-
Posts
87 -
Joined
-
Last visited
-
Days Won
5
Everything posted by Sebi
-
I wrote an api-module a few years ago, where the module generated a custom template (e.g. "api-page"), which could be used to create one or more endpoint-pages. To handle calls to these pages I used ProcessPageView::pageNotFound like @bernhard did: $this->addHookBefore('ProcessPageView::pageNotFound', $this, 'handleApiRequest'); public function handleApiRequest(HookEvent $e) { $page = $e->arguments[0]; if ($page->template === 'api-page') { // handle request here... $otherEvent = $e->arguments(0); // grab event provided to PageRender::renderPage $e->replace = true; // prevent PageRender::renderPage from being called } } It worked nice for me, but I cannot say if caching or multi-language works better in this hook. pageNotFound should be called later than execute, so there is a chance that it helps ?♂️
-
Hi eydun, I try to reuse fields if they have the same use-case. No template-prefixes. When your site gets more complex, you can use tags for your fields to get a better structure in your fields-overview.
-
Hi @Juergen, you're right! Generally speaking, the module does not work automatically in all functions where ProcessWire returns a list of pages ($pages->find(), $page->children(), $page->find(), $page->parents(), ...). The reason for this is, that the used Hooks to block access will not be triggered in the list functions. The only way to filter out all pages that are unreleased, is to add filtering for the PageAccessReleasetime-fields in your selector. For convenience, I added the selector as a static attribute to the module: $onlyReleasedPages = $page->children(PageAccessReleasetime::selector); I would be really thankful if anybody had a better way to implement automatic filtering for unrelease pages, like it already works for ProcessWire's page-status. But since then adding PageAccessReleasetime::selector to selectors is a good workaround.
-
That's fine. In our case it was necessary to explicitly add the line in the .htaccess-file, but that should be the last solution if everything else fails. We already had a similar solution like @pmichaelis's code example to use $_SERVER if apache_request_headers fails. Maybe its more save to check for the function 'apache_request_headers' to exist: if(function_exists("apache_request_headers")) {
-
@thomasaull @pmichaelis We had similar issues with the Authorization-header, depending on the server's configuration. In our case, adding the following `RewriteRule` to the .htaccess-file solved the problems: RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
-
I have a (small) new version for you: v1.0.4 adds a $page->listable() hook. If you want to check wether a page should be accessible in list-views, you should use this call to double check if each page can be seen. For detail-views or to check wether a list-item can be linked to a detail-view, you should continue to use $page->viewable().
-
Hey @szabesz, thank you for this hint. I did not know about @adrian's module. Finally I got time to install it and look into the code. I really like that it also cares for limiting view- and editing-rights in the backend, what PageAccessReleasetime currently doesn't. But it could be a useful feature for PageAccessReleasetime as well. In the current version every backend-user can see unreleased pages in the pagetree. I don't like that the module deals with the HTML shown in the frontend if a user cannot access a page. PageAccessReleasetime instead throws a 404 exception, what can be acceptable for the releasetime context. If I think of a PageAccessUserrole-module, it would be better to throw a 401 exception that leads to a custom 401 page where a login-form is shown. But ProcessWire seems not to support other exception pages than 404 and there is no other core exception class than Wire404Exception. Let me know if you have a practical solution for it, where my module does not have to generate its own HTML for the error page. I think that is something that the template-developer should be aware of and not the module.
-
We are online! PageAccessReleasetime is now available in the ProcessWire modules directory! ? I think about building some more access-modules for different use cases: userrole- and user-fields - limits a page to be accessable only for given userroles or users password protection - a password-field (+activate-field), password-validation-functionality, maybe a render function for the login-form in the frontend What do you think about it?
-
@flydev The module is registered and waits for approval ☺️
-
Hi @Robin S, thanks for your help making the module even better and more useable. I think I found a good solution to fullfill both requirements. With version 1.0.2 you can choose in module's configuration wether the fields should be added globally or only to selected templates. You can choose the templates via ASMSelect, if the checkbox is unchecked. I do check wether the fields were added manually in the template as well, and check the template if all fields were found. I actually find my solution with checkboxes more understandable for normal users. If you uncheck the option "Activate Releasetime from?", it is very clear that the no releasetime is active. If I'd use only the datetime fields without checkbox, I would at least add a notice that gives a hint about the possibility to leave it blank. Of course it's a trifle, but I've worked with customers who would otherwise have had queries about it. I've heeded your advice about explaining selectors in the documentation. For convenience, I added a constant with the selectorstring that is needed to filter unreleased pages. To filter unreleased pages, add the PageAccessReleasetime::selector to your selector: $onlyReleasedPages = wire('pages')->find('template.name=news, ' . PageAccessReleasetime::selector); I thought about manipulating the page's status to achieve this without adding a custom selector part to each query, but I haven't found anything useful yet. Extending the selector seems to be the best solution at the moment. Thanks again for your support! ?
-
Hey @dragan, thanks for this hint! I did not have much contact with multilanguage setups in the past, so I hope I added translatable string support the right way in version 1.0.1 of the module. Additionally I removed the german date formats for the inputs. I think, that is something that german users have to configure on their own if needed.
-
I've created a small module which lets you define a timestamp after which a page should be accessible. In addition you can define a timestamp when the release should end and the page should not be accessable any more. ProcessWire-Module: http://modules.processwire.com/modules/page-access-releasetime/ Github: https://github.com/Sebiworld/PageAccessReleasetime Usage PageAccessReleasetime can be installed like every other module in ProcessWire. Check the following guide for detailed information: How-To Install or Uninstall Modules After that, you will find checkboxes for activating the releasetime-fields at the settings-tab of each page. You don't need to add the fields to your templates manually. Check e.g. the checkbox "Activate Releasetime from?" and fill in a date in the future. The page will not be accessable for your users until the given date is reached. If you have $config->pagefileSecure = true, the module will protect files of unreleased pages as well. How it works This module hooks into Page::viewable to prevent users to access unreleased pages: public function hookPageViewable($event) { $page = $event->object; $viewable = $event->return; if($viewable){ // If the page would be viewable, additionally check Releasetime and User-Permission $viewable = $this->canUserSee($page); } $event->return = $viewable; } To prevent access to the files of unreleased pages, we hook into Page::isPublic and ProcessPageView::sendFile. public function hookPageIsPublic($e) { $page = $e->object; if($e->return && $this->isReleaseTimeSet($page)) { $e->return = false; } } The site/assets/files/ directory of pages, which isPublic() returns false, will get a '-' as prefix. This indicates ProcessWire (with activated $config->pagefileSecure) to check the file's permissions via PHP before delivering it to the client. The check wether a not-public file should be accessable happens in ProcessPageView::sendFile. We throw an 404 Exception if the current user must not see the file. public function hookProcessPageViewSendFile($e) { $page = $e->arguments[0]; if(!$this->canUserSee($page)) { throw new Wire404Exception('File not found'); } } Additionally we hook into ProcessPageEdit::buildForm to add the PageAccessReleasetime fields to each page and move them to the settings tab. Limitations In the current version, releasetime-protected pages will appear in wire('pages')->find() queries. If you want to display a list of pages, where pages could be releasetime-protected, you should double-check with $page->viewable() wether the page can be accessed. $page->viewable() returns false, if the page is not released yet. If you have an idea how unreleased pages can be filtered out of ProcessWire selector queries, feel free to write an issue, comment or make a pull request!
- 13 replies
-
- 11