solved form designer field permissions

blindmime
@blindmime
10 years ago
772 posts
I'm trying to get particular form fields to show and hide based to specific users. I can't seem to get it work based on quota and it may just be the way my site works; I'm not sure.

Say, I have a profile admin user under a quota called "office". I also have a profile admin user under a quota called "crew". Both of these users can access/change items in all profiles, but I want the user under the crew quota to NOT see certain fields in a particular form. I was thinking if I check/uncheck the quota boxes in form designer this would work, but does that not work this way? Are these quotas indicating the PROFILE's quota and not the user's quota?

Hope that makes sense.
updated by @blindmime: 11/19/14 03:38:54PM
douglas
@douglas
10 years ago
2,793 posts
There should be groups and quotas in that list, make sure your selecting the quota and not the group. And yes, it should work that way... selecting the quota will allow them to see that form field.


--

Douglas Hackney
Jamroom Team - Designer/Developer/Support
FAQ-Docs-Help Videos
blindmime
@blindmime
10 years ago
772 posts
There are groups and quotas. The groups work, but the quotas don't seem to have any effect. For instance, for a field called "Cost" I have the Master Admin group and Office quota selected. If I'm logged in as Master Admin I can see this field, but when I'm logged in as the user under the Office quota I can't.
updated by @blindmime: 09/10/14 07:53:53AM
brian
@brian
10 years ago
10,148 posts
blindmime:
There are groups and quotas. The groups work, but the quotas don't seem to have any effect. For instance, for a field called "Cost" I have the Master Admin group and Office quota selected. If I'm logged in as Master Admin I can see this field, but when I'm logged in as the user under the Office quota I can't.

And you're running the latest core? I know this was an issue a few releases back, but this should no longer be an issue.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
blindmime
@blindmime
10 years ago
772 posts
Yes, I just updated to the latest today. This is the site you've been on before when we were looking into something like this. I don't think it was exactly this, but something similar (it was more about the custom form module). The module I'm looking at now is Aparna-generated.
blindmime
@blindmime
10 years ago
772 posts
Hmm. The quota checkboxes don't seem to be doing anything here.
brian
@brian
10 years ago
10,148 posts
blindmime:
Hmm. The quota checkboxes don't seem to be doing anything here.

I'm not sure what you mean by "quota checkboxes" - when in the form designer the quotas are selected as part of a multi-choice select field - is that what you mean?

Thanks!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
blindmime
@blindmime
10 years ago
772 posts
Sorry, yes, I mean the multi-choice select field.
brian
@brian
10 years ago
10,148 posts
I just tested this here and I don't see any issues with the "Display Groups" multi select - whatever is selected "sticks" and is working for me. When you select multiple groups and save, and then come back, are your choices no longer selected or is that what you've selected does not appear to be working?

Thanks!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
blindmime
@blindmime
10 years ago
772 posts
I may be trying to do something it's not set up to do. This particular site currently only has a master admin and three profile admins. They all manage many profiles which are properties which have multiple tasksbeing created and managed (via a custom Aparna module) . The Office and Manager users enter cost information for these tasks which they don't want the Crew users to see, but the Crew users need to be able to check off information in tasks for all the properties so all the users need profile admin access, I just want to hide some of the form fields.

I thought I might do this by quota since each user's profile has a different quota, but this doesn't seem to have any effect on what shows to profile admins.
brian
@brian
10 years ago
10,148 posts
Yeah - I think that would be correct, since there's no way right now to select "users only - not admins" - since admins and masters will always see anything the user sees - does that sound like what you are seeing?


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
blindmime
@blindmime
10 years ago
772 posts
Yes. The only way I see of getting the behavior I want is to make the Crew user a Standard User and then manually assign all profiles to it, which I'd rather not do. Can you think of another solution? I must admit, my understanding of listeners is not very clear; perhaps I could use this approach to automatically assign all profiles to this user on creation?
blindmime
@blindmime
10 years ago
772 posts
I need to get this working for a client. If above is not an option, I wonder if it's possible to hide specific fields in a form based on a specific quota. I'm not well versed on javascript or advanced php but can make my way around somewhat given a point in the right direction, perhaps. Or if someone can do it as a job, let me know.
brian
@brian
10 years ago
10,148 posts
A follow up - is there a reason the crew user must be an admin user?


