[solved] User's Authorized viewlevels in prefilter

pastvne

pastvne

Bruce Decker
Alright gang, here's another one for the wiki. It just amazes me how flexible fabrik is and how simple it can be to do such complex things. It is such as well-conceived system and I just love working with it. On to the trick.

I have a table where an element holds the view level. The idea is that I want to only show certain records if a user is authorized for a view level in Joomla.

The answer I found was so simple and so powerful I wanted to share the trick in case there are others out there that could use it. I also think this would be an excellent add to the wiki docs under prefiltering and perhaps also referenced under the $my-> placeholder discussion.

To make this work, I just had to add this simple prefilter:

Prefilter:
Join=WHERE
Field=<name of element that holds the raw view level id>
Condition=IN
Value=
Code: 
$user = JFactory::getUser();
return implode(',',$user->getAuthorisedViewLevels());
Type=Eval
Apply to= <as you see fit>

That's it. It's fast since the eval is done just once at the start of the query and so flexible.
Thanks Rob, Hugh, Robbie and all the rest for such a beautifully designed product.

-Bruce
 
Last edited:
Okay: To restate the challenge, I have a column in a list that stores the joomla view-level id for that record. The idea is to limit access to that database record to only users that have that view-level privilege.

The Fabrik Advanced > Eval PHP field could do this easily with 2 lines of PHP using Joomla's API that exposes authorized view-levels for the user. This works for the element itself. But when you turn on filters for that element, the values presented in the filter's pull-down are not passed through the eval so all view levels are presented.

I decided to try to use the Data-Where > Filter Where property. The challenge was that Joomla stores the groups that make up a view level in JSON format. I spent hours trying to figure out how to extract and convert the JSON to a CSV and finally gave up and restored to an awful hack using REPLACE().

Here's the filter where I came up with:

Code: 
{thistable}.view_level IN (SELECT DISTINCT `#__viewlevels`.`id`
FROM #__user_usergroup_map
LEFT JOIN #__viewlevels ON REPLACE(REPLACE(rules,'[',','),']',',') LIKE CONCAT('%,',`group_id`,',%')
WHERE user_id ='{$my->id}')

So, this uses my field that stores the view-level for this record {thistable}.view_level then checks to see if it is within the result of a query. The query works backwards from joomla's user_usergroup_map table and join the viewlevels table to it. Then, it uses the hack to swap out the json string stored in joomla's viewlevel table, rules column, with extra commas so that the first and last values all have leading and trailing commas. Then I do a LIKE looking for any matches of ,<myViewLevel>, within the hacked JSON.

Now, I really really wish that we could just have the filter run the same eval code or allow the Filter-Where to be an eval. That would be slick and simpler. But until then (and until Joomla changes how they map viewlevels and groups in the database, this hacky query seems to do the trick. Sharing here in case it helps anyone and because I am in dire need of being ridiculed for putting together such an awful hack when there is probably a feature right in Fabrik that does this with a click of a button that I've overlooked :)

Will be testing in anger tomorrow.

Troester, if this works, it might be a nice addition to the wiki under.

All the best,
Bruce
 
You must log in or register to reply here.

Useful links

  • Create a Fabrik Account (Downloads)
  • Create a Forum Account
  • Fabrik Wiki
  • Fabrik 4 Changelog /Install /Upgrade
    • We are in need of some funding.
    More details.

    Thank you.

    Members online

    Total: 91 (members: 1, guests: 90)
    Back
    Top