We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 17698
    • 19 Posts
    Ok, I give up does anyone know how to give a non-Super User access to Context Settings?

    On the Content Editor Policy I've added
    edit_context, save_context, view_context

    I've tried adding new_context, delete_context thinking there might be a cascade problem in the ACL, but that didn't work either.

    The only way I've been able to get into the Context tabs is to copy the Access Permissions of the Administrator User Group to the Editors User Group, but then I still don't have permissions to view or add context settings.

    The permissions setup is the most infuriating thing about MODX. It feels like a fight every time you want to do anything custom.
      Erik Lutenegger
      Founder | Tenacity
      • 3749
      • 24,544 Posts
      That really should do it. Did you flush permissions *and* flush all sessions on the Security menu after making the changes? Deleting all files in the core/cache directory and clearing the browser cache and site-related cookies might also be something to try.

      If none of that works, it sounds like a bug.

        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
        • 17698
        • 19 Posts
        I tried those, and it didn't work. I finally tried on a whim enabling 'settings' Permission and that worked. Though I'm not wild about giving permission to System Settings to a non-super admin. They would need the direct link to get there, since I disabled the System menu item, but if they have the link they absolutely have access to system settings.

        Granted they have access to override them via context settings, but they would need the correct setting keys.
          Erik Lutenegger
          Founder | Tenacity
          • 3749
          • 24,544 Posts
          It seems odd that 'settings' permission would be necessary. You might file a feature request for that not to be a requirement.

          In the meantime, if it's important enough, you might be able to create a plugin connected to OnManagerPageInit that would forward them somewhere with $modx->sendRedirect() if they don't belong to a particular user group. The $action variable there should be usable to determine if they're trying to access the System Settings page (it's a string).

          Another (easier) possibility -- I'm not sure this would work, but you could try adding a custom permission to that action in System -> Actions (give yourself the permission first!). That will prevent the Settings from showing in the menu, but it might also prevent users from accessing them directly.
            Did I help you? Buy me a beer
            Get my Book: MODX:The Official Guide
            MODX info for everyone: http://bobsguides.com/modx.html
            My MODX Extras
            Bob's Guides is now hosted at A2 MODX Hosting
            • 17698
            • 19 Posts
            Yes, it seemed strange to me as well. Currently, the Settings are hidden from Editors since they don't have the 'menu_system' permission. Generally, that should be sufficient, but leaving it open to them is a little concerning. Luckily, our editors will either never find it, or know not to just play around with things they don't understand. So, it's probably fine in most cases, but still opens up potential issues. I'll have to look at custom permissions, I still haven't decided to leave them open, it would have been a nice to have.
              Erik Lutenegger
              Founder | Tenacity