there is a model admin section in the cms. for the content authors the model admin section shows up in the sidebar (i´ve set Access to 'ModelAdmin' section in the Permissions for the Group.) But for some reason no DataObjects are displayed. Logged in as admin I can see them all.
EDIT: this applies to GridFields in general:
related data objects are not visible in gridfield for content authors.
adding the canView function to the dataobject will help.
Thanks,
Florian
SilverStripe 2.4?
This could be a permission issue. I would try adding the following functions to your managed models (The DataObject classes) if they are missing.
public function canEdit() {
return true;
}
public function canDelete() {
return true;
}
public function canCreate(){
return true;
}
public function canPublish(){
return true;
}
public function canView(){
return true;
}
Related
I am new to laravel. I am facing a very weird problem. I have a model comment which is related to User model in laravel.
The Relationships are defined as such
//App\User model
public function comments()
{
return $this->hasMany('App\comment');
}
And
//App\Comment model
public function User()
{
return $this->belongsTo('App\User');
}
now when i am fetching user and comment s using find and with it is returning data for all the users in the table. My code is like this: App\User::find(1)->with('comments')->get(); Can some one tell me what am doing wrong?
Try something like this
$comments=App\User::whereId(1)->comments->get();
This should load every comment associated with user with ID 1
//App\User model
public function comments() {
return $this->hasMany('App\comment','user_id','id');
}
//In your controller
use App\User;
$comment = User::where('id',2)->comments->get();
//I hope It's work for you!
In Kentico 7, I'm trying to perform actions based on what alternative form is being submitted.
public partial class CMSModuleLoader
{
private class ObjectEventsAttribute : CMSLoaderAttribute
{
public override void Init()
{
ObjectEvents.Insert.Before += My_Create_Account_Page;
}
private void My_Create_Account_Page(object sender, ObjectEventArgs e)
{
if (e.Object is BizFormItem && e.Object != null)
{
BizFormItem formEntry = (BizFormItem)e.Object;
BizFormInfo form = formEntry.BizFormInfo;
if (form.FormName == "MyOpenAccount")
{
// somehow determine which alternative form this is
// do stuff with the fields in that alternative form
}
}
}
}
}
I've been up and down the documentation and found no solution. I could add a field that I would give a default value of the alt. form name, but that opens me up to editors deleting that field, and it still doesn't tell me what other fields are in the alternative form. Any other ideas?
I'm afraid that alternative form name is not accessible if you use ObjectEvents approach. But the information is known by the "Online form" (BizForm) webpart. So you probably have to customize it or create a copy. Bizform control has AlternativeFormFullName property and you can hook on one of its events like OnAfterSave.
I have implemented a CurrentUserPropertyBinder (see below) for a web application using FubuMVC.
public class CurrentUserPropertyBinder : IPropertyBinder
{
private readonly Database _database;
private readonly ISecurityContext _security;
public CurrentUserPropertyBinder(Database database, ISecurityContext security)
{
_database = database;
_security = security;
}
public bool Matches(PropertyInfo property)
{
return property.PropertyType == typeof(User)
&& property.Name == "CurrentUser";
}
public void Bind(PropertyInfo property, IBindingContext context)
{
var currentUser = //check database passing the username to get further user details using _security.CurrentIdentity.Name
property.SetValue(context.Object, currentUser, null);
}
}
When I login to my site, this works fine. The CurrentUserPropertyBinder has all the information it requires to perform the task (i.e. _security.CurrentIdentity.Name has the correct User details in it)
When I try and import a file using fineUploader (http://fineuploader.com/) which opens the standard fileDialog the _security.CurrentIdentity.Name is empty.
It doesn't seem to remember who the user was, I have no idea why. It works for all my other routes but then I import a file it will not remember the user.
Please help! Thanks in Advance
NOTE: We are using FubuMVC.Authentication to authenticate the users
I'm guessing your action for this is excluded from authentication; perhaps it's an AJAX-only endpoint/action. Without seeing what that action looks like, I think you can get away with a simple fix for this, if you've updated FubuMVC.Authentication in the past 3 months or so.
