I'm developing a application using sfDoctrineGuardPlugin and Symfony 1.4.20 then I've three users and three users groups and some permissions as follow:
user_name user_group permissions
u1 Group1 can_admin_full, can_admin
u2 Group2 can_admin
u3 Group3 no_admin
So u1 should be able to add users to the application but only can see Group2 and Group3 under Groups Options, u2 should be able to add users to the application to but only can see Group3 under Groups Options, so u1 and u2 shouldn't add users belonging to Group1, how I can get this using sfDoctrineGuard? It's possible?
NOTE: I use GroupN as a example but below in the code sample is the right names for groups and permissions!
EDIT: Improve question
So after take a closer look at this I'm trying to to the same but adapted to my code so in lib/form/doctrine/sfDoctrineGuardPlugin/sfGuardUserForm.class.php I change this:
class sfGuardUserForm extends PluginsfGuardUserForm {
public function configure() {
//groups_list
$this->getWidget('groups_list')->setOption('expanded', true);
$this->getWidget('groups_list')->setOption('table_method', 'getListForAdmin');
$this->getValidator('groups_list')->setOption('query', Doctrine::getTable('sfGuardGroup')->getListForAdmin());
}
}
Also I made this changes at lib/model/doctrine/sfDoctrineGuardPlugin/sfGuardGroupTable.class.php
class sfGuardGroupTable extends PluginsfGuardGroupTable {
/**
* Returns an instance of this class.
*
* @return object sfGuardGroupTable
*/
public static function getInstance() {
return Doctrine_Core::getTable('sfGuardGroup');
}
/**
* Builds list query based on credentials
*
*/
public function getListForAdmin() {
$user = sfContext::getInstance()->getUser();
$q = $this->createQuery('g');
if ($user->hasPermissions('can_admin_full')) {
$q->addWhere('g.name IN (?)', array('Administradores Monitor', 'Monitor'));
} else if ($user->hasPermissions('can_admin')) {
$q->addWhere('g.name IN (?)', array('Monitor'));
}
return $q;
}
}
But don't work because login using a user that belongs to group "Administrador de Servicios" and has permissions 'can_admin' and 'can_admin_full' and I can see all the groups in the widget and I'm looking just for see in that case 'Administradores Monitor' and 'Monitor'
EDIT 2 Also try this other code:
$this->widgetSchema['groups_list'] = new sfWidgetFormDoctrineChoice(array('multiple' => true, 'table_method' => 'getListForAdmin', 'query' => Doctrine::getTable('sfGuardGroup')->getListForAdmin()));
And still not working, I change 'table_method' => 'getListForAdmin' to 'table_method' => 'getListForAdmin1' and nothing happens so I suspect that the method is never called
EDIT 3 Now it's working but see this: If I use this approach:
$this->getWidget('groups_list')->setOption('expanded', true);
$this->getWidget('groups_list')->setOption('table_method', 'getListForAdmin');
$this->getValidator('groups_list')->setOption('query', Doctrine::getTable('sfGuardGroup')->getListForAdmin());
Then I get this error:
SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens
If I use the other approach:
$this->widgetSchema['groups_list'] = new sfWidgetFormDoctrineChoice(array('multiple' => true, 'table_method' => 'getListForAdmin', 'query' => Doctrine::getTable('sfGuardGroup')->getListForAdmin()));
I get this other error:
sfWidgetFormDoctrineChoice requires the following options: 'model'.
Then I added the parameter model:
$this->widgetSchema['groups_list'] = new sfWidgetFormDoctrineChoice(array('multiple' => true, 'model' => 'sfGuardGroup', 'table_method' => 'getListForAdmin', 'query' => Doctrine::getTable('sfGuardGroup')->getListForAdmin()));
But get the same error as first approach, I suspect the problem is in getListForAdmin() function but really don't know where exactly
What's wrong at this point?
Try to change the conditional in getListForAdmin():
if ($user->hasPermissions('can_admin_full')) {
$q->whereIn('g.name', array('Administradores Monitor', 'Monitor'));
} else if ($user->hasPermissions('can_admin')) {
$q->whereIn('g.name', array('Monitor'));
}