Форуми / Cotonti / Extensions / help wanted with rights


#1 31.12.2010 04:07
How can I get all the categories (page_cat) were the current user have reading rights..

I want to include a filter in an SQL statement to filter out only the pages were I have reading rights...

something like :: WHERE page_cat IN (a,b,c,e)

(note: i do not have reading rights for cat 'd')

hope the answer comes soon :)
==- I say: Keep it EZ -==

Відредаговано: ez (31.12.2010 04:14, 12 років тому)
#2 31.12.2010 06:30
Hi Ez,

Ok, well as far as I know from the tables this query should do it, depends on the levels set as well (possibly).

Replace the Auth_GroupID = 1 with the GroupID you wish to view rights for.
Replace the Auth_Rights = 1 with >=1 for all rights from Read to Admin.

SELECT * FROM Sed_Auth WHERE Auth_GroupID = 1 AND Auth_Code = 'Page' AND Auth_Rights = 1

Use the Auth_Option to filter by page category.
SELECT DISTINCT Auth_Option FROM Sed_Auth WHERE Auth_GroupID = 1 AND Auth_Code = 'Page'

To filter you could do the following:
1. Get the GroupID of the current user.
2. Use the GroupID of the current user in the SELECT statement above to filter down the Auth_Code and avoid the need for using another select on the Sed_Structure table.

Hope this helps.

Happy New Year

[b]Know the question and you will be far more likely to get an answer.[/b]
#3 31.12.2010 14:51
hi, thnx for your response... but

I do not want to make extra queries.. a lot off data is allready loaded when a user hits a site.
So I can probably use the arrays in the memory?.

Does Anyone have an answer ??
==- I say: Keep it EZ -==
#4 31.12.2010 18:11
Ah ok, that makes sense, In this case you could use

Have a look at List.Inc.Php for an example usage.
Something like this from List.inc.php:
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = sed_auth('page', $c);

From there you can pass in the $c var in a loop over the categories on the site.
[b]Know the question and you will be far more likely to get an answer.[/b]
#5 31.12.2010 19:10
Loop through $usr['auth']['page'] to get the rights for each category.

None = 0
Read = 1
Write = 2
C1 = 4
C2 = 8
C3 = 16
C4 = 32
C5 = 64
Admin = 128

Value for auth is the sum of the allowed rights (so all rights = 255). C rights are custom rights, they become visible in adminpanel when you click 'more' at a rights configuration screen. C1 is used for pages with a file download (the members only download thing). In Siena C1 is also used for hidden users (if you have this right you can see hidden users).

Use cot_auth_getmask() to convert number into a readable mask, such as RW12345A (255) or RW (3). Then use (strpos($mask, 'R') !== FALSE) to check for read access.

$allowedcats = array();
foreach($usr['auth']['page'] as $category => $rights)
	if($category == 'a') continue;
	if(strpos(cot_auth_getmask($rights), 'R') !== FALSE)
		$allowedcats[] = $category;
$sqlcategories = implode(',', $allowedcats);

Відредаговано: Koradhil (31.12.2010 19:33, 12 років тому)
#6 31.12.2010 21:29
Hi Gert,

This was exactly what I was looking for...
I knew it had to be ez :) and that the info is already loaded..



By the way.. What is if($category == 'a') ????

Added 1 hour 28 minutes later:

Hi Gert,

I just realized this is for sienna... and sed_auth_getmask is not there.

Can you tell me what to use for Genoa ??

==- I say: Keep it EZ -==

Відредаговано: ez (31.12.2010 22:58, 12 років тому)