Access and Themes

The combination of permissions checks and theme elements can create really powerful dynamic interfaces. Just as you can make blocks and modules magically appear to different access groups, you can also create universal theme elements and show or hide them based on permissions.

Coding with Permissions

PostNuke uses one function as part of its security system that is especially handy when wanting to code a permissions check. The function is called pnSecAuthAction, and you can review its structure by loading up this file:

 /includes/pnSecurity.php 

The function has four variable parameters. The first is the realm that's being checked. This should be set to "0" in nearly every case. The second and third parameters are the Component and Instance, respectively, being checked. The format of the two variables is identical to an entry in the Permissions table.

The final parameter is the level of access that's being checked. The level for this variable matches the permissions levels and should be stated in uppercase and preceded with "ACCESS_."

pnSecAuthAction returns a Boolean TRUE/FALSE value, so all standard PHP true or false checks work fine. Here's an example of the function call that checks for Read access to the Downloads module:

 if (pnSecAuthAction(0, "Downloads::Item", "::", ACCESS_READ)) {     [some code] } 

Because the check works with the Permissions table directly, you can set up access to resources by group or user in the normal way, and no other coding is needed when you make the PHP call in your theme.

Tip

Some theme systems have their own functions you can use. AutoTheme, for example, has this handy Admin check:

 if (atIsAdminUser()) { [Some code] } 

You can check to see whether a user is currently logged in with the function pnUserLoggedIn. It also returns a Boolean trUE/FALSE value. An example of the code structure is the following:

 if (pnUserLoggedIn()) {     [some code] } else {     [some code] } 

This check could also be accomplished with permissions, but the direct function call is much easier.

Dynamic Theme Elements

For many PostNuke sites, the dynamic interface ends with blocks. You can easily create multiple menu blocks and assign each to a different group to customize each group's menu. But at times, the overhead of the block and module systems are such that coding permissions directly into a theme is much more space- and time-effective.

Standard non-Xanthia PostNuke themes allow you to write PHP directly into theme elements. For those themes, you can dynamically switch between Hypertext Markup Language (HTML) and PHP as needed.

For example, suppose you want to have a link in your theme to the Administration Menu. The link should only be there for administrators, and it should be absent for everyone else. Your HTML should look something like the following:

 <div > <?php if (pnSecAuthAction(0, "Permissions::", "::", ACCESS_ADMIN)) { echo "<a href=\"admin.php\">Administration</a>"; } ?> </div> 

The Permissions component was used in this example because it's a feature generally available only to true site administrators. If you want to open up the link to others, pick a component or instance that's specifically available to all those who you need to single out.

Xanthia themes handle PHP in a more modular way, through code plug-ins. The process can be a bit more complicated than direct coding, but plug-ins have the advantage of being reusable, even across multiple themes.

Look at the files in the Xanthia plug-ins folder:

 /modules/Xanthia/plugins/ 

To create a new plug-in, copy one of those files for use as a template. Complete versions of the plug-ins needed to render Administration Menu links and access to account controls are available with the book materials. Rename a file copy to this:

 function.administrationlink.php. 

Open this file in your editor. Scroll past the comments to the code at the bottom of the file. The first code line begins with function smarty_function_. Replace all of the function code with the following:

 function smarty_function_administrationlink($params, &$smarty) {     extract($params);     unset($params);     if (pnSecAuthAction(0, "Permissions::", "::", ACCESS_ADMIN)) {         return "<a href=\"admin.php\">Administration</a>";     }     else {         return "";     } } 

This plug-in is called within a Xanthia template using the tag <!--[administrationlink]-->. Taking the Xanthia theme you edited in Chapter 10, "Themes," open the master.htm file in the templates folder of the theme. A simple inclusion of the tag is accomplished like this:

 <body style="background-color:<!--[$bgcolor]-->;"> <div  style="background-color:<!--[$color6]-->;"><!--[$ZUPPERTOP]--><!-- [datetime]-->&nbsp;&nbsp;<!--[administrationlink]--></div> <div style="background-color:<!--[$color5]-->; padding:0.1em; width:100%;"> 

The effect can also be seen in Figure 16.5.

Another useful variation of this plug-in can be created using the pnUserLoggedIn() function. Create another plug-in template and rename it:

 function.loginlogout.php. 

Populate the new file with this code:

 function smarty_function_loginlogout($params, &$smarty) {     extract($params);     unset($params);     if (pnUserLoggedIn()) {     return "/user.php?module=NS-User&op=logout";     }     else {          return "/user.php?op=loginscreen&module=NS-User";     } } 

This function toggles the display of the Login and Logout links. You also could very easily add a link for My Account to the logged-in path.

Now that you've created these plug-ins, as long as they are in the global Xanthia plug-ins folder, they are available to all themes you have installed.