Via BE it's possible to give a fe_user access to content if the fe_group she/he belongs to has as a subgroup the fe_group which is defined as the group having access to the content.
So e.g. if I define 'Product Group 02' (uid=2) should have access to specific content via BE, a fe_user that belongs to 'User Group 03' (uid=6), which has as a subgroup 'Product Group 02' (uid=2), the fe_user can access the content.
fe_groups setup:
uid|title|subgroup
1|Product Group 01|
2|Product Group 02|
3|Product Group 03|
4|User Group 01|1
5|User Group 02|
6|User Group 03|2,3
But if I define directly in my fluidtemplate that {f:cObject(typoscriptObjectPath: 'lib.usergroup')} == '2' should have access to the content and subsequently 'User Group 03', the mentioned fe_user can't access it:
typoscript:
lib.usergroup = TEXT
lib.usergroup.data = TSFE:fe_user|user|usergroup
partial.html
<f:if condition="{f:cObject(typoscriptObjectPath: 'lib.usergroup')} == '2'">
...
</f:if>
// ... of course, if the fe_user belongs to 'Product Group 02' he can access it.
But is it possible to stick to the above fe_groups structure and still give the mentioned fe_user access to the content via fluid?
TSFE:fe_user|user|usergroup fetches what is exactly stored in user's usergroup. In your case there is a 6 stored and you compare it with 2, which returns false.
Moreover such a solution can bring more troubles, if you set more, than one usergroup for your user. In such a case the TSFE:fe_user|user|usergroup will return a comma-separated list of usergroups uid, like 6,2,3 and your condition will result in false again.
Correct way is in using f:security.ifHasRole ViewHelper.
So, something like this should help you:
<f:security.ifHasRole role="2">
Your stuff here
</f:security.ifHasRole>
Related
I don't know what is the field "access_group int(11) DEFAULT 0 NOT NULL" for? First I thought it's for restriction by user_group, but there is an field "fe_group varchar(100) DEFAULT '' NOT NULL" for it. You can find the field also at the documentation Preparing the database , but I couldn't find a description for it, only for "fe_group".
access_group is the be_user group.
In TYPO3 you have an access-system similar to the unix-rights, where you can grnat access to pages (and records in the page).
There is a menu entry System->Access where you select a page and can set values for multiple levels recursive:
You can set Owner and Group and the granted rights which are assigned for
Owner, Group, Everybody
the rights are coded bitwise (other order than displayed):
1 (2^0) Show page: Show/Copy page and content.
2 (2^4) Edit content: Change/Add/Delete/Move content.
3 (2^1) Edit page: Change page eg. change pagetitle etc.
4 (2^2) Delete page: Delete/Move page and content.
5 (2^3) New pages: Create new pages under this page.
These values can be set with TCEMAIN in the page TSconfig, so all pages in a sub tree might get the same rights.
Example:
TCEMAIN.permissions {
userid = 43
groupid = 5
user = 31
group = 19
everybody = 1
}
Each page will get the user with the uid 43 as owner,
the group will be the group with the uid 5,
the owner has every right,
the group can show page, edit page, edit content but can not delete page or create new pages below
every one else can see the page
Alternatively you can set the rights by keywords:
TCEMAIN.permissions {
userid = 43
groupid = 5
user = show, edit, delete, new, editcontent
group = show, edit, editcontent
everybody = show
}
comment from Rudy Gnodde, which I agree:
This is only used for pages, not in custom tables for extensions. It's probably a mistake in this documentation. It should be fe_group I think (which is mentioned in this documentation, but not in the code example which contains access_group).
As TYPO3 manuals can be edited by everyone (there is a button Edit me on GitHub in the upper right corner), I have proposed a correction.
