We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 10793
    • 0 Posts
    Hi All,

    a strange behavior with NewsPublisher.

    I have the snippet call in one resource.
    Resource is in a Resource Group (called "HR").
    I have a user group "HR" to access the resource group "HR".
    In this user group I have members (9999) and 2 users with role Super User, access policy Resource.
    One of the 2 (incidentally the manager super user) can access the NewsPublisher form, the other user can’t.

    I’m using Revo 2.1.2, NewsPublisher 1.2.0

    Any help will be very welcome.
    Tnx & bye


      • 3749
      • 24,544 Posts
      I’m not positive, but I think NewsPublisher checks to make sure the user is logged in and has an authority level less than 9999. Otherwise, anyone who visits can edit pages at will.

      If that’s not the problem, it would almost have to be an incorrect minimum role in one or more ACL entries.
        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
        • 10793
        • 0 Posts
        Hey Bob, thanks for your reply.
        I realize that I missed some important specs in my first post.
        Mainly a clear permission status and the fact that I login to the site using Login snippet.

        Permission status:

        Resource: "HR Page" belonging to resource Group "HR"
          
        <h1>HR</h1>
        <p>Gallia est omnis divisa in partes tres.</p>
        
        [[!NewsPublisher]]
        
        


        User Group: "HR" with 2 users:

        "Gianni", role Super User 0
        "Master", role Super User 0

        The UG has the following Resource Group Access:
        Resource group:"HR", Minimum role: Member 9999, Policy: Load, List, View, Context: web
        Resource group:"HR", Minimum role: "Editor" 100, Policy: Resource, Context: web
        (I think the issue is here...)

        With this configuration, users logged in and not belonging to UG HR cannot see HR Page, even in menus.
        When I login (using Login snippet) with users Gianni and Master I get different results.

        When user Master goes to HR Page, he can see the NewsPublisher form and he can create resources.
        When user Gianni goes to HR Page, he gets an error:

        Sorry . . . There were one or more problems in producing the form:
        You do not have permission to create a document

        Last one: the website is on localhost and I use to login in the back-end (manager) with Chrome, and to access the website with Firefox, just not to have conflicts.

        Any suggestion is appreciated.
        Thanks

        gianni

          • 3749
          • 24,544 Posts
          With this configuration, users logged in and not belonging to UG HR cannot see HR Page, even in menus.

          As you probably realize, this doesn’t have anything to do with NewsPublisher, which is not around when the menus are created.

          Is there also a Context Access ACL entry for the HR user group giving access to the ’web’ context? They would need that to perform Manager actions like creating docs.

          Does ’Master’ belong to another group that might have one? That would explain the difference.


          Is Gaul still divided into three parts? I thought they fixed that. wink
            Did I help you? Buy me a beer
            Get my Book: MODX:The Official Guide
            MODX info for everyone: http://bobsguides.com/modx.html
            My MODX Extras
            Bob's Guides is now hosted at A2 MODX Hosting
            • 10793
            • 0 Posts
            Hi Bob,

            it’s a permission matter, for sure, no bugs in NewsPublisher.
            I would like to limit HR resource group to HR user group users.
            One (or more) HR users should be able to create/edit resources for HR RG.
            It’s ok that HR resources are restricted.

            Just to sempify things, do you have a permission/access scheme or template for using NewsPublisher to get the effect I need ? I think it is the most common one...

            Ah, yes Gauls fixed it. But there are still Belgian and Swiss Gauls walking around... laugh

            Greetings from Italy

            gianni



              • 10793
              • 0 Posts
              Bob, I found a recent post, where you contributed, that was enlighting grin

              http://modxcms.com/forums/index.php?topic=64586.0

              Now I’m managing to create the permission scheme suitable for my project (a Company intranet).
              If I succeed in elaborating a comprehensive scheme of user templates, maybe I will share it under the Security discussions.

              Thanks

              gianni

                • 3749
                • 24,544 Posts
                I’m glad to hear you’re making progress. When I have a little more time, I’ll try to put together a short permissions tutorial for NP.
                  Did I help you? Buy me a beer
                  Get my Book: MODX:The Official Guide
                  MODX info for everyone: http://bobsguides.com/modx.html
                  My MODX Extras
                  Bob's Guides is now hosted at A2 MODX Hosting