m_acl

The m_acl model gives access the id of the currently logged in user, and provides a mechanism to do basic access control checks.

The following m_acl model properties are available in templates:

Property Description
user Returns the current user id. If not logged in, this returns undefined.
is_admin Check if the current user is alllowed to access the admin. Internally, this checks the use, mod_admin_config ACL.
use, admin, view, delete, update, insert, link These properties are shortcuts to check if the current user is allowed to do some action.
is_allowed Perform custom ACL checks which are different from the ones mentioned.
authenticated Used before the other ACL checks to check if a typical user is allowed to perform some actions. Example: m.acl.authenticated.insert.article If a user is logged on the that user’s permissions are used.

This example prints a greeting to the currently logged in user, if logged in:

{% if m.acl.user %}
    Hello, {{ m.rsc[m.acl.user].title }}!
{% else %}
    Not logged in yet
{% endif %}

This example checks if the user can access the admin pages:

{% if m.acl.is_admin %} You are an admin {% endif %}

This example performs a custom check:

{% if m.acl.is_allowed.use.mod_admin_config %}
    User has rights to edit the admin config
{% endif %}

And to check if a resource is editable:

{% if m.acl.is_allowed.update[id] %}
   User can edit the resource with id {{ id }}
{% endif %}

A short hand for the above is (assuming id is an integer):

{% if id.is_editable %}
   User can edit the resource with id {{ id }}
{% endif %}

Edit on GitHub

m_acl_user_group Models m_admin_status

Referred by

include

Include another template. The include tag is replaced with the contents of the included template file. You can give…

Access control

Access control is about defining who is allowed to access certain resources. It takes two steps: