Hi,
We are implmenting a Datatables project where the CRUD of a table is managed by user roles. e.g. a User may be READER, EDITOR, ADMIN
For some tables a user with editor can read but not edit fields, but an admin can read and edit the table.
The security example shows you using a session as below. but doesnt seem to have a true / false type of part to it.
We are hoping not to use a session but a user object so if user->role() == 'ADMIN' then get and set the field but if user->role() == 'EDITOR' then field->get but no field->set
How would we do this as the example with session possibly relies on a call to session to see if $_session[access][admin] exits? That's different if using a method call. I cannot find documentation for it. Thanks
Example from docs:
Editor::inst( $db, 'staff' )
->fields(
Field::inst( 'name' )
->set( $_SESSION['access']['editing'] )
Field::inst( 'location' )
->set( $_SESSION['access']['editing'] )
Field::inst( 'salary' )
->get( $_SESSION['access']['admin'] )