I have submitted this a feature request but, until it’s implemented, here’s a simple, table-by-table way of controlling which export options are available to individual user groups :)To avoid confusion, it’s best to edit the userpriv.php files in the root and classes folders from the bottom up…So, start by opening userpriv.php in the root folder:1) go to line 148 and change as follows:
// Modified ["add", "delete", "edit", "list", "lookup", "view", "search", "import", "admin"].forEach(function(id) {
["add", "delete", "edit", "list", "lookup", "view", "search", "import", "print", "excel", "word", "html", "xml", "csv", "pdf", "email", "admin"].forEach(function(id) {
- save the file3) make a copy i.e. userpriv_save.phpNow open userpriv.php in the classes folder:1) go to line 560 and change as follows:
// Modified $privilege = $privilege & $this->TableList[$i][5]; // Set maximum allowed privilege (protect from hacking)
$privilege = $privilege & 131071; // Set maximum allowed privilege (protect from hacking)
- go to line 539 and insert as follows:
// Modified (added 8 rows below)
$this->Privileges["print"] = 512; // Print
$this->Privileges["excel"] = 1024; // Excel
$this->Privileges["word"] = 2048; // Word
$this->Privileges["html"] = 4096; // HTML
$this->Privileges["xml"] = 8192; // XML
$this->Privileges["csv"] = 16384; // CSV
$this->Privileges["pdf"] = 32768; // PDF
$this->Privileges["email"] = 65536; // Email
- go to line 525 and change as follows:
// Modified $ar[] = ["table" => ConvertToUtf8($this->getTableCaption($i)), "index" => $i, "permission" => $tempPriv, "allowed" => $this->TableList[$i][5]];
$ar[] = ["table" => ConvertToUtf8($this->getTableCaption($i)), "index" => $i, "permission" => $tempPriv, "allowed" => 131071];
- go to line 510 and change/insert as follows:
(int)Post("import_" . $i) + (int)Post("lookup_" . $i) + // Modified (inserted the 4 rows below)
(int)Post("print_" . $i) + (int)Post("excel_" . $i) +
(int)Post("word_" . $i) + (int)Post("html_" . $i) +
(int)Post("xml_" . $i) + (int)Post("csv_" . $i) +
(int)Post("pdf_" . $i) + (int)Post("email_" . $i);
- save the file5) make a copy i.e. userpriv_save.phpNext, open your project and add the following functions to Server Events > Global > All Pages > GlobalCode:
// Confirm whether actual Admin
function IsRealAdmin() {
return (IsSysAdmin() || UserLevelID() == -1);
}
// Restrict permitted export options
function ExportOptions($instance) {
global $Security;
$userLevel = isset($Security) ? $Security->currentUserLevel() : @$_SESSION[Config('SESSION_USER_LEVEL')]; // Permissions
foreach (array('print' => 512, 'excel' => 1024, 'word' => 2048, 'html' => 4096, 'xml' => 8192, 'csv' => 16384, 'pdf' => 32768, 'email' => 65536) as $key => $value) {
$item = @$instance->ExportOptions->Items[$key];
if ($item && !IsRealAdmin() && !($userLevel & $value))
$item->Visible = FALSE;
}
}
Next, add the following code to Server Events > Global > All Pages > Page_Rendering:
// Restrict export options based on permissions
if (CurrentPageID() == 'list' || CurrentPageID() == 'view')
ExportOptions(CurrentPage());
Now add these entries to your language file(s):
<phrase id="PermissionCSV" value="CSV" client="1"/><!-- v2020 -->
<phrase id="PermissionEmail" value="Email" client="1"/><!-- v2020 -->
<phrase id="PermissionExcel" value="Excel" client="1"/><!-- v2020-->
<phrase id="PermissionHTML" value="HTML" client="1"/><!-- v2020 -->
<phrase id="PermissionPDF" value="PDF" client="1"/><!-- v2020 -->
<phrase id="PermissionPrint" value="Print" client="1"/><!-- v2020 -->
<phrase id="PermissionWord" value="Word" client="1"/><!-- v2020 -->
<phrase id="PermissionXML" value="XML" client="1"/><!-- v2020 -->
Finally:1) ensure that all export options are enabled on the PHP > Page Options (global) tab (and in Table > Table-specific Options for tables with non-standard settings)2) click “Generate” and be sure to uncheck both userpriv rows, or you’ll overwrite the files you just modified!3) at minimum, you will need to regenerate userfn.php and your language file(s) but, for safety, regenerate the entire project (EXCEPT the userpriv files, of course)…and voila!Log in to your site as Admin and you’ll see the new security options on the Permissions page.Now, users of your site will only see the export options you specified for their user group.