(Tutorial) Making member-only pages in Revolution [WIP]

OK, this was it =)...I placed the Login Snippet in the login page as follows



and now it’s working as expected! Thanks for that...to conclude, this means a backend login doesn’t equal a frontend login...should maybe placed somewhere in the docs, or did I just overread that?

thanks for your help!

Another thing I would be interested in is if I couldn’t show the 403 or the login page (which could be the same...) instead of the 404 page. I believe to have read something from you like a "...in a following tutorial", is there already something online about this topic?

EDIT: The info in your tutorial was enough =)...just granted the (anonymous) User Group "Load Only" Access in both the Context Access and Resource Group Access (are they both necessary?)

EDIT2: Another problem... I don’t know where the error page btw. its content comes from...I specified the error_page context setting for the "admin" context, its pointing to the login resource and the system error_page setting points to resource 1 which has other content than the shown "Unauthorized - You are not authorized to view the requested content."...where does this come from and how can I customize it?
...solved: I needed another context setting called "unauthorized_page" for the context "admin" which points to the login resource...don’t know why the public page with resourceid 1 (standard) doesn’t work here...because I can access this page without problems when not logged in...

Got stuck at step number 4. In Revo 2.1.1 I could not find the Resource Group Access tab. After a long time I tried the context menu (right click) on the user group. Then finally I could "move to.."

Some of what you saw may have to do with previewing from the Manager. When you do that, you’re logged in to the ’mgr’ context, but not the ’web’ context. Some extras just check to see if you are logged in, others (like Login) check to see if you are logged in in the current context (in this case ’web’). So, when previewing from the Manager, you’re not logged in to the ’web’ context until you successfully log in up front using the front-end Login form.

Thanks for the tutorial, Mark, it works great. I implemented it long ago to isolate all resources during site's construction. Only authorized visitors (through the login plugin) could see the site's progress. Great!

Recently I encountered a problem, however, and I spent several hours struggling with it. I want to share it with those among you who are, like me, no developers.

Don't implement Jason's great setting (http://develop.modx.com/blog/2012/04/05/new-for-2.2.1-session-less-contexts/) in your main web context, or everyone will be able to see your resources in the front end, even if all your resources are in a restricted group with corresponding user group and ACL.

Jason warns you in his post in his cultured developer tongue, but after a couple of days my untrained brain had forgotten that I had implemented the session-less setting and was wondering why everyone could visit my under-construction site.

Troubleshooting then proves very difficult, because everything seems to be OK with the security settings.

So, be aware!

I would like to create a page vivisibile only to some users. I followed this guide:
http://rtfm.modx.com/display/ADDON/Login.Basic+Setup
But when I go to log in, in a public page "Members Home Page" you see, but the other pages give me "Error HTTP 500 (Internal Server Error)"
Help me !!!
In log file see this:
"does not have permission to load object of class modContext with primary key"
SOLVED: the problem is that I had 4 different contexts and + mgr, I did not put in Contexts Access access to all contexts [ed. note: cristianb88 last edited this post 11 years, 7 months ago.]

I updated the docs with some info re that error.

It's very strange, i followed your tuto, delete my another browser cache, restart apache.

There is no error message saying that i'm not allowed to acces this resource

Ive got a question, i know its been up before but i havent been able to see if any update has provided a solution (and i know it was said about a year ago it would be fixed).

How do i add multiple resources to one resourcegroup? Obv, i can do it one by one. But lets say i drag a folder to the resourcegroup, why can´t all underlying resources inherit that?

My problem right now is that i have a blog on a cab companies intranet that has to be protected from a certain usertype. And its a few hundred resources to go through one by one otherwise. Tried adding the main blog article page to a resource group but that only protects the main page and all new resources inherit the new setting, but old resources(or call it articles) doesnt get the protection.

Any easy way of updating this inside modx without writing a database update script?

/w

I'm not sure this will work, but it might. There is a processor that adds Resources to Resource Groups. It fires the OnResourceAddToResourceGroup event. If dragging the Resources to the Resource Group fires that processor (and I think it does), a simple Plugin tied to that event could add children to the same group. The Plugin would look like this (untested):




If that works, let me know and I'll release it as an Extra. If I'm reading the code right, it should work when you drag the Resource into the Resource Group, but may not when you add the Resource to a Resource Group on the Create/Edit Resource panel (let me know on that too if you can).

Will Batcher do this to already existing resources?