Restricting Employee Access to Admins only

LukeWard · 27 July 2016 15:53

Hi

I have a custom module which holds readers of a magazine. I want these users to be able to login and edit their OWN data. I have achieved this by creating a user entry for each reader record in the module, and assigning them to a security group, which has a restrictive role applied to it…

I don’t want these users, which really represent readers / records in a custom module, to be able to view Employees, it’s not relevant to them. Is editing the controller.php in the employees module folder the right way to accomplish this, would that be upgrade safe?

Any advice greatly appreciated.

Best Regards

Luke

Lagunajack · 4 August 2016 23:28

Hi Luke,

Go on my post of about 4 months ago - How to Hide employee information from non-admins

It will show the code changes you need to make on one php file.

5 minutes and you are done.

Regards,
Jack

LukeWard · 5 August 2016 09:14

Many thanks for this Jack! I take it this is not upgrade safe thought?

Lagunajack · 5 August 2016 13:57

We have done upgrades and not had a problem. Worse case after an upgrade log in as non-admin and check - only a few minutes to paste the updated code

Regards,
Jack

fanton.ff · 27 July 2018 07:37

To make this upgrade-safe, write the code inside custom/Extension/application/Ext/GlobalLinks/links.php instead (and run a Repair & rebuild)