MODX 3 & Users

Hi All,

Not sure if this is the correct place to ask this, but with the recent updates on MODX 3, I was wondering if there are any improvements planned for how the user system / resource groups function. Currently it is a pretty tedious and unfriendly (near impossible) to have clients create new resource groups for certain permissions, and even having to do this myself sometimes gives me a headache.

MODX 3 looks amazing so far!

Thanks

I've not heard any rumors about changes to these systems just yet, but it's well known they are a little over complex, though super flexible.

They need an easier system to understand but not lose the fine tuning abilities.

It's my guess that the permission system won't change significantly in MODX 3. I could be wrong.

It would be great to have an advanced toggle when creating a new user where you can select a resource group, but if not toggled, gives the administrator simple checkboxes to allow/disallow permissions for very general things.

Also some sort of category system for all of the 167ish Access Policies that we have to sort through.

Thanks for the responses, though!

It would be great to have an advanced toggle when creating a new user where you can select a resource group, but if not toggled, gives the administrator simple checkboxes to allow/disallow permissions for very general things. Also some sort of category system for all of the 167ish Access Policies that we have to sort through.

The fact that your very reasonable suggestions aren't workable in the current permission system (except maybe for the last one), demonstrates some of its flaws.

Users are not associated with resource groups except through their user group memberships. If you meant to write "user group," you can do that on the "Access Permissions" tab when creating a new user.

The checkbox idea would be great, but wouldn't work with the current permission system, where the checkboxes only exist in policies, which can only be associated with user groups, not users. What you're suggesting would require a separate policy and a separate user group for each user.

I've argued for a return to role-based permissions (a la Evolution), where any user can be assigned a specific role which has only the permissions the user needs. This is not quite what you're suggesting, but it's closer to it than what we have now.

Yeah, I think my explanation was a little troubled, and I definitely have not thought through the logistics of how the structure is now. But it does sound like we're on the same page as far as role based permissions for users. This is my biggest struggle in MODX thus far, because having a client manage more than 10 users with different types of access becomes a nightmare.

It's not difficult to do, but for most people, it's a real struggle to understand it.

Here's a 50-minute video of me trying to explain it: https://vimeo.com/54360208