[dneedles]

Hello,
I saw the note on removing tabs. What if you want to protect tabs? That is, allow only Admin user to access the Company tab for example?

I could have sworn I saw something on this a couple months ago but I am at a lost of where I found it. I believe it involved wrapping the call to the tab with some sort of getAccessLevel call. But I could be mistaken and I am not sure where the location that needs to be updated.

Thanks,
Daniel

[RussH]

Hey Daniel,

welcome to the fray! I don't believe there's been any discussion on that - I may be wrong tho. I'm guessing however if you browse the code and see how the admistration option is protected on the settings tab.. you could possibly apply that function to an entire tab.

As always - if you make any new or interesting changes to the codebase please contribute it back onto the SVN server at https://www.assembla.com/code/opencats/subversion/nodes

[dneedles]

Hmm. Given the nice hierarchical design I expected a bit more complexity than a hack. I finally burrowed deep enough and found the code that hardcoded looked for "administration" within the supplied link in the library. 8-P

TemplateUtility.php
public static function printPopupContainer() {
/* Special tab behaviors:
*
* Tab text = 'something*al=somenumber' where somenumber is an access level -
* Only display tab if current user userlevel >= somenumber.
*
* Subtab url = 'url*al=somenumber' where somenumber is an access level -
* Only display subtab if current user userlevel >= somenumber.
*
* Subtab url = 'url*js=javascript code' where javascript code is JS commands -
* JS code to execute for button OnClick event.
*/
foreach ($subTabs as $subTabText => $link)
{
::: :::: :::
else if (strpos($link, 'a=administration') !== false)
{
/* Administration subtab. */
if ($_SESSION['CATS']->getRealAccessLevel() >= ACCESS_LEVEL_DEMO)
{
echo '<li><a href="', $link, '">', $subTabText, '</a></li>', "\n";
}
}
::: :::: :::

Since I want to hide an entire tab this won't work. Looks like the architecture doesn't really support different tabs for different users. Will require a bit of an over haul.

[dneedles]

As I look more in the code it looks like either they started with a "healthy" architecture borrowed from somewhere or the original coder was good followed by a bunch of hackers/outsourced coders that extended functionality at the price of the architecture. I would be interested if the proprietory CATS evolved much beyond this point. I'm guessing its a black box to them unless they kept the original coder.

[dneedles]

This ain’t pretty but it works. The issue is that the “tabs” do not appear to have a “state” Thus you have to hard code the name of the tab in the code. Further, the changes are done on the TemplateUtility. This is where they put authorization filters for some reason. Plus there was a simple dummy hook via $displayTab. So if you want to hide the Clients tab for anyone less than an SA user (new code in RED) ...

/home/stream/public_html/cats/lib/TemplateUtility.php
public static function printTabs($active, $subActive = '', $forceHighlight = '')
{
:: :: ::
/* Allow a hook to prevent a module from being displayed. */
$displayTab = true;
/* DLN20100529 BEGIN: HIDES COMPANIES FOR LOWER THAN SA USER*/
if ($tabText == 'Clients') {
if ($_SESSION['CATS']->getAccessLevel() <= ACCESS_LEVEL_SA) {
continue;
}
}
/* DLN20100529 END: HIDES COMPANIES FOR LOWER THAN SA USER*/