Allow User To Update Only Certain Form Fields

Hi Guys,

I would like to allow certain users to be able to update only certain fields on a form. How can I do this? So far I haven’t found any relevant information about this. Can somebody please point me to the right direction?

Thanks a lot!

BR

c

means based on the role we need to allow the user to edit/view the control on the form?

yes, for example based on a role, he/she is allowed to update only certain field values on the form.

Or maybe my logic is wrong, and this has to be handled completely differently, I don’t know.

ok we have created content management system [Padlock implementation] using JQuery and Ajax.

To enable padlock to your pages, you need to follow some of the few rules.

  1. Configure main.php, add the below line in component secion.

    ‘padLock’=>array(

                    'class'=>'application.components.padLockController',
    
    
           ),
    
  2. Create “Js” folder under “protected” folder and place the files “padlock_header.inc” and “padlock_script.inc”.

  3. Add the css class name “padlock_control” to form elements. At present we can add only for form elements such as textbox, image, button, checkbox radio buttons etc. We have not implemented for label field. If we need to hide the label, then we need to specify “lbl_” corresponding form element name.

  4. For hiding any form control not to appear on padlock screen, we need mention css name as “hide_padlock” for the form control, so that the control will not appear on padlock screen.

  5. Include file named “padlock_header.inc” on top of view file and “padlock_script.inc” on bottom view file.

  6. Once those files are included, admin can see the “Manage” button on corresponding view page. By clicking on “Manage” admin will get redirected to padlock screen.

  7. Now, admin can able to click on any form elements such as textbox, textarea, input buttons, images etc. when admin clicks on any control, then the control border will get changed to red color, indicates that this control is selected for padlock.

  8. If admin need to unselect the selected content, then he can click on selected item, or he can uncheck the checkbox from “Selected fields”.

  9. Finally, admin will have list of employees and the roles, for whom he need to apply padlock. He can choose one or many user and click on submit button.

Add the attached files in the components folder and create these table to manage the padlock

CREATE TABLE tbl_padlock_users

(

sl_nr int4 NOT NULL,

page_id varchar(150),

model_id varchar(150),

user_id int4,

created_by int4,

created_date timestamp,

modified_by int4,

modified_date timestamp,

record_status bool,

role_id varchar(20),

CONSTRAINT tbl_padlock_users_pkey PRIMARY KEY (sl_nr)

)

CREATE TABLE tbl_padlock_fields

(

sl_nr int4 NOT NULL,

page_id varchar(150),

model_id varchar(150),

user_id int4,

padlock_fields text,

padlock_fields_name text,

visibility_flags varchar(2000),

enable_flags varchar(2000),

created_by int4,

created_date timestamp,

modified_by int4,

modified_date timestamp,

record_status bool,

role_id varchar(20),

CONSTRAINT tbl_padlock_fields_pkey PRIMARY KEY (sl_nr)

)

contents of "padlock_header.inc" to be added in the /wwwroot/js folder

<?php

if(!Yii::app()->user->isGuest)

&#036;roleId = Yii::app()-&gt;user-&gt;designation;

else

&#036;roleId = 'Guest';

$roleId = ‘Bidder’;

//$pageId = $_REQUEST[‘r’];

$pageId = Yii::app()->controller->id.’/’.Yii::app()->controller->action->id;

$padLock = Yii::app()->padLock;

$padLockStatus = $padLock->getAllPadlocks($roleId , $pageId);

$css_class = Yii::app()->padLock->padLockClass;

$hide_padlock = Yii::app()->padLock->padLockHideClass;

$padlock_Content = Yii::app()->padLock->padLockContent;

$baseUrl = Yii::app()->baseUrl;

$userid = Yii::app()->user->id;

$css_class = array(‘class’=>‘padlock_control’);

?>

<?php Yii::app()->clientScript->registerCoreScript(‘jquery’); ?>

<input type="hidden" name="padlockForm" id="padlockForm" value="false">

<input type="hidden" name="selectedFields" id="selectedFields" value="">

<input type="hidden" name="modelName" id="modelName" value="<?php echo get_class($model);?>">

<input type="hidden" name="pageName" id="pageName" value="<?php echo $pageId;?>">

<div id="mainDiv_Padlock">

<div id="defineForm"></div>

<div id="manage_button" style="text-align:right;">

&lt;input type=&quot;button&quot; Name=&quot;padlock&quot; id=&quot;padlock&quot; value=&quot;Manage&quot;&gt;

