• Hello Fabrik Community

    Fabrik is now in the hands of the development team that brought you Fabrik for Joomla 4. We have recently transitioned the Fabrik site over to a new server and are busy trying to clean it up. We have upgraded the site to Joomla 4 and are running the latest version of Fabrik 4. We have also upgraded the Xenforo forum software to the latest version. Many of the widgets you might have been used to on the forum are no longer operational, many abandoned by the developers. We hope to bring back some of the important ones as we have time.

    Exciting times to be sure.

    The Fabrik 4.0 Official release is now available. In addition, the Fabrik codebase is now available in a public repository. See the notices about these in the announcements section

    We wish to shout out a very big Thank You to all of you who have made donations. They have really helped. But we can always use more...wink..wink..

    Also a big Thank You to those of you who have been assisting others in the forum. This takes a very big burden off of us as we work on bugs, the website and the future of Fabrik.

Access Element not respecting ACL

ontarget

Active Member
Hi I have a list with documents available for download.
some docs should be accessible to certain users others not.
I setup an access element and saved a record with super user access.
However when i log in as a registered user i can still see the record and download the doc.
Is there some setting I'm missing?
Also what is the chain of command for access control
Menu (Registered)
List (Registered)
Row controlled by access element (Registered or Super User)

F3.8.1 and j3.8.11

Here is a screen shot i'm logged in as registered yet i see a doc available for super user only
V5gdkKvM
Screen_Shot_2018-09-26_at_17.36.36.png
 
The 'access' element doesn't automatically apply access controls. It just renders a dropdown of J! access levels in the form.

To pre-filter a list by it for the logged on user, add a prefilter ....

WHERE
Field: your_access_element
Condition: IN
Value: {$my->levels}
Type: query
Apply to: Public

One of these days I might add some companion list plugins for both the 'access' and 'usergroup' elements, to automagically apply ACL's. Or I might even add an access level based setting to the main list ACL's, as we currently do for users with the "or use element" that matches logged on ID against a user ID in a specified element.

But for now ... roll your own prefilter.

-- hugh
 
Hi Hugh,
Thanks for the feedback i'm just getting around to testing this.
I setup my prefilter in the menu with your settings but I am getting a 500 error :
"Fabrik has generated an incorrect query for the list Documents and Forms"

I checked the prefilters wiki http://fabrikar.com/forums/index.php?wiki/list-pre-filters/ and found this little gold nugget
Assigning access based on the view level element plug-in. (top)

This is only possible in Fabrik 3.1 (since 07/04/2013)

where:
field = a view level element
condition: IN
value: {authorisedViewLevels}
type = no quotes

Happily this works!:)
 
How old is your Fabrik?

I added that {$my->levels} relatively recently, like (I think) this year some time.

-- hugh
 
We are in need of some funding.
More details.

Thank you.

Members online

No members online now.
Back
Top