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
blindmime
@blindmime
10 years ago
772 posts
The crew needs to update completion of tasks and notes for all properties (profiles). Tasks (an Aparna module) have costs and other fields which only the office admins should see.
brian
@brian
10 years ago
10,148 posts
blindmime:
The crew needs to update completion of tasks and notes for all properties (profiles). Tasks (an Aparna module) have costs and other fields which only the office admins should see.

How many different property profiles are there - could it be a lot?


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
blindmime
@blindmime
10 years ago
772 posts
Currently around 20 I believe, but they add them as they get more accounts. It's a property maintenance company.
brian
@brian
10 years ago
10,148 posts
blindmime:
Currently around 20 I believe, but they add them as they get more accounts. It's a property maintenance company.

Got it - so eventually there could he hundreds. I'm just not sure that the idea of having each of these users be an ADMIN just to not have to deal with adding them to the profile (I mean I know what you've done it that way) is the best thing to do - I'm concerned from a security stand point that it could expose areas of your systems to those users that you don't want them to access. If that's not a big deal, then it's probably no worries.

I think the right way to handle this would be to make sure the user's are linked to each of the profiles they have access to so everything internally is handled "properly" - how are the users from the property maintenance company created in the system?

Thanks!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
blindmime
@blindmime
10 years ago
772 posts
There are only 3 users (besides me). The Office admin, The Care admin, and the Crew user. The Crew user is something they've newly wanted added with the extra requirement that this user not see certain form fields. I set up all the users (there aren't any signups). The Office admin sets up the Profiles (they are homes). I am anticipating that there may be additional Crew users as the business grows. Possibly different Care admin users. There may even be Client users at some point who would need different privileges (just a consideration).
updated by @blindmime: 10/14/14 02:46:26PM
brian
@brian
10 years ago
10,148 posts
So just to be sure I understand (I think I do) the "Crew" user needs to have access to the different properties (profiles) but also needs to NOT see specific fields when working in custom forms related to those profiles (or wherever).

Thanks!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
blindmime
@blindmime
10 years ago
772 posts
Yes, exactly.

Thanks Brian.
brian
@brian
10 years ago
10,148 posts
OK - I really think the best bet is to add the Crew user to each property profile, and NOT have them be an admin user - I think in the long run that is going to give you the proper setup when it comes to security.

To address the issue, what we need is a very small custom module that has a db_create_item listener that adds the new profile automatically to any Crew users that exists in the system (i.e. make sure they are in a specific profile).

I'll post some code for you first thing in the morning that should work - I'm a bit behind on some other issues here today and didn't have time to follow up until now, but will let you know.

Hope this helps!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
brian
@brian
10 years ago
10,148 posts
I took 10 minutes and created you a small module - jrLinkProfile - that "automatically" links user accounts to newly created profiles (in specific quota_ids).

Check out the Global Config help and let me know if that will work for you. For your existing "Crew" user you'll need to manually add existing profiles to their user account - the module does not work retroactively.

Let me know if you see issues.

Hope this helps!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

updated by @brian: 10/16/14 09:46:33AM
blindmime
@blindmime
10 years ago
772 posts
Thanks, Brian. I've installed the module and activated it. I've set it to add all new profiles to user id 5. However, it's not assigning them to this user id. It doesn't appear to be working for me, unfortunately. I did an integrity check.
michael
@michael
10 years ago
7,740 posts
could you take a screenshot of what you have set as the settings in the config for the
* User IDs
* Profile Quota IDs

Please.
blindmime
@blindmime
10 years ago
772 posts
Here you go.

I have tried it with 2nd field blank as well.
updated by @blindmime: 10/17/14 04:28:29AM
brian
@brian
10 years ago
10,148 posts
OK try this one - I had the ID's backwards in the linkup function.

Hope this helps!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

updated by @brian: 10/17/14 07:33:18AM
blindmime
@blindmime
10 years ago
772 posts
Cool -- that works now.

Thanks, Brian!
brian
@brian
10 years ago
10,148 posts
blindmime:
Cool -- that works now.

Thanks, Brian!

Right on - glad to hear it ;)


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

Tags