</div>

<!–

<Table id="main_table">

<Tr>

<Td>

–>

contents of "padlock_script.inc" to be added in the /wwwroot/js folder

<table id="controls_table" style="display:none;">

 &lt;Tr&gt;&lt;Td style=&quot;text-align:center;&quot;&gt;


 &lt;table class=&quot;atable&quot; border=&quot;1&quot; style=&quot;verticle-align:top;&quot; id=&quot;addedControls&quot; bgcolor=&quot;#F4F8E9&quot;&gt;


	&lt;tbody&gt;


		&lt;tr class=&quot;evenRow&quot;&gt;


			&lt;th colspan=&quot;5&quot;&gt;Selected Controlls&lt;/th&gt;


		&lt;/tr&gt;


		&lt;tr id=&quot;emptyrow&quot;&gt;


			&lt;td colspan=&quot;5&quot; align=&quot;center&quot;&gt;&amp;nbsp;&lt;/td&gt;


		&lt;/tr&gt;						


	&lt;/tbody&gt;


	&lt;/table&gt;


 	


&lt;/Td&gt;


&lt;/Tr&gt;


&lt;tr&gt;


	&lt;td&gt;&lt;div id=&quot;padlock_buttons&quot;&gt;&lt;/div&gt;&lt;/td&gt;


&lt;/tr&gt;

</Table>

&#60;&#33;-- &lt;/form&gt;  --&#62;

<!-- </td></tr></table> -->

</div>

<style>

.atable {

border: 1px solid #AAAAAA;


border-collapse: collapse;


margin-left: -10px;


width: 100%;

}

.atable th {

background: none repeat scroll 0 0 #052D92;


border: 1px solid #AAAAFF;


font-weight: bold;


color:white;

}

.atable td {

border: 1px solid #FFFFFF;


padding: 4px;

}

.oddRow {

background: none repeat scroll 0 0 #FFFFFF;

}

.evenRow {

background: none repeat scroll 0 0 #DFDFFF;

}

.padlockBackground {

background: none repeat scroll 0 0 #DFDFFF;

}

.selectedControl{

    border-color: red;


    outline-color: red;


    outline-style: solid;


    outline-width: thin;


    border:2px solid #CC0000;

}

</style>

<script>

jQuery.fn.exists = function(){return this.length>0;}

$(document).ready(function() {

//var role_id = '&lt;?php echo &#036;roleId;?&gt;';


var role_id = 'Admin';


//user_id = 2;


if(role_id &#33;= 'Admin' ) {


	var arr = '&lt;?php echo Yii::app()-&gt;padLock-&gt;padLockContent; ?&gt;';


	if(arr&#33;=&quot;&quot;) {


	var padlockArray = new Array();


		


	var object = jQuery.parseJSON(arr);


	padlockArray['field'] 		= object.field;


	padlockArray['visibility']  = object.visibility;


	padlockArray['Enable']		= object.Enable;


	


	var padlockFieldsArr =  (padlockArray['field'].toString()).split(',');


	var padlockvisibilityArr =  (padlockArray['visibility'].toString()).split(',');


	var padlockEnableArr =  (padlockArray['Enable'].toString()).split(',');


	var modelId = '&lt;?php echo get_class(&#036;model);?&gt;';





	// Elements are not in form			


	&#036;(&quot;form&quot;).find('input, textarea, select, li, ul, .padlock_control').each(function(){


		var id = &#036;(this).attr('id');


		if(jQuery.inArray(id, padlockFieldsArr)&gt;=0) 


	    {


	         var array_Index = padlockFieldsArr.indexOf( id );


	         var visiblity = padlockvisibilityArr[array_Index];


	    	 var enable = padlockEnableArr[array_Index];


	    	 //alert(&quot;id=&quot;+id+&quot;, &quot;+visiblity+&quot;, &quot;+enable);





	    	 if(visiblity == &quot;0&quot;) {


	    		 if (&#036;(&quot;#lbl_&quot;+id).exists()) {


	    			 &#036;(&quot;#lbl_&quot;+id).remove();


	    		 }	    				    		 


	    		 &#036;(&quot;#&quot;+id).remove();


