-
- 3 Posts
Hy everybody,
I am new to modx (coming from Drupal). I am trying to see if modx could be use on one of my projects. And there is one thing I cannot acheive. I search on the forum, tutorial, bob's guide and book. But I am not getting it rigth.
Here is my simple use case.
I want to set up 3 different users groups. And in each of those user groups I want one "super user" to have rigths to creat/update/delete users in the group he belongs to. And he should not see and have rigth over the users that belong to the other user groups...
Sounds simple like that... I found information on how to restric access to ressource, element, media, and context (where there are rights for action on users but apparently applying to all users).
Sorry if my question has already been answered somewhere else.
Thanks
Antonin
PS : i use Revo 2.3.5
[ed. note: antpre last edited this post 8 years, 8 months ago.]
-
- 24,544 Posts
I'm afraid there's no way to do it in MODX. Either users have full access to create and edit all users, or they don't.
-
- 5,888 Posts
you can try a plugin like that:
<?php
if ($modx->context->get('key') == "mgr") {
switch ($modx->event->name) {
case 'OnMODXInit':
$action = $modx->getOption('action', $_REQUEST, '');
if ($action == 'security/user/getList') {
$group = $modx->user->getPrimaryGroup();
$_POST['usergroup'] = $group->get('id');
}
break;
}
}
return;
-
- 3 Posts
Thank to both of your for your answers.
That's sad that their is no easy way out to this requierment (fairly standard for community site or university sites....) when the access control for documents and ressources is realy neat in the core. And that's a pity their are no addon for this.
Now it's true that when a super user is in the manager if I can just hide users belonging to other user groups than the one the super user belongs to that will do the trick. preferably I should be able to hide them in the user list but also in the in the user group tree (where you see the users in the user groups).
Well I ll try Bruno17's code. And see if I can build on it. I am more a front end developper so it's not going to be easy... But now that I have BoB's book and its appendix I have no excuse ;-)
Thanks again
Antonin
-
- 24,544 Posts
Periodically, I consider writing an extra for this, but since it would be a ton of work, and the problem will probably be fixed in MODX 3, I never seem to get around to it.
-
- 3 Posts
hello,
This is a key feature for any community based web site where you cannot not centralize users management. lot of site requiere this these days (there is a famous module for that (organic group) in the Drupal ecosysteme, but configuration is realy on the complex side).
I realy look forward to see this implemented in MODX that would be a real plus on top of the already nice Access control system in core. Waiting for MODX 3 sounds like a long wait though.
Maybe a workaround for me would be to handle this in the front end. Serving a list of selected users (those belonging to the group of the super user) to a super user. And in front end having simple action like, creating a user (automaticaly affected to his own group), deleting user, adding the user to other groups (for example to make new document available to him). Security is not a big deal in this project....
Does this make sense ?
Thanks for your great work.
Antonin
-
- 24,544 Posts
Yes, in fact that was more or less my plan for the extra, which would essentially do for users what NewsPublisher does for resources.