Help! MODx REVO Permissions Expert Needed! I will pay you.

I've been handed a complicated REVO site that needs some work on locking down certain sections of the site to certain members. Here's the basics:

-I have a set of pages that are "Members Only" and they should be locked down to only users who are registered members. If a non-logged in user visits that page, they should be presented with a login form so they can log in and view the content.

-I have another set of pages that should be locked down for "Paid Members Only". The same applies as above. The pages should load to non-logged in users with a message that they need to log in and a log in form.

-"Members" should only be able to see "Members Only" pages and "Paid Members" should be able to see BOTH Paid Members pages and Members Only pages.

It appears this site has been set up properly with all the snippets and chunks, etc to make this happen. In fact, the Members Only section was working fine until I got my muddy paws on it and I've messed it up. The Paid Members stuff needs to be set up. I already have all the pages for the paid members section in place.

I just need someone who knows what the heck they are doing when it comes to MODx permissions. Please DO NOT respond if you think you can log in to my site and figure it out if you have never done this before. I am at my whit's end! I just need an expert to accomplish this so I can move on with my life. Send me a private message and we'll discuss payment terms. I'm sure that if you know what you are doing, you can set this up in less than an hour, because like I said, all the chunks/snippets are in place I just need someone to tie up the loose ends.

Oh, and yes, I need this done yesterday

This is trickier than it sounds because for users that are not authorized to see a page, the page doesn't exist. They'll be redirected to the page designated as the Error ("page not found") page per the MODX error_page System Setting - but so will anyone who tries to visit a non-existent page.

There's a method described here (http://bobsguides.com/revolution-permissions.html) that will send them to the unauthorized page instead, where you could have the message, and the Login snippet with &redirectToPrior=`1` to send them back after they successfully log in. See the "Unauthorized Versus Error Page" section near the end.

As for the permission settings, I think this is what you want:

Neither Group should have a Context Access ACL entry with a context of 'mgr' (unless you want them in the Manager).

All ACL entries for this should have a context of 'web' and a minimum role of whatever role the users have in the respective User Group. The Policy should always be "Load, List, and View" (unless the users will be going into the Manager to edit resources). "Load Only" would probably work -- you can try it later after everything is working.

Connect the "Members Only" Resource Group to the Members User Group with a Resource Group Access ACL entry.

Connect the "Paid Members" Resource Group to the Paid Members User Group with a Resource Group Access ACL entry.

Connect the "Members Only Resource Group to the Paid Members User Group with a Resource Group Access ACL entry.

Flush permissions and Flush all Sessions. Test from a browser where you're not logged in to the Manager.


If it all works, consider a donation to the site in my sig.



------------------------------------------------------------------------------------------
PLEASE, PLEASE specify the version of MODX you are using.
MODX info for everyone: http://bobsguides.com/modx.html [ed. note: BobRay last edited this post 11 years, 10 months ago.]

Hi Bob,

I appreciate the tips, but I'd really like to hire someone to do this for me. My frustration level was too high to go back and try again. I've read your tutorial and other tutorials and there is something that is not making it work - I just need an expert to log in and fix it for me.

If anyone else wants this mini-project, please PM me! Thanks!

Thanks. I found an expert who did a great job and knows their MODx Revo permissions.

P.S. If you have a similar issue, may I recommend http://www.threeeyedbird.com ?

Yes, Jason is a real pro at MODX.


------------------------------------------------------------------------------------------
PLEASE, PLEASE specify the version of MODX you are using.
MODX info for everyone: http://bobsguides.com/modx.html

The main problem I was having was with the RevoSSL plugin installed. So if you have that plugin installed, get rid of it if you want your permissions to work. I am using Revo 2.2