Drupal show / hide fields in view - drupal-6

I would like to show / hide certain fields in my Drupal view accordingly to the user role.
Provided I can only have this view to work with, how can I achieve this programmatically or there's some settings that I am not aware of in Drupal.
P/S: I am aware of the access settings under basic settings in View but that would restrict access to the whole view, not field level.

You can create two identical Displays (within the same view) and override the field settings and access settings in each of them. For example, in the first display show the fields you only want a certain role to see, and set the access control setting to that role. In the second display, remove the unwanted fields and set the access control to the corresponding role.
Start by creating the most restrictive display first and then the least restrictive one.

I liked this answer, but in my case the field is dependent on the argument and I would need to create a new display for each argument (which isn't practical).
I installed the Views Custom Field module and used this code for the field:
<?php
if(user_access("some permission string here"))
{
print "Your field value here";
}
?>

Click advanced, theeming, find the field and make a _.tpl.php file for it, then in the file you will see:
print $output;
Change this to:
if (user_access('administer nodes')) {
print $output;
}
Or whatever the permission is you are checking against.

I think you have to try module Field Permissions

If your the fields you want to exclude are 1) created with CCK and 2) should be hidden from users of that role everywhere on the site (not just in this particular view) then you can just set the permissions on the fields so that users are particular roles can't view them. If the current user doesn't have permissions to view a field that is part of a View, the field won't be shown to the user.

Related

Is there any way to add new field to Kentico Kontent content item Meta tab

So what I am basically trying to do, is to have the ability to add custom field(e.g. Secondary URL) to Content item Meta Tab, so that the user can set it manually on demand. Reading docs did not bring any result
On the attached screenshot, you can see Path, Navigation title fields, so I need to add additional one
to be able to modify the content type - in your case adding a new field - it is required to have the proper permissions via assigned roles. More specifically, you need to have permission to modify content.
Content modeling could be done via UI - see Content modeling tutorial, in your case it is Adding an element into a content group "Metadata". You also can use REST Management API for that.

Set field level security on a Home item in sitecore

I have a question about setting security for a couple of fields for the Home item in sitecore.
I have a template, let's called it TaggingTemplate with 7 fields, let's call them - field1, field2, field3... field7.
This template is being used by all other templates in my sitecore structure.
The Home item which uses "Home" template inherits "TaggingTemplate" as well.
What I want to do is set fields - field1 through field5 as read-only for everyone except Administrator for the Home item. How can I do that?
There are a bunch of security settings set on the home item and any change in the security settings for the home item can affect the entire website.
I couldn't set that security setting in Home template since field1-field5 are inherited from TaggingTemplate.
I couldn't find a way to do that through security editor as well.
You cannot see inherited fields via a template in the Security Editor. So, you can use the Security Editor to restrict access to certain fields on the TaggingTemplate for all instances of that template, but you cannot restrict access only when the TaggingTemplate is inherited by template Home.
As Mark mentions in his answer, there's no way to do this with Sitecore security. You could prevent it with a SaveUI pipeline plugin, albeit in not the most user-friendly manner.
Use a tool such as ILSpy to examine pipeline processors in Sitecore.Pipelines.Save. Create a processor with a Process(SaveArgs args) method. If Sitecore.Context.User.IsAdministrator, you can do an early return. Otherwise, examine the collection args.Items and the fields within each SaveArgs.SaveItem to determine if it's the home item, and if one of your fields in question has been edited. If so, use the following logic to stop the save and alert the user:
protected void AbortSave(SaveArgs args)
{
if (args.HasSheerUI)
{
SheerResponse.Alert("You cannot edit these fields.");
SheerResponse.SetReturnValue("failed");
}
args.AbortPipeline();
}
Your alternative is to refactor your templates to move these fields to another item which the user cannot edit.

