We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Find out whether a user has permission view a document

    • 15566
    • 73 Posts
    keiron77 Reply #1, 10 years, 2 months ago
    I have some code in a snippet that lists child ids by using $this->modx->getChildIds(), then from this I am using $childresource to find out more information about the resource (e.g. $childresource->get('pagetitle')). For some reason, although the permissions have been set up, some resources are displaying even-though the user isn't supposed to see them. How can I check if the user should see a resource or not using the API. I have tried using hasPermission(), getGroupsList(), checkPolicy() but I can't get anything to work.


    $childids = $this->modx->getChildIds($id, 1, array('context' => 'web'));
if (is_array($childids)) {
foreach($childids as $child) {
$childresource = $this->modx->getObject('modResource', $child);
if($childresource){
// Check a user should see the resource, if so return $childresource->get('pagetitle')
}
}
}
    [ed. note: keiron77 last edited this post 10 years, 2 months ago.]
      • 3749
      • 24,544 Posts
      BobRay Reply #2, 10 years, 2 months ago
      It depends on what's in your various ACL entries.

      Sometimes it's easier to use something like this:

      $userGroups = array('group1','group2');

if ($modx->user->isMember($userGroups)) {
   /* Ok to view resource */
}
        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
        • 15566
        • 73 Posts
        keiron77 Reply #3, 10 years, 2 months ago
        Is it possible to get the groups dynamically, so instead of:

        $groups = array('group1','group2');

        I can use something like:

        $groups = $childresource->getGroups();

        With this particular site the groups can change on a fairly regular basis - new ones added, other change etc.
          • 3749
          • 24,544 Posts
          BobRay Reply #4, 10 years, 2 months ago
          It would be nice if it were that simple. It actually takes some convoluted code to find out which resource groups the resource belongs to. Then you'd have some more convoluted code to find out if the user belongs to a user group that has access to any of them.

          If there's a complex relationship between User Groups and Resource Groups that changes often, you're better off getting the ACL entries to work. If they're set up properly, this should work:

          if ($childresource->checkPolicy('some_permission')) {
   /* Ok to view */
}


          You just have to make sure the users who shouldn't see the resources don't have the permission. The permission to use will be in the policy attached to the appropriate Resource Group Access ACL entry for the front-end context. The 'view' permission would make sense as long as (anonymous) users don't have it.
            Did I help you? Buy me a beer
            Get my Book: MODX:The Official Guide
            MODX info for everyone: http://bobsguides.com/modx.html
            My MODX Extras
            Bob's Guides is now hosted at A2 MODX Hosting