On March 26, 2019 we launched new MODX Forums. Please join us at the new MODX Community Forums.
Subscribe: RSS
  • Hey Terry,

    great that you find this extra useful.

    Right, the mentioned permission is not implemented by default. You will have to add it manually. The best way for now is (updateproof), as Bob said,

    • create a new policy template, say "Terrys Updater Policy Template" (important to choose a customized name here to keep it update proof)
    • add the permission "system_perform_maintenance_tasks" to the template
    • create a policy based on that template with that permission checked (again choose a custom name)
    • grant your desired users mgr context access to that policy

    You may also check the RTFM to find out, how to design this perfectly with user roles then.

    In one of the next releases I will implement a suitable policy template in the package itself. For now I would say, I will give it the name "Updater Policy Template" then, so better not choose this name for you custom template. A description how to use it will be shipped with the package then as well.

    Of course one might ask, why did I restrict widget access to users with sudo or these special permission? Answer: I do not think that version information should bother "normal" users, who even can not take action in case of necessary updates. Only admins should be able to see this widget. Of course you can control which dashboard will contain the widget - but the permission way seems cleaner for me, esp. if other permissions (e.g. for notifications) play along.

    Please feel free to continue any discussions about Updater and its concepts. I am open mindend, and it is still a beta version.
    • Inreti

      Thanks for the great response. I think it would save folks a lot of time if you simply provide these instructions for updating the security policy in the instructions.

      I agree regular editors and others need not be bothered. However, most of my clients, small business or organizations, manage their own sites. I'm usually not looking over their shoulders, so they should see when updates are available. And yet sometimes it is prudent to not make them Sudo users. It would be nice if I could simply toggle non-sudo visibility on or off.

      Again, thanks for a great extra.
      • Hi inreti, NewsPublisher transports a custom policy and policy template if you need some code to look at: https://github.com/BobRay/newspublisher/tree/master/_build/data, See the build.transport.php file as well.
          Did I help you? Buy me a beer
          Get my Book: MODX:The Official Guide
          MODX info for everyone: http://bobsguides.com/modx.html
          My MODX Extras
          Bob's Guides is now hosted at A2 MODX Hosting
        • Thanks Bob, I will have a look at it. Should save me some time for the build script smiley
          • There is a critical bug in the Updater-Notifier plugin, which may prevent you from login to the manager.

            You try to log in to the manager and always get a 'permission denied', regardless of the type of user you choose. Even sudo admin users get this error.

            Intermediate workaround:
            - deactivate the plugin "Updater Notifier" by changing the corresponding value in the database

            If you have not run into this error yet it might be the best to deactivate the plugin "Updater Notifier" in advance until the bug is fixed by a new version of Updater.

            Until now I have not discovered why and when this error happens. As it has not happened yet on 9 out of 10 of my own installations, it does not seem to be a systematic bug.

            I will try my best to fix it and publish an update in time.
            • Thanks inreti!

              For those not used to doing it,

               - Choose PhpMyAdmin in cPanel
               - Select the MODX database
               - In the modx_site_plugins table, find Updater Notifier
               - Edit that record
               - Change the 'disabled' field value from 0 to 1
               - Click on the "Go" button.
                Did I help you? Buy me a beer
                Get my Book: MODX:The Official Guide
                MODX info for everyone: http://bobsguides.com/modx.html
                My MODX Extras
                Bob's Guides is now hosted at A2 MODX Hosting
              • I wonder... is the Updater the last package installed, or is a later package overwriting something Updater requires? Or is it a plugin conflict?
                  Studying MODX in the desert - http://sottwell.com
                  Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
                  Join the Slack Community - http://modx.org
                • In this particular case, it was the last plugin installed after upgrading to 2.3.3.

                  However, that has also been true for most of the other sites where I've gone back to install this. Some were them were the first release. I'm sure this doesn't clear up much.
                  • I just uploaded the new version 0.2.7-beta to the repository, which hopefully fixes the particular bug.
                    Test case: Updater should inform you about it's own update during the next 24 hours smiley.

                    Nevertheless the root cause of the bug is still unclear. The plugin used to react on "OnHandleRequest" event to simulate a cron like behaviour. This event was - of course - triggered at login as well. The plugin then could have thrown an error (nothing concrete in the logs) which caused the login screen to show this "permission denied". Anyway, the new version now only reacts on front-end events "OnWebPageInit", so the manager problems should be fixed...

                    Please keep on telling me about your experience with Updater. I try my best to solve the problems and fulfill your wishes. Btw: due to this critical bug, the latest ideas for policy templates and dev detection have been deferred to the next version...
                    • Hi inreti,

                      It's nice to see an Extra author responding so fast to issues. smiley

                      Maybe I'm misunderstanding things, but it seems unnecessary to have the plugin do a full check on every page load for every page on the site, especially if it's making a remote request to a server that might not respond rapidly.

                      I would think just connecting it to something like OnManagerLogin would make it check often enough to keep you informed. You could also have it return unless a specific page or set of pages gets hit.

                      I'm not very familiar with the plugin, so I'm probably wrong.
                        Did I help you? Buy me a beer
                        Get my Book: MODX:The Official Guide
                        MODX info for everyone: http://bobsguides.com/modx.html
                        My MODX Extras
                        Bob's Guides is now hosted at A2 MODX Hosting