter by page category.

SELECT DISTINCT Auth_Option FROM Sed_Auth WHERE Auth_GroupID = 1 AND Auth_Code = 'Page'

To filter you could do the following:
1. Get the GroupID of the current user.
2. Use the GroupID of the current user in the SELECT statement above to filter down the Auth_Code and avoid the need for using another select on the Sed_Structure table.

Hope this helps.

Happy New Year

MIHDev

ez

Vr, 31 Dec 2010 04:07:23 -0000

How can I get all the categories (page_cat) were the current user have reading rights..

I want to include a filter in an SQL statement to filter out only the pages were I have reading rights...

something like :: WHERE page_cat IN (a,b,c,e)

(note: i do not have reading rights for cat 'd')

hope the answer comes soon