Loading...
 
Features / Usability

Features / Usability


Permission Troubles with Trackers

posts: 10

Hi

I struggle with visibility of trackeritems, that need to be visible for all but editable for creators (registered users) only. unfortunatley they are only visible to anonymous users, but not visible to registered user - except the items they are creators of.

My goal is a RegistrationSystem for Projects: prototype

I allow each user to register his/her own project on this webpage. So far I implemented this with the help of a tracker:

first I request the user to register, and demand his/her email adress as the username. after login (authorisation via email) the user gets access to a registration form made with the

{TRACKER(trackerId="2" url="UserProjectList" view="user")}Vielen Dank für deine Idee, wir sind gespannt sie zu lesen!{TRACKER}


after saving the tracker the user is allowed to edit the registration. for this I set the permissions of the tracker like this:

[TRACKER] trackerId = 2 name = Project description = descriptionIsParsed = n useExplicitNames = n showStatus = n defaultStatus = oshowStatusAdminOnly = y outboundEmail = xxx@maybites.ch simpleEmail = n newItemStatus = o modItemStatus = writerCanModify = y writerGroupCanModify = n showCreated = n showLastModif = n defaultOrderKey = 25 defaultOrderDir = asc useComments = n showComments = n useAttachments = n showAttachments = n attachmentsconf = 0,1,3,0,2,0,0,0 useRatings = n ratingOptions = categories =


the important part in problem - to which I come shortly - ;-) would be

writerCanModify = y

since this makes sure (if I understand properly) that each user can edit his/her own project.

after the registration process has been finished, the tracker item will be set "pending" and a few invisible fields are to be set by the admin. one of this fields allows to set the project as beeing "selected". once this process is done as well, the item will be set "close" and now it will appear inside this two links:

http://unbuiltroads.maybites.ch/tiki-index.php?page=projects

and

http://unbuiltroads.maybites.ch/tiki-index.php?page=selection

the difference: while the "projects" page will show all the edited projects, the "selection" page will filter and show only those with the "selection-field" set "selected".

this all works just sweet, and If you go as an unregistered visitor, you will be able to see all the projects(tracker-items) in those webpages, but once you register, you can only see your own project. since there will be also a voting and comment function built in for each project (again their own trackers) the users have to register, but cannot see the projects...

you can test this yourself:

http://unbuiltroads.maybites.ch

testuser@gmail / testuser

or create your own login.

the only work around I can see is to dissallow the users to edit their own tracker item and switch of the

writerCanModify = y -> n

but maybe somebody knows a permission that would sort my problem?

ps:
and strange enough, when using looking at the selection, no project at all will appear. it is as if the filter filters too much...

posts: 1092

Do you have tiki_p_create_tracker_items, tiki_p_view_trackers_pending, tiki_p_view_trackers for Anonymous
No tiki_p_modify_tracker_items - only writercanmodify

If it does not work, try without using the status - I am not sure the perm model is correctly set with status


posts: 10

hi, thanks for looking into this.

I have set:

tiki_p_view_trackers_closed for anonymous

tiki_p_create_tracker_items
tiki_p_modify_tracker_items
tiki_p_view_trackers_closed for registered

i dont understand what I should do with the status..


posts: 1092
tiki_p_modify_tracker_items should not be set for registered - otherwise everybody can modify the items

posts: 10

I have found a solution that works for me:

I set the permissions of the tracker this way:

[TRACKER] trackerId = 2 name = Idea description = descriptionIsParsed = n useExplicitNames = n showStatus = n defaultStatus = opcshowStatusAdminOnly = y outboundEmail = simpleEmail = n newItemStatus = o modItemStatus = writerCanModify = n writerGroupCanModify = n showCreated = n showLastModif = n defaultOrderKey = -2 defaultOrderDir = asc useComments = n showComments = n useAttachments = n showAttachments = n attachmentsconf = 0,1,3,0,2,0,0,0 useRatings = n ratingOptions = categories =


and set the permissions for the tracker like this:

tiki_p_create_tracker_items tiki_p_modify_tracker_items tiki_p_view_trackers tiki_p_view_trackers_closed tiki_p_view_trackers_pending


and created only one field that is the main entrance for editing the item, but it is only editable by admins and creators.

[FIELD23] name = ProjektRegistrarEmail position = 2 type = u options = 1 isMain = y isTblVisible = y isSearchable = y isPublic = y isHidden = c isMandatory = y


this way its possible to have each item modified by its creator and allows all registered users to see - but not modify - the items.