ACL questions

[prophoto]

Hi I have a number of ACL related questions, sorry if there are too many for one thread.

I am hoping fabrik will be able to help me in development of a large project for a client. They would like to collect data about their business on a monthly basis. They have 10 locations and there will be many users who will be entering data into the db. We cannot have duplicate entries and also need the entries to lock after a certain timeperiod. There are about 150 data points to be collected, mostly numerical entries for questions like 'how many apples did you sell in June'.

So how do I:

1. only allow one submission per user group per month
2. show earlier entries so the user can update data instead of a new form within specified timeframe
3. lock previous month's entries so only admins or groups with elevated privileges can edit

I did find this thread http://fabrikar.com/forums/showthread.php?t=12170 but after trying it I get a blank page on the frontend.

 

[prophoto]

Can someone help? Hoping to use Fabrik for an upcoming project but don't want to waste money on a subscription if it won't do the job.

 

[cheesegrits]

Are you using J! 1.5 with Fabrik 2.x, or J! 2.5 with Fabrik 3.x?

1. Should be possible with a little custom PHP in a form submission script, using the onLoad hook to see if this is a new form being loaded, and if so run a query by hand on the existing data.

2. that's just our standard List display.

3. Some pre-filters on the list should take care of that.

-- hugh

 

[prophoto]

Using j2.5 and f3.

I barely get by on PHP and am new with fabrik, can you give me some help with the expressions in q1 and prefilters in q3?

 

[prophoto]

I am trying to get the list access set correctly. When I set Access tab to Userid for edit nothing changes in the frontend. If I make the group special and remove userid it works fine.

 

[cheesegrits]

Well, those images look correct. If the setting is "registered OR userid", then users can edit records if they belong to the Registered group (which everyone except guests do, by default), OR if their logged on user ID matches the value in the userid field.

If you set it to "Special OR userid", then admins will be able to edit any row, but regular users would only be able to edit records that matched their user ID.

Can you confirm if the latter combination works as expected? Works for me, I just tested.

However, from your other thread:

On the 9th of every month the data needs to be locked so only admins or elevated privileges can edit.

So before the 9th, do rows from the previous month need to be editable by anyone?

-- hugh

 

[prophoto]

Well, those images look correct. If the setting is "registered OR userid", then users can edit records if they belong to the Registered group (which everyone except guests do, by default), OR if their logged on user ID matches the value in the userid field.

If you set it to "Special OR userid", then admins will be able to edit any row, but regular users would only be able to edit records that matched their user ID.

Can you confirm if the latter combination works as expected? Works for me, I just tested.

Yes, works as expected. I guess I thought it would be an AND statement not OR. Working fine!

 

[prophoto]

However, from your other thread:

So before the 9th, do rows from the previous month need to be editable by anyone?

-- hugh

I probably need to do a better job describing the scenario. Multiple people inside each store will add their data in their department. Each department will have a set of questions. Their submission can only be editable by themselves, but more than one person can submit answers to the same set of questions in case there are errors. (normal functionality from what I can tell). By the 8th of each month everyone must have their answers submitted and on the 9th all data will be locked so only admins can edit.

Right now I have fields for userid, data start date, data end date (calendar month), entry date, location, and questions with comment fields.

 

[cheesegrits]

OK, for that, you'll need to add a 'caneditrow' plugin to your list. The 'caneditrow' plugin allows you to write some custom PHP, which returns either true or false for each row in the list being displayed, based on whatever criteria you wish to test for.

Off the top of my head, your code will need to look something like this.

$ninth = strtotime(date('Y-m-09'));
$ninth = time() > $ninth ? $ninth : strtotime('-1 month', $ninth);
$user = JFactory::getUser();
return in_array(3, $user->getAuthorisedViewLevels()) || strtotime($data['yourtable___yourdate']) > $ninth;

So this will return 'true' only if the user is in the Special access level, or if the date of that row is more recent than either "the ninth of this month" or "the ninth of last month", depending if the date right now is before or after the ninth.

Note I'm using 3 for the access level check, which is the default ID for the "Special" level. You may wish to create your own access level in !J for ONLY admins, and use the ID for that instead. The numeric ID for each level is shown in the main J! Viewing Access Levels admin tab.

Replace yourtable___yourdate with the full element name of the date element you wish to test against.

-- hugh

 

[prophoto]

Any issues using this plugin with f3 and j2.5? In the downloads section it says j1.5 only...

 

[prophoto]

Figured it out, updated from Github.

 

[prophoto]

I tried this but so far it doesn't seem to be working. See attached image, everything look right? I created a new Access Level with id 4.

Is it possible to turn off the entire entry for editing instead of individual elements? That would make it a bit simpler.

 

[prophoto]

Would it be easier to set a cron run on the 9th of every month that locks them from editing by non admins?

 

[rob]

I dont think the cron will be any easier, you will still need to write the php to lock the correct records.

Its not clear to me the logic of when you want these records lock though. (its the end of friday afternoon and Im getting slow!)

Is it that after the 9th no records can be edited execpt if you are a user with a group id of 4?

 

[prophoto]

Is it that after the 9th no records can be edited execpt if you are a user with a group id of 4?

Yes, Correct.

 

[prophoto]

bump......

 

[rob]

Is it that after the 9th no records can be edited execpt if you are a user with a group id of 4?

So this would work:

$today = JFactory::getDate();
$day = $today->format('d');
if ($day < 9) {
return true;
}
$user = JFactory::getUser();
if (in_array(4, $user->getAuthorisedViewLevels()) {
  return true;
}
return false;

First get this months number which I store in $day

then i check if we are before the 9th - if so records can be edited

if not check if the user is in group 4, if so he can always edit the records

if not then he can't edit the record

 

[prophoto]

Doesn't seem to be working, here is a screenshot. The 'Data Start Date' and Data Finish Date' are the data ranges, usually one calendar month. After setting these two up users are still able to edit these fields as well as all others in the form.

 

[prophoto]

To clarify users will be submitting data for the previous calendar month, by the 9th when the data should lock and only admins can edit. So maybe we need to add 9 days to the 'Data Finish Date' to test if it is editable?

One other thought, is it possible to restrict hitting the edit button from the list view in the frontend? That would restrict the entire entry instead of just individual rows/fields.

 

[prophoto]

Can someone help? Tried this and its not working.