+- UserSpice (https://userspice.com/forums)
+-- Forum: Support Center (https://userspice.com/forums/forumdisplay.php?fid=23)
+--- Forum: UserSpice 4.3 and Below (https://userspice.com/forums/forumdisplay.php?fid=26)
+--- Thread: User Creation Permission (/showthread.php?tid=330)
User Creation Permission - Brandin - 11-01-2016
We really made this more complicated than it had to be. Or maybe I just explained it horribly.
I used
Code:
admin_user.phpBasically, on the
Code:
admin_user.phpCode:
$userIdI'm actually kinda proud of myself
User Creation Permission - mudmin - 11-01-2016
So let me just make sure we're on the same page...
When you assign someone level 50, you're also assigning them 40,30,20, and 10, right? Now that I'm thinking about this in terms of pages (instead of numbers, that makes sense). I use permissions slightly differently in my own custom apps. For instance Hotel Manager is not assigned the permission of Hotel Worker, even though the manager has more power than the worker. Sometimes I use the different permissions a person has to bring up different views of a particular page. Your way makes a lot of sense though. Great work.
User Creation Permission - Brandin - 11-01-2016
Mudmin,
What you are saying from what I understand corresponds with what I am doing, yes. The way I am setting up my permissions is the following:
-Everyone is a CSR, they have access to all the general pages - most uses will be created on this level
-Log Access, allows access to the personal
Code:
log.php-User Management, allows access to
Code:
admin_user.phpCode:
admin_users.phpCode:
adduser.phpCode:
$userIdCode:
SELECT *Code:
WHERE-System Administrator, has access to the rest.
So in a sense, yes, I use this on page basis, so that everyone has basic access, and then if you need specific role access, you have added permissions.
I hope this makes sense. This is why someone who has access to certain spaces should be able to create someone at their level, because that truly could not hurt anything (theoretically). Because if they were to want to break something, at their level, they could do it from their account lol.
User Creation Permission - mudmin - 11-01-2016
Right. That makes absolute sense. My original answer actually just answered your question in a more literal sense. (anyone with a lower number). Your solution is the better way to go. Your way also accounts for if you start forking things to where one type of manager may not have access to certain pages below them. So I'm writing an app that has
Kitchen Employee
Kitchen Manager
Hotel Employee
Hotel Manager
Maintenance Employee
Maintenance Manager
The way you're doing it would work without caring if the maintenance employee permission level id happens to be higher than the kitchen manager's permission id.
I think you're on the right track.
User Creation Permission - Brandin - 11-01-2016
You got 'er! I didn't think I was doing that good but I guess I am
So what I would do in your case is give your Employees general access, also assign this to your Managers in the same category and then provide the Manager permission level with the specific access they require. That way if you have a Kitchen/Hotel Manager swing, you can assign them both permission levels and it would permit them access to the specific pages they require
User Creation Permission - mudmin - 11-01-2016
I have mine more setup by the person. Some maintenance people have hotel worker access if they need to know if someone is staying in a room for maintenance. Some managers have at least employee access to other parts. That's kind of a nice thing with UserSpice that you can be as granular as you want.
User Creation Permission - Brandin - 11-01-2016
Now...can you think of a way to replicate this on the
Code:
admin_user.phpE.g. I have John Smith who has access to:
CSR
Logs
User Management
When he views Jane Doe, who has full access (including SA), he only sees CSR, Logs and User Management in the remove permissions and nothing in add permissions, because he cannot remove permissions he does not have access to (MGR and SA).
Jane Doe on the other hand, who is SA and has full permissions, can view all permissions the current user has under remove permissions, and all permission the user can have added under add permissions.
Scott MacDonald is a CSR and User Manager, so when he looks at John Smith, he can see CSR and User Management under remove permissions, but nothing under add permissions.
I think I can do this by duplicating the permission function that is built in to
Code:
admin_user.phpThanks!
User Creation Permission - mudmin - 11-01-2016
Yep. I think you're on the right page for everything else.
The stuff you were doing was the absolute hardest part of the code for me to wrap my brain around...I had only been coding php for 3 months when I wrote all those functions.
I almost think it's going to be clearer to see what's going on if you just write queries at the to of the page before you make a function to do this (and if you make a function, put it in usersc/custom_functions.
What I would do, essentially, is write a query (or use the function) to generate all the checkboxes that the ADMIN has access to and then write a second query to find out which one the user has to actually make the checkmark in the boxes. I know that's not a ton of help, but that's where I would go with it.
User Creation Permission - Brandin - 11-01-2016
So I've established the following plan:
When the
Code:
admin_user.phpCode:
$permissionDataCode:
in_array<pre>
Code:
foreach($currentuserPermission as $currentperm){
$currentperm_ids[] = $currentperm->permission_id;
}when it performs
Code:
in_arrayCode:
$currentperm_idsAny thoughts?
User Creation Permission - Brandin - 11-01-2016
I DID IT! IT WORKED! I added an extra
Code:
in_arrayhttp://hastebin.com/iloparayax.sm