how to flush permissions / reset sesson permissions for just one user?

73 Posts

jstump Reply #1, 10 years, 10 months ago

So, paid membership site,

web users register, get put into the resource group of "trial"
web user pays for a paid membership, and gets put into the resource group "paid" which then gives access to a bunch of other pages on the site.

I have found, that after the user has paid, they have to logout of the site and then log back in for the permissions to work right for the resource group.

the user is assigned the new group through a webhook. so it is not being done within the users current session for what it's worth.

everything i have found has said to flush sessions or permissions in the manager. could perhaps make the snippet flush the site. but that wouldn't be good once alot of users are logged in at once.

So any idea's on how to solve the "permissions flushing" for the user that just got assigned the new paid group?

kinda lame to have to include in the invoice email to logout and back in before they can see all the paid membership features.

24,544 Posts

BobRay Reply #2, 10 years, 10 months ago

You might check out the Subscribe extra, which sends the user a link that automatically logs them in when they follow it.

The Register snippet will also do this, although less securely, IMO.

You might also be able to log the user in again as part of your webHook.

This code (untested) might do it:

$modx->user =& $user;
$modx->getUser();
 
$contexts = !empty($scriptProperties['authenticateContexts']) ? $scriptProperties['authenticateContexts'] : $modx->context->get('key');
$contexts = explode(',',$contexts);
foreach ($contexts as $ctx) {
  $user->addSessionContext($ctx);
}

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

☆ A M B ☆
113 Posts

pyrographics Reply #3, 10 years ago

Did you ever figure this out? I am dealing with the same issue now. Tried Bob's code which didn't help.

24,544 Posts

BobRay Reply #4, 10 years ago

Are you calling $user->joinGroup()?

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

73 Posts

jstump Reply #5, 10 years ago

we did figure it out. but my other dev found the fix. I dont know it off hand. If i remember right, we coded it to auto logged them out after 15 secs and then they logged back in. but we may of found a way to even bypass that. but i would have to dig through the code to see what we did.

if need be i can search for what we did and post.. [ed. note: jstump last edited this post 10 years ago.]

☆ A M B ☆
24,524 Posts

sottwell Reply #6, 10 years ago

That would be nice, it would make a good recipe for the CookBook!

Studying MODX in the desert - http://sottwell.com
Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
Join the Slack Community - http://modx.org

73 Posts

jstump Reply #7, 10 years ago

little background...... we use stripe for payment.... is in our strip _charge. we have 3 member groups. two are paid groups. included the strip info as shows joining and leaving a group.

  if ($error == false) {
    // no errors and everything was created correctly.
    
    // assign to new role, if applicable
    if($joingroup == 'STD_Members') {
        $user->leaveGroup('STD_Trial');
        $user->joinGroup('STD_Members');
        $user->save();
    }
    elseif($joingroup == 'STD_Members_ID') {
        $user->leaveGroup('STD_Trial');
        $user->leaveGroup('STD_Members');
        $user->joinGroup('STD_Members_ID');
        $user->save();
    }
    
    // Give the correct chunk
    if($chunktype == 'show_success') {
        return $modx->getChunk('Subscription_Change_Success',array('Success_Message' => $Success_Message));
    } else {
        $modx->runSnippet('Session_Refresh');
        return $modx->getChunk('Subscription_Upgrade_Complete',array('Subscription_Type' => $Subscription_Type));
    }
  }
  else {
      if($errors['type'] == 'buy') {
          $url = $modx->makeUrl(95,'',$errors);
          $modx->sendRedirect($url);
      } else {
          return 'An error has happened: <br>' . $errors['Stripe_Error'];
      }
  }

This gets called by the stripe charge snippit exact lines here from above....

        $modx->runSnippet('Session_Refresh');
        return $modx->getChunk('Subscription_Upgrade_Complete',array('Subscription_Type' => $Subscription_Type));

Snippit Session_Refresh

<?php
$key = "modx.user.{$modx->user->id}";
$keyLength = strlen($key);
foreach ($_SESSION as $sKey => $sVal) {
    if (substr($sKey, 0, $keyLength) === $key) unset($_SESSION[$sKey]);
}

the following call then shows that membership has been completed, and then redirects to the main profile page for the user.

chunk
Subscription_Upgrade_Complete

<h1>Success</h1>

<div class="twelve columns">
    <p>You have successfully upgraded your membership to [[+Subscription_Type]]. </p>
    <p>Please wait while the change to your account is applied.</p>
    <p id="countdown">Redirecting in 3 seconds</p>
</div>
<script type="text/javascript">
    var count=3;

    var counter=setInterval(timer, 1000); 
    
    function timer()
    {
      count=count-1;
      if (count <= 0)
      {
         clearInterval(counter);
         window.location="[[~24]]";
         return;
      }
    
      document.getElementById("countdown").innerHTML="Redirecting in " + count + " seconds";
    }
</script>