	    	}


	    	if(enable == &quot;0&quot;) {			    	    				    		 


	    		 &#036;(&quot;#&quot;+id).attr('disabled', true);


	    	}


	    }    


   	});





	&#036;(&quot;[id^='pdl_']&quot;).each( function() {


   		// alert(&#036;(this).attr('id'));


   		var id = &#036;(this).attr('id');


   		


   		if(jQuery.inArray(id, padlockFieldsArr)&gt;=0) 


	    {


   			var array_Index = padlockFieldsArr.indexOf( id );


		    var visiblity 	= padlockvisibilityArr[array_Index];


		    var enable 	= padlockEnableArr[array_Index];


	   		//alert(&quot;id=&quot;+id+&quot;, &quot;+visiblity+&quot;, &quot;+enable);


   			


   			&#036;(&quot;#&quot;+id).remove();


   			if (&#036;(&quot;#&quot;+id+&quot;_data&quot;).exists()) { // table column removal


   					&#036;(&quot;[id^=&quot;+id+&quot;_data]&quot;).each(function() {		   							


   					&#036;(this).remove();


   				});


    		 }


	    }


   	});	


	}				    


}





&#036;('#padlock').click(function() {


	


	&#036;(&quot;select &gt; option&quot;).remove();


	&#036;('select').append(&#036;('&lt;option&gt;&lt;/option&gt;').val('').html('----select----'));





	&#036;(&quot;.errorSummary&quot;).remove();


	&#036;(&quot;.errorMessage&quot;).remove();


	


	&#036;(&quot;a&quot;).each( function() {


		&#036;(this).attr('onclick','');


		&#036;(this).attr('href','#');


	});





	


	&#036;(&quot;link[href='&lt;?php echo Yii::app()-&gt;request-&gt;baseUrl; ?&gt;/bootstrap/css/bootstrap.css']&quot;).remove();


	


	addPadLockButtons();


	


	var formId = &#036;('#padlockForm').closest('form').attr('id');


	var url = '&lt;?php echo &#036;this-&gt;createUrl('padLock/Insert');?&gt;'; 


	&#036;(&quot;#&quot;+formId).attr(&quot;action&quot;, url);


	&#036;(&quot;#&quot;+formId).attr(&quot;name&quot;, &quot;pdlForm&quot;);


	


	&#036;('#padlockForm').val(&quot;true&quot;);


	


	&#036;(&quot;#manage_button&quot;).html(&quot;&lt;center&gt;&lt;h3 style='color:#CC0000;'&gt;WELCOME TO PADLOCK SCREEN&lt;/h3&gt;&lt;/center&gt;&quot;);


	&#036;(&quot;#mainDiv_Padlock&quot;).addClass('padlockBackground');


	&#036;('#padlock').hide();


	&#036;('#controls_table').show(&quot;slow&quot;); 








    &#036;('input, textarea, select, .padlock_control, [id^=&quot;pdl_&quot;]').click(function() 


    {   


    	var target_id = &#036;(this).attr(&quot;id&quot;);


    	var hdnValue = &#036;('#selectedFields').val();


    	


    	if(&#036;(this).hasClass('selectedControl')) 


        {


			 &#036;(this).removeClass('selectedControl');


			 &#036;('#my_row_'+target_id).remove();				 


			 remove_id_from_hidden(target_id);				  				 


		} else {


			&#036;(this).addClass('selectedControl');


			


			/*********** checking wheather the control already added or not */


			var n = hdnValue.search(new RegExp(target_id, &quot;i&quot;));


			if(n == -1) {


				&#036;('#selectedFields').val(hdnValue +','+ target_id);			 	


		 		addTableRow('addedControls', target_id);				


			} else {	


				&#036;('input:checkbox[value=&quot;' + target_id + '&quot;]').attr('checked', true);


			}


		}


    });


	


});

});

function remove_id_from_hidden(target_id) {

var hidden =  &#036;(&quot;#selectedFields&quot;);


var arr = hidden.val().split(&quot;,&quot;); // transforms the string into an array


arr.splice(arr.indexOf(target_id), 1); // removes the item from the array


hidden.val(arr.join(&quot;,&quot;)); // sets the value again


removeTableRow(target_id);


return;

