[Cartoweb-users] security for a new plugin
giuseppe.derossi at email.it
giuseppe.derossi at email.it
Sun Sep 30 08:05:32 EDT 2007
Hi all,
I'm trying to get a plugin available only for a set of users.
Performed operations:
a) updating the file auth.ini
1) creation of a new user and password
2) association new user - new role
b) updating the file myplugin.ini in server directory
adding the new role
c) changing the cartoclient.tpl :
<!-- folder 9 starts here -->
<div id="folder9" class="folder" style="height:550px;">
<br />
{if $myplugin|default:''}
{$myplugin}
{else}
<p>
{t}User not allowed{/t},
{if $auth_active|default:''}
{t}please{/t} {$auth}.
{/if}
</p>
{/if}
</div>
d) inserting in myplugin.php the code I see in exportPdf.php:
$insertRoles = $this->getArrayFromIni('general.allowedRoles');
if (!SecurityManager::getInstance()->hasRole($insertRoles))
return '';
I've added the code in : drawUserForm(), handleHttpGetRequest($request) and
handleHttpPostRequest($request).
e) I though this was enoght but the code needs other two functions:
getArrayFromList(), and getArrayFromIni()
I've added them but I saw that the instruction $this->getConfig()->$name;
does not return nothing.
The result is that the plugin is not accessible by all users (allowed or
not).
I think the file myplug.ini has not been red.
Please, can anyone suggest me some piece of info about ?
Thanks in advance and best regards.
Giu
--
Email.it, the professional e-mail, gratis per te: http://www.email.it/f
Sponsor:
Fai squillare la PANTERA ROSA sul tuo cellulare: e' in REGALO
Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=6613&d=20070930
More information about the Cartoweb-users
mailing list