- Forums
- Support and Presales
- Professional Members Support
- Customized CB auto action CB Gallery - Privacy - Authorized
Customized CB auto action CB Gallery - Privacy - Authorized
- phcprod
- OFFLINE
-
Junior Member
- Posts: 39
- Thanks: 1
- Karma: 0
3 years 9 months ago #319560
by phcprod
Replied by phcprod on topic Customized CB auto action CB Gallery - Privacy - Authorized
I'm having trouble to understanding the logic of the plugin.
The solution written in my previous post does not work.
I have the structure as in attachment 1 and the cb rule is configured on the access level corresponding to "Premium" for all groups "NNNN Premium (Group)"
Despite the double condition, the content (whatever the cb confidentiality rule) is seen by all those who are in one of the usergroups children of "subscribers" while the value of [cb_id_groupe_acl_premium] is different for each group.
I assume that in the auto action [user_id] is the "viewer user" and [loop_user_id] the "displayed user"
How to configure the auto action so that confidentiality is applied correctly?
The solution written in my previous post does not work.
I have the structure as in attachment 1 and the cb rule is configured on the access level corresponding to "Premium" for all groups "NNNN Premium (Group)"
Despite the double condition, the content (whatever the cb confidentiality rule) is seen by all those who are in one of the usergroups children of "subscribers" while the value of [cb_id_groupe_acl_premium] is different for each group.
I assume that in the auto action [user_id] is the "viewer user" and [loop_user_id] the "displayed user"
How to configure the auto action so that confidentiality is applied correctly?
Please Log in to join the conversation.
beat
Team Member- OFFLINE
- Posts: 8175
- Thanks: 528
- Karma: 352
3 years 9 months ago #319568
by beat
I don't see any setting based on access level, but only on user-groups in your previous posts.
For access-levels, you should be able to use:
[cb:if viewaccesslevel includes "1"]I am Public[/cb:if]
[cb:if viewaccesslevel !includes "1"]I am NOT Public[/cb:if]
and any other substitutions listed in our documentation:
www.joomlapolis.com/documentation/279-community-builder/tutorials/18353-using-substitutions-throughout-cb
Beat - Community Builder Team Member
Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
Replied by beat on topic Customized CB auto action CB Gallery - Privacy - Authorized
phcprod wrote: I'm having trouble to understanding the logic of the plugin.
The solution written in my previous post does not work.
...
I don't see any setting based on access level, but only on user-groups in your previous posts.
For access-levels, you should be able to use:
[cb:if viewaccesslevel includes "1"]I am Public[/cb:if]
[cb:if viewaccesslevel !includes "1"]I am NOT Public[/cb:if]
and any other substitutions listed in our documentation:
www.joomlapolis.com/documentation/279-community-builder/tutorials/18353-using-substitutions-throughout-cb
Beat - Community Builder Team Member
Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
Please Log in to join the conversation.
- krileon
Team Member- OFFLINE
- Posts: 68551
- Thanks: 9095
- Karma: 1434
3 years 9 months ago #319575
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Customized CB auto action CB Gallery - Privacy - Authorized
Ok, looks like you're wanting to stop the authorization check done by CB Privacy if the viewing user has a usergroup that matches cb_id_groupe_acl_premium. To do this make a copy of "CB Gallery - Privacy - Authorized" in CB Auto Actions > System Actions and then unpublish the "CB Gallery - Privacy - Authorized" system action. Now publish your copy of the system action. This effectively replaces the system action with your own. Next add the following AND condition (use the "Add AND Rows" button).
Field: Custom > Code
Code:Operator: Not Equal To
Value: SKIP
We have to use PHP for this because we can't nest a complicated substitution inside of a substitution. It only allows nesting simple substitutions. So instead we'll use PHP to build a user object from the loop_user_id. We then get that users field value for cb_id_groupe_acl_premium. Next we see if the viewing user has cb_id_groupe_acl_premium in their list of usergroups. If they do it will respond with SKIP and cause the condition to block the auto action from working, which blocks the CB Privacy check from taking place.
