database level access control

18 years 2 months ago #4681 by mikko
database level access control was created by mikko
Hello

Two of our Joomla installations are proposed to be merged under one site to help administration.

1) In this prosess we have the need to have two different kinds of users in CB who cannot see each others.

2) Also the two users have a bit different configurations of the fields that are available.

I could easily code a hack to accomplish this, but this feature has been requested here before, so it would be better to make this a general feature.

What I propose, is that the plugin API is extended to include SQL query manipulation. By this I mean that a plugin can add extra things in the where clause of each select query, where it from members, tabs, fields or plugins.

Before each select, the SQL would be ran through a plugin function that could modify it.


-Mikko

Please Log in to join the conversation.

18 years 2 months ago #4722 by mikko
Replied by mikko on topic Re:database level access control
Let's say that I get a guy to program this enhancement durign the nxt two weeks. What are that chances that it gets to the next release?

-Mikko

Please Log in to join the conversation.

18 years 2 months ago #4735 by beat
Replied by beat on topic Re:database level access control
Next release is 1.0 stable without known bugs...

Means we have total features freeze at this time, to avoid adding bugs others than the ones done by correcting the known bugs. Only exception to features freeze is the support of the latest Joomla 1.0.x user-features (i.e. the user parameters like editor choice).

Making changes to the SQL queries on the 160+ SQL queries throughout CB is not something that I would call a "minor change"...

We are planing to revisit those in the lights of the new database API of Joomla 1.1. Doing changes before would mean doing the work twice.

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info

Please Log in to join the conversation.

18 years 2 months ago #4771 by mikko
Replied by mikko on topic Re:database level access control
In our case of a hack, the minor changes would be
-appending things to $filterby in HTML_comrofiler::userlists
-appending things to slq in comprofiler::setUserDBrequest

Wouldn't this enable filterrign which users can bee seen through the core CB? Forums, avatar galleries etc would need similar hacks.

Anyway, we will just make our hack and then hope that joomla 1.1. will make things better.

-Mikko

Please Log in to join the conversation.

18 years 2 months ago #4781 by beat
Replied by beat on topic Re:database level access control
mikko wrote:

In our case of a hack, the minor changes would be
-appending things to $filterby in HTML_comrofiler::userlists
-appending things to slq in comprofiler::setUserDBrequest

Wouldn't this enable filterrign which users can bee seen through the core CB? Forums, avatar galleries etc would need similar hacks.

Anyway, we will just make our hack and then hope that joomla 1.1. will make things better.

-Mikko


setUserDBrequest() is just for displaying a single profile in the front-end... There are dozens other places where the users tables are accessedd.

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info

Please Log in to join the conversation.

18 years 2 months ago #4784 by mikko
Replied by mikko on topic Re:database level access control
Well, the only things that we are concerned about is that the datails page of certain group of users is inaccessible by another group. Also, it would be nice to eliminate the links to profiles.

mikko

Please Log in to join the conversation.

Moderators: beatnantkrileon
Time to create page: 0.374 seconds

Facebook Twitter LinkedIn