An Introduction to Developing eZ Publish Extensions
Friday 10 December 2010 1:24:31 am
To test the new view list of the module modul1 in jacextension, we have to activate the extension. This is done in the global site.ini.append.php (see listing 4) or in the site.ini.append.php associated with the applicable siteaccess (see listing 5). In the global siteaccess, the extension is activated via the ActiveExtensions[] setting. If you are activating the extension for a specific siteaccess, use the ActiveAccessExtensions[] setting.
<?php /* #?ini charset="utf-8"? [ExtensionSettings] ActiveExtensions[] ActiveExtensions[]=jacextension ... */ ?>
Listing 4. Option 1 – Activating the extension for all existing siteaccesses in the global configuration file: settings/override/site.ini.append.php
<?php /* #?ini charset="utf-8"? ... [ExtensionSettings] ActiveAccessExtensions[]=jacextension ... */ ?>
Listing 5. Option 2 – Activating extensions in the configuration file of a specific siteaccess, for example: settings/siteaccess/plain_site/site.ini.append.php
Privilege system
If we try to open the view list of modul1 with following URL:
http://localhost/ez/index.php/plain_site/modul1/list/table/5/(param4)/141
...eZ Publish returns an “access denied” message. Why? Because the Anonymous user does not have the necessary privileges.
There are two ways to grant privileges. We could grant access to all users with the entry PolicyOmitList[]=modul1/list in the configuration file extension/jacextension/settings/site.ini.append.php, (see listing 6).
<?php /* #?ini charset="utf-8"? [RoleSettings] PolicyOmitList[]=modul1/list */ ?>
Listing 6. Set the access rights to the view list of modul1 for all users, in the configuration file extension/jacextension/settings/site.ini.append.php
Alternatively, we could alter the user access privileges using the eZ Publish Administration Interface. To do this we have to change the role Anonymous to allow access to the functions of module modul1. Use the following URL: http://localhost/ez/index.php/plain_site_admin/role/view/1.
The functions that can have an extension module are defined in module.php with the array $FunctionList. The link is done in the definition of the view with the Array key functions. So in our example we link the view list with the user function read:
$FunctionList['read'] = array(); // with 'functions' => array( 'read' ) in the $ViewList array
Using $FunctionList, it is possible to link individual views of a module with specific user functions. There is also the user function "create", which is assigned to all views that create content. In this case, we want to limit access to editors.
The "read" function is available to all the users who need read rights, and also for the Anonymous user.
For advanced settings on privileges, please check the tutorial "Adding custom security policy limitations to your modules".