Announcement

Collapse
No announcement yet.

Apply default filter using AccessControlFilter

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Apply default filter using AccessControlFilter

    I'm trying to hide meetings from the list view when a boolean called Private is true. My understanding is I should implement an AccessControlFilter class in custom/Espo/Custom/Select/Meeting/AccessControlFilters, but it doesn't seem to be working. Here are my files:

    custom/Espo/Custom/Classes/Select/Meeting/AccessControlFilters/HidePrivate.php:
    PHP Code:
    <?php

    namespace Espo\Custom\Classes\Select\Meeting\AccessControlFilters;

    use     Espp\Core\Select\AccessControl\Filter;
    use     Espo\ORM\Query\SelectBuilder;
    use     Espo\Entities\User;

    class     HidePrivate implements Filter
    {
      public function     __construct(
        private     User $user,
      ) {}

      public function     apply(SelectBuilder $queryBuilder): void {
            $GLOBALS["log"]->debug("HidePrivate",[]);
          }
    }
    custom/Espo/Custom/Resources/metadata/selectDefs/Meeting.json:
    PHP Code:
    {
            "accessControlFilterClassNameMap": {
                "hidePrivate""Espo\\Custom\\Classes\\Select\\Meeting\\AccessControlFilters\\HidePrivate"
            }
    }    ​ 
    After rebuilding and refreshing, I was expecting to see "HidePrivate" in the log whenever a list of meetings is loaded in the list view. However, nothing is displayed. What am I doing wrong?
    Last edited by bandtank; 03-01-2023, 09:47 PM.
    Tags: None
  • #2
    I thought that accessControlFilters should allow you to apply who can access data so it only triggers when the filter is selected e.g when you choose (my only) filter that filter list of record to only assigned to current user. this is how it should work AFAIK.

    Have a look at the (my only) filter to understand more.

    I found some additional info: check out how portalAccountOnly filter which applied to Portals

    espocrm/application/Espo/Modules/Crm/Resources/metadata/selectDefs/Account.json at f3bf7d93c1156ca802262eab7a9f9487336fbd78 · espocrm/espocrm
    https://github.com/espocrm/espocrm/blob/f3bf7d93c1156ca802262eab7a9f9487336fbd78/application/Espo/Modules/Crm/Resources/metadata/selectDefs/Account.json#L9
    EspoCRM – Open Source CRM Application. Contribute to espocrm/espocrm development by creating an account on GitHub.

    espocrm/application/Espo/Modules/Crm/Classes/Select/Account/AccessControlFilters/PortalOnlyAccount.php at master · espocrm/espocrm
    https://github.com/espocrm/espocrm/blob/master/application/Espo/Modules/Crm/Classes/Select/Account/AccessControlFilters/PortalOnlyAccount.php
    EspoCRM – Open Source CRM Application. Contribute to espocrm/espocrm development by creating an account on GitHub.
    Last edited by rabii; 03-02-2023, 10:29 AM.
    Rabii
    Web Dev

    Comment

    • #3
      Thanks for the response. Primary filters work as you describe, but I think access control filters are supposed to apply to every query. Examples of access control filters that behave the way I intend the private filter to behave are onlyOwn, onlyTeam, etc. Somehow the access control filter is supposed to be triggered with every query, but I am missing something. I reviewed the portal access control filters and they look similar to onlyOwn and onlyTeam, but I still can't figure out how to make my custom filter apply to every query.

      My actual goal is to implement this.

      Comment

      • #4
        FilterResolver defines what AccessControlFilter will be applied for a current user. It can be onlyOwn, onlyTeam, all, no.

        There's a special 'mandatory' filter that will be additionally applied for all users. This is not the best solution if you customize an existing entity type, as other extension may utilize this 'mandatory' filter too. But there's no better alternative at the moment.

        Comment

        • #5
          Ok, thanks for the information. I will try that.

          Comment

          • #6
            A quick update:
            Code:
            {
    "accessControlFilterClassNameMap": {
        "mandatory": "Espo\\Custom\\Classes\\Select\\Meeting\\AccessControlFilters\\HidePrivate"
    }
}​
            resulted in:
            Code:
            [2023-03-02 16:35:58] DEBUG: HidePrivate [] []
            I am still working on the rest. This is a start, though.
            • Likes 1

            Comment

            • rabii
              #6.1
              rabii commented
              04-13-2023, 07:25 AM
              Editing a comment
              i assume you just need to return a builder with your query and this should work.
          • #7
            Do you have any additional info on this? I’m stuck here as well. Are we supposed to create custom portalOnlyAccount filters for filtering queries for portal users ? If so, do we also need to set the access control for the portal role to ‘account’ for the entity in question in order for these custom filters to be called?

            Comment

            Previous template Next
            Working...
            X