restrict a users access to specific page or pages

Is it possible to restrict a user with an editor’s role to accessing and editing only specific pages on tree, denying them access to all other pages?

Quote from: fitzio at May 27, 2010, 03:00 PM

Is it possible to restrict a user with an editor’s role to accessing and editing only specific pages on tree, denying them access to all other pages?

Yes it is. See if this helps: http://bobsguides.com/permissions.html

It appears that the documentation for user permissions in Revolution should become available here:

http://svn.modxcms.com/docs/display/revolution/Security


... but when? Or how do I get authorized? Can’t access it.

It’s under construction. I’m not sure when it will be up.

In the meantime: http://bobsguides.com/revolution-permissions.html

Thanks, Bob.

Completely lost!

I’ve watched the video - the parts I could actually hear made sense, but when I try to apply what i think I’ve leant I just get confused!

I’ve built a site with Revo and am trying to achieve the following set up

1 - Web Design Agency (Where I work) has full super user permissions
2 - Customer can add/edit/remove pages
3 - One user who can only edit one existing page

A previous developer got points 1 and 2 set up; but the way that was done is not in line with how it’s explained in the video.

This is what I have attempted so far:

Set up a new user
Set up a user group with just that one user in it
Created a policy in which the only permission is "edit_document"
Created a resourse group with just the one document in it
Created a role that has a higher value than the existing "Editor"
Applied the role to the user group
Applied the resource group to the user group

What happens is then that the one page I want this guy to be able to edit disappears from everybody’s view!!!

Then I started again - I can’t remember what I’ve done now but when I log in as this new user I either get "Permission Denied" or the one page I want them to be able to edit is constantly locked by admin.

The theory makes sense, but in practice ..... I’m pulling my hair out now!

Is there a step-by-step WRITTEN guide to all of this permission stuff? (I’m an academic - I have learnt to learn through reading books and find videos very difficult to reference and refer back to)

I think you’re not that far off. First, you need to be more conservative about removing permissions. Duplicate the resource policy and assign the duplicate to that user’s group. Then start removing permissions you’re sure they won’t need. Test as you go. They need load and view (in addition to edit) for sure in order to work with the document at all.

Second, by assigning the document to the resource group and giving the user access to it, you’ve "protected" the document from everyone else. That means you need to add yourself (and anyone else who needs to see the doc) to the user’s user group with a lower authority number role than the user has and with a policy of "resource."