Comparación entre nivel de madurez inicial y posterior a la implementación

Not every view needs to contain data visible to the general public. The user permissions functionality of views doesn't automatically provide the granularity to allow only certain views to be seen. There is a way to do it, though, and it is quite simple. We'll create a view that shows user data, and limit access to it to admins.

How to do it...

On the views list page:

1. Navigate to the views list (admin/structure/views). Click the +Add new view link.

2. Enter Users as the View name.

3. Check the Description box and enter User info. 4. Select Users from the Show select box.

5. Enter General user info for the page title in the Create a page section, admin/ reports/general-user-info as the Path, and in the Display format select boxes, select Unformatted list and Fields, then click the Continue & edit button.

We've created the view framework and will now configure its settings to select the

required information.

1. Check the No menu link for Menu in the Page Settings section, select Normal menu entry as the Type, enter General user info in the Title textbox, select

Management from the Menu select box, then click the Apply button.

2. Click the Permission link next to Access in the same section, select Role, and click the Apply (all displays) button.

4. Click the Add button in the Fields box, check the checkboxes for User: Active, User: Created date, User: E-mail, User: Edit link, User: Language, User: Last login, and

User: Roles, then click the Apply (all displays) button.

5. Click the Apply (all displays) button for the User: Active, User: Created date, and User: E-mail fields.

6. For the User: Edit link field, uncheck the Create a label checkbox, enter Edit user in the Text to display textbox and click the Apply (all displays) button.

7. In the User: Language window, uncheck the Link this field to its user checkbox and click the Apply (all displays) button.

8. For the User: Last login field and the User: Roles field, click the Apply (all displays)

button.

9. Click the down arrow next to the Add button in the Fields section and select the

Rearrange icon to the left, drag User: E-mail under User: Name, User: Created date

to directly above User: Last login, User: Edit link to the bottom, and click the Apply (all displays) button.

10. Click the link for User: Created date (desc) in the Sort criteria section and then the

Remove button.

11. Click the Add button in the Sort criteria box, check the checkbox for User: Name, and click the Apply (all displays) button and then again for the subsequent window. 12. Click Not set next to Access: in the Page settings box, click the Role radio button,

click the Administrator radio button, and click the Update button. 13. Click the Save button.

14. Navigate to the new report by selecting it from the admin menu, in which case it will display as an overlay.

15. Or you can navigate to it by entering the URL (admin/reports/general-user- info).

16. Try logging out and accessing it via the URL.

How it works...

We started by creating a user view, rather than a content view as we have been doing. We

did not set a filter, because in the case of a user view there are not content types to be concerned with and we wanted to retrieve all user records. We selected several fields from the

user entity and put them in a sensible order. We gave the view a path and assigned it to the admin Reports menu. Finally, we specified that access to the view be limited to users with the administrator role. Three of the fields will be links without us having to do anything special to

make them so: the edit link, the user name (a link to the user record), and the e-mail address (a mailto: link).

There's more...

There is another method available for restricting access, and that is to select Permission

instead of Role as the access setting. That choice provides a select box that lists existing permissions from which to choose which permission the user needs in order to access the view. There is, however, no add new permission choice offered, so the usefulness depends on whether an existing permission already exists. Instead of selecting the administrator role, we could have selected the Access all Views permission. Usually, this is restricted to admins, but not necessarily, so the downside of using that would be that if that permission were ever given to users other than admins the view would no longer be restricted to admins. Having selected a role in the view means that administration of access to the view is done in the view rather than through the permission system.

The output leaves much to be desired, aesthetically. In fact, with there being no spacing between user records, the very utility of the display is lessened. We will be learning about using a table format in the next chapter. Using that here would be an immediate improvement on this default output. In Chapter 5, Theming Views, we will explore the theming of views, which is yet another way to improve the aesthetics.

For now, let's make a couple of quick edits to give the view more utility. The site theme already

has a CSS file, and we could make the changes directly to it, but if we do that, the next time the theme has an update our changes will be overwritten. Instead, we'll add a CSS file.

The theme that applies to our report is the Administration theme, because reports are part of the admin interface. That theme is selected at the lower left of the page at admin/appearance:

I'm using the Seven theme which comes with D7:

1. Edit seven.info in the themes/seven directory, and find the following line:

stylesheets[screen][] = style.css 2. Replace it with this line:

stylesheets[screen][] = overrides.css

3. Open a new file, overrides.css, and enter the following into it: .page-admin-reports-general-user-info .views-row { margin-bottom: 6px; } .page-admin-reports-general-user-info .views-row-odd { background-color: #eee; }

4. Clear the cache (admin/config/development/performance, or drush cc all if you have Drush), return to the report, and reload the page.

Now the report is much easier to read: