2. PHPRunner General questions
  3. Menu Security Question
This topic is locked

Menu Security Question

 		5/10/2012 3:25:10 AM
PHPRunner General questions
W
 wildwally author

Is it possible to hide a whole group within the menu based on user access level? I have numerous tables that I have put within a menu group called Admin Functions. I would like to have that folder/group only appear to site admins.
I need my security settings to allow users to access some of the tables as their are links throughout the site that allow the user to add new on the fly, etc. But I don't want them digging through all the tables, list, etc. And there is no need to confuse them with more options.
C
 		cgphp 5/10/2012

In the "Menu item: modify" event enter the following code:

$admin_tables = array("table1_name","table2_name","table3_name");
$rs = CustomQuery("SELECT GroupID FROM yourtablename_ugmembers WHERE UserName = '".$_SESSION['UserID']."'");

$record = db_fetch_array($rs);
if($record['GroupID'] != -1)

{

if(in_array($menuItem->table,$admin_tables))

{

return false;

}

}

return true;


Replace yourtablename_ugmembers with the name of the table where username and groupid are saved.

Replace table1_name, table2_name and table3_name with the names of tables you want to hide.
W
 		wildwally author 5/10/2012



In the "Menu item: modify" event enter the following code:

$admin_tables = array("table1_name","table2_name","table3_name");
$rs = CustomQuery("SELECT GroupID FROM yourtablename_ugmembers WHERE UserName = '".$_SESSION['UserID']."'");

$record = db_fetch_array($rs);
if($record['GroupID'] != -1)

{

if(in_array($menuItem->table,$admin_tables))

{

return false;

}

}

return true;


Replace yourtablename_ugmembers with the name of the table where username and groupid are saved.

Replace table1_name, table2_name and table3_name with the names of tables you want to hide.


where do I find this "Menu item: modify"?? event page for menu?
hfg 5/10/2012

I believe if a user does not have access to anything in a given folder that folder will not show for them. I just double checked this on a project I have with a similar Admin folder. When I login the Admin folder is there, when I login as a user the admin folder was not. The key is making sure they do not have any permissions to anything in that folder.
In those cases where the users need the same table/view as the admins I will at time create a separate copy for the users.
Sergey Kornilov admin 5/10/2012

"Menu item: modify" event can be found on events screen under Global events.
W
 		wildwally author 5/10/2012

Ok, found the global section what about hiding the folder/group that the files are enclosed in?
Sergey Kornilov admin 5/10/2012

If you hide all links that belong to a certain group - group itself will be hidden as well.