ModX Revo Database: Relation between member groups and document groups - database

I'm creating some custom queries and need to figure out the relation between Member Groups and Document Groups.
My ultimate goal is to display the resources belonging to a particular User Group when a user log in. I am able to get their User ID from Sessions and so the relations I have figured out so far are:
User ID -> Member Groups Table -> ??Unknown table that pairs Member Groups with Document Groups?? -> Document Groups Table- > Resources Table
I just cant find that missing table(s)!
If any one can help me out that would be awesome!
Thanks
(ps: using Revo)
EDIT: added image for assitance

You could use some of the built-in MODX methods to achieve this.
This is not tested and might not work, but this might be a way to do it:
// userGroups = membergroups
$userGroups = $user->getUserGroups();
foreach ($userGroups as $userGroup) {
$resGroups = $userGroup->getResourceGroups();
foreach ($resGroups as $resGroup) {
$resources = $resGroup->getResources();
// merge resources into an array or something
}
}
Check out moduser.class.php, modusergroup.class.php, and modresourcegroup.class.php to see the queries behind these methods. You might be able to adapt them to one more efficient query.
Also, if I haven't misunderstood what you want to achieve then your results should be similar to what a user would see in the resource tree in the manager when logged in?
That uses the resource/getnodes.class.php processor, which retrieves all possible resources for each context using getCollection, then loops through each and decides whether to display or not by using $resource->checkPolicy('list'). That might be another approach to consider.
I usually work with custom data rather than MODX resources so would be keen to hear how you get on with this.

I know this is really, really old, but I came across this question looking for the answer myself. After a bit more digging I've found that it's the access_resource_groups table that links document_groups and member_groups
document_groups.id = access_resource_groups.target
member_groups.id = access_resource_groups.principal

Related

WordPress : make categories automatically match according to external API Value

I'm managing a company website, where we have to display our products. We however do not want to handle the admin edit for this CPT, nor offer the ability to access to the form. But we have to read some product data form the admin edit page. All has to be created or updated via our CRM platform automatically.
For this matter, I already setup a CPT (wprc_pr) and registered 6 custom hierarchical terms: 1 generic for the types (wprc_pr_type) and 5 targeting each types available: wprc_pr_rb, wprc_pr_sp, wprc_pr_pe, wprc_pr_ce and wprc_pr_pr. All those taxonomies are required for filtering purposes (was the old way of working, maybe not the best, opened to suggestions here). We happen to come out with archive pages links looking like site.tld/generic/specific-parent/specific-child/ which is what is desired here.
I have a internal tool, nodeJS based, to batch create products from our CRM. The job is simple: get all products not yet pushed to the website, format a new post, push it to the WP REST API, wait for response, updated CRM data in consequence, and proceed to next product. Handle about 1600 products today on trialn each gone fine
The issue for now is that in order for me to put the correct terms to the new post, I have to compute for each product the generic type and specific type children.
I handled that by creating 6 files, one for each taxonomy. Each file is basically a giant JS object with the id from the CRM as a key, and the term id as a value. My script handles the category assertion like that:
wp_taxonomy = [jsTaxonomyMapper[crm_id1][crm_id2]] // or [] if not found
I have to say it is working pretty well, and that I could stop here. But I will have to take that computing to the wp_after_insert_post hook, in order to reaffect the post to the desired category on updated if something changed on the CRM.
Not quite difficult, but if I happen to add category on the CRM, I'll have to manually edit my mappers to add the new terms, and believe me that's a hassle.
Not waiting for a full solution here, but a way to work the thing. Maybe a way to computed those mappers and store their values in the options table maybe, or have a mapper class, I don't know at all.
Additional information:
Data from the CRM comes as integers (ids corresponding to a label) and the mappers today consist of 6 arrays (nested or not), about 600 total entries.
If you have something for me, or even suggestions to simplify the process, I'll go with it.
Thanks.
EDIT :
Went with another approach, see comment below.

Active Directory search query for nested groups with wildcard pattern in search filter

I am trying to allow the users from nested groups in Active Directory to login to my spring boot/security based application. I have figured how to provide the search query through spring-security configuration, but I am having trouble with the search query itself.
Here is the search query that is currently working as expected:
(&(objectCategory=Person)(userPrincipalName=user1#domain.local)
(memberOf:1.2.840.113556.1.4.1941:=CN=parent_group1,OU=Another Group,OU=Groups,OU=Company,DC=Company-Domain,DC=local))
This is working as expected as user1 belongs to parent_group1 or one of its sub groups. But I have more than one parent_group, with constant prefix. So I am trying to provide wildcard in that query as CN=parent_group*, but its not working.
I have seen a variation here where each parent_group can be added with an OR like this:
(&(objectCategory=Person)(userPrincipalName=user1#domain.local)
(|(memberOf:1.2.840.113556.1.4.1941:=CN=parent_group1,OU=Another Group,OU=Groups,OU=Company,DC=Company-Domain,DC=local)
(memberOf:1.2.840.113556.1.4.1941:=CN=parent_group2,OU=Another Group,OU=Groups,OU=Company,DC=Company-Domain,DC=local)
(memberOf:1.2.840.113556.1.4.1941:=CN=parent_group3,OU=Another Group,OU=Groups,OU=Company,DC=Company-Domain,DC=local)
And this works too. But the problem with this is, every time a new new parent group is added this needs to be updated. I have gone through the link specified in the answer to the above question, but nothing from there works.
Ideally, I was hoping something like this would work (wildcard pattern for parent_group):
(&(objectCategory=Person)(userPrincipalName=user1#domain.local)
(memberOf:1.2.840.113556.1.4.1941:=CN=parent_group*,OU=Another Group,OU=Groups,OU=Company,DC=Company-Domain,DC=local))
But its not working. It doesn't return any results. Can someone help me if there is a better way of doing this?
Also, is it possible not to mention the entire hierarchy like this?
CN=parent_group*,OU=Another Group,OU=Groups,OU=Company,DC=Company-Domain,DC=local
I have been researching on this for a couple of days now and gone through most of the articles provided online or on SO, but nothing with the wildcard pattern with the chain command works so far.
It is not possible to do what you describe. You'd be well served by having one parent group which all your "other" parent groups are nested in. Anytime a new parent group is created, you would nest it in your master group so that it's granted access. This is a pretty common model.

