Configuration

Edit data in frontend - configuration

Note: These features are part of the Visforms Subscription and are not included in the free Visforms version.

The Visforms Subscription adds additional menu item types to your Visforms installation, which you must use if you want to allow users of your website to edit data in the frontend.

Using the Visforms » Form Data with Edit Link menu item, you can display all submissions for a specific form.
With this menu item you can release the transmissions for editing for all users with the appropriate authorization.

Using the Visforms » “My Submissions” menu item, all submissions by a specific user are displayed for all forms.

In order to understand the differences between these two approaches, the following article is also interesting: Form data in the front end.

In order to be able to set up “Edit data in the frontend”, you must have understood the Joomla user rights management (ACL = Access Control List) and use it correctly. Because these rights control who can edit which data and how.

The following article explains the most important aspects of Joomla user rights management. These are important with regard to the configuration of the “Edit data in the frontend” and the concrete options that Visforms offers you.

The statements apply to both

  • Setting up a Form Data with Edit Link view, as well as for
  • setting up a view of My Transmissions.

This entry also explains how to set up the Form Data with Edit Link view.
The following step-by-step instructions provide a concrete example for the configuration of a Form data with edit link view: Example.

The following section of the documentation explains how you set up the My transfers view: User Submissions.

Basics about Joomla access rights

This article starts with a basic explanation of how to use the ACL (Access Control List) in Joomla. Because it is really necessary that you understand how ACL works in Joomla before you try to set rights for editing data in frontend with Visforms. More in: Access Control List Tutorial.

Access rights in Joomla support the mechanism of hierarchical inheritance of settings. There are two distinct lines along which access rights are inherited.

Line along the user groups

One line of inheritance works along the user groups.
An example of this line is Registered -> Author -> Editor -> Publisher.
Each user group inherits the rights from the user group that is on its left.

Line along the configuration settings

In Visforms, the second line of inheritance works along the line of configuration settings.
An example of this line is Component Settings -> Form Settings -> Field Settings.
Here, the field settings inherit from the form settings, which in turn inherit from the visforms settings.

Create access rights with as little effort as possible

The inheritance of rights makes it possible to create access rights with as little effort as possible. Just set the leftmost level option. For example, it is sufficient to set the “Edit own data” option for the “Registered” user group to “Allowed” at the Visforms component level. With this alone, all registered users, authors, editors and publishers can now edit the data that they have submitted themselves in all forms.

In Joomla, you can manually set the inherited access rights to “allowed” or “denied” explicitly at any level. This allows you to achieve very individual access rights for each area. This combination makes the Joomla ACL such a powerful and versatile tool.

Additional access rights

Joomla comes with predefined actions for which access rights can be set. To give you even more individual control over who can do what in Visforms, we have defined some additional access rights.

Additional access rights for administration

  • edit css,
  • Delete data,
  • Export form data to administration (CSV),
  • Change “Created by User” for Visforms data,
  • Create SQL statements.

Additional access rights for frontend

  • Export form data in frontend (CSV),
  • Generate PDF file in frontend,
  • Generate PDF file from own data in frontend,
  • edit data status,
  • Edit data status of own records,
  • Edit data directly in the frontend,
  • Edit own data in the frontend.

Additional Visforms ACL actions

CSV Attachment Options

A property of the Joomla ACL that is important for Visforms is the following. All actions that have been defined for a component in addition to the default inherit the “denied” access right by default for all user groups except for super administrators. Therefore, it is necessary for all user groups except for the super administrator to explicitly allow Visforms-specific actions. You must do this explicitly if you want a user group to be able to perform this action. A Visforms-specific action would be editing data in the frontend.

As we have already learned, this can easily be done. You just have to select the highest user group on the inheritance lines that you want to give the right to. The highest user group is always the leftmost user group.

Now allow this group to “edit data” on

  • the level of the Visforms component or
  • at the level of a single form.

Where are the access rules set?

Visforms component level

At the level of the Visforms component, the rules are set in the administration via

  • the “Options” button in the Visforms main view, i.e. the list overview of the forms or
  • the Joomla configuration via System » Configuration » Visforms.

level form

Access rights for specific forms are set in the form configuration under the “Form Permissions” tab.

level field

Access rights for specific fields are set in the field configuration under the “Field Permissions” tab.

