Page 1 of 1

ACL Config

Posted: 08 Aug 2019, 14:57
by rossi86m
Hello guys!

I am trying to create a ACL role called recruiter to give access to users only to edit candidates, edit joborders and not able to add a joborder

This is what I modify in the config.php file

/*
require_once('.\constants.php');
// defining user roles
const USER_ROLES = array(
'candidate' => array('Candidate', 'candidate', 'This is a candidate.', ACCESS_LEVEL_SA, ACCESS_LEVEL_READ),
'demo' => array('Demo', 'demo', 'This is a demo user.', ACCESS_LEVEL_SA, ACCESS_LEVEL_READ)
);
*/
// defining access levels different from the default access level
const ACCESS_LEVEL_MAP = array(
'candidate' => array(
),
'recruiter' => array(
'candidates'=> ACCESS_LEVEL_EDIT,
'joborders' => ACCESS_LEVEL_EDIT,
'joborders.add' => ACCESS_LEVEL_DISABLED,
),

'demo' => array(
'candidates' => ACCESS_LEVEL_DELETE,
'candidates.emailCandidates' => ACCESS_LEVEL_DISABLED,
'candidates.history' => ACCESS_LEVEL_DEMO,
'joborders' => ACCESS_LEVEL_DELETE,
'joborders.show' => ACCESS_LEVEL_DEMO,
'joborders.email' => ACCESS_LEVEL_DISABLED,
)
);


I also run this script in the db
update user set cetegories= "recruiter" where user_name = "recr"

If I log in with that user I still able to see everything

Can someone tell me what i am doing wrong?

Thanks in advance!

Marco