Acl in one-to-many relationship

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • dimyy
    Active Community Member
    • Jun 2018
    • 569

    Acl in one-to-many relationship

    There are two entities in a one-to-many relationship.
    I want the access rights to the child entities to match the parent entity.
    How can I do it correctly?

    To ensure proper functionality in all cases:
    In the case of requesting linked entities: /entity/entityId/linkName
    In the case of a simple list query with additional filters.​

    And without setting additional permissions through roles.

  • rabii
    Active Community Member
    • Jun 2016
    • 1250

    #2
    if i understand you want the only the assigneduser of the parent entity to have access to the child entities. if that is the case you can create a custom ACL for your child entity as below: change parent entity with the parent link id and parent entity name

    PHP Code:
    namespace Espo\Custom\Acl;
    
    use \Espo\Entities\User;
    use \Espo\ORM\Entity;
    
    class YourChildEntity extends \Espo\Core\Acl\Base
    {
        public function checkIsOwner(User $user, Entity $entity)
        {
            if ($entity->has('parentEntityId')) {
    
                $parentEntityId = $entity->get('parentEntityId');
    
                if (!$parentEntityId) return false;
    
                $parentEntity = $this->getEntityManager()->getEntity('ParentEnity', $parentEntityId);
    
                if ($parentEntity && $this->getAclManager()->getImplementation('ParentEnity')->checkIsOwner($user, $parentEntity)) {
                    return true;
                }
    
                return false;
    
            } else {
    
                return parent::checkIsOwner($user, $entity);
    
            }
    
        }
    
        public function checkInTeam(User $user, Entity $entity)
        {
            if ($entity->has('parentEntityId')) {
    
                $parentEntityId = $entity->get('parentEntityId');
    
                if (!$parentEntityId) return false;
    
                $parentEntity = $this->getEntityManager()->getEntity('ParentEnity', $parentEntityId);
    
                if ($parentEntity && $this->getAclManager()->getImplementation('ParentEnity')->checkInTeam($user, $parentEntity)) {
                    return true;
                }
    
                return false;
    
            } else {
    
                return parent::checkInTeam($user, $entity);
    
            }
        }
    }

    and under Espo\Custom\Resources\metadat\app\acl.json define a mapping between the childentity and it is parent entity:

    PHP Code:
    {
        "mandatory": {
            "scopeLevel": {
                "ChildEntity": "ParentEntity"
            }
        }
    }
    Hope this is what you are looking for.
    Rabii
    Web Dev

    Comment

    Working...