- 08 Aug 2019, 14:57
#4378
Hello guys!
I am trying to create a ACL role called recruiter to give access to users only to edit candidates, edit joborders and not able to add a joborder
This is what I modify in the config.php file
/*
require_once('.\constants.php');
// defining user roles
const USER_ROLES = array(
'candidate' => array('Candidate', 'candidate', 'This is a candidate.', ACCESS_LEVEL_SA, ACCESS_LEVEL_READ),
'demo' => array('Demo', 'demo', 'This is a demo user.', ACCESS_LEVEL_SA, ACCESS_LEVEL_READ)
);
*/
// defining access levels different from the default access level
const ACCESS_LEVEL_MAP = array(
'candidate' => array(
),
'recruiter' => array(
'candidates'=> ACCESS_LEVEL_EDIT,
'joborders' => ACCESS_LEVEL_EDIT,
'joborders.add' => ACCESS_LEVEL_DISABLED,
),
'demo' => array(
'candidates' => ACCESS_LEVEL_DELETE,
'candidates.emailCandidates' => ACCESS_LEVEL_DISABLED,
'candidates.history' => ACCESS_LEVEL_DEMO,
'joborders' => ACCESS_LEVEL_DELETE,
'joborders.show' => ACCESS_LEVEL_DEMO,
'joborders.email' => ACCESS_LEVEL_DISABLED,
)
);
I also run this script in the db
update user set cetegories= "recruiter" where user_name = "recr"
If I log in with that user I still able to see everything
Can someone tell me what i am doing wrong?
Thanks in advance!
Marco
I am trying to create a ACL role called recruiter to give access to users only to edit candidates, edit joborders and not able to add a joborder
This is what I modify in the config.php file
/*
require_once('.\constants.php');
// defining user roles
const USER_ROLES = array(
'candidate' => array('Candidate', 'candidate', 'This is a candidate.', ACCESS_LEVEL_SA, ACCESS_LEVEL_READ),
'demo' => array('Demo', 'demo', 'This is a demo user.', ACCESS_LEVEL_SA, ACCESS_LEVEL_READ)
);
*/
// defining access levels different from the default access level
const ACCESS_LEVEL_MAP = array(
'candidate' => array(
),
'recruiter' => array(
'candidates'=> ACCESS_LEVEL_EDIT,
'joborders' => ACCESS_LEVEL_EDIT,
'joborders.add' => ACCESS_LEVEL_DISABLED,
),
'demo' => array(
'candidates' => ACCESS_LEVEL_DELETE,
'candidates.emailCandidates' => ACCESS_LEVEL_DISABLED,
'candidates.history' => ACCESS_LEVEL_DEMO,
'joborders' => ACCESS_LEVEL_DELETE,
'joborders.show' => ACCESS_LEVEL_DEMO,
'joborders.email' => ACCESS_LEVEL_DISABLED,
)
);
I also run this script in the db
update user set cetegories= "recruiter" where user_name = "recr"
If I log in with that user I still able to see everything
Can someone tell me what i am doing wrong?
Thanks in advance!
Marco