Forums / Developer / How to restrict/redirect certain object views ?
H-Works Agency
Wednesday 03 September 2008 3:17:16 am
Hello,
I want to disallow anonymous users from reading certains object classes in view full.
How can this be done ?
For example users could read 'articles' in view 'line' but not in view 'full'.
Thanx in advance.
EZP is Great
Gabriel Finkelstein
Thursday 04 September 2008 3:29:45 pm
You can always do:
{if [has_access]} [content] {else} You're not allowed bla bla bla. {/if}
In [has_access] you check if the user has a certain role.It's not nice, but it works.
Maxime Thomas
Thursday 04 December 2008 10:00:41 pm
Hi,
You can also set some restriction on policy like only editors can read articles.To make articles appear in the result of a fetch for exemple, you just have to add the limitation parameter with an empty array :
http://ez.no/doc/ez_publish/technical_manual/4_0/reference/modules/content/fetch_functions/list
By this you don't have to put a message.
Max
Maxime Thomas maxime.thomas@wascou.org | www.wascou.org | http://twitter.com/wascou Company Blog : http://www.wascou.org/eng/Company/Blog Technical Blog : http://share.ez.no/blogs/maxime-thomas
André R.
Friday 05 December 2008 12:37:44 am
And you don't have to implement access rules in templates witch are ugly and insecure by design.For instance: If one of your readers knows a few things about eZ Publish he can try to guess for other views you might have beside full and line, he needs to know the node id as well but not something that is to hard in a default ez install. It's even worse if templates decide on edit/delete access..
eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription @: http://twitter.com/andrerom
Script start
Module start 'content'
Module end 'content'
Script end
Time used to render debug report: 0.0002 secs