how to set permissions for front end to access only one resource?

43 Posts

aaron4osu Reply #1, 7 years, 9 months ago

I created a page so my client can update some of the content on the page. They are not very tech savvy and I only want them to be able to access the resource page. Actually they only need to access one resource's template variables. Is there a tutorial or something that shows how to do this?

932 Posts

LK Reply #2, 7 years, 9 months ago

Your subject says for front-end access? If that's the case then you could just unpublish all the pages except for the one you want the client to view and have access to. Alternatively consider using PageLocker to set a password first to access these pages.

If you're talking in the manager then you'll need to setup two resources groups one for 'locked' and one for 'editors' and allow the 'editors' access to the page you want them to have access to.

http://bobsguides.com/hiding-resources-in-the-manager.html

■ email: [email protected] | ■ website: https://alienbuild.uk

The greatest compliment you can give back to us, is to spend a few seconds leaving a rating at our trustpilot: https://uk.trustpilot.com/review/alienbuild.uk about the service we provided. We always drop mention of services offered by businesses we've worked with in the past to those of interest.

24,544 Posts

BobRay Reply #3, 7 years, 9 months ago

In that case, I would use NewPublisher. You can set up a Login page and redirect from it to the NewsPublisher page for that resource. The advantage of NewsPublisher is that you can show only the TVs, using the &show property. Be sure to set the &required property in the snippet tag to &required=`` so it won't require the content field.

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

43 Posts

aaron4osu Reply #4, 7 years, 9 months ago

Quote from: BobRay at Jul 14, 2016, 07:06 AM

In that case, I would use NewPublisher. You can set up a Login page and redirect from it to the NewsPublisher page for that resource. The advantage of NewsPublisher is that you can show only the TVs, using the &show property. Be sure to set the &required property in the snippet tag to &required=`` so it won't require the content field.

Will this work ok with MIGX - TV pluggin? I'm reading through your tutorial on it now.

43 Posts

aaron4osu Reply #5, 7 years, 9 months ago

So I installed NewsPublisher, but I'm not really sure how to implement it. Basically I have one page http://aesavannahs.com/kittens/index.php?id=2 that I want to allow the client to edit. The only thing they can edit on the page is the kitten1 TV which is a MIGX-TV with the following fields for each kitten: title, status, price,location,date, url & image. They can have multiple versions of that TV so they need to be able to add, edit or delete each one. If you view the page now there are 4 instances of the tv. (not sure if they makes sence or not).

kitten 1 TV set up in MIGX:

[
form tabs:
{"caption":"Info", "fields": [
    {"field":"title","caption":"Title (required)"},
    {"field":"status","caption":"Status: sold or available (required)","inputTVtype":"listbox","inputOptionValues":"available||sold"},
    {"field":"price","caption":"Price (optional)"},
    {"field":"location","caption":"SOLD To Location (optional)"},
    {"field":"date","caption":"Date (optional)","inputTV":"myDateHelperTV"},
{"field":"url","caption":"URL to Photo Gallery","inputTV":"URL"}

]},
{"caption":"Image", "fields":[
    {"field":"image","caption":"Image","inputTVtype":"image"}
]}
]

grid columns:
[
{"header": "Title", "width": "160", "sortable": "true", "dataIndex": "title"},
{"header": "Image", "width": "50", "sortable": "false", "dataIndex": "image","renderer": "this.renderImage"}
]

Here is the example from the tutorial with my kitten1 tv added.

[[!NewsPublisher?

        &show=`pagetitle,description,pub_date,introtext,kitten1`

        &initrte=`1`

        &initdatepicker=`1`

        &rtcontent=`1`

        &rtsummary=`1`

        &parentid=`2`

        &published=`1`

        &captions=`content:Enter Post,introtext:Summary,description:Give a brief description`

    ]]

Not really sure where to go from here... Any suggestions or help would be greatly appreciated

Here ares one screen shots of the current backend options for this page if that helps:

24,544 Posts

BobRay Reply #6, 7 years, 9 months ago

I didn't realize when I suggested NewsPublisher that they were MIGX TVs. I don't think NewsPublisher can handle those.

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

5,888 Posts

Bruno17 Reply #7, 7 years, 9 months ago

It is easier, to give them manager-access, but only permissions to edit this one Resource.

-------------------------------

you can buy me a beer, if you like MIGX

http://webcmsolutions.de/migx.html

Thanks!

43 Posts

aaron4osu Reply #8, 7 years, 9 months ago

is there a simple way to do that? I've spent hours trying to figure out permissions/roles/usergroups and can't find an easy to follow explanation anywhere.

step 1: I started with this article:
https://rtfm.modx.com/revolution/2.x/administering-your-site/security/security-tutorials/giving-a-user-manager-access

then what?

24,544 Posts

BobRay Reply #9, 7 years, 9 months ago

The long answer is this video, though it's about 50 minutes long.

There is also this: http://bobsguides.com/revolution-permissions.html

The short answer:

1. Create a Resource Group called AllDocs
2. Put *all* resources on the site in that Resource Group.
3. Create a Resource Group Access ACL entry for the Administrator group with a policy of Resource, context 'mgr'.
Do *not* put the users who can only access the single resource in that group.
That will protect all those resources from non-admins.

Now, you need to override that to allow access to the single resource for specific users:

1. Create a User Group called SingleAccess containing the users who can access just that resource,
2. Create a Context Access ACL entry for the group for the 'web' context, and another for the 'mgr' context, use the ContentEditor Policy.
(This lets them log in and see resources in the 'web' context in the tree).

3. Create a Resource Group called Single Access and put the docs they can see in it.
4. Create a Resource Group Access ACL entry connecting the SingleAccess User Group with the SingleAccess Resource group, with a context of 'mgr' and a policy of 'Resource'.

That will let the users see, edit, and delete resources in that group. If you don't want all those permissions, uncheck some on the ContentEditor Policy (or, better, duplicate it, specify the duplicate policy in the Context Access ACL entry, then uncheck permissions on the duplicate Policy).

Also, go to http://bobsguides.com/revolution-permissions.html. On the top menu, go to MODX Security Permissions -> Revolution Permissions and look at the Basic Security Tutorials and Advanced Security Tutorials.

There is also this: http://bobsguides.com/hiding-resources-in-the-manager.html

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting