• Hello Fabrik Community

    Fabrik is now in the hands of the development team that brought you Fabrik for Joomla 4. We have recently transitioned the Fabrik site over to a new server and are busy trying to clean it up. We have upgraded the site to Joomla 4 and are running the latest version of Fabrik 4. We have also upgraded the Xenforo forum software to the latest version. Many of the widgets you might have been used to on the forum are no longer operational, many abandoned by the developers. We hope to bring back some of the important ones as we have time.

    Exciting times to be sure.

    The Fabrik 4.0 Official release is now available. In addition, the Fabrik codebase is now available in a public repository. See the notices about these in the announcements section

    We wish to shout out a very big Thank You to all of you who have made donations. They have really helped. But we can always use more...wink..wink..

    Also a big Thank You to those of you who have been assisting others in the forum. This takes a very big burden off of us as we work on bugs, the website and the future of Fabrik.

set some usergroup as a blacklist in juser form plugin

samani

Member
hi...
it is possible to define some group as a Whitelist in the option ribbon in the juser plugin.
is it possible to define some group as a blacklist that user can not register to that?can i use Condition for that?if yes,can you give me simple example code for define some group as blacklist...
thank you...
 
Nothing built it, but you could either do a validation on the element you use for the group, or a condition on juser.

What element type are you using for group selection?

-- hugh
 
i'm using usergroup element and disable editing for registered user to select one item and i know it have security problem.for this problem i want add some group to blacklist then hacker user can not insert each groupid.
 
OK, but I'm a little confused as to the difference between whitelist and blacklist. Group ids that aren't in the whitelist are, by definition, "blacklisted". There's no functional difference between specifying a list of ids they can use, versus a list of ids they can't.

Or are you saying you need to do this on a per-user basis, depending what group / access level they are in? So "teir 2" users can only set "teir 1", but "teir 3" users can set "twier 2" and "teir 1"?

If so, then yes, you'd need a PHP validation, that figures out what groups they can select ... something like ...

Code:
$user = JFactory::getUser();
$levels = $user->getAuthorisedViewLevels();

// for example, if teir 3 is access level 100, teir 2 is 101
// and tweir 3 can add group ids 50, 51, 52,  and teir 2 can add group ids 51 and 52
if (in_array(100, $levels)) {
   // teir 3 admin, can use ...
   $allowedGroups = array(50, 51, 52);
}
else if (in_array(101, $levels)) {
   $allowedGroups = array(51, 52);
}
else {
   // either have another $allowedGroups here, or barf 'cos they don't seem to be an admin
   return false;
}

// get the intersect of $allowedGroups and the submitted groups ...
$intersect = array_intersect($allowedGroups, $formModel->formData['yourtable___usergroups']);

// if there are more entries in the submitted data than the intersect, then they selected a group they aren't allowed
if ($formModel->formData['yourtable___usergroups'] > count($intersect))
   return false;
}

return true;

-- hugh
 
We are in need of some funding.
More details.

Thank you.

Members online

No members online now.
Back
Top