kiennguyen1101

Hi, Yes, it was what I had done in the first place: just use page-view permission and then do logic check in the module. However, the page is still visible in the menu for others. Since I want the page to be invisible to other roles as well, I thought the most simple way would be to give editor role a custom permission but I encountered the error when I visit the site as a guest. Is it good to login as super user first, load the module and then sign out? Is it difficult to hide the menu in the admin toolbar? I'm just thinking about the best possible solution here. Again, thanks for your time

Hi, I'm current creating a module (i'm extending process) that handles several things: Configurable so that admin can change site's specific options. Create a custom page in the backend for editor-only to handle custom logic. Loaded on site to provide data for templates. I'm using a custom permission in the function getModuleInfo to prevent other roles from accessing the custom page. However, when the module is loaded on the frontend for guests, it displays an exception saying lack of permission executing the module. How do I fix this issue? Thanks for your patience.

Hi delueg, I took a look at your questions and realized your statistics isn't really problematic but still, migrating 200GB of data is a hard work. You should double check your user visits using 3rd-party tools like google analytics or something like that. One of the websites I know using PW is cmscritic.com and they have around 30k visits monthly (checked using alexa rank). However, the only way to truely know if 1 framework is suitable for your requirements is to do stress testing. Have your homepage built with some data and send requests. Just remember, you can make some pages (like mine) finish loading after 30s with loading images on-demand to make sure user sees the whole page first. For me, the reason I chose PW is because I liked its API and the simplicity of how the templating work. Personally, I would stay with the stable version of any frameworks unless your site could change easily. However, the documentation doesn't cover everything so you need to do some code reading to be able to use all the provided API. I read about vuejs a year ago and I quite fond of it. But if you like new things, I would suggest Redux with React (backed-and-used by Facebook). Also, I think AngularJS 2.0 (backed-and-used by Google) is ready for production and you shouldn't really worry about it.

No, though I have tried. My 'manager' role also has similar permissions: page-edit, user-admin, user-admin-staff, page-lister, page-view and profile-edit but it doesn't work like yours.

Hi, thanks for the reply. I did as per instructed and it shows up on the edit profile page. However, when editing other users, it still doesn't work. In my case the FieldsetTabOpen behaviour is really weird: In admin/profile page, this field shows up as a normal field which group other fields and you can click to close/open. In access/users/edit page, this field shows up as a tab (this is what I intend for it to behave) but ONLY to super-user even though my testing account has user-admin permission.

Hi all, I added a field FieldsetTabOpen in the user template (with FieldsetEnd as well). Everything works perfectly if the user is super-user: the tab to edit fields within FieldsetTabOpen show up. However, when I logged in as other role, this tab does not show at all. I've tried manual access control in field settings but it doesn't work. Does anyone have this issue?

Check this link: https://processwire.com/talk/topic/4680-block-access-to-settings-delete-and-view-tabs-for-page/#entry118215 print the variables $tabs to get the correct id, or hide all tabs if you prefer by returning empty array.

A search to hide "delete" tab brought me here. Thanks soma for the code. In order to hide the tab(s), you have to add another hook to edit form: $this->addHook('ProcessPageEdit::getTabs', $this, 'hookEditFormTabs'); public function hookEditFormTabs($event) { // logic check // if ($this->user->isSuperuser()) return; // if ($this->page->id != 29) return; $tabs = $event->return; unset($tabs['ProcessPageEditDelete']); $event->return = $tabs; }

Here are some of my findings in case anyone need it: // hook to before page add render and prevent execution if necessary $this->addHookBefore('ProcessPageAdd::execute', $this, 'hookUserAdd'); // hide add button in the backend menu $this->addHookAfter('ProcessUser::executeNavJSON', $this, 'hideUserMenu'); public function hideUserMenu($event) { //we don't want to modify links for super user if ($this->user->isSuperuser()) return; //ajax only if($this->config->ajax){ $options = json_decode($event->return, true); unset($options['add']); foreach ($options['list'] as $key => $value) { //check and unset if necessary } $event->return = json_encode($options); } } public function hookUserAdd($event) { if (!$this->user->isSuperuser()) { $event->replace = true; $this->error('You do not have permission'); return; } } That is because I still want "staff" role to use page-lister permission. Hooking to ProcessPageLister is much harder and require regex to hide the "Add new" buttons. Also, to modify the result returned from the selector, you can add hook to getSelector function (this is undocumented in Captain Hook) $this->addHookAfter('ProcessPageLister::getSelector', $this, 'hookPageListerSelector'); For better security, add hook to Pages::save (similar to ProcessPageAdd) to deny saving new user.

My case is pretty similar to that of Pete, however I don't want users with "staff" role to add new users since "user-admin" permission allows all roles with that permission to add new users, even though these users could only be of "guest" role.

Hi guys, I set up "staff" so that they have user-admin-customer permission, edit "customer" profile permission, however I do not want "staff" to add new users in the backend. How do I achieve this?

Thanks for the answer. if (count($this->input->post) <= 0) return false; // Process new post $this->processInput(); Another thing regarding form handling in autoload module is: I cannot add before hook to the ready function of the module (I added tripple underscore ___) as well as the form handling function it calls.This is because I want to separate template and module logic and not modifying directly to the code of the module.

Hi all, I need a page for users to post questions to moderators. I'm reusing the Discussions module and the Comment module for the replies (I didn't like the idea of having hundred of pages for replies so I modified it). To handle the form, the Discussions module to autoload in every pages and I think it could pose performance issue. So my question is: Is there anyway for a module to handle a submitted form without setting autoload = true? i.e. processwire loads the module on-demand.

Things like IP address or user agent could go to a module which monitors visitors. Also, isn't 'vote' very much similar to like, unless you're integrating with FB like? Rating is actually a nice thing to have. You can have a look at the CommentForm module, i think processwire has rating star built-in (not very easy to use, and un-documented as well). Consider in your comment module containing username/email (for reply to later) and depth of comment level.

Hello, I've tried to search the forum for this but so far no luck so I decided to post this in wishlist section. Under the Templates/Permissions, there is an option to redirect the user to a certain URL when he is not permitted to view the page. However, this is a pure text input and it's really difficult in the case where I would like to choose to redirect user to a certain page. The page might have multiple URL (multiple languages) or the url might be changed later by the user so a static URL redirection here is no good. Have a nice day.