(Tutorial) Making member-only pages in Revolution [WIP]

still can’t get this to work....... frustrated beyond words.

I’ve added 2 contexts to the user group ’context access’ tab & tried to blow them wide open....


As far as I can tell that user [in that group should new be able to see everything and behave as an administrator!

-sean

I think so too. Did you flush permissions and sessions and clear your browser cache and cookies before testing?

I was doing that all along.... finally started testing by logging the editor user out and back in again after flushing/clearing caches... [I’ve been using a different browser for testing all along] now I can see the resources and edit them. However - I can edit all resources, not just the blog section,
- I used the default Editor context to set the user up
- I guess now what I have to do is put ALL the resources into a resource group and explicitly deny the editor edit access to everything but the blog postings?

What is the best way to go about that?

-thanks for your help.
-sean

That sounds right. I think the Batcher extra might help you put them in the groups. If not, a simple snippet would do it:

thanks - everything seems to be working as advertised now.....

First of all, thanks for the tutorial, seems to be good!

I’m not sure what I’m missing but I can’t do what I want to =)

First my structure:

I have two contexts, the standard "web" and a custom "admin" context which is accessed with a subdomain like admin.domain.tld.

Under the "admin" context I created two resources 1) "Login" 2) "Dashboard"

site_start in the context settings is the resource "Login", this shouldn’t be protected in the future. I intend to have a login for the "Dashboard" Page which should reside on the "Login" Page...nothing special so far.

I didn’t do anything as far as permission settings, so everything should be original (it’s a fresh installation of version 2.1.1-pl)


I followed the tutorial but failed already on step 2. I added a Resource Group "Admin" and drag’n’dropped the "Dashboard" Resource in it, I also checked in the Resource itself if the checkbox for Resource Group "Admin" is activated, it is...now the tutorial says the resource shouldn’t be accessible anymore and throw a 404 error...but this isn’t the case, it’s just showing as always (and yes, I used another browser, I also flushed permissions and the cache)...what am I doing wrong? Any ideas?

EDIT: I tried some things and now I can lock myself out =)...but this is not how I want it...

I didn’t create any new user groups or users...The "Dashboard" resource should only be visible if I’m (as Super User / Administrator / main guru =D) logged in, nothing else...but when I edit the User Group "Administrator" (where I’m in automatically from a fresh installation) and add an entry in the "Resource Group Access"-Tab with the following settings:

Resource Group: Admin
Role: Member - 9999 (doesn’t change if I give myself Super User - 0)
Access Policy: Resource
Context: admin

I’m completely locked out of that page (404 Error) even when logged in as admin in the manager...

I granted context access to the "admin" context too...

any ideas what I’m doing wrong? Why do I have to do these things to lock me out...the tutorial says I should be locked out after I assigned a resource to a resource group...that isn’t the case...maybe something changed in 2.1.x?

Thanks for a reply!

I granted context access to the "admin" context too...

This sounds like the issue. Did you create a Context Access ACL entry for the Administrator group with a context of "admin" a minimum role of Super User and a policy of Administrator -- then clear the site cache and flush permissions *and* sessions?

If you’ve done that and it still doesn’t work, try manually deleting the files in the core/cache directory and clearing your browser cache and cookies.

I followed the tutorial but failed already on step 2. I added a Resource Group "Admin" and drag’n’dropped the "Dashboard" Resource in it, I also checked in the Resource itself if the checkbox for Resource Group "Admin" is activated, it is...now the tutorial says the resource shouldn’t be accessible anymore and throw a 404 error...but this isn’t the case, it’s just showing as always (and yes, I used another browser, I also flushed permissions and the cache)...what am I doing wrong? Any ideas?

That’s actually not entirely true - it would only be unaccessible when it has been protected through a user group (so a user group has resource group access permissions for that resource group, and you are not in it).

Thank you Mark & Bob for caring about my n00bness =)...

@Bobs comment: I think I have this already, but not 100% sure, so I made screenshot of the whole process/settings which I post here...

@Marks comment: Thank you for clarifying this, maybe this should be added to the tutorial?

OK, I had still no success with giving only myself access to a page when I’m logged in in the manager...I though about it several hours and I’m not sure if I need to be logged in in the frontend somehow?? Is it enough to be logged in in the manager or do I need to be logged in via the Login-Snippet? I thought it would be enough to be logged in the manager because there are no more web and manager users in ModX Revo...?!

0) Here my resource-tree with some explanations


1) I started with creating a resource group and assigned the resource "Dashboard" to it, which should be locked for not logged in users and visible for me as Superuser-Admin


2) I went to "Security" > "Access Control" and updated the user group "Administrator" which is standard in a fresh installation...


3) Inside the User Group "Administrator" (sorry, cant make this bigger in here, so plz go to https://lh6.googleusercontent.com/-6fF47VZ8T1s/TfzucZSYdGI/AAAAAAAAAQo/22lunSMt4vQ/s0/modxrevopermissions04.jpg ). In the "Resource Group Access"-Tab I also tried an entry with "Resource Group" = "Admin", "Minimum Role" = "Super User - 0", "Access Policy" = "Load, List, View" and "Context" = "admin" ... didn’t change anything, still 404...


4) The access settings inside the "admin" context


5) And finally related to bobrays reply...this is the folderstructure in core > cache in a standard Modx Revo v2.1.1pl setup...please, could you tell me in which of these folders I would have to delete something manually if flusing the cache/permissions/session doesn’t help?? =)


6) This is the result with the current setup in the SAME Browser, means, I’m logged into the manager and should see (in my opinion) the locked dashboard-page^^...in other browsers, it looks the same...



I hope you guys can spot what I’m missing this way^^...I really want to understand this...there’s no way around =P! So thanks in advance.

Looks fine to me at a first glance.

You have your "resource" access permissions, which means you can actually loaded it in the front end as well as the site tree in the manager.

I’m not entirely sure if you need to be logged in. I’ve seen mixed results on one site where something I devved myself says I’m logged in (when only logged in from manager) while the Login package itself claims I’m not. If you can’t see the page with the current settings, trying to login using hte login package (same details) would be worth the shot.