Welcome, Guest

TOPIC: [CLOSED] ACL view access issue

ACL view access issue 03 Jun 2013 16:25 #7304

dyvel
Offline
Elite Member
Posts: 200
Thank you received: 11
Karma: 10

Hi

I have a problem with the view rights. I have added author wizard to my table, but as you can see from the 2 screenshots, Mr. Registered can still view items created by Mr. Editor.

Item created by Mr. Editor

Same item is viewable by Mr. Registered

My problem is, I need to allow users to create their own records in the table. And they should not be able to see each others records.

If I don't publish the item, then other users can't see the item, but that also prevents the creating user from editing the item (edit own is set to allow)...

Last Edit: 03 Jun 2013 16:57 by dyvel.

The administrator has disabled public write access.

Re: ACL view access issue 03 Jun 2013 16:35 #7305

dyvel Offline Elite Member Posts: 200 Thank you received: 11 Karma: 10	Also items in the drop down (FK) is visible for Mr. Registered even though it's created by Mr. Editor.
	The administrator has disabled public write access.

Re: ACL view access issue 04 Jun 2013 06:01 #7311

admin Offline Administrator Chef Posts: 3711 Thank you received: 987 Karma: 140	Do you have implemented a publish/state wizard ? Because, the function you try to accomplish only works when publish = false for the items. The author will be able to see an unpublished item (its owns) You must also define well the ACL (in sandbox), to choose who can edit / see its owns items.
	Coding is now a piece of cake The administrator has disabled public write access.

Re: ACL view access issue 05 Jun 2013 13:46 #7343

dyvel Offline Elite Member Posts: 200 Thank you received: 11 Karma: 10	Yes, I added the publish/state wizard. And ACL works (well almost) when publish = false. But the problem is, then the user can't edit his/her own items even though I added ACL for the user group in sandbox to allow edit own.
	Last Edit: 05 Jun 2013 14:00 by dyvel. The administrator has disabled public write access.

Re: ACL view access issue 05 Jun 2013 16:54 #7360

admin Offline Administrator Chef Posts: 3711 Thank you received: 987 Karma: 140	ACL view.own must also be activated.
	Coding is now a piece of cake The administrator has disabled public write access.

Re: ACL view access issue 05 Jun 2013 16:57 #7361

dyvel Offline Elite Member Posts: 200 Thank you received: 11 Karma: 10	Yes, i have: - Create - View own - Edit own - Delete own set to allow, rest to disallow... but as I said, my user can't edit (the checkbox is removed from the list)
	The administrator has disabled public write access.

Re: ACL view access issue 05 Jun 2013 17:08 #7363

admin
Offline
Administrator
Chef
Posts: 3711
Thank you received: 987
Karma: 140

And if you try to access by URL ? Is it working ?

Because ACL applies 2 times :
- To show the checkbox :
in the params properties of your item, you find the tags (access-edit, access-read, ...)
- To enter the layout page.
in the view files

What is resulting from the functions canCreate(), canEdit(), canView(), ... of your ITEM model class ?
Those functions are handling (in LIST, and ITEM), all the ACL for all your component.

You can try to debug going there to fix.
The tags (access-edit) are loaded in the LIST model :
populateParams();

You can for example try to override this function and see the result.
I will dig in.

The first who find post the anwser...

Coding is now a piece of cake

The administrator has disabled public write access.

Re: ACL view access issue 19 Feb 2015 23:01 #12847

BTB300 Offline Moderator Posts: 415 Thank you received: 132 Karma: 47	Just a question is this ACL issue still happening? - I did some lengthy research and testing on Cook ACL a while back if its still happening perhaps i can help
	The administrator has disabled public write access.

Forum

Debug

Closed tickets.

[CLOSED] ACL view access issue