CRM 2011 Search Exact Match

I have a problem with CRM 2011 , I currently have 22 users . In the Accounts or Cases entities some of them can search with half of the word and some of them have to enter the whole exact name to get answers which is really annoying . Can someone help please?
Thank You !
By default you can add which fields will be searched to the Quick Search view, see how Example.
You still can use wild cards "*" (ex: "John") when performing a Quick Find Search.
Make sure they use all the same view (the Quick find one usually) and, from
Settings->Customizations->Customize the system->Entities->(Select the desired entity)->Views and then open the view users are using then you can set the filter criteria to whatever you would like for each fields.
I don't think you can enforce a view on users though, but my guess if for some users partial searches work, and for some others not, they are probably using different views.
EDIT: You can select said view and in More Actions above set it to default view. Then again, users are still able to create personal views and set them as default...
Surely you mean that your users search their wanted fields in quick find area that this is system view and the problem posed do not have relation to view's setting, because it was the same for all the user's.
so i guess this problem arises out: keyboard not uniform.......

Show Opportunity related Contacts in Custom Object Field

I have the next issue.
I have a custom object called 'Application', and I have this requirement:
"Show all Contacts related to an Application. Create a field on Application object, must be read only".
I solve it with apex code. 'Application' has a lookup to Opportunity, Opportunity to Account, and all my contacts have AccountId, so this way, I get all the contacts using apex code in a trigger.
But, I've been ask to change this to a Formula field in Application object.
So, my issue is next. I'm not able to get all contacts with advance formula editor, because they're not part of any object. I have no master-detail relationship.
Does any one know how can I achieve this using configuration? I should not use apex code for this req.
Thank in advance guys.
I don't think you can do it.
In formulas / merge fields syntax there's no way to go "up, up then down" (Application -> Opportunity -> Account -> down to Contacts related list). There's also nothing that would let you loop through Contacts (and display what? Ids? Names? Emails?). Roughly speaking you can only go up through dots.
You might want to explore path of "cross object workflow" rules but I imagine that when I add a new Contact to Account it should somehow "spread itself" to all related Applications? There's no straight way to fire a workflow on delete too - so you'd eventually end up with inaccurate list.
I'd say trigger was a good solution. Maybe it ws unoptimized but if it has to be in a field - tough.
There might be a fairly simple way of achieving that by embedding a visualforce page within Application page layout.
This should be doable with pure Visualforce (so technically there will be no Apex code ;))
Something as simple as
<apex:relatedList list="Contacts" subject="Application__c.Opportunity__r.AccountId" />
would be a good start (if you want your own layout and not a rel. list - you should be still able to pull it off with <apex:repeat> or <apex:pageBlockTable>.
There's one BUT here: it's not a field, just a display trick. Forget about using it in reports, mobile applications etc.
Another way - would it be acceptable to be 1 click away from these contacts? You could make a report "Account with Contacts", filter it by Id of one Account and later use "URL hacking" to change the filter depending on from which Application you'll click it. This link could be either a formula field or a real custom button/link. Technically - it's pure config, no apex & VF.
You can read more about URL hacking at Ray Dehler's excellent post and specifically about dynamic Reports here or here.

CakePHP 2.0.x: ACL: Multiple Groups?

I know this question has been asked before, but I don't know if it's been asked specifically about CakePHP 2.0.x. I haven't been able to find any information about whether or not having users be a part of multiple groups is now possible with the ACL component. I never used the ACL component with CakePHP 1.3.x because it confused me. If it's better now, though, I'd like to use it so I don't re-invent the wheel by rolling my own. Any help would be appreciated.
I haven't tested it or used it like this before, but I can imagine one way:
Have a User model and a Group model, and User HATBM Group as Shaz Amjad notes.
At the point you're doing your access control, fetch a list of all Groups that User belongs to (probably using bindModel)..
Then, something like:
$permits = array();
foreach ($thisUsersGroups as $group) {
$permits[] = $this->Acl->check($group, 'myclass', 'update')
}
If $permits contains at least one true, they should be permitted.
There might well be a better or more automagic way of doing it, but I don't see what that shouldn't work in principle.

Resources