How to Enabled a single field for update for a particular role in CRM 2011

What I need
I have a custom Entity with that with multiple fields. Admin Role has "god" access. All other roles except for one have read only. The one non admin role with update access, should only be able to update a single field.
What I believe to be true
I believe I have three main options to implement this requirement:
Enable Update Access to the role for that entity then write Javascript to disable all fields on the form for that role, except for the one that I want that role to be able to edit
Enable Update Access to the role for that entity then create a new form that disables all fields on the form for that role, except for the one that I want that role to be able to edit.
Enable Update Access to the role for that entity then turn on field security for each field, disabling access using the field security, for each field except for the one I want them to edit.
What's the Best Practice?
What options should I choose?
If I go with options 1 or 2, will the user be able to edit the field on the bulk edit form?
From a user perspective, I think it's confusing when a form opens up with things enabled, then they get locked down. Plus someone could possibly get data in there before the fields get locked. I'd say you'd have to combine this with a plugin to prevent changing fields you don't want changed.
I like this option better, although again, the field can be unlocked if someone knows what they're doing, so a plugin to double check would be nice.
This would avoid having to double check in a plugin, but you also have to rely on the admin correctly setting up security for new fields going forward. If that's not a concern, this might be best.
Bulk edit is a global privilege, so they'd have bulk edit for all entities. Also, the bulk edit form does not load scripts, so that knocks out option 1. I'd say if it's just this one field, I might leave the privilege locked down and provide my own Bulk edit button on the grid that would show a custom page that just has that one field on it, then handle the updates though script.
2 is most likely best, or as an alternative put the fields in the header or footer rather than as read-only fields on the form.
This also means the fields won't be available to bulk edit, but other methods such as data import or workflows would let users get round this if they know how and have rights to do such things.
3 Field Security is the most robust and works for all scenarios
Possible option 4: create another entity to contain those fields and apply different security to that entity. If created as a child, show the record in a grid on the form with the values included in the view. If it is a parent then you could use methods such as showing the values via an HTML webresource page included on the form.

SharePoint 2010 - Customizing the rendering and behavior of a List field

In my SharePoint List, I have an "Employee" column that is a User type field. I would like to add some custom Business Logic to the processing of this field.
Currently, when the user adds a row, I check to see if the user is an Employee or a Manager and then change the behavior on this column accordingly. I do this by statically rendering the field in my custom "ListForm Rendering Template", just before my custom ListFieldIterator. I simply use a standard SharePoint FormField (and FormLabel) control. In the markup of the FormField control, I specify the FieldName (Employee) and an event handler for the Load event. In this Load event, I will check to see if the current user is an Employee or Manager (using two different SharePoint groups). If the user is an Employee I set the value of the field to the current user (this part works perfectly). I also want to change the field so it can't be modified. I thought I might be able to just change the ControlMode on the field (in the code of the OnLoad Event Handler) to Display, but for some reason this has no effect. The field still renders with the full, people picker editor. Am I not changing the fields control mode soon enough? Or is this simply not the correct approach? The other logic I want to put in is if the user is a Manager, I would like to allow that user to select the person from a list (SharePoint group) of Employees. It may be easier to just use the people picker and limit the selectable users to that group. (I think I can do this with the SelectionGroup property.) Although, it would be better if I could just provide a dropdownlist of users, which I could possibly do with a hidden dropdownlist that I would show and event handlers that I could use (handle event selectedindexchanged) to pull the value selected and populate the (now hidden) Employee (user) field. Does this approach make sense? Assuming all that will work, the real difficulty I am having is with changing the ControlMode (rendering) on the field (when the user is an employee) to a label or some kind of read only control, which is how that field renders when viewing the row, which is why I think if I can just trick the control into thinking it is in Display mode then it should work perfectly!
I am still learning SharePoint, but I am very proficient in ASP .Net. This is why I would like to keep my customizations in this Custom Rendering Template, using code behind and leverage my existing skill set as much as properly.
Any thoughts, opinions or advice? Does anyone know why I can't get the column to switch the "Control Mode"?
I do not think that I fully understand your scenario. Some code samples could help.
But anyway it sounds like you want some heavy customizations of the user field. In that case you might want to have a look at creating a custom field with all its advantages and disadvantages. Have a look at MSDN: http://msdn.microsoft.com/en-us/library/gg132914.aspx
Another option might be - in case you do not want to re-use this column in many list definitions - that you can get away with your custom rendering template and create a custom create/edit form where you implement the specific edit behaviour for the field (plain ASP.NET with some SharePoint controls). Here is a nice walk-through on how to grab a custom edit form from SharePoint designer: http://community.bamboosolutions.com/blogs/sharepoint-2010/archive/2011/05/12/sharepoint-2010-cookbook-how-to-create-a-customized-list-edit-form-for-development-in-visual-studio-2010.aspx
I hope this helps. Kr., Bernd.

