0

In Silverstripe (4.7) how can i manage the member only to view, edit and delete its own created Dataobjects? I thought i could use canView() but no success.

Ive tried with PermissionProvider and Security...

class ProjectCatObject extends DataObject implements PermissionProvider
{

    private static $db = array(
        'OwnerID' => 'Int'
        .......
    );

}
public function onBeforeWrite() {
        parent::onBeforeWrite();
        
        //Debug::show(Security::getCurrentUser());
        $member = Security::getCurrentUser();
        $this->OwnerID = $member->ID;
        
    }

and

    public function canView($member = null) {
        $member = Security::getCurrentUser();
        return (Permission::check("CMS_ACCESS_LeftAndMain", "any", $member) || $member->ID == $this->OwnerID);
    }

But This gives me an ERROR on Creating a new entry.

It seems you don't have the necessary permissions to view "Projekt-Kategorie"

How can this be made ?

Sepp Hofer
  • 217
  • 2
  • 12
  • Firstly, the `OwnerID` should be set as a `has_one` called `Owner` instead. Secondly, are you actually _setting_ the `OwnerID` field anywhere? There is nothing in this code example to suggest you are. You might need to set it in `onBeforeWrite()` - taking care not to override the value if it was already set, so that it's only set when creating the initial record. You should also make the `$member = Security::getCurrentUser();` line conditional on if the `$member` passed in is null so you're not ignoring that argument. – Guy Sartorelli Oct 16 '22 at 20:52
  • yes the OwnerID is set in onBeforeWrite(). – Sepp Hofer Oct 16 '22 at 20:56
  • The changes I recommended still apply, though I don't think they would resolve this. I'd recommend stepping through with a debugger and seeing why the permission check is failing (maybe the member or owner ID aren't what you expect, for example) – Guy Sartorelli Oct 17 '22 at 03:09

0 Answers0