1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Permission Checking in Templates?

Discussion in 'XenForo Development Discussions' started by James, Feb 17, 2011.

  1. James

    James Well-Known Member

    How would I check to see if a permission is set using the templates? Or isn't it possible?

    Does permission_combination_id use bitfields to calculate the ID? If so, wouldn't it be possible to use $user['permission_combination_id'] && $valueofmypermission to see if it exists?
    Sean Kendle likes this.
  2. Shadab

    Shadab Well-Known Member

    Permission checking is usually done in the Models. You can implement some can*() methods in your model class, which would check the permission of the viewing user for a particular action. Then call these methods from a controller to set the value of a template parameter.

    $foo $fooModel->getFooById($fooId);

    $viewParams = array(
    'foo'          => $foo,
    'canDeleteFoo' => $fooModel->canDeleteFoo($foo$visitor),
    'canEditFoo'   => ...

    // Pass these parameters to your template
    And then in your template, simply check for:
    <xen:if is="{$canDeleteFoo}">
       <!-- Stuff to show if the user can delete foo -->
    James likes this.
  3. James

    James Well-Known Member

    Thanks Shadab. I'll have to look at some previous add-ons to see how to do permission checking (I get baffled when using MVC frameworks).
  4. Shadab

    Shadab Well-Known Member

    You can take cue from the Thread and Post models.
    (/library/XenForo/Model/Thread.php, lines 480 to 1010)

    Many of such methods are just one-liners, which call either "XenForo_Permission::hasContentPermission()" or "XenForo_Permission::hasPermission()" to actually check the user permissions.
  5. James

    James Well-Known Member

    I'm trying to check a custom permission definition so that I can call the <xen:if is="{$customPermission}"> and display the users who have that permission enabled.

    I haven't had much any experience using MVC frameworks.
  6. Jaxel

    Jaxel Well-Known Member

    You can check permissions in templates... I do it sometimes when its not feasible to do it in a model...

    <xen:if is="{$visitor.permissions.permissionGroupID.permissionID}">
    sheel and James like this.
  7. James

    James Well-Known Member

    It's just one permission, so it wouldn't really be feasible in a model.

Share This Page