[Edit] First of all,
do a backup of your database...before messing around with your acls...see next posts for the why... [/Edit]
First of all Second you need to
create a usergroup, maybe "parents.sectionname" in your case.
then
create a test user "papi". don't assign it to the usergroup yet.
Then you
create an access policy (I would duplicate the Content Editor policy, then rename it to something like "Parents Rights" and edit the permissions inside) and
and a new role "Parents" with some number as authority (doesn't really matter), I would pick maybe 6666. Pay special attention to the media source permissons.
Then you go into the edit mode of the user group > tab "Users" and
assign the user "papi" with role "Parents"
to the usergroup "parents.sectionname"
Then you click the tab "Context access" and
add mgr with access policy "Parents Rights", role "Parents" and
web with access policy "Parents Rights"
(probably the "Load" policy would be enough...not sure about that, that's just how I do it) and role "Parents" > all that depends on the structure of your site, do you have it split up in context or in subfolders (according to your post I think you organized it in subfolders right?).
Flush all permissions and try to
log in with "papi", you should see all resources (because you didn't protect them yet with resource groups)
Then
create a resource group "admin" and add everything to it and assign it to the Administrator user group. Add another resource group called "parents.sectionname" (again, ya, very creative...=D) and add the desired Container (don't know if that's enough, or if you have to add every resource one by one, tell me...) to that parents resource group
Then you
create a new Media Source (Filesystem) and set the paths to the directory the parents should be able to see and then
add the usergroup "parents.sectionname"
to that media source. For the existing Filesystem Media Source you should add only the Administrator usergroup.
Flush permissions again and login with "papi" and try to upload some files (via Files tab if you give that to them or via image/file TV and the FileManager of MODx), when you go to the files tab you should only see the directory (and it's files and folders) you specified in the Media Source for the parents.
not sure if I missed something =)...
for basic introduction to the MODx security permissions watch the following screencasts:
http://www.youtube.com/watch?v=PKdBvhmZtIw
http://www.youtube.com/watch?v=3mw0jLNVFp0
you can also check the following links:
http://www.bmv-interactive.com/home/modx-acl-tutorial.html
http://rtfm.modx.com/display/revolution20/Security (with Screencast)
http://bobsguides.com/revolution-permissions.html
[ed. note: exside last edited this post 11 years, 5 months ago.]