Select WPM
Three, two, one. GO! [RFC] Joomla com_fields: Access Form view level written by Ruud van Lent. Introduction Current implementation of com_fields has the possibility to limit the access to VALUES of the configured fields via the following config settings: Access: The access level group that is allowed to view this item Show on: On which part of the site should the field be shown (administrator, site, both) ACL permissions: Edit Custom Field Value Access and ACL permissions can also be set on a field group level, show on needs to be configured om a per field basis. In this RFC:

Current Limitations

This RFC proposes to extend the configuration of com_fields to better control the displaying of Fields on (component edit / create) Forms. This functionality will greatly extend the use cases for com_fields in ‘real-life’ implementations. Use Case com_fields and com_content: I run a large blog site where the blogs are ‘enriched’ with custom fields to add credits, opengraph image / title / description, twitter card image / title / description to the blogs. The access to these field values must be set to public in order for visitors / facebook / twitter etc. to ‘see’ the given values. These filling of these fields must be limited to the publisher role to avoid mis usage and to comply to site standards (for images). The fields should be invisible to authors in order to avoid ‘support calls’: what are these fields for, why cannot I edit them, etc. With the current configuration settings this is not possible: Setting the Access to publisher will prevent the fields from displaying on the article editing / creation form, but will also only display the values set in these fields to publisher only: public / guest will not see the values set. using show on administrator will partly work, but the publishers need to be able to login via the back-end. The show on parameter is ACL independent (simple toggle). Publishers do not have access to the back-end but need access to these fields via the front-end. setting the ACL to only allow publishers to Edit Custom Field Value, will display the fields on everybody’s article edit / creation form (including authors) as read-only except for the groups that have the correct permissions. This will clutter the article edit / creation form with a lot of read-only fields with the possibility that in the long list of fields some fields are read-only and some are editable.   Use Case com_fields and com_users: I run a membership site where users subscribe to a service. Depending on their subscription, values can be set in their user profile via com_fields. The amount of fields for all subscriptions total up to 50 fields. The values set in these fields should be visible on the front-end (via a special view that reads the user’s set value (via com_fields api)), the access to these fields must be set to public in order for public and guests to see the values for a specific user. Specific fields should only be visible on the user profile edit form for the groups the user is member of and where these fields should be assigned to. Setting access to a field to the specific group that the fields belongs to does not work as this will also make the values set in these fields inaccessible to public. The values can only be seen by the users that have group membership the field access is set to using show on administrator will now work, because it is a generic toggle that is independent of group ACL membership: They are either all shown or all invisible. Furthermore no users have access to the back-end. Setting the ACL to only have specific user groups Edit Custom Field Value rights will display all fields on the user profile edit form: most read-only and some where values can be set. Only the fields where values can be set should be shown on the user edit profile form. Furthermore: because the fields access is set to public, when a new user registers on the site, all (!) 50 fields are shown in the registration form as read-only, where the registering user needs to scroll down past all the read-only fields to reach the actual register button. Only the fields that are necessary in the form should be displayed.

[RFC] Joomla com_fields: Access Form view level

This RFC is Obsolete: I am glad to inform you that the discussion on this RFC led to a new RFC that will be part of Joomla! version 3.8.7
(https://issues.joomla.org/tracker/joomla-cms/20068)

Introduction

Current implementation of com_fields has the possibility to limit the access to VALUES of the configured fields via the following config settings:

  1. Access: The access level group that is allowed to view this item
  2. Show on: On which part of the site should the field be shown (administrator, site, both)
  3. ACL permissions: Edit Custom Field Value

Access and ACL permissions can also be set on a field group level, show on needs to be configured om a per field basis.

In this RFC:

Current Limitations

This RFC proposes to extend the configuration of com_fields to better control the displaying of Fields on (component edit / create) Forms. This functionality will greatly extend the use cases for com_fields in ‘real-life’ implementations.

Use Case com_fields and com_content:

I run a large blog site where the blogs are ‘enriched’ with custom fields to add credits, opengraph image / title / description, twitter card image / title / description to the blogs. The access to these field values must be set to public in order for visitors / facebook / twitter etc. to ‘see’ the given values.

These filling of these fields must be limited to the publisher role to avoid mis usage and to comply to site standards (for images).

The fields should be invisible to authors in order to avoid ‘support calls’: what are these fields for, why cannot I edit them, etc.

With the current configuration settings this is not possible:

  1. Setting the Access to publisher will prevent the fields from displaying on the article editing / creation form, but will also only display the values set in these fields to publisher only: public / guest will not see the values set.
  2. using show on administrator will partly work, but the publishers need to be able to login via the back-end. The show on parameter is ACL independent (simple toggle). Publishers do not have access to the back-end but need access to these fields via the front-end.
  3. setting the ACL to only allow publishers to Edit Custom Field Value, will display the fields on everybody’s article edit / creation form (including authors) as read-only except for the groups that have the correct permissions. This will clutter the article edit / creation form with a lot of read-only fields with the possibility that in the long list of fields some fields are read-only and some are editable.

 

Use Case com_fields and com_users:

I run a membership site where users subscribe to a service. Depending on their subscription, values can be set in their user profile via com_fields. The amount of fields for all subscriptions total up to 50 fields.

The values set in these fields should be visible on the front-end (via a special view that reads the user’s set value (via com_fields api)), the access to these fields must be set to public in order for public and guests to see the values for a specific user.

Specific fields should only be visible on the user profile edit form for the groups the user is member of and where these fields should be assigned to.

  1. Setting access to a field to the specific group that the fields belongs to does not work as this will also make the values set in these fields inaccessible to public. The values can only be seen by the users that have group membership the field access is set to
  2. using show on administrator will now work, because it is a generic toggle that is independent of group ACL membership: They are either all shown or all invisible. Furthermore no users have access to the back-end.
  3. Setting the ACL to only have specific user groups Edit Custom Field Value rights will display all fields on the user profile edit form: most read-only and some where values can be set. Only the fields where values can be set should be shown on the user edit profile form.

Furthermore: because the fields access is set to public, when a new user registers on the site, all (!) 50 fields are shown in the registration form as read-only, where the registering user needs to scroll down past all the read-only fields to reach the actual register button. Only the fields that are necessary in the form should be displayed.


Interesting blog? Like it on Facebook, +1 on Google, Tweet it or share this article on other bookmarking websites.

Written by
Pro-Blogger Top Blogger Thought Leader

With a solid background in ICT (operational, tactical and strategic) and years of experience in the community life, I see in communities and community thinking the future for companies.

This future requires another way of thinking and doing; both for executives and employees. It's not about me; it's about you. Your wellbeing and your (personal) growth.

'What comes around - goes around'

In the world of communities, the old 'management laws' no longer work and are even counterproductive.

I coach leaders and organizations in their quest for how new and servant leadership can contribute to communities and community thinking, and as a result to the growth of the organization.

I do this from the following initiatives:

 


Discuss this article

INFO: You are posting the message as a 'Guest'

Log In or Sign Up

Forgot your password? / Forgot your username?

Or login / register with one of the following Social Media accounts: