Announcement

Collapse
No announcement yet.

Apply default filter using AccessControlFilter

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Apply default filter using AccessControlFilter

    I'm trying to hide meetings from the list view when a boolean called Private is true. My understanding is I should implement an AccessControlFilter class in custom/Espo/Custom/Select/Meeting/AccessControlFilters, but it doesn't seem to be working. Here are my files:

    custom/Espo/Custom/Classes/Select/Meeting/AccessControlFilters/HidePrivate.php:
    PHP Code:
    <?php

    namespace Espo\Custom\Classes\Select\Meeting\AccessControlFilters;

    use 
    Espp\Core\Select\AccessControl\Filter;
    use 
    Espo\ORM\Query\SelectBuilder;
    use 
    Espo\Entities\User;

    class 
    HidePrivate implements Filter
    {
      public function 
    __construct(
        private 
    User $user,
      ) {}

      public function 
    apply(SelectBuilder $queryBuilder): void {
        
    $GLOBALS["log"]->debug("HidePrivate",[]);
      
    }
    }
    custom/Espo/Custom/Resources/metadata/selectDefs/Meeting.json:
    PHP Code:
    {
        
    "accessControlFilterClassNameMap": {
            
    "hidePrivate""Espo\\Custom\\Classes\\Select\\Meeting\\AccessControlFilters\\HidePrivate"
        
    }
    }
    ​ 
    After rebuilding and refreshing, I was expecting to see "HidePrivate" in the log whenever a list of meetings is loaded in the list view. However, nothing is displayed. What am I doing wrong?
    Last edited by bandtank; 03-01-2023, 09:47 PM.

  • #2
    I thought that accessControlFilters should allow you to apply who can access data so it only triggers when the filter is selected e.g when you choose (my only) filter that filter list of record to only assigned to current user. this is how it should work AFAIK.

    Have a look at the (my only) filter to understand more.

    I found some additional info: check out how portalAccountOnly filter which applied to Portals


    Last edited by rabii; 03-02-2023, 10:29 AM.

    Comment


    • #3
      Thanks for the response. Primary filters work as you describe, but I think access control filters are supposed to apply to every query. Examples of access control filters that behave the way I intend the private filter to behave are onlyOwn, onlyTeam, etc. Somehow the access control filter is supposed to be triggered with every query, but I am missing something. I reviewed the portal access control filters and they look similar to onlyOwn and onlyTeam, but I still can't figure out how to make my custom filter apply to every query.

      My actual goal is to implement this.

      Comment


      • #4
        FilterResolver defines what AccessControlFilter will be applied for a current user. It can be onlyOwn, onlyTeam, all, no.

        There's a special 'mandatory' filter that will be additionally applied for all users. This is not the best solution if you customize an existing entity type, as other extension may utilize this 'mandatory' filter too. But there's no better alternative at the moment.

        Comment


        • #5
          Ok, thanks for the information. I will try that.

          Comment


          • #6
            A quick update:
            Code:
            {
                "accessControlFilterClassNameMap": {
                    "mandatory": "Espo\\Custom\\Classes\\Select\\Meeting\\AccessControlFilters\\HidePrivate"
                }
            }​
            resulted in:
            Code:
            [2023-03-02 16:35:58] DEBUG: HidePrivate [] []
            I am still working on the rest. This is a start, though.

            Comment


            • rabii
              rabii commented
              Editing a comment
              i assume you just need to return a builder with your query and this should work.

          • #7
            Do you have any additional info on this? I’m stuck here as well. Are we supposed to create custom portalOnlyAccount filters for filtering queries for portal users ? If so, do we also need to set the access control for the portal role to ‘account’ for the entity in question in order for these custom filters to be called?

            Comment

            Working...
            X