That would be great and will save enormous headaches for many (:
That said, I have thought of creating a wizard that would guide you through the process and create them for you.
Quote from: jusmeig at Feb 17, 2011, 11:42 AM
Hi guys, I have been told by a colleague of mine that these steps did not work for him. He is using the latest revo build.
Um ... what steps?
That said, I have thought of creating a wizard that would guide you through the process and create them for you.
Quote from: BobRay at Jan 07, 2011, 07:05 AM
Bear in mind that tree_root_id doesn’t really protect the resources. It’s fine for naive users who can be trusted, but if a user can guess the correct URL for editing a resource in the Manager, they can still do it.
Yeah I don’t think I’m going to do that.
OK so I think I got it working after much toil, blow by blow account below.
1. I created a new Resource Group called "Developer Resources".
2. To this I added all the resources with snippets that I wanted to hide from my client.
3. I now created a new Role in Security -> Access Controls -> Roles [I called it "Editor" and gave it a priv of 1]
4. I created a new User Group called "Client Editor" in Security -> Access Controls -> User Groups
5. I now created a new User in Security -> Manage Users -> Add User. I added this user to the user group "Client Editor" with a Role of "Editor"
6. I now edited the User Group called "Client Editor" created in step 4.
7. In Users tab I added the user I created in step [5]
8. In Context Access I setup the following:
Context: mgr | Minimum Role: Editor | Access Policy: Content Editor (ensures this guy can login to manager)
Context: web | Minimum Role: Editor | Access Policy: Content Editor
9. In Resource Group Access I setup:
Resource Group: Developer Resources | Minimum Role: Editor | Access Policy: Load Only | Context: mgr (means this guys cannot see these docs in mgr context....which is what I want)
Resource Group: Developer Resources | Minimum Role: Editor | Access Policy: Load Only | Context: web
10. Save
Still with me....
11. Edit the Administrator User Group now.
12. In Resource Group Access add the following:
Resource Group: Developer Resources | Minimum Role: Super User | Access Policy: Resource | Context: mgr (means this guys can see these docs in mgr context, and still edit etc)
Resource Group: Developer Resources | Minimum Role: Super User| Access Policy: Resource | Context: web
13. Save and then Flush permissions.
DONE!! I now have an admin user who can see everything, and an Editor user who sees all documents but the ones I hide from them in my "Developer Resources" group.
I’m off to get a coffee
I think the thing that did not sit well in my head was the fact the admin can hide documents from themselves, this to me seems very odd (I am the admin after all) I make the rules!!!
Thanks guys for replying to this thread!
That said, I have thought of creating a wizard that would guide you through the process and create them for you.
If the wizards of modx would be so generous to create a wizard for permissions... I bet a lot of us hobbits would be overjoyed! Great idea, where do I donate?
...One thing I’m having an issue with is when I hide a Resource (web page) in Resource Groups to the new ’Developer Resources’ group that was created, it makes that web page inaccessible from the internet.
I don’t want my ’Content Editor’ to have access to the Home page. Any thoughts on how to fix this?
Thank you,