Instead of replacing the system action however you could just override the authorized check in CB Privacy with custom behavior. To do this you'd use the below.
Global
Triggers: privacy_onAuthorized
Type: Code
User: Specific
User IDs: [var3_user_id]
Access: Everybody
Conditions
Condition 1
Field: Custom > Value
Custom Value: [var3_asset]
Operator: Is REGEXP
Value: /^gallery./
Condition 2
Field: Custom > Value
Custom Value: [cb:if user="[var2]" usergroup includes "[cb_id_groupe_acl_premium]"]ALLOWED[/cb:if]
Operator: Equal To
Value: ALLOWED
Action
Method: PHP
Code:Parameters
Reference Variables: Variable 1
What the above does is first checks if the privacy rule is being applied to CB Gallery. If it is it checks if the accessing user (their user id is sent in [var2]) has a usergroup matching [cb_id_groupe_acl_premium] for the owner of the privacy rule. If they do then it sets var1 to true, which tells it they're authorized to have access to whatever that privacy rule is protecting. This should be a cleaner approach to avoid having to maintain a copy of a system action.
Field: Custom > Code
Code:
$loopUser = CBuser::getUserDataInstance( (int) '[loop_user_id]' );
$loopACL = $loopUser->get( 'cb_id_groupe_acl_premium', 0, \CBLib\Registry\GetterInterface::INT );
return ( $loopACL ? ( in_array( $loopACL, \CBLib\Application\Application::MyUser()->getAuthorisedGroups() ) ? 'SKIP' : 'CHECK' ) : 'CHECK' ); Value: SKIP
We have to use PHP for this because we can't nest a complicated substitution inside of a substitution. It only allows nesting simple substitutions. So instead we'll use PHP to build a user object from the loop_user_id. We then get that users field value for cb_id_groupe_acl_premium. Next we see if the viewing user has cb_id_groupe_acl_premium in their list of usergroups. If they do it will respond with SKIP and cause the condition to block the auto action from working, which blocks the CB Privacy check from taking place.
Instead of replacing the system action however you could just override the authorized check in CB Privacy with custom behavior. To do this you'd use the below.
Global
Triggers: privacy_onAuthorized
Type: Code
User: Specific
User IDs: [var3_user_id]
Access: Everybody
Conditions
Condition 1
Field: Custom > Value
Custom Value: [var3_asset]
Operator: Is REGEXP
Value: /^gallery./
Condition 2
Field: Custom > Value
Custom Value: [cb:if user="[var2]" usergroup includes "[cb_id_groupe_acl_premium]"]ALLOWED[/cb:if]
Operator: Equal To
Value: ALLOWED
Action
Method: PHP
Code:
$variables['var1'] = true;Reference Variables: Variable 1
What the above does is first checks if the privacy rule is being applied to CB Gallery. If it is it checks if the accessing user (their user id is sent in [var2]) has a usergroup matching [cb_id_groupe_acl_premium] for the owner of the privacy rule. If they do then it sets var1 to true, which tells it they're authorized to have access to whatever that privacy rule is protecting. This should be a cleaner approach to avoid having to maintain a copy of a system action.
Correct. The [loop] variable is actually the objects being looped. In this case it's the gallery media objects. So [loop_user_id] is actually just the owner of the gallery media.I assume that in the auto action [user_id] is the "viewer user" and [loop_user_id] the "displayed user"
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
Moderators: beat, nant, krileon
- Forums
- Support and Presales
- Professional Members Support
- Customized CB auto action CB Gallery - Privacy - Authorized
Time to create page: 0.222 seconds
-
You are here:
- Home
- Forums
- Support and Presales
- Professional Members Support
- Customized CB auto action CB Gallery - Privacy - Authorized