0

I created a module that will allow certain user groups to create a request in the CMS.Any logged in user can access the module. When user visit 'RequestModeule' in in CMS section in GRID CMS FIELDS I want to show him the requests he only sent not another customer requests. The system displays the requirements of all users and he see all.

How do I set the CMS FIELDS results to be displayed for the currently logged in user.

This is a ecommerce site and some customers want to return the product, some want to replace the product, some want to complain about the quality. I want to allow customers to submit a request themselves. I started with a simple model, so I will expand it when I solve big problems.

Here is my Model.

class Request extends DataObject
{
    private static $db = [
        'FullName' => 'Varchar',
        'RequestText' => 'Text'
    ];


    private static $has_one = [
        'Photo' => Image::class
    ];


    public function canView($member = null)
    {
        return Permission::check('VIEW_REQUEST', 'any', $member);
    }

    public function canEdit($member = null)
    {
        return Permission::check('EDIT_REQUEST', 'any', $member);
    }

    public function canDelete($member = null)
    {
        return Permission::check('DELETE_REQUEST', 'any', $member);
    }

    public function canCreate($member = null, $context = [])
    {
        return Permission::check('CREATE_REQUEST', 'any', $member);
    }

    /**
     * @return \SilverStripe\Forms\FieldList
     */
    public function getCMSFields()
    {
        $fields = parent::getCMSFields();
        $fields->addFieldToTab('Root.Main', TextField::create('FullName'));
        $fields->addFieldToTab('Root.Main', TextField::create('RequestText'));
        $fields->addFieldToTab('Root.Photos', $img = UploadField::create('Photo', 'Main photo'));

        $img->setFolderName("products");
        $img->setAllowedExtensions(["png", "jpg", "jpeg", "gif", "webp"]);
        
        return $fields;
    }
}

Request Controller

class Request_Controller extends ContentController implements PermissionProvider
{

    function providePermissions(){
        return array(
            "CREATE_REQUEST" => "Create REQUEST",
            "EDIT_REQUEST" => "Edit REQUEST",
            "VIEW_REQUEST" => "View REQUEST",
            "DELTE_REQUEST" => "Delete REQUEST",
        );
    }
Ivan
  • 5,139
  • 11
  • 53
  • 86

1 Answers1

1

First of all, I don't see anything about connecting your Request class with a Member. If you want to only show the things a member has created, you need to somehow store the Members ID or something.

The most obvious way to do this would be a private static $has_one = ['CreatedBy' => Member::class].

(and during creation you'll have to put the member ID into CreatedBy. For example you can do protected function onBeforeWrite() { parent::onBeforeWrite(); $this->CreatedByID = Security::getCurrentUser()->ID; })

As for the GridField:

There are 2 ways to control what is displayed in a GridField:

  1. GridFields 3rd argument is any SS_List instance, so you can filter or customize that any way you want. For example you can use Request::get()->filter('CreatedByID' => 13) to only show the objects created by member ID 13.

  2. You can use canView on each Request object. If it returns false, it will not be shown. So you can do public function canView($member = null) { return $member && $member->ID === $this->CreatedByID && Permission::check('VIEW_REQUEST', 'any', $member); }

Zauberfisch
  • 3,870
  • 18
  • 25