-
- 697 Posts
@rprovo8: The reason u would not be able to see the page on the front end is because u are not allowing the user to view the document in the "web" context. U just want to stop them getting to it in the mgr context, so try adjust the permissions for web.
A wizard....a great idea, but I would imagine a nightmare to implement!
-
- 22 Posts
Hello-
In trying to hide/restrict access to the Home page from the content editor, I tried adjusting the ’web’ in Context Access and Resource Group Access as suggested but once I moved the Home page over to the Developer Resources group the page is inaccessible to web users. Even tried deleting ’web’.
Still trying to figure it out...
-
- 24,544 Posts
All you should need (or want) is a Resource Group Access ACL entry linking the resource group containing the home page and the Administrator user group with a minimum role of admin Super User and a context of mgr. That won’t affect the front end. You’ll be updating the Administrator user group to get there. Delete any Resource Group Access ACL entries relating to that resource group that have a context of web.
-
- 24,544 Posts
Quote from: jusmeig at Apr 06, 2011, 12:59 PM
BobRay....your approaching 10k replies. U do know SMF has a 10k limit...at which point u are banned from the forums for good
Excellent. Then I can retire and start sleeping more than 4 hour per night.
-
- 91 Posts
Just wanting to endorse Bob Ray's step by step guide to setting up a new content editor. For me, though, a different order of some of the steps seemed more natural. The oddest thing for me, is that you have to hide all of the resources first in one resource group, and then create another resource group with only the few resources that the new editor is going to have access to. Anyway, here is my edited version of Bob's advice (tested on Revolution 2.2):
You have a site with a lot of pages/resources and you want a new editor to have access only to a small number of them in the manager area ( with very limited permissions, so no access to the file and element trees, etc).
First put all resources in a group that the new editor will be excluded from:
1. Create a Resource Group (Security -> Resource Groups) called ForMyEyes.
2. Drag all resources at the root into that Resource Group (children are protected automatically)
3. Save.
Now create a resource group for the few resources the new editor will manage:
1. Create a new Resource Group called ForEditors.
2. Drag just the resources that the editors should see into the group.
3. Save.
Tie the ForMyEyes resource group to your admin user group (you are in it by default) so that only you can manage them:
1. Go to Security -> Access Controls -> User Groups tab.
2. Right-click on the "Administrator" group and select "Update User Group".
3. Click on the "Resource Group Access" tab.
4. Click on the "Add Resource Group" button.
5. Set the following:
Resource Group: ForMyEyes
Minimum Role:admin Super User
Policy: Resource
Context: mgr.
5. Save.
6. Click on the Save button at the upper right.
Create the User, Role and User Group for the content editor:
1. Create a User identity for the editor. Security -> Manage Users. Click New User and create and set name, password, email, active status.
2. Next create a role for the editor to play. Security -> Access Controls -> Roles. Create a new role (say, Editor) with an authority of, say, 30.
3. Users with roles also have to belong to groups, so create a user group for all future editors (even if there is only going to be one). Security -> Access Controls -> User Groups. Create new group called Editors.
4. The editor needs to be in that group, so (with the list of user groups visible) right-click the Editors group and select the option to add a user to the group. Choose the editor’s id and give her the role of Editor.
5. Now back to Security -> Access Controls to set the access policy for the new editor. Click the tab that says Access Policies. Have a look at the permissions for the Content Editor policy. If you are not happy with those permissions, duplicate the policy first (right-click it), give it a new name (say, Content Editor Lite) and then alter the permissions to suit.
Click Save.
6. Now we have to tie together the access policy, the role and the group. Get back to the list of user groups: Security -> Access Controls -> User Groups. Right click on the Editors group and select "Update Group”. Then click the Context Access tab. Click Add Context, and select the mgr (manager) context, select the Minimum Role: Editor, and choose the Access Policy: Content Editor Lite.
If you leave it there, the editor won’t see any resources in the Manager area when she logs in, so repeat the previous procedure by clicking Add Context and select the web context this time together with the same role and policy as before.
Click Save.
Give the Editors access to their resources:
1. Find the Resource Group Access tab for the Editors user group (Security -> Access Controls -> User Groups, then right-click the Editors user group to update it).
2. Click the "Add Resource Group" button.
3. Enter:
Resource Group: ForEditors
Minimum Role: Editors
Policy: Resource
Context: mgr.
Save.
Click on the Save button at the upper right.
Go to Security -> Flush Permissions.
Go to Site -> Clear Cache.
In a new browser log in with the Editor’s username and password. You should see only the resources that were put in the ForEditors resource group.
-
- 24,544 Posts
Nice explanation.
---------------------------------------------------------------------------------------------------------------
PLEASE, PLEASE specify the version of MODX you are using . . . PLEASE!
MODx info for everyone:
http://bobsguides.com/modx.html