We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Modx Permissions - Evo

    • 30176
    • 99 Posts
    tmcleroy Reply #1, 12 years, 2 months ago
    I have a site I am working on in Evo. @700 pages. Out of those about 25 pages are editable by @ 5 different companies: 5 pages each. All the other pages are to be hidden from them in the backend (manager). To my understanding (after reading Bob Ray & Susan's material) I need to set up a Resource Group (Manager Top) then to contain all 700 pages and 5 other Resource Groups that contain the 5 pages to each company. On my Manager Access Permissions --> Resource Groups I have my main Resource Group (Manager Top) that lists 700 "Resources in group".

    Is that the right way to go about this? In essence blocking out all 700 pages so that I am limiting access for each company to only their own 5 pages listed in each of their "Resources in Group".

    Thank you
      "Remember what Bilbo used to say: It's a dangerous business, Frodo, going out your door. You step onto the road, and if you don't keep your feet, there's no knowing where you might be swept off to."
      -J.R.R. Tolkien from The Lord of the Rings
      • 19369
      • 1,098 Posts
      microcipcip Reply #2, 12 years, 2 months ago
      I am not sure, but I think that you need to have the editable resources outside the (Admin group) tree, that's because the children pages inherit the parent permissions (I think), so the structure should be similar to this one:
      + home (Admin group)
+ about us (Admin group)
+ products (Admin group)
+ company (Company group)
++ company 1 (Company group)
++ company 2 (Company group)
++ company 3 (Company group)
++ company 4 (Company group)
++ company 5 (Company group)
        Jertix.org -> Web Design & Development, Motion Graphics | Follow me on Twitter | MODx Tutorials (in Italiano) | MODx Snippets (English)
      • sottwell Reply #3, 12 years, 2 months ago
        Not exactly; permissions are not inherited at all. You can have children with different permissions than their parent. The thing is, the way the Tree is written if you don't have permission to the parent it won't display its children either.

        There is a setting in the Configuration to allow all users to see all resources in the Tree, including those they can't access. This way the entire Tree is visible, but you can only open the ones you have permission for.
          Studying MODX in the desert - http://sottwell.com
          Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
          Join the Slack Community - http://modx.org
          • 19369
          • 1,098 Posts
          microcipcip Reply #4, 12 years, 2 months ago
          Thanks Susan, I remember now! Well, I think that he will have to put the (Company group) pages outside the (Admin group) if he wants to hide them completely.
            Jertix.org -> Web Design & Development, Motion Graphics | Follow me on Twitter | MODx Tutorials (in Italiano) | MODx Snippets (English)
            • 30176
            • 99 Posts
            tmcleroy Reply #5, 12 years, 2 months ago
            Thanks Micro and Susan. You have helped me see this. Micro, I took your example and started to play with it a bit, thank you for helping me think this through. I know what Susan is saying is technically right, but if I give say a "company group" permission to a parent, then all the resources below that I "newly" create take the "company group" permission as I create them. Technically not inherited because if I change the parent the resources below that were already there do not change automatically. But what Susan said here is good too, "The thing is, the way the Tree is written if you don't have permission to the parent it won't display its children either." I think this aspect could be a little better documented. It really helps in the design of permissions. Thank you both.
              "Remember what Bilbo used to say: It's a dangerous business, Frodo, going out your door. You step onto the road, and if you don't keep your feet, there's no knowing where you might be swept off to."
              -J.R.R. Tolkien from The Lord of the Rings
            • sottwell Reply #6, 12 years, 2 months ago
              Oops! I never noticed that before! Indeed, a resource does automatically inherit its parent's document group assignment.
                Studying MODX in the desert - http://sottwell.com
                Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
                Join the Slack Community - http://modx.org