-
- 19 Posts
I am setting up a website for a school district. The site is using REVO 2.1.3-pl. Each teacher has a staff bio page that they need to be able to edit. There are approximately 210 teachers.
I need to setup a permissions configuration that will allow each teacher to edit their page only. Also, I will only be adding a few of these teachers for testing purposes and will train a school staff member to add in each individual teacher, so I need to setup a simple way for that person to add the staff member and assign them to their specific bio page for editing.
Your help is greatly appreciated. Thanks in advance.
-
- 1,118 Posts
Answering part of your question here:
RE: I need to setup a permissions configuration that will allow each teacher to edit their page only
* Set up a new user (assuming you know how to do this?)
* Once the new user is set up - right click on them to edit their details (e.g. selecting "update user")
* Select the Settings tab
* Create a new user setting with these details:
* Key: tree_root_id
* Name: Tree root ID
* Value: Add in the resource ID(s) with a comma if more than one that this user will be editing
* Save this new setting
* Save on the top right page Save button
* Flush permissions
* Log out
* Login as user and they should only have the resource ID(s) you mention in the value setting above available to edit
Can’t help with the other item I’m afraid as I am not sure if it’s possible...
dubbs
That’s brilliant.... MUCH easier than trying to set up a user group/resource group for each user.
-
- 1,118 Posts
Cheers everett - tis much easier than setting on new user groups and resource groups then connecting etc... A clever trick I worked up yesterday when trawling through User Permissions and security on MODx Revo... Not the most intuitive thing if one is used to Evo...
-
- 19 Posts
Okay, unfortunately, this didn’t work for me. When I followed your instructions, the first time I just plain get a Permission Denied error. Can’t even login. I went back and added the user to a user group with page editor role. No luck. Change the user group to admin. Can now login in but now there is nothing in the resource tree showing. Just to make sure I followed you correctly, I put the following in the settings tab:
Key: 1
Name: 1
Value: 549 (the resource id of this persons bio page)
I left everything else the defaulted value. What am I doing wrong? Thanks in advance!
-
- 19 Posts
Also, I just noticed that while nothing shows in the resources list, everything shows on the elements tab and the files tab gives an error of [object Object]
Definitely don’t want the teachers to have access to my templates & chunks and accidentally screw something up.
-
- 19 Posts
Okay after creating a User Group for the teachers and modifying the access policy & template - I finally got it to work. I had played around with the templates before so it’s possible I just messed it up which contributed to the issues I was having above.
Thanks for your help!
-
- 24,544 Posts
If you uncheck the file_tree and element_tree permissions in the policy for the the teachers, those trees will disappear for them.
The inability to log in usually means that the user’s group doesn’t have a Context Access ACL entry giving permission for the ’mgr’ context.
The empty Resource tree usually means that the user’s group doesn’t have a Context Access ACL entry giving permission for the ’web’ context.
Note that the method you’re using will not prevent a teacher from manually typing in the correct URL and editing another teacher’s page.
IOW, the URL that shows in the browser window has "id=##". If the teacher changes the ## to another number and presses the "Enter" key, they’ll be editing (and potentially saving) another teacher’s page. Trial and error would allow them to edit all the other teacher’s pages.
I think you could prevent this with a plugin tied to OnDocFormPrerender that checked the tree_root_id against the ID of the loaded Resource and either changed the resource to their own page or replaced the Create/Edit resource page with an "Oh, no you don’t" message.
Personally, I think I’d let them do the editing in the front end with NewsPublisher or something similar and then put a snippet that checks the tree_root_id in the template and redirects them if it’s not their page. There’s an example of this in my book (coming soon).
-
- 1,118 Posts
Yeh, things like bespoke asset filemanager paths for different users - some to images / videos / PDFs etx based on their needs - any setting in the global settings I think you can then override and apply bespoke in this fashion to any user you create - a very handy tool!
☆ A M B ☆
