Define permissions for columns and fields in the backend
16
This feature is available in Core starting from Build 460: https://github.com/octobercms/october/pull/4520
Create a trait that extends the controller and form fields.
traits/ColumnFieldPermissions.php
trait ColumnFieldPermissions
{
public function formExtendFields($form, $fields)
{
foreach ($fields as $name => $field) {
$permissionValue = array_get($field->config, 'permission');
if ($permissionValue && !$this->user->hasAccess($permissionValue)) {
if (array_get($field->config, 'permissionReadOnly')) {
$field->readOnly = true;
$field->disabled = true;
} else {
$form->removeField($name);
}
}
}
}
public function listExtendColumns($list)
{
foreach ($list->columns as $name => $column) {
$permissionValue = array_get($column, 'permission');
if ($permissionValue && !$this->user->hasAccess($permissionValue)) {
$list->removeColumn($name);
}
}
}
}
Example of usage
use Samuell\Plugin\Traits\ColumnFieldPermissions;
class YourController extends Controller
{
use ColumnFieldPermissions;
....
}
Then we can use it in columns or fields like
name:
permission: my.custom.permission
This trick calls for core integration! Really good idea.
https://github.com/octobercms/october/pull/4520 Maybe soon
Does not work with relationship manager, the columns are all displayed.
Yeah it wasnt created with relations in mind. Maybe we can somehow extend it to relation manager
It would be nice to implement some sort of role check here, especially for
isSuperUser()
in the Backend. I frequently need to hide fields for users who are not super users.Also, how can we make this handle multiple permissions, and if roles are implemented, multiple of those as well?