Hi

I've defined a view with a contextual filter wich is $account->uid. Now I want to limit the access to this view just to main administrator and "own" users. By "own" I mean, for example, that user 23 is only allowed to access his own view wich is my_view/23.

I'm trying to achieve this using PHP access with no success. Available variables in PHP access are:

$view_name: The name of the view to check.
$display_id: The ID of the display to check.
$account: The account to check.

The basic approach should be to retrieve the global drupal $user variable wich is the current logged in user and comparing it with the current argument of the view but it doesn't seem to work. It simply allows everybody to access everybody's view (I'm pretty sure that $account == $user):

  global $user;

  if ( ($user->uid == 1) or ($user->uid == $account->uid) ) {
    return TRUE;
  }

My second option was to retrieve the current view, get its argument and compare it against the $account/$user variable:

  $view = views_get_current_view();

  if ( ($account->uid == 1) or ($account->uid == $view->args[0]) ) {
    return TRUE;
  }

...and no luck for the generic users, ($account->uid == $view->args[0]) ) doesn't seem to work. And, at this point, I don't really know how to continue. Any idea or suggestion about this issue?

Thanks in advance.

Comments

johnv’s picture

johnv
Primary language Dutch
commented

You do't need Views PHP for this:
- add a contextual filter
- set: WHEN THE FILTER VALUE IS NOT IN THE URL, Provide default value, value 'User id from logged in user'
- set: WHEN THE FILTER VALUE IS IN THE URL OR A DEFAULT IS PROVIDED, Specify validation criteria, value user
- restrict roles if necessary
- set: Action to take if filter value does not validate to the desired option.

NoRandom’s picture

NoRandom commented
Status: Active » Fixed

Sorry for the delay in the reply, I haven't had time to try your solution until now.

It doesn't work because these two criteria are applied consecutively. So:

  1. No argument in the URL -> default argument
  2. Default argument in the URL -> validation criteria

But finally I've found a solution. I can get the current logged in user through global $user and then compare it with the argument of the view using php validation code for the argument (wich I think is provided by Views PHP).

Here is a little bug, if you set the validation code action as "Show page not found" everything is fine. But if you set it as "Display access dennied" you'll get a view with zero results.

Regards.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.