Hi there.
I was wondering if there is a way to modify the following codes, so that when I change a database user their permissions, that they will have the same permissions as a default user.
%rec=&get_record($db_userid);
unless (%rec) {
&html_add_form;
return;
}
else {
$in{'modify'} = $db_userid;
&html_modify_form_record;
return;
}
}
(This is is my html_home sub-routine in html.pl.)
Basically, what I am trying to do is that let's say that User A has been trying to post mass ads that do not pertain to my database. I know I can change User A's permissions to "View" in the Admin Console. However, when User A logs in again, he/she will receive all those Unauthorized Action screens.
The code above basically sends the registered user no matter what their permissions are to the "Add Record" screen, which of course with the changed permissions, User A will not be able to add anything.
Is there a way to add some codes to the above codes that will either read permissions of the db_userid and/or send an email message to the User A that their permissions have been changed and they will only be able to search and view records, but will not be able to add, modify, or delete records??
I know this is a confusing request, but I have been playing around with different authorization schemes in the default.cfg as well as trying to edit the above code and nothing seems to work.
TIA.
Regards,
------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us
I was wondering if there is a way to modify the following codes, so that when I change a database user their permissions, that they will have the same permissions as a default user.
Code:
unless (($per_admin) or ($db_userid eq "default")) { %rec=&get_record($db_userid);
unless (%rec) {
&html_add_form;
return;
}
else {
$in{'modify'} = $db_userid;
&html_modify_form_record;
return;
}
}
(This is is my html_home sub-routine in html.pl.)
Basically, what I am trying to do is that let's say that User A has been trying to post mass ads that do not pertain to my database. I know I can change User A's permissions to "View" in the Admin Console. However, when User A logs in again, he/she will receive all those Unauthorized Action screens.
The code above basically sends the registered user no matter what their permissions are to the "Add Record" screen, which of course with the changed permissions, User A will not be able to add anything.
Is there a way to add some codes to the above codes that will either read permissions of the db_userid and/or send an email message to the User A that their permissions have been changed and they will only be able to search and view records, but will not be able to add, modify, or delete records??
I know this is a confusing request, but I have been playing around with different authorization schemes in the default.cfg as well as trying to edit the above code and nothing seems to work.
TIA.
Regards,
------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us