User tests: Successful: Unsuccessful:
Now you can get categories as per access level of logged in user.
We can use the following code
JHtml::_('category.options','YOUR_COMPONENT',$config = array('filter.published' => array(1), 'filter.language' => array('*',$tag),'filter.access' =>array(1)));
This will provide us all the categories as per the access level of the logged in user.
Labels |
Added:
?
|
Labels |
Added:
?
|
Category | ⇒ | ACL Libraries |
@zero-24 You can test this using a custom component
Steps to follow
1- Create 2 content categories and set access level for 1st as "public" and for 2nd as "special".
title = Category1, Accesslevel = Public
title = Category2, Accesslevel = Special
Now add the below code in any front-end view of your custom component
<?php $userId = JFactory::getUser()->id; ?>
<?php $allowedViewLevels = JAccess::getAuthorisedViewLevels($userId); ?>
<?php echo JHtml::('select.options', JHtml::('category.options', 'com_content'), 'value', 'text'); ?>
Expected result for "Guest" user => Should only see category1 as per access level.
Current result for "Guest" user => Both the categories are shown.
Now if you change the last line with
<?php echo JHtml::('select.options', JHtml::('category.options', 'com_content', $config = array('filter.access' =>$allowedViewLevels)), 'value', 'text'); ?>
Expected result for "Guest" user => Should only see category1 as per access level.
Current result for "Guest" user => Only category1 is shown
Thank you for testing. :)
What I wonder is why you're passing the access levels to the method. Why don't you just look it up in JHtmlCategory itself based on a boolean? I can only see two possible scenarios: We either want to show all categories (no filtering, default as it's B/C) or only those allowed for the current user.
It'll be flexible this way eg: in a case where you want to fetch a list of categories for some other user.
Do we need to provide that flexibility? Couldn't the extension which needs that (for whatever unknown reason) do it themself?
It makes the useage of the method more complex because you need to fetch the levels yourself. And it also makes the method itself more complex because you need to check for string and array.
I agree with what coolbung said. While showing categories, only those should be seen to whom user has access to.
Hi,
Background : A Extension using Joomla Category management. Lets say an event management system
Use Case : Set some ACL for categories. Say Corporate events should only accessible to Access levels Gold and Silver
Problem :
Right now the JHtml::_('category.options') returns categories irrespective of logged in user's ACL.
This PR makes it respect ACL>
Since the category manager infrastructure can be used by any extension, and we set the access level for the category in the category manager, it makes sense that the API method to return categories on the front end respect the category acl set in the backend. That way its uniform and each component doesn't have to do it on their own. So from my end to this
I have tested this item
With adding the "_" before the "(" in the last Line successfully tested.
@icampus Pizza, Bugs & Fun
I have tested this item
I have tested this issue @icampus PBF with the addition of the filter and it works as its supposed to. I followed the suggested steps and got the same result as Curiensol. It showed all categories as guest and the patch filtered the "special" ones.
Status | Pending | ⇒ | Ready to Commit |
RTC as we have 2 successful tests and code looks good to go for me.
Labels |
Added:
?
|
Status | Ready to Commit | ⇒ | Fixed in Code Base |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-08-13 21:25:15 |
Closed_By | ⇒ | wilsonge |
Labels |
Removed:
?
|
@aniket19491 can you add a bit more how we can test that? e.g. wit core componente code? Or a custom component? Else it is hard to test with out to be a developer that try to implement the feature ;)
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/6614.