You need to enable pass-through authentication for this action. Out of the box, FubuMVC.Auth only wires up the IPrincipal for actions that require authentication. If you want access to that information from other actions, you have to enable the pass-through filter. Here are some quick ways to do that.
Adorn your endpoint/controller class, this specific action method, or the input model for this action with the [PassThroughAuthentication] attribute to opt-in to pass-through auth.
[PassThroughAuthentication]
public AjaxContinuation post_upload_file(UploadInputModel input) { ... }
or
[PassThroughAuthentication]
public class UploadInputModel { ... }
Alter the AuthenticationSettings to match the action call for pass-through in your FubuRegistry during bootstrap.
...
AlterSettings<AuthenticationSettings>(x => {
// Persistent cookie lasts 3 days ("remember me").
x.ExpireInMinutes = 4320;
// Many ways to filter here.
x.PassThroughChains.InputTypeIs<UploadInputModel>();
});
Check /_fubu/endpoints to ensure that the chain with your action call has the pass-through or authentication filter applied.
I'm trying to replace the Orchard CMS NavigationManager in Orchard.UI.Navigation so I can filter menu items based on permissions. Here is my code:
[OrchardSuppressDependency("Orchard.UI.Navigation.NavigationManager")]
public class MmtNavigationManager : NavigationManager
{
public MmtNavigationManager(IEnumerable<INavigationProvider> providers, IAuthorizationService authorizationService, UrlHelper urlHelper, IOrchardServices orchardServices)
: base(providers, authorizationService, urlHelper, orchardServices)
{
}
public new IEnumerable<MenuItem> BuildMenu(string menuName)
{
var menu = base.BuildMenu(menuName);
return menu;
}
}
This code is in an installed and enabled module. The constructor gets called but never the BuildMenu method; The origional BuildMenu gets called instead.
Any ideas?
Thanks
Ah, sussed it out. I needed to make my new class (MmtNavigationManager) Inherit from INavigationManager as well.
I want to password protect a webpage in Wicket so the user may only access it if he/she has logged in.
I'd also like the page to show the login page, and then after logging in the original page the user was trying to get to.
How is this done with wicket? I've already created a login page and extended the session class.
The framework-supplied way is to provide an IAuthorizationStrategy instance for your application, e.g., by adding to your Application init() method:
init() {
...
getSecuritySettings().setAuthorizationStrategy(...)
}
A working example of Wickets authorization functionality is on Wicket Stuff here, which demonstrates some reasonably complex stuff. For really simple cases, have a look at the SimplePageAuthorizationStrategy. At a very basic level, this could be used like so (taken from the linked Javadoc):
SimplePageAuthorizationStrategy authorizationStrategy = new SimplePageAuthorizationStrategy(
MySecureWebPage.class, MySignInPage.class)
{
protected boolean isAuthorized()
{
// Authorize access based on user authentication in the session
return (((MySession)Session.get()).isSignedIn());
}
};
getSecuritySettings().setAuthorizationStrategy(authorizationStrategy);
Edit in response to comment
I think the best way forward, if you're just going to use something like SimplePageAuthorizationStrategy rather than that class itself. I did something like this to capture pages that are annotated with a custom annotation:
IAuthorizationStrategy authorizationStrategy = new AbstractPageAuthorizationStrategy()
{
protected boolean isPageAuthorized(java.lang.Class<Page.class> pageClass)
{
if (pageClass.getAnnotation(Protected.class) != null) {
return (((MySession)Session.get()).isSignedIn());
} else {
return true;
}
}
};
Then you'd need to register an IUnauthorizedComponentInstantiationListener similar to what is done in SimplePageAuthorizationStrategy (link is to the source code), which should be something like:
new IUnauthorizedComponentInstantiationListener()
{
public void onUnauthorizedInstantiation(final Component component)
{
if (component instanceof Page)
{
throw new RestartResponseAtInterceptPageException(MySignInPage.class);
}
else
{
throw new UnauthorizedInstantiationException(component.getClass());
}
}
});