nuBuilder Forum


https://forums.nubuilder.cloud/

Access control list and globeadmin

https://forums.nubuilder.cloud/viewtopic.php?t=11788

Page 1 of 1

Access control list and globeadmin

Posted: Tue Nov 01, 2022 9:53 am
by yvesf
Hello,

I am using now the access control list which works as expected : I have adapted SQL clauses accordingly.
Ex of SQL clause :

Code: Select all

SELECT
 status.*,
    task.*

FROM
    status
        JOIN task ON task.tsk_status = status.status_id
WHERE
  ((task.tsk_assigned_to ='#USER_CODE#'))
When I am connected as globeadmin, I don't see any task because no task has been assigned to globeadmin. How can I desactivate this where clause when I am connected as globeadmin in order to see all data ?
There is maybe another way to implement access control list ? If yes, is there any example of that ?

Many thanks for your help.

Yves

Re: Access control list and globeadmin

Posted: Tue Nov 01, 2022 9:59 am
by kev1n
Change the WHERE clause to:

Code: Select all

((task.tsk_assigned_to ='#USER_CODE#' OR '#GLOBAL_ACCESS#' = '1'))

Re: Access control list and globeadmin

Posted: Tue Nov 01, 2022 10:57 am
by kev1n
SQL corrected

Re: Access control list and globeadmin

Posted: Tue Nov 01, 2022 11:14 am
by nac
Yves,

I often use some PHP code in Before Browse (BB) to create the list of records to be displayed. This is done by modifying the WHERE clause. In the example below I have tried to reproduce your scenario, but this could be extended to use any combination of logic to determine the records that any given user can see. This is done by replacing the 'WHERE TRUE' clause with a customised expression.

Code: Select all

$qry = "
		SELECT status.*,  task.*
		FROM status JOIN task ON task.tsk_status = status.status_id
		WHERE TRUE
";

if ('#ACCESS_LEVEL_CODE#' == 'user_level') {   //  use the code for the access level you require
  $qry = str_replace("WHERE TRUE","WHERE (task.tsk_assigned_to  = '#USER_CODE#') ", $qry );
}

nuRunQuery("CREATE TABLE #TABLE_ID# ".$qry);

Then in the Browse source use:

Code: Select all

SELECT * FROM #TABLE_ID#

I hope this helps.

Neil

Re: Access control list and globeadmin

Posted: Tue Nov 01, 2022 3:20 pm
by yvesf
Thanks Neil, very helpful
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited