We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 50757
    • 3 Posts
    Hy everybody,

    I am new to modx (coming from Drupal). I am trying to see if modx could be use on one of my projects. And there is one thing I cannot acheive. I search on the forum, tutorial, bob's guide and book. But I am not getting it rigth.
    Here is my simple use case.

    I want to set up 3 different users groups. And in each of those user groups I want one "super user" to have rigths to creat/update/delete users in the group he belongs to. And he should not see and have rigth over the users that belong to the other user groups...

    Sounds simple like that... I found information on how to restric access to ressource, element, media, and context (where there are rights for action on users but apparently applying to all users).

    Sorry if my question has already been answered somewhere else.

    Thanks
    Antonin
    PS : i use Revo 2.3.5
    [ed. note: antpre last edited this post 8 years, 8 months ago.]
      • 3749
      • 24,544 Posts
      I'm afraid there's no way to do it in MODX. Either users have full access to create and edit all users, or they don't.
        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
        • 4172
        • 5,888 Posts
        you can try a plugin like that:

        <?php
        if ($modx->context->get('key') == "mgr") {
        
            switch ($modx->event->name) {
        
                case 'OnMODXInit':
        
        
                    $action = $modx->getOption('action', $_REQUEST, '');
                    if ($action == 'security/user/getList') {
        
                        $group = $modx->user->getPrimaryGroup();
        
        
                        $_POST['usergroup'] = $group->get('id');
                        
                    }
                    break;
        
        
            }
        
        }
        return;
        
          -------------------------------

          you can buy me a beer, if you like MIGX

          http://webcmsolutions.de/migx.html

          Thanks!
          • 50757
          • 3 Posts
          Thank to both of your for your answers.

          That's sad that their is no easy way out to this requierment (fairly standard for community site or university sites....) when the access control for documents and ressources is realy neat in the core. And that's a pity their are no addon for this.

          Now it's true that when a super user is in the manager if I can just hide users belonging to other user groups than the one the super user belongs to that will do the trick. preferably I should be able to hide them in the user list but also in the in the user group tree (where you see the users in the user groups).

          Well I ll try Bruno17's code. And see if I can build on it. I am more a front end developper so it's not going to be easy... But now that I have BoB's book and its appendix I have no excuse ;-)

          Thanks again

          Antonin
            • 3749
            • 24,544 Posts
            Periodically, I consider writing an extra for this, but since it would be a ton of work, and the problem will probably be fixed in MODX 3, I never seem to get around to it.
              Did I help you? Buy me a beer
              Get my Book: MODX:The Official Guide
              MODX info for everyone: http://bobsguides.com/modx.html
              My MODX Extras
              Bob's Guides is now hosted at A2 MODX Hosting
              • 50757
              • 3 Posts
              hello,

              This is a key feature for any community based web site where you cannot not centralize users management. lot of site requiere this these days (there is a famous module for that (organic group) in the Drupal ecosysteme, but configuration is realy on the complex side).

              I realy look forward to see this implemented in MODX that would be a real plus on top of the already nice Access control system in core. Waiting for MODX 3 sounds like a long wait though.

              Maybe a workaround for me would be to handle this in the front end. Serving a list of selected users (those belonging to the group of the super user) to a super user. And in front end having simple action like, creating a user (automaticaly affected to his own group), deleting user, adding the user to other groups (for example to make new document available to him). Security is not a big deal in this project....

              Does this make sense ?

              Thanks for your great work.

              Antonin
                • 3749
                • 24,544 Posts
                Yes, in fact that was more or less my plan for the extra, which would essentially do for users what NewsPublisher does for resources. wink
                  Did I help you? Buy me a beer
                  Get my Book: MODX:The Official Guide
                  MODX info for everyone: http://bobsguides.com/modx.html
                  My MODX Extras
                  Bob's Guides is now hosted at A2 MODX Hosting