Permissions are not assigned to fields in yaml

point111 · July 31, 2023, 3:50pm

code in Plugin.php

 public function registerPermissions()
  {
      return [
          'konvertagency.landing.access_import_export' => [
              'tab'   => 'konvertagency.landing::lang.plugin.name',
              'label' => 'konvertagency.landing::lang.permissions.import_export',
              'roles' => ['developer']
          ]
      ];
  }

config import

import:
  title:import_qw
  modelClass: KonvertAgency\Landing\Models\PageImport
  list: $/konvertagency/landing/models/pageimport/columns_import.yaml
  form: $/konvertagency/landing/models/pageimport/fields_import.yaml

code in fields_import.yaml


fields:
    auto_create_lists:
        label: 'konvertagency.landing::lang.pages.hidden'
        type: checkbox
        default: true
        permission: 'konvertagency.landing.access_import_export'
    filename:
        label: filename
        type: text
        permission: 'konvertagency.landing.access_import_export'

the “filename” and “auto_create_lists” fields are visible to users without the ‘developer’ role

is there a method to set download permission $/konvertagency/landing/models/pageimport/fields_import.yaml?

apinard · July 31, 2023, 4:01pm

the property ‘permission’ should be ‘permissions’, permission with an S according to the documentation here : https://docs.octobercms.com/3.x/element/form-fields.html#field-properties

fields:
    auto_create_lists:
        label: 'konvertagency.landing::lang.pages.hidden'
        type: checkbox
        default: true
        permissions: 'konvertagency.landing.access_import_export'
    filename:
        label: filename
        type: text
        permissions: 'konvertagency.landing.access_import_export'

Does it work if you try?

point111 · July 31, 2023, 4:09pm

Yes, it work . Thank you.
Is it possible to block the loading of fields_import.yaml for users without the role of developer, so that there is no point 3 in the form of import, which will be empty

apinard · July 31, 2023, 5:07pm

In this case, would it be better to put the permission on the navigation menu ?

I would suggest if you do so, to not forget to add a permission at the controller level ($requiredPermissions) : Controllers - October CMS - 3.x

point111 · August 2, 2023, 11:25am

it turned out to be more convenient to specify the configuration in the controller

 public $importExportConfig = 'config_import_export_selected_only.yaml';

  public function __construct()
  {

    if (BackendAuth::userHasAccess('konvertagency.landing.access_import_export')) {
      $this->importExportConfig = 'config_import_export_all.yaml';
    }

    parent::__construct();
    BackendMenu::setContext('KonvertAgency.Landing', 'main-menu-item', 'pages');
  }

apinard · August 2, 2023, 5:22pm

ah ok, you have a different configurations depending of the role (which you manage by a permission) but you still want them to be able to access the controller - where I thought you didn’t want them to get access at all !

Now, to add to your solution, if the controller is in another plugin but you still want to manage the configuration files (yaml) based on a role or permission, you can do this in your Plugin.php :

 public function boot() {
       \App::before(function() { 
             $this->extendControllerABC();
        }
}

public function extendControllerABC() {

     \AuthorA\PluginA\Controllers\ABC::extend(function($controller) {

            if (!$controller instanceof \AuthorA\PluginA\Controllers\ABC) {
                return;
            }

            $user = \BackendAuth::getUser();
            $roleCode = ($user && $user->role) ? $user->role->code : null;

            $controller->formConfig = '$/authorB/pluginB/controllers/abc/config_form.yaml';
            $controller->listConfig = '$/authorB/pluginB/controllers/abc/config_list.yaml';
            $controller->importExportConfig = '$/authorB/pluginB/controllers/abc/config_import_export.yaml';

            if ($roleCode && $roleCode == 'admin') /* or (BackendAuth::userHasAccess('konvertagency.landing.access_import_export')) */ {
                $controller->formConfig = '$/authorB/pluginB/controllers/abc/config_form_admin.yaml';
                $controller->listConfig = '$/authorB/pluginB/controllers/abc/config_list_admin.yaml';
                $controller->importExportConfig = '$/authorB/pluginB/controllers/abc/config_import_export_admin.yaml';
            }
     }
}

point111 · August 2, 2023, 5:52pm

No, I want all users to access the controller, but with different options. This is an import/export of records of a model that has a NestedTree, so the content manager can import records, but without the id, parent_id, nest_left, nest_right, nest_depth fields, and the developer can import records without restrictions and this will require an auto-increment reset. But I “wrote your solution in a notebook” and someday I will use it.