• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Permission Checking in Templates?

James

Well-known member
#1
How would I check to see if a permission is set using the templates? Or isn't it possible?

Does permission_combination_id use bitfields to calculate the ID? If so, wouldn't it be possible to use $user['permission_combination_id'] && $valueofmypermission to see if it exists?
 

Shadab

Well-known member
#2
Permission checking is usually done in the Models. You can implement some can*() methods in your model class, which would check the permission of the viewing user for a particular action. Then call these methods from a controller to set the value of a template parameter.

PHP:
$foo = $fooModel->getFooById($fooId);

$viewParams = array(
    'foo'          => $foo,
    'canDeleteFoo' => $fooModel->canDeleteFoo($foo, $visitor),
    'canEditFoo'   => ...
);

// Pass these parameters to your template
And then in your template, simply check for:
HTML:
<xen:if is="{$canDeleteFoo}">
   <!-- Stuff to show if the user can delete foo -->
</xen:if>
 

James

Well-known member
#3
Thanks Shadab. I'll have to look at some previous add-ons to see how to do permission checking (I get baffled when using MVC frameworks).
 

Shadab

Well-known member
#4
You can take cue from the Thread and Post models.
(/library/XenForo/Model/Thread.php, lines 480 to 1010)

Many of such methods are just one-liners, which call either "XenForo_Permission::hasContentPermission()" or "XenForo_Permission::hasPermission()" to actually check the user permissions.
 

James

Well-known member
#5
I'm trying to check a custom permission definition so that I can call the <xen:if is="{$customPermission}"> and display the users who have that permission enabled.

I haven't had much any experience using MVC frameworks.
 

Jaxel

Well-known member
#6
You can check permissions in templates... I do it sometimes when its not feasible to do it in a model...

Code:
<xen:if is="{$visitor.permissions.permissionGroupID.permissionID}">