Skip to main content

Access permissions

Each module (Marketing, Utilities, etc) has a record in the JaduModules table. Modules appear in the top navigation in the Jadu Control Center.

Modules are simply a way of grouping related parts of the application, it is not the modules themselves that administrators are assigned to, rather the individual module pages.

Module pages

Module pages relate to actual PHP scripts that administrators can access. Each module page is assigned to a single module and can be viewed by selecting a module from the navigation in the Control Center.

Module page records are stored in the JaduModulePages database table. This table stores the following data:

ColumnDescription
iduniquely identifies the module page
moduleIDthe module that this particular module page is assigned to
pageURLthe URL, relative to the public_html/jadu directory. This is used to generate a link to the page
namethe text that will be displayed in the menu
parentIDif a module page is to be displayed in the module entry then the value should be set to -1. If the module page is not to be displayed in the dropdown menu then it needs to be associated with a page that is. This is commonly used when there are multiple pages that make up a module page (e.g. through a tabbed interface) but only one should show in the menu. In these cases an administrator is assigned to the parent page and whatever rights they have on the parent page are the same as any child pages
workflowdetermines whether this module page is governed by the workflow module
adminAccessOnlyif the value in this field is 0 then the module page will be displayed as normal. If the value is 1 then the module page will not be displayed in a module’s menu however it will still be possible to say whether an administrator has access to the page or not when editing the administrator’s privileges. This is typically used for pages such as the console which appear in the mast rather than in a menu. It is also useful for any additional privileges that need to be granted but are not part of a module page, such as whether an administrator is allowed to assign supplements to content
positionthis determines the order in which pages are displayed in the menu. Lower numbered pages are displayed before higher numbered pages
pageGroupthe menu for each module can be divided into groups of related items. All module pages with the same group number are displayed together and groups are ordered by the number in this field

Administrator permissions

By default an administrator does not have access to any module page in Jadu Central, they must first be assigned access. Pages are typically assigned to an administrator when the administrator is created and then further refined when the administrator is edited.

The table JaduAdminPageAccess is used to associate an administrator with a particular page. If there is an entry in this table that associates an administrator id with a page id then that administrator will be able to view that page. Conversely, if there is no record in this table associating the administrator with the page then the administrator will have no access.

It is also possible, again with the JaduAdminPageAccess table, to determine whether an administrator is allowed to create, update and delete content on the page in question. A 0 in each of the respective create, update and delete fields corresponds to a user that does not have the permission to perform the respective action.

The permissions of a user can be checked using the deleteContent, updateContent, viewContent and createContent attributes of the ``$adminPageAccessPermissions` instance.

This variable is defined in public_html/jadu/includes/head.php which is included in every Control Center script.

For example, the body of the following if statements would only be executed if the user currently logged into the Control Center had the correct permissions:

if ($adminPageAccessPermissions->viewContent)

if ($adminPageAccessPermissions->createContent)

if ($adminPageAccessPermissions->updateContent)

if ($adminPageAccessPermissions->deleteContent)