}

function addTableRow(jQtable, target_id) {

default_chk_value = 'Checked';





var tds = '&lt;tr id=&quot;my_row_'+target_id+'&quot;&gt;';


tds += '&lt;td&gt;&lt;input type=&quot;checkbox&quot; name=&quot;padlock_chk_fields[]&quot; id=&quot;padlock_chk_fields&quot; onclick=&quot;callme(this)&quot; value=&quot;'+target_id+'&quot; CHECKED=TRUE&gt;&lt;/td&gt;';


tds += '&lt;td&gt;'+target_id+'&lt;/td&gt;';


tds += '&lt;td&gt;&lt;input type=&quot;Radio&quot; name=&quot;visibleProp_'+target_id+'&quot; value=&quot;visible&quot;&gt;Visible&lt;br/&gt;&lt;input type=&quot;Radio&quot; name=&quot;visibleProp_'+target_id+'&quot; value=&quot;invisible&quot; checked&gt;In-Visible&lt;Br/&gt;&lt;/td&gt;';


tds += '&lt;td&gt;&lt;input type=&quot;Radio&quot; name=&quot;enableProp_'+target_id+'&quot; value=&quot;enable&quot;&gt;Enabled&lt;br/&gt;&lt;input type=&quot;Radio&quot; name=&quot;enableProp_'+target_id+'&quot; checked value=&quot;disable&quot;&gt;Disabled&lt;Br/&gt;&lt;/td&gt;';


tds += '&lt;td align=&quot;center&quot;&gt;&lt;img border=&quot;0&quot; id=&quot;'+target_id+'&quot; src=&quot;images/cross.gif&quot; style=&quot;display: inline;&quot; onClick=remove_id_from_hidden(&quot;'+target_id+'&quot;);&gt;&lt;/td&gt;';        


tds += '&lt;/tr&gt;';





&#036;('#'+jQtable).append(tds);

}

function removeTableRow(rowId) {

&#036;('#my_row_'+rowId).remove();


&#036;('#'+rowId).removeClass('selectedControl');	

}

function addPadLockButtons() {

&#036;.ajax({


	  type: &quot;POST&quot;,


	  url: '&lt;?php echo &#036;this-&gt;createUrl('padLock/PadlockCommonFields');?&gt;',


	  success: function(data){


		&#036;(&quot;#padlock_buttons&quot;).html(data);


	  }		


	});

}

function callme(chkfield){

if(chkfield.checked == false) {		


	&#036;('#'+chkfield.value).removeClass('selectedControl');


	//removeTableRow(chkfield.value);


} else {


	&#036;('#'+chkfield.value).addClass('selectedControl');


}	

}

function getusersList() {

var selectedroles = '';





// getting checked checkbox values	


&#036;.each(&#036;(&quot;input[name='role[]']:checked&quot;), function() {


	selectedroles += (selectedroles?',':'') + &quot;'&quot;+&#036;(this).attr('value')+&quot;'&quot;;


	});





&#036;.ajax({


	  type: &quot;POST&quot;,


	  url: '&lt;?php echo &#036;this-&gt;createUrl('padLock/ListUsers');?&gt;',


	  data:'role='+selectedroles,


	  success: function(data){


		&#036;(&quot;#employeeData&quot;).html(data);


	  }		


	});

}

function submitPadlock() {

alert(&quot;xx&quot;);


&#036;(&quot;form[name='pdlForm']&quot;).submit();

}

</script>

Hi kumarkulandai,

thank you very much for your feedback! It’s awesome, but my problem is, that I’m not a professional, and I don’t really understand anything about your code… :)

Isn’t it possible that there is a more simple way doing it?

Thanks!

BR

c

Hi,

if u are provide your user_role in DB so u can easily maintain

sorry, but still no clue

Hi I need to find some to make this as an extension, once i did it will inform you.

Hi,

isn’t there any simple solution for this problem? Has anybody got an idea?

Thanks.

BR

c

Dear Friend

On client side we can disable form fields based on user authentication status.




........

<?php echo $form->textField($model,'marks',array('size'=>32,'maxlength'=>32,'disabled'=>Yii::app()->user->isGuest)); ?>

........



To further ensure the things, we can remove the submitted values in server side.




if(Yii::app()->user->isGuest)

     unset($_POST['Student']['marks']);



Then we can massively assign the values.




$model->attributes=$_POST['Student'];



I hope I helped a bit.

Regards.

I used this one. awesome! thanks.

it’s a good idea, thanks! however I realized that auth module is used for such purposes.