-
☆ A M B ☆
- 24,524 Posts
Love it! My only annoyance is that now I have to go install it on all of the sites I manage!
Only users with 'sudo' or 'system_perform_maintenance_tasks' permissions will see the widget.
It would be cool to have a setting to enable non-sudo users to see this too.
How does one give a user this permission if they are not sudo users?
I think system_perform_maintenance_tasks is a custom permission, but you can add it to any Policy Template and then grant it on any Policy that uses that Template.
Custom permission?
I'm still don't know how to do this. Modx security is too complex.
It's not as difficult as it sounds. Where did you find out about that permission? It may be there already. If you go to the security section (on the Access Policy Template tab) and select "Update Template" for each Policy template, you may see it (the permissions are sorted alphabetically). Don't make any changes yet.
Report back on which Template it is and what is listed for that template in the Template Group column in the grid.
-
☆ A M B ☆
- 24,524 Posts
Basic permission are in three parts. A Policy Template lists all of the permissions that users in a group will need. A Policy uses a Policy Template, and has checkboxes to enable or disable the permissions that came from its Policy Template. A Group uses a Policy. Thus users in that group will have the permissions enabled (checked) in the Group's Policy.
You'll also need to make sure that the Policy is assigned to the Group in all Contexts where you want the permissions to apply. For example, you probably don't want the (anonymous) group to have any permissions at all in the 'mgr' context, so if you do assign any Policies to that group it won't be in the 'mgr' Context.
If that's the case, you'd have to add it . . .
- Pick the user group you want to give the permission to.
- Find the policy used in their Context Access ACL entry for the mgr context and note its Policy Template.
- Edit that Policy Template and add the custom permission.
- Edit the Policy and make sure that permission is checked.
- Flush Permissions and Settings on the Security Menu
Note that your changes might (or might not) be overwritten by upgrades to MODX.
You could also create a new Policy Template with just that permission and a new Policy based on it. Then create a new Context Access ACL entry for the user group with a Context of mgr and that Policy. That would be upgrade-proof.
Thanks Bob
That looks pretty straight forward.
I'm lovin this extra but I wonder why the author would have referenced this if it doesn't exist or why the extra would be limited to Sudo users in the first place. (rhetorical question)