#515 1.9.4 "roles" branch question regarding rights (only use roles for 3 out of 4 rooms in an area)

[Thomas S.]

Hi

I am still struggeling with the roles branch
-I have an area (id 21) which i don't want the default permissions to be applied. Nobody should be able to read/write (done)
-In that area, the default access for all should be read only (done)
-I have 4 rooms for which i have ldap groups containing the people that should have write access (done)
-Now i got a new requirement, 3 out of the 4 rooms should have the ldap-role-based access but the 4th room (id 70) should have read and write access for everybody.

How can i manage to solve this?

The code that i use is

Room.php

public function getDefaultRule(?User $user) : object
{
  $area = Area::getById($this->area_id);
  return $area->getDefaultRule($user);
}

Area.php

public function getDefaultRule(?User $user) : object
{
  // Every area except one has the default permissions
  if ($this->id != 21)  // or whatever the id of your area is
  {
    return parent::getDefaultRule($user);
  }

  // The special area has restricted permissions
  $result = new AreaRule();

  $result->state = $result::GRANTED;

  if (!isset($user) || empty($user->level))
  {
    $result->permission = $result::READ;
  }
  elseif ($user->isAdmin())
  {
    $result->permission = $result::ALL;
  }
  else
  {
    // Modified from the standard WRITE
    $result->permission = $result::READ;
  }

  return $result;
}

Best,
Thomas

[Campbell Morrison]

If I understand you correctly then I think you need to change the method for Room.php to be

public function getDefaultRule(?User $user) : object
{
  if ($this->id == 70)
  {
    return parent::getDefaultRule($user);
  }
  $area = Area::getById($this->area_id);
  return $area->getDefaultRule($user);
}

[Thomas S.]

Yes that works. Thanks a lot (however there is another issue, ill create a new ticket for that)!