Timeshare security
From PeacockWiki
Revision as of 11:23, 20 September 2005; Trevorp (Talk | contribs)
(diff) ←Older revision | Current revision | Newer revision→ (diff)
(diff) ←Older revision | Current revision | Newer revision→ (diff)
Overview
Page security in timeshare revolves around the Auth object (in lib/auth.php). An instance of this object is available from all smarty HTML (*.smarty) templates in the form of a variable 'user' ($user).
Notes
As it is intended most processing is done in smarty, there is one known disadvantage in the syntax of smarty tags.
{generate_data_object var="statusreport" query="statusreport" id=$smarty.get.id}
{$user->define_manager('write', $statusreport->get('group'))}
Smarty does not handle the second '->' (in $statusreport->get('group') ). This is easily solved by a simple workaround. Assign the value to a smarty variable in a seperate command
{generate_data_object var="statusreport" query="statusreport" id=$smarty.get.id}
{assign var="group" value=$statusreport->get('group')}
{$user->define_manager('write', $group)}
