Control export options via userpriv.php (v2020)

Adam · Post by **Adam** » Mon Sep 09, 2019 3:36 pm

I have submitted this a feature request but, until it's implemented, here's a simple, table-by-table way of controlling which export options are available to individual user groups :)

To avoid confusion, it's best to edit the userpriv.php files in the root and classes folders from the bottom up...

So, start by opening userpriv.php in the root folder:

1) go to line 148 and change as follows:

// Modified	["add", "delete", "edit", "list", "lookup", "view", "search", "import", "admin"].forEach(function(id) {
	["add", "delete", "edit", "list", "lookup", "view", "search", "import", "print", "excel", "word", "html", "xml", "csv", "pdf", "email", "admin"].forEach(function(id) {

2) save the file

3) make a copy i.e. userpriv_save.php

Now open userpriv.php in the classes folder:

1) go to line 560 and change as follows:

// Modified	$privilege = $privilege & $this->TableList[$i][5]; // Set maximum allowed privilege (protect from hacking)
			$privilege = $privilege & 131071; // Set maximum allowed privilege (protect from hacking)

2) go to line 539 and insert as follows:

				// Modified (added 8 rows below)
				$this->Privileges["print"] = 512; // Print
				$this->Privileges["excel"] = 1024; // Excel
				$this->Privileges["word"] = 2048; // Word
				$this->Privileges["html"] = 4096; // HTML
				$this->Privileges["xml"] = 8192; // XML
				$this->Privileges["csv"] = 16384; // CSV
				$this->Privileges["pdf"] = 32768; // PDF
				$this->Privileges["email"] = 65536; // Email

3) go to line 525 and change as follows:

// Modified			$ar[] = ["table" => ConvertToUtf8($this->getTableCaption($i)), "index" => $i, "permission" => $tempPriv, "allowed" => $this->TableList[$i][5]];
					$ar[] = ["table" => ConvertToUtf8($this->getTableCaption($i)), "index" => $i, "permission" => $tempPriv, "allowed" => 131071];

4) go to line 510 and change/insert as follows:

						(int)Post("import_" . $i) + (int)Post("lookup_" . $i) +	// Modified (inserted the 4 rows below)
						(int)Post("print_" . $i) + (int)Post("excel_" . $i) +
						(int)Post("word_" . $i) + (int)Post("html_" . $i) +
						(int)Post("xml_" . $i) + (int)Post("csv_" . $i) +
						(int)Post("pdf_" . $i) + (int)Post("email_" . $i);

4) save the file

5) make a copy i.e. userpriv_save.php

Next, open your project and add the following functions to Server Events > Global > All Pages > GlobalCode:

// Confirm whether actual Admin
function IsRealAdmin() {
	return (IsSysAdmin() || UserLevelID() == -1);
}

// Restrict permitted export options
function ExportOptions($instance) {
	global $Security;

	$userLevel = isset($Security) ? $Security->currentUserLevel() : @$_SESSION[Config('SESSION_USER_LEVEL')]; // Permissions

	foreach (array('print' => 512, 'excel' => 1024, 'word' => 2048, 'html' => 4096, 'xml' => 8192, 'csv' => 16384, 'pdf' => 32768, 'email' => 65536) as $key => $value) {
		$item = @$instance->ExportOptions->Items[$key];
		if ($item && !IsRealAdmin() && !($userLevel & $value))
			$item->Visible = FALSE;
	}
}

Next, add the following code to Server Events > Global > All Pages > Page_Rendering:

	// Restrict export options based on permissions
	if (CurrentPageID() == 'list' || CurrentPageID() == 'view')
		ExportOptions(CurrentPage());

Now add these entries to your language file(s):

	<phrase id="PermissionCSV" value="CSV" client="1"/><!-- v2020 -->
	<phrase id="PermissionEmail" value="Email" client="1"/><!-- v2020 -->
	<phrase id="PermissionExcel" value="Excel" client="1"/><!-- v2020-->
	<phrase id="PermissionHTML" value="HTML" client="1"/><!-- v2020 -->
	<phrase id="PermissionPDF" value="PDF" client="1"/><!-- v2020 -->
	<phrase id="PermissionPrint" value="Print" client="1"/><!-- v2020 -->
	<phrase id="PermissionWord" value="Word" client="1"/><!-- v2020 -->
	<phrase id="PermissionXML" value="XML" client="1"/><!-- v2020 -->

Finally:

1) ensure that all export options are enabled on the PHP > Page Options (global) tab (and in Table > Table-specific Options for tables with non-standard settings)

2) click "Generate" and be sure to uncheck both userpriv rows, or you'll overwrite the files you just modified!

3) at minimum, you will need to regenerate userfn.php and your language file(s) but, for safety, regenerate the entire project (EXCEPT the userpriv files, of course)

...and voila!

Log in to your site as Admin and you'll see the new security options on the Permissions page.

Now, users of your site will only see the export options you specified for their user group.

mfabbri71 · Post by **mfabbri71** » Tue Oct 10, 2023 6:54 pm

I tried this hack, but when I'm saving the new permissions in userlevelpermission table the value checked in the new columns (print,excel, csv, etc...) are not saved
I activate in global settings only Excel and PDF export and in some tables (specific options) only Excel export
Where I'm doing wrong ?
Thanks in advance
MF

mobhar · Post by **mobhar** » Sat Oct 21, 2023 4:26 pm

Please note that tips is for v2020. Are you sure you implement it for v2020, too?