How to restrict SharePoint WSS3 users to edit only fields that are in their dedicated views

I have a list with the fields: Title, Client, Project, Description.
There is a view for analysts with the fields visible: Title, Project, Description.
All is fine so far as the analysts work with their views and not with the lists. But when they need to modify the records clicking on Edit, they see and able to modify the 'Client' field too.
How to prevent 'Client' field to be available for editing by the group? is there a way in WSS or I need to look for 3rd party list components?
All fields have a set of properties that determine their visibility in forms, such as "ShowInNewForm", "ShowInEditForm", and "ShowInDisplayForm". There's also some for the file dialog, the list settings page, and a few other places, but that's getting past it. Short answer, yes, you can make the field not show up in the edit form with WSS without needing any 3rd party components.
If you need a field that cannot be seen in the Edit Form by anyone (that is, no one should be able to have it in their form), then you need to modify "ShowInEditForm" to be true. This can't be modified directly through the SharePoint UI, but it is extremely simple using the object model.
If you need certain people to edit it at some point through the SharePoint UI, then you'll instead have to create a custom edit form. That's a bit more complex, so I'll hold off on providing that instruction unless you state you need to go down that route (or someone else passes by this answer and requests it). Nevertheless, it is fully possible with WSS 3.0.
EDIT
If you know already know how to insert inline C# code into an ASPX page, you can perform this very simply using SharePoint Designer. First, follow the instructions from this article, especially make sure you don't delete the default list form web part. Now, in the custom list form you added, make it include every field which anyone will be capable of editing. The last step is to make the form hide those fields for certain people. Let's default them to Visible=false, and flip this switch if the user is allowed them. You can do this either by checking if the current user is part of specified groups, or by checking if the user has a certain permission level only held by people of those groups. You'll basically write some code like the following, I'll use checking for a specified group as the example.
using (SPWeb web = this.Web)
{
SPUser currUser = web.CurrentUser;
string[] listOfGroups = { "Group1Name", "Group2Name", "Group3Name" };
foreach (string groupName in listOfGroups)
{
if (currUser.Groups.Contains(groupName))
{
//Repeat this for each Control, refer to them by their ID. For example, this is for a control with the ID txtTitle.
txtTitle.Visible = true;
}
}
}
If you don't know inline code, you'll have to write a custom ASPX page with a code-behind. Copy EditForm.aspx into a new file - you should do this after setting up a Custom List Form as per the article. You could also build a new ASPX page from scratch, but make sure you include all of the necessary Content placeholders for SharePoint pages. Now, the page currently inherits from Microsoft.SharePoint.WebPartPages.WebPartPage. We need to create custom code that inherits from that class, and change the page to inherit that new custom code instead. In the custom code, override one of the OnLoad or OnInit methods, and include your check for the user's permissions there as detailed earlier. Compile the code, deploy it to your SharePoint server, and it should be functional.
If you want to set fields hidden or display them in new form or edit form page of the list...
Go to the list settings.
In Advanced Settings, enable "Allow management of content types"
By doing so, you will get a List name Link on the List Setting Page.
Open the link and select the fields that you want to hide or uhide using add or remove option.
After saving this, again disable "Allow management of content types" in Advanced Setting...
Thats it :)))

Resources