Filtering pages by user

Kirby 2 Questions 🤔
1

I have a number of pages within the same parent, each of which has a user field to identify the user who created the page:

  user:
    label: User
    type: user
    required: true

These users are also in a specific role such that they can only create pages of this type, and no other. I’ve managed to get some permissions going to this end.

<?php
// https://getkirby.com/docs/panel/permissions
// https://getkirby.com/docs/panel/roles
return [
    'name'    => 'Sales',
    'default' => false,
    'panel'   => true,
    'permissions' => [
        '*'                 => true,
        'panel.access' => true,
        'panel.access.options' => false,
        'panel.access.users' => false,
        'panel.page.*' => false,
        'panel.page.create' => function() {
            return $this->target()->page()->template() === 'partners'; // allow creating children of the Partners node
        },
        'panel.page.read' => function() {
          return
            'partners' === $this->target()->page()->template()
            || (
              ('partner' === $this->target()->page()->template())
              && 'dshannon' === $this->username()
              );
        },
        'panel.page.update' => function() {
          return $this->target()->page()->template() === 'partner'; // allow creating children of the Partners node
        },
        'panel.widget.*' => false,
        'panel.widget.pages' => true,
        'panel.site.update' => false,
        'panel.user.*'      => false,
    ]
];

What I’d like is to filter the pages list to only show those created by the currently logged in user. My attempt so far from the above is:

'panel.page.read' => function() {
    return
        'partners' === $this->target()->page()->template()
        || (
            ('partner' === $this->target()->page()->template())
                && ???? === $this->username()
            );
},

The first portion of the conditional allows the user to access the parent page in the panel. The second portion, the first part of it, shows the pages within the parent. Fine. The last portion is where I attempt filtering by the current username.

https://getkirby.com/docs/cheatsheet/permissions/panel-page-read Is pretty brief and only gives an example using the template field. I’ve tried doing $this->target()->page()->user() === $this->username() to no avail. Is this possible?

2

Try

'panel.page.read' => function() {
    return
        'partners' === $this->target()->page()->template()
        || (
            ('partner' === $this->target()->page()->template())
                && $this->target()->data()['userfield'] === $this->username()
            );
   },
3 
'panel.page.read' => function() {
    if ('partners' === $this->target()->page()->template()) return true;

    return 'partner' === $this->target()->page()->template() && $this->target()->data()['userfield'] === $this->username();
},

No workie unfortunately. I tried hardcoding a known user name in place of $this->username(), but still no pages show up. Conversely if I remove the whole right half of the final return statement, all pages do appear.

4

Maybe it should be

$this->site()->user()->username()

The docs might be wrong here, I’m not sure, not tested.

5

Just tried that, still nothing. $this->username may be correct as I’ve seen it mentioned more than once (1, 2). Replacing that code altogether with a known username (for which there should be at least one result) still produced no result. Starting to seem to me that the issue is with how to reference a field within a page, if that’s even possible. I haven’t yet been able to find any list of what data should be available via $this->target->data()['...'].

6

I did a test and this should work:

<?php
// https://getkirby.com/docs/panel/permissions
// https://getkirby.com/docs/panel/roles
return [
    'name'    => 'Editor',
    'default' => false,
    'panel'   => true,
    'permissions' => [
        '*'                 => true,
        'panel.access' => true,
        'panel.access.options' => false,
        'panel.access.users' => false,
        'panel.page.*' => false,
        'panel.page.create' => function() {
            return $this->target()->page()->template() === 'partners'; // allow creating children of the Partners node
        },
        'panel.page.read' => function() {
          return $this->target()->page()->template() == 'partners' || $this->target()->page()->template() == 'partner' && $this->target()->page()->userfield() == $this->username();

        },
        'panel.page.update' => function() {
          return $this->target()->page()->template() === 'partner'; // allow creating children of the Partners node
        },
        'panel.widget.*' => false,
        'panel.widget.pages' => true,
        'panel.site.update' => false,
        'panel.user.*'      => false,
    ]
];
7

Still no good. I’ve poked and prodded at this permission, but I can still only get an all-or-nothing result, not just the few that there should be per user.

Appreciate the help, but I can live with keeping this permission open seeing as I can still lock down other permissions.

8

Hm, I did in fact test this in a Starterkit before I ventured out with this permission. But I’m only human…