I'm building a web app using web2py for attending employees.
this is the db in the model
db.define_table(
'employee',
Field('name'),
format = '%(name)s'
)
db.define_table(
'attendance',
Field('employee_id',db.employee),
Field('attend','boolean'),
Field('comments','text')
)
This is the controller:
employeeIDS=db(db.employee).select(db.employee.ALL)
table=[]
for eid in employeeIDS:
table.append([eid.name,INPUT(_type="checkbox",_name=eid.id,_id=eid.id),INPUT(_type="text",_name="comments",_id=eid.id)])
form=FORM( TABLE(TR("employee name","attended?","comments"),*[TR(*rows) for rows in table]),INPUT(_type="submit",_value="SUBMIT"))
if form.accepts(request,session):
response.flash="form accepted"
print(request.vars)
elif form.errors:
response.flash="form is invalid"
else:
response.flash="please fill the form"
return dict(form=form,vars=form.vars)
My question is this:
How can I access the id of the attend and comments fields in each row to associate these fields with the related employee. So, when I insert the form.vars to the attendance table, I guarantee that each employee recorded as attendance or absence and the related comments will inserted too.
Thanx
Instead of giving each comments input the same name, make the names unique, including the record ID as part of the name:
INPUT(_type="text", _name="comments_%s" % eid.id)
Then you will have form.vars.comments_1, form.vars.comments_2, etc.
As an aside, note that HTML id attributes should be unique, but you are using the value eid.id as the id attribute of both the checkbox input and the comments input.
I think a better choice is to use SQLFROM instead of FORM.
There you can customize the resulting form in the view right the layout you want to, even with HTML helper for tables, you have already used.
Please have a look at the signature of the SQLFORM - it offers a lot options as labels or showid (following the link just scroll down a little).
To exclude a field of being changed or even displayed in the SQLFORM use:
db.my_table.a_field.writable = False
db.my_table.a_field.readable = False
as described here - it's the same for SQLFORMS.
I have an extension (Typo3 8.7.4) with categories in mm relation. The categories are saved in different pages. So i want to select only categories who are saved in the tree of a certain page and the subpages of this certain page. Is there a marker like the condition in typoscript "PIDinRootline" for selectin entries for foreign_table_where in TCA?
rootUid ist the correct treeConfig
The TCA foreign_table_where is documented on this page:
https://docs.typo3.org/typo3cms/TCAReference/ColumnsConfig/Type/Select.html#
An here you can find an explanation of the possible markers you can use in the query:
https://docs.typo3.org/typo3cms/TCAReference/ColumnsConfig/Type/Select.html#foreign-table-where
E.g. you can use ###CURRENT_PID### to fetch records form the current page.
Try to use below typoscript.
This checks if one of the figures in "pages-uidl" is a PID (pages-uid) in the rootline:
[PIDinRootline = pages-uid, pages-uid, ...]
Do the same as PIDinRootline, except the current page-uid is excluded from check.
[PIDupinRootline = pages-uid, pages-uid, ...]
i often use conditions with [PIDinRootline = {$any-id}] which checks if the given ID is inside the current rootline.
Now i need something similar for a given PID.
I thought about a ViewHelper that accepts a PID and an ID as arguments and builds a rootline for PID and checks against ID. Is there anything already available or did anybody do something like that in the past?
best regards,
simon
Using EXT:vhs, it this should work:
<f:if condition="{v:page.rootline(pageUid: X.uid) -> v:iterator.filter(propertyName: 'uid', filter: Y.uid)}">
<f:then>X is child page of Y</f:then>
<f:else>X is not a child page of Y</f:else>
</f:if>
It calculates the root line of the child page X (which is an array of page records), then filters out all elements having an uid that is different from the uid of Y, and checks whether the result is empty.
<v:condition.page.isChildPage then="[mixed]" else="[mixed]" pageUid="123" respectSiteRoot="1">
<!-- tag content - may be ignored! -->
</v:condition.page.isChildPage>
https://fluidtypo3.org/viewhelpers/vhs/master/Condition/Page/IsChildPageViewHelper.html
Is there a way to set a default category for tt_news, in such a way that a user don't need to explicitly assign the category when creating a news?
You can set it with PageTS:
TCAdefaults.tt_news.category = 123
Make sure that editing user (if is not a admin) has proper rights to edit category field, otherwise the default category won't be saved.