It is possible with Visforms to allow or deny the rights ‘edit data in frontend’ and ‘edit own data in frontend’ down to field level. Nevertheless, a user can only edit data if he/she also has editing authorization at the form level. Differing rules at field level make sense if an authorized user group should be prohibited from editing the data of selected fields.

The values “New setting” and “Calculated setting”

There is a “New setting” value and a “Calculated setting” value for each action and each user group. In the list box for the “New setting” you can choose between “Inherited”, “Allowed” and “Denied”. According to this selection, Joomla calculates the permission for a selected user group and a selected action along the lines of inheritance. The result of the calculation is displayed in the “Calculated settings” field. While the “Calculated Settings” are generally helpful, they can be misleading. Therefore, if a permission is not working as expected, you must review all “New Setting” values of each parent user group individually.

Visforms ACL actions for editing data in frontend

  • Edit data:
    Allows a user from the corresponding user group to edit all data.
    This permission should be reserved for administrators.
  • Edit own data:
    Allows a user from the corresponding user group to edit the data that he himself submitted with the form.

“Edit own data” option

Only data submitted by a logged-in user can be edited using the “Edit own data” option. Visforms saves the ID of a logged-in user along with the submitted form data. This user ID will later be used to decide which records a user is allowed to edit and which not.

Users can belong to multiple user groups

With Joomla, you can assign a user to several user groups at the same time. This makes sense for the “Registered” group and the “Manager” group, for example. Which rights a user who belongs to several user groups actually has can be confusing at first glance. Nonetheless, this is an important feature that is used frequently.

Denied wins over Allowed

When clarifying the conflicting settings from the respective groups, you only have to bear in mind that “Denied” wins over “Allowed”. Suppose you have explicitly set the right to “denied” for a user group. In this case, a user cannot perform this action even if he belongs to a second user group for which the action is “allowed”. This is true even if the “denied” was inherited from a much higher level.

Where is the “Edit data” button

You need to create a menu item of type Visform -> Data View with Edit Link if you want to enable data editing in the frontend. You have to set the visibility of data in the frontend according to the description in the following documentation section in order to fill the data view with the desired data: Saving and using data.

Note: The only difference from the settings described in this section is the following. When displaying data via the Visform -> Data View with Edit Link menu item, it is not necessary to set the form parameter "Allow frontend data view" to "yes". In the case of 'Edit data in the frontend', this is enabled by creating the menu entry.

You can set the access level for the data view and for the menu item. This allows you to limit the visibility of the menu item and the data to certain user groups. The limitation to only registered users makes sense. You configure the access level for the data view in the form configuration.

For a menu item of type “Visforms form data” all Jooma standard menu parameters are available. In addition to the standard menu parameters, you will find an additional parameter “Show only editable records” in the menu in the “Form data display options” tab. You can use this parameter to create a list that only ever displays those data records that the logged-in user is actually allowed to edit.

When a data table is displayed using this menu item type, Visforms automatically inserts a link column if a user has permission to edit the form data. This column contains a link in the form of a link icon for each data record that the user can actually edit based on his rights. Visforms also inserts an edit button in the detail view associated with this menu item type if the user is allowed to edit this dataset.

Note: By judicious choice of ACL settings, form options and menu options, customized data lists can be created for users who are only allowed to "edit their own data". These data lists always only show the data records of the logged-in user.

To do this, make the following settings:

  • Only set the form option “Edit own data” for “Registered users” to “Allowed”.
  • Create a menu entry in a user menu that is only visible to registered users.
  • Set menu access levels to Registered.
  • Enable the “Only show editable records” option in the menu.

Which data can be edited?

If a user has the right to edit a record and clicks on the “edit link”, the form is displayed in a simple form view and the data is set as default values in the form. All published form fields are displayed.

Note: Fields of the "Hidden" type cannot be edited in the frontend because they are hidden and therefore invisible in the form.

Apart from this exception, all other user inputs can be changed in accordance with the settings and validation options made. The settings in the form configuration and in the field configuration apply.

Fields that a user is not allowed to edit are displayed in the edit view of the form, but are not editable.

Two buttons are displayed below the form. One to save the changes and one to cancel and return to the previous page.