• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Add-on Permissions

Danny.VBT

Active member
#1
I was researching how permissions work for XenForo in hopes compile an article of sorts. I noticed there is a method within XenForo_Model_Permission for importing permissions from a custom addon xml file; however,I don't see a current mechanism to do this within the AdminCP Development tools.

Has this not been added yet? or am I missing something? From the looks of the XF install code, the default permissions are adding directly with a query and not using this built in method to import from an XML file.

I assuming this is just a matter of being the first beta release.

Regards,
Danny
 

Jeremy

Well-known member
#2
Adding permissions? Go to the permissions management screen (Under Users, IIRC) and add them there. Associate them with your add on.
 

Jaxel

Well-known member
#5
When you create a permission you can Flag, with default value:
  • Allow
  • Deny
  • Default
What is "Default"?

And what is the proper way to check for permissions?
 

Dismounted

Well-known member
#6
What is "Default"?
I want to know the answer to this as well. :p
And what is the proper way to check for permissions?
Inside your model:
PHP:
public function canViewSomething(array $viewingUser = null)
{
	$this->standardizeViewingUserReference($viewingUser);

	if (XenForo_Permission::hasPermission($viewingUser['permissions'], 'permissions_group', 'view'))
	{
		return true;
	}

	return false;
}
 

Jaxel

Well-known member
#7
Dismounted, that worked...
Code:
<?php

class EWRporta_Model_Perms extends XenForo_Model
{
	public function canEdit(array $viewingUser = null)
	{
		$this->standardizeViewingUserReference($viewingUser);

		if (XenForo_Permission::hasPermission($viewingUser['permissions'], 'EWRporta', 'EWRporta_canedit'))
		{
			return true;
		}

		return false;
	}
}

Then I defined a variable to store the permission:
Code:
$perms['edit'] = $this->getModelFromCache('EWRporta_Model_Perms')->canEdit();

The next question of course... is there a standardized error page to tell the user they dont have permissions?
 

Danny.VBT

Active member
#8
If you are working with the visitor class, you can use the shorthand

PHP:
$visitorObj->hasPermission('Group', 'Permission')
Which is just a wrapper for:

PHP:
XenForo_Permission::hasPermission($this->_user['permissions'], $group, $permission);