Implementing access control on breeds listing page.

In the Creating Toolbar and config options at backend section, we have created the configuration options for access control list at backend through which, we are going to control access for a user group to determine which one of it can perform which operation in the component. You can access that by going to the component backend and clicking on the “Options” tab as shown in the screenshot below.

After clicking on this, you will get the configuration page and clicking on the Permissions tab, you will get the following screen which is meant to control access to our component key functions like viewing, creating, editing, deleting, updating and updating own.

 

Files to create / update

update  default.php   /site/views/breeds/tmpl/default.php

File Details

/site/views/breeds/tmpl/default.php

<?php
// No direct access
defined('_JEXEC') or die;

JHtml::addIncludePath(JPATH_COMPONENT . '/helpers/html');
JHtml::_('bootstrap.tooltip');
JHtml::_('behavior.multiselect');
JHtml::_('formbehavior.chosen', 'select');

$user       = JFactory::getUser();
$userId     = $user->get('id');
$listOrder  = $this->state->get('list.ordering');
$listDirn   = $this->state->get('list.direction');

$canCreate  = $user->authorise('core.create', 'com_breed');
$canEdit    = $user->authorise('core.edit', 'com_breed');
$canCheckin = $user->authorise('core.manage', 'com_breed');
$canChange  = $user->authorise('core.edit.state', 'com_breed');
$canDelete  = $user->authorise('core.delete', 'com_breed');

?>

<form action="<?php echo JRoute::_('index.php?option=com_breed&view=breeds'); ?>" method="post"
      name="adminForm" id="adminForm">

<?php
      echo JLayoutHelper::render('joomla.searchtools.default', array('view' => $this));
?><br><br>
	<table class="table table-striped" id="breedList">
		<thead>
		<tr>
		<?php if (isset($this->items[0]->id)): ?>
				<th width="1%" class="nowrap center hidden-phone">
					<?php echo JHtml::_('grid.sort', 'JGRID_HEADING_ID', 'a.id', $listDirn, $listOrder); ?>
				</th>
			<?php endif; ?>
							<th class=''>
				<?php echo JHtml::_('grid.sort',  'COM_BREED_BREEDS_BREEDNAME', 'a.breedname', $listDirn, $listOrder); ?>
				</th>
				<th class=''>
				<?php echo JHtml::_('grid.sort',  'COM_BREED_BREEDS_PIC', 'a.pic', $listDirn, $listOrder); ?>
				</th>
				<th class=''>
				<?php echo JHtml::_('grid.sort',  'COM_BREED_BREEDS_BREEDCAT', 'a.breedcat', $listDirn, $listOrder); ?>
				</th>			
					<th class="center">
				<?php echo JText::_('COM_BREED_BREEDS_ACTIONS'); ?>
				</th>
		</tr>
		</thead>
		<tfoot>
		<tr>
			<td colspan="<?php echo isset($this->items[0]) ? count(get_object_vars($this->items[0])) : 10; ?>">
				<?php echo $this->pagination->getListFooter(); ?>
			</td>
		</tr>
		</tfoot>
		<tbody>
		<?php foreach ($this->items as $i => $item) : ?>
			<?php $canEdit = $user->authorise('core.edit', 'com_breed'); ?>

							<?php if (!$canEdit && $user->authorise('core.edit.own', 'com_breed')): ?>
					<?php $canEdit = JFactory::getUser()->id == $item->created_by; ?>
				<?php endif; ?>
			<tr class="row<?php echo $i % 2; ?>">

			<?php if (isset($this->items[0]->id)): ?>
					<td class="center hidden-phone">
						<?php echo (int) $item->id; ?>
					</td>
				<?php endif; ?>

								<td>

				<a href="/nomi/<?php echo JRoute::_('index.php?option=com_breed&view=breed&id='.(int) $item->id); ?>">
				<?php echo $this->escape($item->breedname); ?></a>
				</td>
<td> <img src="/nomi/<?php echo JURI::base(); ?>/components/com_breed/breedpic/<?php echo $item->pic;; ?>" width="100px">   </td>
				<td>

					<?php echo $item->breedcat; ?>
				</td>

							<?php if ($canEdit || $canDelete): ?>
					<td class="center">
						<?php if ($canEdit): ?>
		
							<a href="/nomi/<?php echo JRoute::_('index.php?option=com_breed&task=breedform.edit&id=' . $item->id, false, 2); ?>" class="btn btn-mini" type="button"><i class="icon-edit" ></i></a>
					<?php endif; ?>
						<?php if ($canDelete): ?>
							<button data-item-id="<?php echo $item->id; ?>" class="btn btn-mini delete-button" type="button"><i class="icon-trash" ></i></button>
					
					<?php endif; ?>
					</td>
				<?php endif; ?>

			</tr>
		<?php endforeach; ?>
		</tbody>
	</table>

	<?php if ($canCreate) : ?>
		<a href="/nomi/<?php echo JRoute::_('index.php?option=com_breed&task=breedform.edit&id=0', false, 2); ?>"
		   class="btn btn-success btn-small"><i
				class="icon-plus"></i>
			<?php echo JText::_('COM_BREED_ADD_ITEM'); ?></a>
	<?php endif; ?>

In this step of the tutorial, we are trying to implement ACL to our breeds listing page, so that the edit and delete operations access on this page could be controlled. To make it happen, first we have added a code snippet to the default.php file of the frontend breeds listing view, from line 15 to 19 as shown above.

For implementing action controls in the code, we are just calling the authorise() method of JUsers class which takes two arguments, the first one is the action and the second is the asset name. Action refers to the access granted,like create, edit etc and asset name refers to the name of the component. 

Now, for making these action controls to work, we are using if structure like this, <?php if ($canEdit){ // edit icon } ?> It means that if that a user belonging to that specific group is allowed to edit an item, an edit icon or link will appear and he would be able to edit an item. in the above mentioned default.php file code, we have implemented this for showing or hiding the edit and delete icons from line 95 to 106 and similarly to display an add new item button, we have used $canCreate on line 113. On line 135, we have used $canDelete for displaying the javascript confirm delete code.

 

Download Code

Add a Comment

Your email address will not be published. Required fields are marked *

Enjoy best web development services at an affordable price. Looking forward to build a good relationship and serve you better...

ABOUT CODINGACE

My name is Nohman Habib and I am a web developer with over 10 years of experience, programming in Joomla, Wordpress, WHMCS, vTiger and Hybrid Apps. My plan to start codingace.com is to share my experience and expertise with others. Here my basic area of focus is to post tutorials primarily on Joomla development, HTML5, CSS3 and PHP.

Nohman Habib

CEO: codingace.com

Request a Quote