Hi!
Can anyone help me with NewsPublisher and ACLs? I get »You do not have permission to view this document« when I try to edit an existing resource that I created as the same user.
From the start:
Goal: A list of users should be able to create and edit their own pages via Newspublisher (without manager access). These pages should be protected from the public.
I set up a new
User group "VeranstalterGruppe" and a new
Role "VeranstalterRolle" (authority 50). The respective users are in this group and have this role.
I created the
resource group "Veranstalterseiten" and put all relevant pages along with the Newspublisher page in it.
I set up a new
access policy "Veranstalter" using the
policy template "NewsPublisherPolicyTemplate" so that it is basically identical to NewsPublisherEditor provided with NewsPublisher.
For the user group "Veranstalter" I setup
context access for mgr and web each with minimal role "VeranstalterRolle - 50" and access policy "Veranstalter". They also have resource group access to the resource group "Veranstalterseiten", minimum role "VeranstalterRolle - 50" and access policy "Resource" for both contexts web and mgr. (No other permissions were set)
I also created a new template with [[!NpEditThisButton? &debug=`1` &np_id=`1099`]]. The Newspublisher page (id 1099) has this snippet call:
[[!NewsPublisher?
&templateid=`26`
&show=`pagetitle`
&initrte=`0`
&initdatepicker=`1`
&groups=`Veranstalterseiten`
&parentid=`1099`
&published=`1`
&required=`pagetitle`
&cssfile=`0`
&hoverhelp=`1`
]]
What works: I can login as a user from the group "VeranstalterGruppe" and create new subpages with the Newspublisher page. They are put in the resource group "Veranstalterseiten" as expected and are indeed not visible to the public. As the creator of the page I can view the page and see the little "Edit this page" button in the bottom corner. So far so good.
But when I press this edit-button and I get to the Newspublisher page, I get the error message "You do not have permission to view this document" and the form is not displayed, which to me is counterintuitive. I CAN open the Newspublisher page (and thus create new pages) and I CAN view the page I just created. I just cannot edit it. Why is that?
When logged in as administrator super user, editing existing pages works.
So where did I make a mistake?
Any help helps!
Jörg