We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Permissions: Remove Access for Anonymous Users?

    • 37108
    • 80 Posts
    smg6511v2 Reply #1, 12 years, 5 months ago
    I have a demo site I'm building which requires the site to be protected. I currently have http auth implemented to achieve that, but want to drop that in favor of auth through modx (because there are some view controls I want to set depending upon which user is logged in). I thought that setting up an access policy & template containing no permissions (and assigning it to the anonymous user group) would do it, but my access policy is not selectable when adding/editing context access for "web". Also I attempted simply removing the access policy ... which doesn't do the trick either.

    Once the permissions question is ironed out, how does one login on the front end?

    Thanks!
      • 3749
      • 24,544 Posts
      BobRay Reply #2, 12 years, 5 months ago
      You usually log on in the front end through a form provided rendered by the Login snippet.

      FYI, if you want to limit all anonymous access, one easy way to do it is with a snippet at the top of the body section in all templates except the ones used for the error, unauthorized, and login pages:

      <?php
/* Deny anonymous access */
if (! $modx->user->hasSessionContext($modx->context->get('key') ) ) {
    $modx->sendUnauthorizedPage();
}


      This will also work, and is slightly faster:

      <?php
/* Deny anonymous access */
if ($modx->user->get('username') == '(anonymous)') {
    $modx->sendUnauthorizedPage();
}
      [ed. note: BobRay last edited this post 12 years, 5 months ago.]
        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
        • 19579
        • 51 Posts
        MIM Reply #3, 12 years, 2 months ago
        I tried both codes above but the following happens:

        - I get a popup to login
        - I enter my username and password
        - Access is still denied

        So now nobody can see the site, including the logged in users.
          • 3749
          • 24,544 Posts
          BobRay Reply #4, 12 years, 2 months ago
          Be careful where you put that snippet. You don't want it on the Login page or the Unauthorized page. Also, make sure you don't still have the restrictive ACL entries you created before.

          The second version definitely shouldn't affect logged in users, but it's probably better to do this:

          <?php
          /* Deny anonymous access */

          <?php
$loginId = 12;  // ID of your Login page.
if ($modx->user->get('username') == '(anonymous)') {
    $modx->sendRedirect($modx->makeUrl($loginId, "", "", "full") );
}




          ---------------------------------------------------------------------------------------------------------------
          PLEASE, PLEASE specify the version of MODX you are using . . . PLEASE!
          MODX info for everyone: http://bobsguides.com/modx.html
            Did I help you? Buy me a beer
            Get my Book: MODX:The Official Guide
            MODX info for everyone: http://bobsguides.com/modx.html
            My MODX Extras
            Bob's Guides is now hosted at A2 MODX Hosting
            • 19579
            • 51 Posts
            MIM Reply #5, 12 years, 2 months ago
            Still not working. I think there might be something wrong in my security settings. Is there any way to reset the security settings, usergroups, users and roles to default? The site is not live yet but almost finished except for the security part.

            Using Revo 2.2 by the way.
              • 3749
              • 24,544 Posts
              BobRay Reply #6, 12 years, 2 months ago
              I think these are the only default ACL entries

              Go to Security -> Access Controls -> User Groups tab
              right-click on the Administrator group and select "Update User Group"

              User Group: Administrator (admin is only member) - Context Access Tab
              Two ACL entries:
              -------------------------------------
                  Context: 'mgr'
    Minimum Role: Super User
    Access Policy: Administrator


    Context: 'web'
    Minimum Role: Super User
    Access Policy: Administrator


              Resource Group Access ACL entries: None
              Element Category Access ACL entries: None


              -----------------------------------------------------------------------------------------------
              User Group: (anonymous) -- (anonymous) is the only member -- Context Access Tab
              -------------------------------------
              One ACL entry:

                  Context: 'web'
    Minimum Role: member
    Access Policy: Load Only

              Resource Group Access ACL entries: None
              Element Category Access ACL entries: None


              ---------------------------------------------------------------------------------------------------------------
              PLEASE, PLEASE specify the version of MODX you are using . . . PLEASE!
              MODX info for everyone: http://bobsguides.com/modx.html
                Did I help you? Buy me a beer
                Get my Book: MODX:The Official Guide
                MODX info for everyone: http://bobsguides.com/modx.html
                My MODX Extras
                Bob's Guides is now hosted at A2 MODX Hosting
                • 19579
                • 51 Posts
                MIM Reply #7, 12 years ago
                Sorry for the late reply. I fiddled around with a lot of settings, not recalling exactly what I did but it seems to be working now.

                Thank you for your help!