RE: [Openinteract-help] Security in CommonHandler

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,

I think you can do this by overriding _show_customize().
You can see an example in the Weblink handler. Basically, you set
MY_OBJECT_FORM_TEMPLATE to return the un-editable template, then in
_show_customize() compare the access levels. If the user has the proper
access level
(>=3DSEC_LEVEL_WRITE), set the $params->{template_name} to be the editabl=
e
template.

But the code is worth a thousand words, check out the Weblink package.

-Victor

> -----Original Message-----
> From: ope...@li...
> [mailto:ope...@li...]On Behalf
> Of Tho...@be...
> Sent: Wednesday, December 12, 2001 11:09 PM
> To: ch...@cw...
> Cc: ope...@li...
> Subject: AW: [Openinteract-help] Security in CommonHandler
>
>
> Yeah thats right, but the form security does not work.
>
> If I set security level at edit to write, user who have read level can =
see
> the form ! Only after clicking "Modify" the message "Task is forbidden"
> appears.
>
> I saw I have to set "show" to write but then all is secure, the
> user should
> only see the Detailform not the editform, so that
>
> /Classified/show/?edit must be writelevel and
> /Classified/show/?classified_id=3Dxx must be level read.
>
> is that possible ?
>
> greets.
> THomas
>
>
> -----Urspr=FCngliche Nachricht-----
> Von: Chris Winters [mailto:ch...@cw...]
> Gesendet: Dienstag, 11. Dezember 2001 17:23
> An: Tho...@be...
> Cc: ope...@li...
> Betreff: Re: [Openinteract-help] Security in CommonHandler
>
>
> * Tho...@be... (Tho...@be...) [011211
> 10:57]:
> > Is it possible to set the other forms secure like the search_form as
> > done below ?
>
> Sure thing -- each 'task' can be listed in the package 'security' hash
> of your handler and assigned a minimum security level. So the
> following security specification:
>
>  %OpenInteract::Handler::Classified::security =3D (
>   search_form =3D> SEC_LEVEL_READ,
>   search      =3D> SEC_LEVEL_READ,
>   show        =3D> SEC_LEVEL_READ,
>   create      =3D> SEC_LEVEL_WRITE,
>   edit        =3D> SEC_LEVEL_WRITE,
>   remove      =3D> SEC_LEVEL_WRITE,
>  );
>
> Means that:
>
>  /Classified/search_form/ --> requires 'read' access to the handler
>  /Classified/search/      --> requires 'read' access to the handler
>  /Classified/show/        --> requires 'read' access to the handler
>  /Classified/create/      --> requires 'write' access to the handler
>  /Classified/edit/        --> requires 'write' access to the handler
>  /Classified/remove/      --> requires 'write' access to the handler
>
> Using:
>
>  %OpenInteract::Handler::Classified::security =3D (
>   DEFAULT_SECURITY_KEY() =3D> SEC_LEVEL_READ,
>  );
>
> Means that the minimum security for any task not specified is
> 'read'. And if a task isn't specified in the package security hash and
> there's no default set by you, then OpenInteract assumes 'write'
> access is required to run the task.
>
> Hope that makes sense,
>
> Chris
>
> --
> Chris Winters (ch...@cw...)
> Building enterprise-capable snack solutions since 1988.
>
> _______________________________________________
> openinteract-help mailing list
> ope...@li...
> https://lists.sourceforge.net/lists/listinfo/openinteract-help
>