-
- 1,118 Posts
Hi guys,
I am looking to setup a MODx user in the Manager who only as access to view/edit the contents of an Articles Blog I have setup in the site. Is there any documentation anywhere that outlines how to do this? The MODx user just needs access to the Article Blog where they can add new blog posts, edit existing ones etc but not access any other areas of the website. How can I achieve this?
Any tips gladly received!
Cheers
dubbs.
-
- 24,544 Posts
There are a number of ways to go on this.
One method would be to add all resources *except* the articles to a Resource Group and connect that RG to the Administrator User Group (which your Articles user is not a member of), with a Resource Group Access ACL entry (Context: 'mgr', Policy: 'Resource'). That should hide those resources from the user.
That would leave the Articles unprotected and the user could see and edit them. You'd want to give the user access to the Manager with a Policy of Content Editor (possibly with some extra permissions checked). That should hide the Elements and File trees and some other options that user shouldn't see. They might also need a Context Access ACL entry for the 'web' context (or whatever context the articles are in) so they could see the Articles folder in the tree (unless you leave it out of the group).
I'm not sure about hiding the Articles configuration options, which the user probably shouldn't see. You might be able to do it with Form Customization, though it would take a lot of rules.
Another way would be to use NewsPublisher to keep the user in the front end, though NewsPublisher is currently flawed in MODX 2.3 with respect to the image and file browser.
-
- 1,118 Posts
OK thanks for the info Bob - I will have a play and see what I can do. Will report back with progress!
-
- 1,118 Posts
Bob - surely If I create a new Resource Group with just the articles resource within it and then add the user to that it should work shouldnt it? It doesnt though....??? The blogger user can see all the resources still... ??
There are two ways to deal with this. You can set the Articles container to be the user's root by creating a new User Setting for him, tree_root_id
http://rtfm.modx.com/revolution/2.x/administering-your-site/settings/system-settings/tree_root_id
The other way is to put every other resource into a group that he is not a member of. If a resource is not in a resource group connected to a user group, then it is available to everyone.
-
- 1,118 Posts
Susan / Bob... I have used Susan's idea of a user setting to set the root_id for the blogger user to the id of the articles blog - that works so that when the blogger user logs in all they see is the articles blog...
however...
When they try and add a new blog article they get an "Error - You do not have permission to create a Resource in this location."
Even with the user having the Administrator access policy??
Any ideas??? Seems very odd....
-
- 1,118 Posts
Sorted... the blog was still in the resource group that the blogger user was part of - but when i removed the blog from that group it worked... I plainly do not understand the idea of resource groups it seems!
It depends on the Policy used for the user group.
All that a resource group does is limit access for its resources to users of the associated user group.
If a resource belongs to a resource group which in turn is connected to a user group, then it is only available to members of the user group. What they can do with it now depends on the permission in the Policy used for the user group.