Implementing Admin Permissions?
#1
Looking to implement admin permissions for a plugin's module to restrict access to certain pages, I've had a look around but there doesn't seem to be much documentation on the process.

There's hooks for the admin permissions module and the admin permissions themselves look to be defined in the permissions table of the mybb_adminoptions table as a serialized array.

Any help on getting this working would be very appreciated! Big Grin
Reply
#2
You first add your action handler to the proper module ( config for this example ) :

function admin_config_action_handler(&$args)
{
    $args['foo_action'] = [
        'active' => 'foo_action',
        'file' => 'foo_action_file.php'
    ];
}

MyBB will always attempt to load permissions for all ( action ) files found in the module directory ( except for the home module ):
https://github.com/mybb/mybb/blob/9ccde7...x.php#L791

Now, just add your action to the list of permissions for admins to update in the admin permissions pages :

function admin_config_permissions(&$args)
{
    $args['foo_action'] = "Can manage the Foo Action system?";
}

If this last step is missing, the code _could_ assume permission is not set, thus always true ( has permission ) ( see: https://github.com/mybb/mybb/blob/9ccde7...s.php#L362 ). But I won't rely on this, and either way the recommended practice should be to always add the corresponding permission code for any action page added.

Use the following to set the permission during the activation, installation, deactivation, or uninstallation processes :
change_admin_permission('config', 'foo_action', 1);

https://github.com/mybb/mybb/blob/9ccde7...s.php#L545
Reply
#3
Thanks Omar for this tutorial Smile
[MyBB 1.8 mods] - Offer me a coffee
Do not ask me help through PM or Discord
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)